diff --git a/.cvsignore b/.gitignore similarity index 100% rename from .cvsignore rename to .gitignore diff --git a/Makefile b/Makefile deleted file mode 100644 index 28e8111..0000000 --- a/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -# Makefile for source rpm: chntpw -# $Id$ -NAME := chntpw -SPECFILE = $(firstword $(wildcard *.spec)) - -define find-makefile-common -for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done -endef - -MAKEFILE_COMMON := $(shell $(find-makefile-common)) - -ifeq ($(MAKEFILE_COMMON),) -# attept a checkout -define checkout-makefile-common -test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2 -endef - -MAKEFILE_COMMON := $(shell $(checkout-makefile-common)) -endif - -include $(MAKEFILE_COMMON) diff --git a/chntpw-080526-get_abs_path.patch b/chntpw-080526-get_abs_path.patch new file mode 100644 index 0000000..4a754cd --- /dev/null +++ b/chntpw-080526-get_abs_path.patch @@ -0,0 +1,29 @@ +diff -ur chntpw-080526/ntreg.c chntpw-080526.get_abs_path/ntreg.c +--- chntpw-080526/ntreg.c 2009-06-08 14:32:00.000000000 +0100 ++++ chntpw-080526.get_abs_path/ntreg.c 2009-06-08 14:30:08.000000000 +0100 +@@ -1193,7 +1193,7 @@ + { + /* int newnkofs; */ + struct nk_key *key; +- char tmp[ABSPATHLEN+1]; ++ char tmp[ABSPATHLEN]; + + maxlen = (maxlen < ABSPATHLEN ? maxlen : ABSPATHLEN); + +@@ -1209,6 +1209,7 @@ + } + + strncpy(tmp,path,ABSPATHLEN-1); ++ tmp[ABSPATHLEN-1] = '\0'; + + if ( (strlen(path) + key->len_name) >= maxlen-6) { + snprintf(path,maxlen,"(...)%s",tmp); +@@ -1216,7 +1217,7 @@ + } + *path = '\\'; + memcpy(path+1,key->keyname,key->len_name); +- strncpy(path+key->len_name+1,tmp,maxlen); ++ strcpy(path+key->len_name+1,tmp); + return(get_abs_path(hdesc, key->ofs_parent+0x1004, path, maxlen)); /* go back one more */ + } + diff --git a/chntpw-080526-keyname-overflow.patch b/chntpw-080526-keyname-overflow.patch new file mode 100644 index 0000000..345a4cf --- /dev/null +++ b/chntpw-080526-keyname-overflow.patch @@ -0,0 +1,22 @@ +diff -ur chntpw-080526/ntreg.c chntpw-080526.keyname/ntreg.c +--- chntpw-080526/ntreg.c 2008-05-26 20:59:44.000000000 +0100 ++++ chntpw-080526.keyname/ntreg.c 2009-06-08 12:00:00.000000000 +0100 +@@ -2607,7 +2607,6 @@ + int count = 0; + int countri = 0; + int len, byte; +- char keyname[128]; + char path[1024]; + char *value; + struct nk_key *key; +@@ -2626,10 +2625,6 @@ + + // get the key + key = (struct nk_key *)(hdesc->buffer + nkofs); +- strncpy(keyname, key->keyname, key->len_name); +- keyname[key->len_name] = '\0'; +- printf("Exporting key '%s' with %d subkeys and %d values...\n", +- keyname, key->no_subkeys, key->no_values); + + *path = 0; + get_abs_path(hdesc, nkofs, path, 1024); diff --git a/chntpw-080526-no-value.patch b/chntpw-080526-no-value.patch new file mode 100644 index 0000000..5bb2048 --- /dev/null +++ b/chntpw-080526-no-value.patch @@ -0,0 +1,41 @@ +diff -ur chntpw-080526/ntreg.c chntpw-080526.novalue/ntreg.c +--- chntpw-080526/ntreg.c 2009-06-08 14:44:09.000000000 +0100 ++++ chntpw-080526.novalue/ntreg.c 2009-06-08 14:43:48.000000000 +0100 +@@ -2667,21 +2667,23 @@ + value = (char *)get_val_data(hdesc, nkofs, vex.name, vex.type, TPF_VK_EXACT); + len = get_val_len(hdesc, nkofs, vex.name, TPF_VK_EXACT); + +- if (vex.type == REG_BINARY) { +- fprintf(file, "\"%s\"=hex:", vex.name); +- } else { +- fprintf(file, "\"%s\"=hex(%x):", vex.name, vex.type); +- } +- byte = 0; +- while (byte < len) { /* go byte by byte.. probably slow.. */ +- fprintf(file, "%02x,", (unsigned char)value[byte]); +- byte++; +- if (!(byte % 20)) fprintf(file, "\\\r\n "); +- } +- fprintf(file, "%02x\r\n", (unsigned char)value[byte]); +- } ++ if (value && len >= 0) { ++ if (vex.type == REG_BINARY) { ++ fprintf(file, "\"%s\"=hex:", vex.name); ++ } else { ++ fprintf(file, "\"%s\"=hex(%x):", vex.name, vex.type); ++ } ++ byte = 0; ++ while (byte < len) { /* go byte by byte.. probably slow.. */ ++ fprintf(file, "%02x,", (unsigned char)value[byte]); ++ byte++; ++ if (!(byte % 20)) fprintf(file, "\\\r\n "); ++ } ++ fprintf(file, "%02x\r\n", (unsigned char)value[byte]); + +- FREE(vex.name); ++ FREE(vex.name); ++ } ++ } + } + } + diff --git a/chntpw-080526-port-to-gcrypt-debian.patch b/chntpw-080526-port-to-gcrypt-debian.patch new file mode 100644 index 0000000..217341d --- /dev/null +++ b/chntpw-080526-port-to-gcrypt-debian.patch @@ -0,0 +1,201 @@ +Original patch from Debian: +http://patch-tracking.debian.net/patch/series/view/chntpw/0.99.5-0+nmu1/01_port_to_gcrypt.patch + +Written by Paul Wise. + +Ported to Fedora build by Richard W.M. Jones. + +Also compiles the program as 64 bit. I see no reason why the '-m32' +flag was supplied. Building on 64 bit produces a working program +as far as I can tell. + +diff -ur chntpw-080526.orig/chntpw.c chntpw-080526.gcrypt/chntpw.c +--- chntpw-080526.orig/chntpw.c 2008-05-26 20:59:44.000000000 +0100 ++++ chntpw-080526.gcrypt/chntpw.c 2009-06-09 12:39:58.037690367 +0100 +@@ -61,12 +61,19 @@ + #include + #include + ++#if defined(USEOPENSSL) + #include + #include +-#define uchar u_char + #define MD4Init MD4_Init + #define MD4Update MD4_Update + #define MD4Final MD4_Final ++#elif defined(USELIBGCRYPT) ++ #include ++#else ++ #error No DES encryption and MD4 hashing library found ++#endif ++ ++#define uchar u_char + + #include "ntreg.h" + #include "sam.h" +@@ -138,7 +145,9 @@ + for (i=0;i<8;i++) { + key[i] = (key[i]<<1); + } ++#if defined(USEOPENSSL) + DES_set_odd_parity((des_cblock *)key); ++#endif + } + + /* +@@ -183,6 +192,7 @@ + + void E1(uchar *k, uchar *d, uchar *out) + { ++#if defined(USEOPENSSL) + des_key_schedule ks; + des_cblock deskey; + +@@ -193,6 +203,15 @@ + des_set_key((des_cblock *)deskey,ks); + #endif /* __FreeBsd__ */ + des_ecb_encrypt((des_cblock *)d,(des_cblock *)out, ks, DES_ENCRYPT); ++#elif defined(USELIBGCRYPT) ++ gcry_cipher_hd_t ks; ++ uchar deskey[8]; ++ str_to_key(k,deskey); ++ gcry_cipher_open(&ks, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0); ++ gcry_cipher_setkey(ks, deskey, 8); ++ gcry_cipher_encrypt(ks, out, 8, d, 8); ++ gcry_cipher_close(ks); ++#endif + } + + +@@ -500,10 +519,18 @@ + int dontchange = 0; + struct user_V *v; + ++#ifdef USEOPENSSL + des_key_schedule ks1, ks2; + des_cblock deskey1, deskey2; + + MD4_CTX context; ++#elif defined(USELIBGCRYPT) ++ gcry_cipher_hd_t ks1, ks2; ++ uchar deskey1[8], deskey2[8]; ++ ++ unsigned char *p; ++ gcry_md_hd_t context; ++#endif + unsigned char digest[16]; + unsigned short acb; + +@@ -617,6 +644,7 @@ + hexprnt("Crypted LM pw: ",(unsigned char *)(vp+lmpw_offs),16); + } + ++#if defined(USEOPENSSL) + /* Get the two decrpt keys. */ + sid_to_key1(rid,(unsigned char *)deskey1); + des_set_key((des_cblock *)deskey1,ks1); +@@ -634,6 +662,25 @@ + (des_cblock *)lanman, ks1, DES_DECRYPT); + des_ecb_encrypt((des_cblock *)(vp+lmpw_offs + 8), + (des_cblock *)&lanman[8], ks2, DES_DECRYPT); ++#elif defined(USELIBGCRYPT) ++ /* Start the keys */ ++ gcry_cipher_open(&ks1, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0); ++ gcry_cipher_open(&ks2, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0); ++ ++ /* Get the two decrpt keys. */ ++ sid_to_key1(rid,deskey1); ++ gcry_cipher_setkey(ks1, deskey1, 8); ++ sid_to_key2(rid,deskey2); ++ gcry_cipher_setkey(ks2, deskey2, 8); ++ ++ /* Decrypt the NT md4 password hash as two 8 byte blocks. */ ++ gcry_cipher_decrypt(ks1, md4, 8, vp+ntpw_offs, 8); ++ gcry_cipher_decrypt(ks2, &md4[8], 8, vp+ntpw_offs+8, 8); ++ ++ /* Decrypt the lanman password hash as two 8 byte blocks. */ ++ gcry_cipher_decrypt(ks1, lanman, 8, vp+lmpw_offs, 8); ++ gcry_cipher_decrypt(ks2, &lanman[8], 8, vp+lmpw_offs+8, 8); ++#endif + + if (gverbose) { + hexprnt("MD4 hash : ",(unsigned char *)md4,16); +@@ -689,9 +736,17 @@ + + /* printf("Ucase Lanman: %s\n",newlanpw); */ + ++#if defined(USEOPENSSL) + MD4Init (&context); + MD4Update (&context, newunipw, pl<<1); + MD4Final (digest, &context); ++#elif defined(USELIBGCRYPT) ++ gcry_md_open(&context, GCRY_MD_MD4, 0); ++ gcry_md_write(context, newunipw, pl<<1); ++ p = gcry_md_read(context, GCRY_MD_MD4); ++ if(p) memcpy(digest, p, gcry_md_get_algo_dlen(GCRY_MD_MD4)); ++ gcry_md_close(context); ++#endif + + if (gverbose) hexprnt("\nNEW MD4 hash : ",digest,16); + +@@ -700,6 +755,7 @@ + + if (gverbose) hexprnt("NEW LANMAN hash : ",(unsigned char *)lanman,16); + ++#if defined(USEOPENSSL) + /* Encrypt the NT md4 password hash as two 8 byte blocks. */ + des_ecb_encrypt((des_cblock *)digest, + (des_cblock *)despw, ks1, DES_ENCRYPT); +@@ -710,6 +766,18 @@ + (des_cblock *)newlandes, ks1, DES_ENCRYPT); + des_ecb_encrypt((des_cblock *)(lanman+8), + (des_cblock *)&newlandes[8], ks2, DES_ENCRYPT); ++#elif defined(USELIBGCRYPT) ++ /* Encrypt the NT md4 password hash as two 8 byte blocks. */ ++ gcry_cipher_encrypt(ks1, despw, 8, digest, 8); ++ gcry_cipher_encrypt(ks2, &despw[8], 8, digest+8, 8); ++ ++ gcry_cipher_encrypt(ks1, newlandes, 8, lanman, 8); ++ gcry_cipher_encrypt(ks2, &newlandes[8], 8, lanman+8, 8); ++ ++ /* Close keys, not needed after this */ ++ gcry_cipher_close(ks1); ++ gcry_cipher_close(ks2); ++#endif + + if (gverbose) { + hexprnt("NEW DES crypt : ",(unsigned char *)despw,16); +diff -ur chntpw-080526.orig/Makefile chntpw-080526.gcrypt/Makefile +--- chntpw-080526.orig/Makefile 2008-05-26 20:59:44.000000000 +0100 ++++ chntpw-080526.gcrypt/Makefile 2009-06-09 12:45:07.798728999 +0100 +@@ -1,28 +1,11 @@ + # + # Makefile for the Offline NT Password Editor + # +-# +-# Change here to point to the needed OpenSSL libraries & .h files +-# See INSTALL for more info. +-# +- +-#SSLPATH=/usr/local/ssl +-OSSLPATH=/usr +-OSSLINC=$(OSSLPATH)/include + + CC=gcc ++CFLAGS=-DUSELIBGCRYPT -g -I. $(shell libgcrypt-config --cflags) -Wall $(EXTRA_CFLAGS) + +-# Force 32 bit +-CFLAGS= -DUSEOPENSSL -g -I. -I$(OSSLINC) -Wall -m32 +-OSSLLIB=$(OSSLPATH)/lib +- +-# 64 bit if default for compiler setup +-#CFLAGS= -DUSEOPENSSL -g -I. -I$(OSSLINC) -Wall +-#OSSLLIB=$(OSSLPATH)/lib64 +- +- +-# This is to link with whatever we have, SSL crypto lib we put in static +-LIBS=-L$(OSSLLIB) $(OSSLLIB)/libcrypto.a ++LIBS=$(shell libgcrypt-config --libs) + + all: chntpw chntpw.static cpnt reged reged.static + diff --git a/chntpw.spec b/chntpw.spec index a32d29a..3e0b5b1 100644 --- a/chntpw.spec +++ b/chntpw.spec @@ -1,7 +1,7 @@ Name: chntpw # Version is taken from HISTORY.txt Version: 0.99.6 -Release: 7%{?dist} +Release: 9%{?dist} Summary: Change passwords in Windows SAM files Group: Applications/Engineering License: GPLv2 @@ -12,7 +12,15 @@ Source2: chntpw-README.Dist Source3: chntpw-chntpw.8 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -BuildRequires: openssl-devel +BuildRequires: libgcrypt-devel + +# Patches sent upstream on 2009-06-08. +Patch0: chntpw-080526-keyname-overflow.patch +Patch1: chntpw-080526-get_abs_path.patch +Patch2: chntpw-080526-no-value.patch + +# Patch from Debian (RHBZ#504595). +Patch3: chntpw-080526-port-to-gcrypt-debian.patch %description @@ -33,9 +41,14 @@ sed -e 's/\r$//' WinReg.txt > WinReg.txt.eol touch -c -r WinReg.txt WinReg.txt.eol mv WinReg.txt.eol WinReg.txt +%patch0 -p1 +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 + %build -make CC="%__cc" CFLAGS="$RPM_OPT_FLAGS" LIBS="-lcrypto" chntpw cpnt reged +make CC="%__cc" EXTRA_CFLAGS="$RPM_OPT_FLAGS" chntpw cpnt reged %install @@ -63,6 +76,13 @@ rm -rf $RPM_BUILD_ROOT %changelog +* Mon Jun 8 2009 Richard W.M. Jones - 0.99.6-9 +- Compile against libgcrypt instead of OpenSSL (RHBZ#504595). +- Compile as a 64 bit native binary on 64 bit platforms. + +* Mon Jun 8 2009 Richard W.M. Jones - 0.99.6-8 +- Fix three crashing bugs in 'reged -x' command. + * Mon Feb 23 2009 Fedora Release Engineering - 0.99.6-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild diff --git a/import.log b/import.log deleted file mode 100644 index aff7d5f..0000000 --- a/import.log +++ /dev/null @@ -1 +0,0 @@ -chntpw-0_99_6-4_fc9:HEAD:chntpw-0.99.6-4.fc9.src.rpm:1223863802