--- john-1.7.2.orig/debian/compat +++ john-1.7.2/debian/compat @@ -0,0 +1 @@ +5 --- john-1.7.2.orig/debian/links +++ john-1.7.2/debian/links @@ -0,0 +1,3 @@ +usr/sbin/john usr/sbin/unafs +usr/sbin/john usr/sbin/unique +usr/sbin/john usr/sbin/unshadow --- john-1.7.2.orig/debian/prerm +++ john-1.7.2/debian/prerm @@ -0,0 +1,20 @@ +#!/bin/sh +set -e + +case $1 in +remove) + /usr/share/john/cronjob stop + ;; + +upgrade|failed-upgrade|deconfigure) + # These cases need no actions here + : + ;; + +*) + echo "$0: undocumented call: $@" >&2 + exit 1 + ;; +esac + +#DEBHELPER# --- john-1.7.2.orig/debian/cron.d +++ john-1.7.2/debian/cron.d @@ -0,0 +1,14 @@ +# +# Start john everyday at the same to try to crack the passwords. The +# second line will then later stop the process so that it doesn't +# consume system resources that are needed otherwise. You are +# encouraged to change the times. +# +# Also notice that John is 'nice'd, if you don't like this (you +# believe that your system can run fine with john doing its work) +# just remove the 'nice' call +# +# JOHN_OPTIONS = foo bar (man 5 crontab) +# +#00 1 * * * root [ -x /usr/share/john/cronjob ] && nice /usr/share/john/cronjob start +#00 7 * * * root [ -x /usr/share/john/cronjob ] && /usr/share/john/cronjob stop --- john-1.7.2.orig/debian/examples +++ john-1.7.2/debian/examples @@ -0,0 +1 @@ +debian/extra/ldap-extract --- john-1.7.2.orig/debian/john-data.dirs +++ john-1.7.2/debian/john-data.dirs @@ -0,0 +1 @@ +/usr/share/john --- john-1.7.2.orig/debian/extra/cronjob +++ john-1.7.2/debian/extra/cronjob @@ -0,0 +1,199 @@ +#!/bin/bash +# +# This script runs every day, trying to crack passwords, and then calls +# mailer to warn the users (and maybe also root) about that. + +# One of two options should be passed to this script: +# start -- start running john +# stop -- stops running john +# The script will run/stop john (as a background process if started) +# and exit. + +# The time when the script is called can be configured in /etc/cron.d/john + +# You can pass options to john in /etc/cron.d/john. See john(1) for the possible +# options, and include them after "JOHN_OPTIONS=" below. + +JOHNDIR=/usr/sbin +PASSWD=/etc/passwd +SHADOW=/etc/shadow +RUNDIR=/var/lib/john +PIDDIR=/var/run/john +RESTORE=$RUNDIR/restore + +PASSFILE=`grep -v ^# /etc/john/john-mail.conf | grep -e "[ ]*passfile[ ]*=[ ]*" | sed -e "s/#.*//" -e "s/.*=[ ]*//" |head -1` +cd $RUNDIR + +# Gets the PID of the process that should be running john, +# and sends SIGHUP to it. +# +john_stop() +{ + + RESTOREFILE="" + if [ -f $RESTORE ]; then + RESTOREFILE=`grep ^$PASSFILE $RESTORE` + fi + + if [ -f $PIDDIR/john.pid ] + then + # Stop john, we don't really care too much about the error + # messages (just in case, the john cronjob might have finished + # its job and exited) + /sbin/start-stop-daemon --stop -q -o --pidfile $PIDDIR/john.pid 2>&1 >/dev/null + rm $PIDDIR/john.pid + else + # Try the old (deprecated) method if we don't have a piddfile + john_stop_all + fi + + + # Once finished we determine if we need to mail anything + rm -f /var/lock/john + if [ ! -z "$RESTOREFILE" -a -f "$RESTOREFILE" ] ; then + # But use the latest shadow file + TMPFILE=`mktemp $PASSFILE.XXXXXX` || exit 1 + chmod og-rwx $TMPFILE + if [ -n "$SHADOW" -a -f "$SHADOW" ]; then + $JOHNDIR/unshadow $PASSWD $SHADOW >> $TMPFILE + else + cat $PASSWD >> $TMPFILE + fi + # Move to the directory where john.pot resides + OUTPUT=`$JOHNDIR/mailer $TMPFILE 2>&1` + # Mailer mails to root if there is something relevant + # this could be done by configuring john-mail.msg too.. + if [ -n "$OUTPUT" ]; then + echo $OUTPUT + fi + rm -f $TMPFILE + fi +} + +# Gets the PID of all the processes called "john" processes, try to checks +# which one we want, and sends SIGHUP to it. +# +john_stop_all() +{ + +PID=`/bin/pidof john` +for p in $PID; do + PROCPATH=$(readlink /proc/$p/exe) + RELEVANTPATH=`echo $PROCPATH | sed -e"s^$JOHNDIR/john.*^$JOHNDIR/john^"` + if [ "$RELEVANTPATH" = $JOHNDIR/john ]; then + kill -2 $p + fi +done + +} + +# Starts john +# +john_start() +{ + +if [ -z $PASSFILE ]; then + mail -s "John cronjob is not configured yet!" root <> $TMPFILE + else + cat $PASSWD >> $TMPFILE + fi +fi + +# We capture the output of john, and check if there was a line with +# "guesses: 0" in it. If not, then either john exited abnormally, or +# passwords were guessed -- and in both cases we send all the output +# to stdout. +# +if [ ! -f /var/lock/john -a ! -f $PIDDIR/john.pid ]; then + touch /var/lock/john + + # Run john in background + # TODO: start-stop-daemon is flexible enought we could run + # it using a different user + if [ -z "$RESTORE_OPTION" ] ; then + /sbin/start-stop-daemon --start --chdir $RUNDIR -b -m \ + --pidfile $PIDDIR/john.pid --exec $JOHNDIR/john -- \ + $JOHN_OPTIONS $TMPFILE > /dev/null + else + # Note: If we are restoring the session all the options are already + # there... + /sbin/start-stop-daemon --start --chdir $RUNDIR -b -m \ + --pidfile $PIDDIR/john.pid --exec $JOHNDIR/john -- \ + $RESTORE_OPTION $JOHN_OPTIONS $TMPFILE > /dev/null + fi +else + PID=`cat $PIDDIR/john.pid` + # Redundant check (just in case) + PROCPATH=$(readlink /proc/$PID/exe) + RELEVANTPATH=`echo $PROCPATH | sed -e"s^$JOHNDIR/john.*^$JOHNDIR/john^"` + if [ "$RELEVANTPATH" = $JOHNDIR/john ]; then + mail -s "John is already running" root <new("localhost") or die $@; +$ldap->bind($ARGV[2], password => $ARGV[3], version => 3) or die "Cannot bind to ldap server $ARGV[2]: $!"; +my $res = $ldap->search(base => $ARGV[1], scope => "sub", attrs => + [qw(cn uid userPassword loginShell homeDirectory uidNumber gidNumber)],filter => "cn=*"); +my $x = $res->as_struct; +foreach (keys %$x) +{ + print $x->{$_}->{uid}->[0]; + my $pw = $x->{$_}->{userpassword}->[0]; + if ($pw =~ /^\{crypt\}(.*)$/) + { + $pw = $1; + } +# else +# { +# $pw =~ s/^\{.+\}/\$1\$/; +# } + print ":$pw"; + foreach my $i (qw(uidnumber gidnumber cn homedirectory loginshell)) + { + print ":", $x->{$_}->{$i}->[0]; + } + print "\n"; +} +$ldap->unbind; + +exit 0; --- john-1.7.2.orig/debian/extra/john +++ john-1.7.2/debian/extra/john @@ -0,0 +1,14 @@ +#!/bin/bash -e + +MYNAME=john +if [ -n $0 ]; then + MYNAME=$(basename $0) +fi + +if grep -q '^flags.* mmx' /proc/cpuinfo; then + exec -a $MYNAME /usr/lib/john/john-mmx $* +else + exec -a $MYNAME /usr/lib/john/john-any $* +fi + +exit 0 --- john-1.7.2.orig/debian/extra/mailer +++ john-1.7.2/debian/extra/mailer @@ -0,0 +1,53 @@ +#!/bin/sh +# +# This file is part of John the Ripper password cracker, +# Copyright (c) 1996-98 by Solar Designer +# + +if [ $# -ne 1 ]; then + echo "Usage: $0 PASSWORD-FILE" + exit 0 +fi + +if [ ! -f /etc/john/john-mail.conf ]; then + echo "Couldn't find /etc/john/john-mail.conf -- stopping!" + exit 0 +fi + +if [ ! -f /etc/john/john-mail.msg ]; then + echo "Couldn't find /etc/john/john-mail.msg -- stopping!" + exit 0 +fi + +# In Debian, john should be in /usr/sbin. "john" binaries in other +# locations should not be used. +JOHNDIR=/usr/sbin + +# Let's get stuff from conf file: +SHELLS=`grep -e "^[ ]*shells[ ]*=[ ]*" /etc/john/john-mail.conf | sed "s/.*=[ ]*//"` +MAILCMD=`grep -e "^[ ]*mailcmd[ ]*=[ ]*" /etc/john/john-mail.conf | sed "s/.*=[ ]*//"` +MAILARGS=`grep -e "^[ ]*mailargs[ ]*=[ ]*" /etc/john/john-mail.conf | sed "s/.*=[ ]*//"` + +# Let's start +$JOHNDIR/john -show "$1" -shells:$SHELLS | sed -n 's/:.*//p' | +( + SENT=0 + + while read LOGIN; do + echo Sending mail to "$LOGIN"... + +# Sends a message to each user; a template is in /etc/john/john.msg +# Subject, Reply-to, and other header lines should be put +# at the top of that file. + sed -e 's/@LOGIN/'$LOGIN'/g' \ + -e 's/@HOSTNAME/'$(hostname)'/g' /etc/john/john-mail.msg | + $MAILCMD $MAILARGS $LOGIN + + SENT=$(($SENT+1)) + done + + if [ ! $SENT -eq 0 ]; then + echo "John has cracked $SENT passwords. If you want to see them," + echo "use john -show . (See john(1) for details)." + fi +) --- john-1.7.2.orig/debian/postrm +++ john-1.7.2/debian/postrm @@ -0,0 +1,61 @@ +#!/bin/sh +set -e + +# Revert relocation of a conffile from one location to another. +# The forward path is preinst install|upgrade. +# $1 is the original pathname of the conffile, +# $2 is the pathname of the current conffile. +unmv_conffile () +{ + if [ -e "$1" ] ; then + echo "Not reverting conffile relocation to $2;" + echo "original pathname $1 exists." + elif [ -e "$1.moved_by_preinst" ] ; then + echo "Reverting removal of unmodified conffile:" + echo -n " " + mv -v "$1.moved_by_preinst" "$1" + elif [ -e "$2" ] ; then + echo "Reverting relocation of modified conffile to original location:" + echo -n " " + mv -fv $2 $1 + fi >&2 +} + +case $1 in +disappear|remove) + # These are the restore and cracked-password file used by the + # cronjob for attacking the system password file for a short + # period each day: + d=/var/lib/john + rm -f $d/restore $d/john.pot + d=/var/run/john +# FIXME: this is configurable... + rm -f $d/john.pid $d/cronpasswd.* + ;; + +abort-install|abort-upgrade) + # Revert relocation of conffiles: + p1=/etc + p2=/etc/john + if dpkg --compare-versions "$2" le-nl 1.6-27; then + unmv_conffile $p1/john.ini $p2/john.conf + unmv_conffile $p1/john-mail.conf $p2/john-mail.conf + unmv_conffile $p1/john-mail.msg $p2/john-mail.msg + + # "Display the warning, but don't fail if nonempty": + rmdir $p2 || rmdir --ignore-fail-on-non-empty $p2 + fi + ;; + +purge|upgrade|failed-upgrade) + # These cases need no actions here + : + ;; + +*) + echo "$0: undocumented call: $@" >&2 + exit 1 + ;; +esac + +#DEBHELPER# --- john-1.7.2.orig/debian/watch +++ john-1.7.2/debian/watch @@ -0,0 +1,2 @@ +version=3 +http://www.openwall.com/john/ f/john-(\d+.*)\.tar\.gz --- john-1.7.2.orig/debian/rules +++ john-1.7.2/debian/rules @@ -0,0 +1,94 @@ +#!/usr/bin/make -f +# -*- makefile -*- + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +include /usr/share/quilt/quilt.make + +ARCH := $(shell dpkg-architecture -qDEB_HOST_ARCH) +CFLAGS = -DJOHN_SYSTEMWIDE -g -c -Wall +DEST = $(CURDIR)/debian/john + +ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) + CFLAGS += -O0 +else + CFLAGS += -O2 +endif +ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) + STRIP += -s +endif + +ifeq ($(ARCH),i386) + TARGET := linux-x86-any +else + ifeq ($(ARCH),alpha) + TARGET := linux-alpha + else + TARGET := generic + endif +endif + +build: build-stamp +build-stamp: $(QUILT_STAMPFN) + dh_testdir + $(MAKE) CFLAGS="$(CFLAGS)" -C src/ $(TARGET) +ifeq ($(ARCH),i386) + mv $(CURDIR)/run/john $(CURDIR)/run/john-any + $(MAKE) -C src/ clean + $(MAKE) CFLAGS="$(CFLAGS)" -C src/ linux-x86-mmx + mv $(CURDIR)/run/john $(CURDIR)/run/john-mmx +endif + touch $@ + +clean: unpatch + dh_testdir + dh_testroot + rm -f build-stamp configure-stamp +ifeq ($(ARCH),i386) + -rm -f $(CURDIR)/run/john-any $(CURDIR)/run/john-mmx +endif + [ ! -f $(CURDIR)/src/Makefile ] || $(MAKE) -C src/ clean + dh_clean + +install: build + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + dh_install + + chmod -c 755 $(DEST)/usr/share/john/cronjob + + +ifeq ($(ARCH),i386) + install -d $(DEST)/usr/lib/john + install $(STRIP) $(CURDIR)/run/john-any $(DEST)/usr/lib/john/john-any + install $(STRIP) $(CURDIR)/run/john-mmx $(DEST)/usr/lib/john/john-mmx + install -m 755 $(CURDIR)/debian/extra/john $(DEST)/usr/sbin/john +else + install $(STRIP) $(CURDIR)/run/john $(DEST)/usr/sbin/john +endif + +binary-indep: build install +binary-arch: build install + dh_testdir + dh_testroot + dh_installchangelogs doc/CHANGES + dh_installdocs + dh_installexamples + dh_installcron +# dh_installdebconf + dh_installman + dh_link + dh_strip + dh_compress + dh_fixperms + dh_installdeb + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary install --- john-1.7.2.orig/debian/copyright +++ john-1.7.2/debian/copyright @@ -0,0 +1,90 @@ +Source: http://www.openwall.com/john/ + +Files: debian/* +Copyright: © 2008, David Paleino + © 2004-2006, Guilherme de S. Pastore + © 2003-2004, Javier Fernandez-Sanguino Peña + © 2000-2004, Christian Kurz +License: GPL-2+ + This program is free software; you can redistribute it and/or modify it + under the terms of the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your option) + any later version. + +Files: src/crc32.{c,h} +Copyright: © 1998-2005, Solar Designer +License: PD + +Files: src/nonstd.c + src/sboxes.c +Copyright: © 1998, Matthew Kwan +License: PD-like +==> nonstd.c <== + /* + * Generated S-box files. + * + * This software may be modified, redistributed, and used for any purpose, + * so long as its origin is acknowledged. + * + * Produced by Matthew Kwan - May 1998 + */ +==> sboxes.c <== + /* + * Generated S-box files. + * + * This software may be modified, redistributed, and used for any purpose, + * so long as its origin is acknowledged. + * + * Produced by Matthew Kwan - March 1998 + */ + +Files: src/x86-64.S +Copyright: © 2000-2006, Solar Designer + © 1998, Matthew Kwan +License: PD-like + /* + * This file is part of John the Ripper password cracker, + * Copyright (c) 2000-2001,2005,2006 by Solar Designer and others: + * + * The optimized S-box expressions are based on work by Matthew Kwan (see + * nonstd.c and sboxes.c). S1-S5 and S7 are based on nonstd.c, whereas S6 + * and S8 are based on sboxes.c. + */ + +Files: src/x86-mmx.S + src/x86-sse.S +Copyright: © 2000-2006, Solar Designer + © 1998, Matthew Kwan + © Bruce Ford + © Rémi Guyomarch +License: PD-like +==> x86-mmx.S <== + /* + * This file is part of John the Ripper password cracker, + * Copyright (c) 2000-2001,2005,2006 by Solar Designer and others: + * + * The MMX DES S-box code is by Bruce Ford and Rémi Guyomarch, originally + * for use in the distributed.net clients, included here with permission. + * Only minor modifications have been made to their S-box code. Optimized + * S-box expressions are based on work by Matthew Kwan (see nonstd.c). + * + * Note: there's some MMX code in x86.S as well. + */ +==> x86-sse.S <== + /* + * This file is part of John the Ripper password cracker, + * Copyright (c) 2000-2001,2005,2006 by Solar Designer and others: + * + * The MMX DES S-box code that this SSE2 DES S-box code is derived from + * is by Bruce Ford and Rémi Guyomarch, originally for use in the + * distributed.net clients, included here with permission. Only minor + * modifications have been made to their S-box code. The optimized S-box + * expressions are based on work by Matthew Kwan (see nonstd.c). + */ + +Files: * +Copyright: © 1996-2006, Alexander Peslyak a.k.a. Solar Designer +License: GPL-2+ + +On Debian systems, the complete text of the GNU General Public License v2 can be +found in `/usr/share/common-licenses/GPL-2'. --- john-1.7.2.orig/debian/control +++ john-1.7.2/debian/control @@ -0,0 +1,41 @@ +Source: john +Section: admin +Priority: optional +Maintainer: Ubuntu MOTU Developers +XSBC-Original-Maintainer: David Paleino +Standards-Version: 3.7.3 +Build-Depends: debhelper (>= 5), quilt +Homepage: http://www.openwall.com/john/ +Vcs-Svn: svn://svn.debian.org/svn/collab-maint/deb-maint/john/trunk/ +Vcs-Browser: http://svn.debian.org/wsvn/collab-maint/deb-maint/john/trunk/?rev=0&sc=0 + +Package: john +Architecture: any +Depends: ${shlibs:Depends}, john-data (= ${source:Version}) +Suggests: wenglish | wordlist +Description: active password cracking tool + john, mostly known as John the Ripper, is a tool designed to help systems + administrators to find weak (easy to guess or crack through brute force) + passwords, and even automatically mail users warning them about it, if it + is desired. + . + It can also be used with different cyphertext formats, including Unix's + DES and MD5, Kerberos AFS passwords, Windows' LM hashes, BSDI's extended DES, + and OpenBSD's Blowfish. + +Package: john-data +Architecture: all +Enhances: john +Conflicts: john (<= 1.7.2-1) +Description: active password cracking tool - character sets + john, mostly known as John the Ripper, is a tool designed to help systems + administrators to find weak (easy to guess or crack through brute force) + passwords, and even automatically mail users warning them about it, if it + is desired. + . + It can also be used with different cyphertext formats, including Unix's + DES and MD5, Kerberos AFS passwords, Windows' LM hashes, BSDI's extended DES, + and OpenBSD's Blowfish. + . + This package contains architecture-independent character sets usable by + john. --- john-1.7.2.orig/debian/changelog +++ john-1.7.2/debian/changelog @@ -0,0 +1,601 @@ +john (1.7.2-2ubuntu1) intrepid; urgency=low + + * Ported package from Debian SID (LP: #116890) + + -- Nicolai Spohrer Mon, 28 Apr 2008 18:03:36 +0200 + +john (1.7.2-2) unstable; urgency=low + + * Fixing undeclared conflict between john-data and previous versions + of john (Closes: #477974) + + -- David Paleino Sat, 26 Apr 2008 09:48:09 +0200 + +john (1.7.2-1) unstable; urgency=low + + * Package adopted (Closes: #461992) + * New upstream release (Closes: #385858, #353151, #353108, #127920) + * debian/control: + - added Vcs-* fields + - updated Maintainer field + - dropped dependency on dpkg + - updated dependency on debhelper (>= 5) + - added dependency on quilt + - added an Arch: all package -- john-data + * debian/watch added + * debian/preinst - now invokes dpkg-query + * debian/man/john.8 - fixed errors from man + * debian/rules: + - refactored to use debhelper + - refactored to use quilt + * debian/README removed (no more applicable): + - also fixes dead symlink error (Closes: #354634, #372154) + * debian/john-data.install added: + - also includes alnum.chr in /usr/share/john/ (Closes: #385856) + * debian/patches/: + - bashisms.diff removed -- patching a debian/ file, no need to make a + separate patch. + - faq.diff removed -- the same info that the patch adds can be found in + README.wordlists. + - system-wide.diff removed -- john 1.7.* supports system-wide installation + via a compiler flag. + - all other old patches have been kept (but not applied at build-time) for + future reference. + * debian/copyright updated. + * debian/compat updated. + + -- David Paleino Fri, 18 Apr 2008 17:24:58 +0200 + +john (1.6-40.4) unstable; urgency=medium + + * Non-maintainer upload. + * Add 'bashisms.diff' to fix bashisms in /usr/sbin/mailer script + (Closes: #468685) + * debian/control: + - Bump Standards-Version to 3.7.3. + - Use Homepage: field for upstream URL. + + -- Chris Lamb Sat, 12 Apr 2008 04:40:32 +0100 + +john (1.6-40.3) unstable; urgency=low + + * Non-maintainer upload. + * Fixed build failure on !(i386 || alpha). Revert to the state of version + 1.6-40.1, and used Ubuntu's sysconf-based patch instead of Thiemo's + CLOCKS_PER_SEC patch. Closes: #460697. + * Add debian/patches/mips.diff: patch from Thiemo Seufer to fix FTBFS on + mips and mipsel. Closes: #415738. + + -- Lucas Nussbaum Mon, 14 Jan 2008 20:00:36 +0100 + +john (1.6-40.2) unstable; urgency=low + + * Non-maintainer upload. + * Applied patch from Thiemo Seufer to replace CLK_TCK by CLOCKS_PER_SEC. + Fixes FTBFS (Closes: #420980). + + -- Lucas Nussbaum Sat, 12 Jan 2008 22:11:08 +0100 + +john (1.6-40.1) unstable; urgency=high + + * Non-maintainer upload. + * High-urgency for RC bugfix. + * The following bug fixes are mostly cherry-picked from an omnibus patch + by Justin Pryzby : + * Complete rewrite of maintainer scripts to neither remove nor edit + conffiles (Closes: #375850) + - the debconf settings are not necessary for package operation, + so just don't use debconf, and remove debconf-related files from + debian directory (incidentally closes: #412797) + - preserves settings in preinst, rather than moving conffiles to + foo.old + - do the conffile relocation in preinst (not postinst, which + inhibits dpkg diffs when they should be displayed) + - the cronjob in /etc/cron.d does nothing if the executable isn't + +x, so doesn't need to be commented out on uninstallation + - minor edits to debian/README to reflect these changes + * Set /var/run/john to mode 0700 in postinst configure unless a + dpkg-statoverride exists (Closes: #403855) + * On uninstallation, remove restore file from /var/lib, not /usr/share; + and do so in postrm remove, not prerm remove. On upgrade, if restore + file exists in /usr/share but not in /var/lib, move it in postinst. + + -- Kevin B. McCarty Wed, 14 Mar 2007 17:06:16 -0400 + +john (1.6-40) unstable; urgency=low + + * debian/control: updated my e-mail address. + + * debian/preinst, debian/postinst, debian/postrm: + - reorganized the code + - added debhelper token + * debian/postrm: + - changed interpreter to /bin/sh + * debian/prerm: + - always remove temporary file. (Closes: #350423) + + -- Guilherme de S. Pastore Tue, 18 Apr 2006 23:40:20 -0300 + +john (1.6-39) unstable; urgency=low + + * debian/man/john.8: + - escape the apostrophe at the beginning of like 139. + * debian/extra/mailer: + - fixed configuration file parser in order to, among other things, + appropriately ignore comments (Closes: #340902) + + -- Guilherme de S. Pastore Thu, 29 Dec 2005 10:21:25 -0200 + +john (1.6-38) unstable; urgency=low + + * debian/control: + - update to Standards-Version 3.6.2.1 with no changes + * debian/patches: + - faq.diff, makefile.diff, system-wide.diff: transformed changes made to + the source tree directly and stored in the .diff.gz file into patches, + so it's possible to maintain the package in an SVN repository + * debian/postinst: + - modify indentation + - remove $tmp if $cronfile doesn't exist (Closes: #332488) + * Updated Swedish debconf templates translation; thanks to + Daniel Nylander (Closes: #334883) + + -- Guilherme de S. Pastore Fri, 11 Nov 2005 22:39:25 -0200 + +john (1.6-37) unstable; urgency=medium + + * debian/control: + - updated maintainer's e-mail address + * debian/config, debian/postrm, debian/preinst: + - Removed bashisms + * debian/man/john.8: + - fixed typo, thanks to A Costa (Closes: #325683) + * debian/extra/john: + - remove the /proc existence check, which will make the script + simply fall back to john-any if MMX can't be checked for + * debian/copyright: + - cosmetic fixes + - updated FSF's address + + -- Guilherme de S. Pastore Fri, 12 Aug 2005 17:36:04 -0300 + +john (1.6-36) unstable; urgency=medium + + * debian/control: + - added debconf-2.0 as alternative to debconf dependency + * debian/extra/john: + - run john-{any,mmx} with the same we've been given, so it + works with unshadow and friends (Closes: #322442) + * debian/rules: + - install john.conf with the right permissions + - append to binary-install/john instead of binary-post-install/john + + -- Guilherme de S. Pastore Thu, 4 Aug 2005 14:11:07 -0300 + +john (1.6-35) unstable; urgency=low + + * Moved john-any and john-mmx to /usr/lib/john on i386, as the user + is not supposed (and won't be able) to run them directly + * Fix stupid usage of debian/john.install that broke a couple of things + in -34 (not uploaded to Debian, at least) + * debian/extra/john-mail.conf: + - Make it clear(er) that one shouldn't put the path to the system + password file in the passfile directive (Closes: #296766) + + -- Guilherme de S. Pastore Sat, 30 Jul 2005 12:20:02 -0300 + +john (1.6-34) unstable; urgency=low + + * debian/control: + - Rewrote both short and long description + - Updated Standards-Version to 3.6.2 with no changes + - Christian Kurz is really MIA, as he stated he would be. Removed + him from Uploaders. Thanks for the great work! + * debian/docs: + - Move installation of doc/NEWS to john.install, so we don't have to + manually rename it in debian/rules + * debian/examples: + - Removed run/john.ini from the list, it's the configuration file + * debian/po: + - de.po, es.po: unfuzzied header + - pt_BR.po: converted from ISO-8859-1 to UTF-8 + - vi.po: added Vietnamese translation from Clytie Siddall (Closes: #314258) + * debian/rules: + - General cleanups + - Don't strip files manually: dh_strip handles this + - Moved manpages installation to debian/john.manpages + - Don't include cdbs's buildcore.mk: it's included by debhelper.mk + - Properly use dpkg-architecture instead of dpkg --print-architecture + - Added /var/run/john to DEB_FIXPERMS_EXCLUDE: the location needs to + be safe from normal user reading + - Symlinks are now handled within debian/john.links, and always point + to /usr/sbin/john, as the script should handle non-MMX machines + * debian/README.wordlists: + - Rewritten from scratch for better language + - Removed references to non-free costly word lists + + -- Guilherme de S. Pastore Mon, 18 Jul 2005 13:27:24 -0300 + +john (1.6-33) unstable; urgency=medium + + * Fixed cronjob so that it doesn't send empty e-mails when no + password is cracked (Closes: #272065) + * Debconf templates: + - Updated Czech translation from Miroslav Kure (Closes: #273839) + - Updated Brazilian Portuguese translation from Tiago Vaz (Closes: #272432) + + -- Guilherme de S. Pastore Fri, 19 Nov 2004 21:09:15 -0200 + +john (1.6-32) unstable; urgency=medium + + * Fix "errors" displayed to user during purge (Closes: #268938) + * Debconf templates: + - Added Turkish translation from Recai Oktas (Closes: #269518) + - Updated Japanese translation from Hideki Yamane (Closes: #269530) + - Updated Dutch translation from Frans Pop (Closes: #269825) + - Updated German translation from Florian Ernst (Closes: #271299) + - Updated French translation from Frédéric Zulian (Closes: 271433, 271440) + [ Javier Fernandez-Sanguino ] + * The cronjob will now echo the output of the mailer script so that + root gets a mail about easy passwords like it previously did + + -- Guilherme de S. Pastore Sun, 12 Sep 2004 19:43:23 -0300 + +john (1.6-31) unstable; urgency=low + + * Added versioned dependency on dpkg >= 1.10.16, to have correct version + of start-stop-daemon and not wipe out system's /etc/shadow + (Closes: #266737) + + -- Guilherme de S. Pastore Wed, 18 Aug 2004 22:56:17 -0300 + +john (1.6-30) unstable; urgency=low + + * Rewrote debconf templates (Closes: #259299) + - Added Danish translation from Claus Hindsgaul + - Added Russian translation from Yuri Kozlov + * Fixed handling of warning of "No configuration file" when upgrading + from a version that used the old path, /etc/john.ini (Closes: #259320) + [ Javier Fernandez-Sanguino ] + * Updated Spanish translation of debconf templates + - Revision by Rudy Godoy + * debian/extra/cronjob: + - Remove all comments before grepping and only use the first definition. + Supposedly closes: #262316 + + -- Guilherme de S. Pastore Wed, 14 Jul 2004 06:31:47 -0300 + +john (1.6-29) unstable; urgency=high + + * debian/extra/cronjob: + - Installed again with execution permitions (+x) (Closes: #259084) + * Fixes related to configuration files move from /etc to /etc/john: + - debian/man/john.8 + - debian/extra/mailer (Closes: #259085) + - Debconf template and pt_BR translation + [ Javier Fernandez-Sanguino ] + * Minor typo fixes in the templates as suggested by Nicolas François in + #259191 + * Unfuzzied spanish translations after revision. + * Added missing entries of previous version to the changelog + * Remove files under /var/run/john and /etc/john on purge + + -- Guilherme de S. Pastore Mon, 12 Jul 2004 21:03:47 -0300 + +john (1.6-28) unstable; urgency=medium + + * Ported debian/rules to use CDBS + - Removed debian/conffiles, debhelper handles this + - Uses debian/dirs and others instead of polluting debian/rules + - Made cleanups and removed things that remained there from older + releases, such as unnecessary directories + * Bumped Standards-Version to 3.6.1.1 + * Moved manpages to section 8 (Closes: #252206) + - Fixed problems (Closes: #252506) + * Re-added sparc support with generic target (Closes: #220928) + * Added real alternative to suggestion on wordlist + * Removed lintian/linda overrides, don't need them anymore + * Moved configuration files to /etc/john/ (Closes: #141741, #229597) + * Only check for configuration file in config if it's an upgrade + (Closes: #251227, #253194) + * Added patch from Goswin von Brederlow to avoid segfaults when + casting signed char to unsigned int on amd64 (Closes: #251095) + * Added clarification to the manpage about having to run john with + -show from the same directory where the password was cracked, so + that it works (Closes: #228750) + [ Javier Fernandez-Sanguino ] + * Build on all architectures Debian supports, using the 'generic' + target for the ones not supported by john (Closes: #138689, #224883) + * Major rewrite of the cronjob which will now work as follows: + - Mailer uses the latest password file to avoid mailing users warning + about passwords if they have changed it (Closes: #251172) + - Stale files are now removed under some circunstances (so /var/run/john + does not fill up with cronpasswd files) + - John is started/stopped using start-stop-daemon which makes it + write the pid file properly (unlike previously). Also, + the start-stop-daemon usage makes it possible to run john as a + non-root user (if everything is 'chowned' to him). + - This new cronjob will now restore interrupted sessions correctly + (and uses the john.rec files) (Closes: #213164) + + -- Guilherme de S. Pastore Thu, 27 May 2004 18:14:28 -0300 + +john (1.6-27) unstable; urgency=low + + * New maintainer + * Bumped Standards-Version to 3.6.1.0 + * Removed Origin: field from debian/control + * Corrected typo on debian/man/mailer.1 (Closes: #249574) + * Added Czech translation provided by Miroslav Kure (Closes: #244363) + * Dropped Sparc support so that bug fixes can progress into testing. + This will remain until there is a proper fix for this issue. + [ Javier Fernandez-Sanguino ] + * Updated debian/po/fr.po with patch provided by Christian Perrier (merged + manually the changes since they are not using the latest version) + (Closes #229624) + * Updated the Spanish translation (debian/po/es.po) + * Added the ldap-extract script provided by Klaus Ethgen to the examples + (Closes: #226980) + * Nice John's cron job per default (nobody rejected this and seems + a reasonable request since john should be able to recover nicely) + (Closes: #228799) + * Fixed PID loop in the cronjob (Closes: #227323) + [ Christian Kurz] + * Updated debian/po/pt_BR.po with patch provided by Andre Luis Lopes + (Closes: #228122) + * Updated debian/po/ja.po with a patch provided by Hideki Yamane + (Closes: #235647) + * Updated debian/po/de.po with a patch provided by Florian Ernst + (Closes: #244524) + + -- Guilherme de S. Pastore Mon, 17 May 2004 22:39:21 -0300 + +john (1.6-26) unstable; urgency=medium + + * The "I should not forget to dupload stuff" Release. + [ Javier Fernandez-Sanguino ] + * Created a new template, and modified the config so it checks + whether john.ini exists or not (Closes: #226897) + * The default john.ini file is now included as an example (so the user can + use it for restoration of the config file) + * Added a proper charset to the de.po file. + * Updated the spanish po file. + [ Christian Kurz ] + * Updated debian/po/fr.po with patch provided by Christian Perrier (Closes: #227024) + + -- Javier Fernandez-Sanguino Pen~a Mon, 12 Jan 2004 20:29:35 +0100 + +john (1.6-25) unstable; urgency=low + + * The "I still have to submit the code to alioth... Merry Xmas!" Release + * Added debconf loading to prerm script, thanks to Bastian Kleineidam + (Closes: #224160) + * Removed debbugs call in debian/control (Closes: #220069) + * Added japanese translation provided by Hideki Yamane (Closes: #224182) + * Removed lintian/override creation from debian/rules (Closes: #223374) + + -- Javier Fernandez-Sanguino Pen~a Fri, 26 Dec 2003 14:22:11 +0100 + +john (1.6-24) unstable; urgency=low + + * When upgrading, do not ask to enable the cronjob if the user has + not chosen to replace it. + + -- Javier Fernandez-Sanguino Pen~a Mon, 17 Nov 2003 01:05:47 +0100 + +john (1.6-23) unstable; urgency=low + + * Fixed the cronjob in order to avoid mails with just + "Usage: /usr/sbin/mailer PASSWORD-FILE" since it seems that under + some circumstances the restoration of jobs does not work properly. + Also added usage line. + * Modified prerm script in order to deinstall the cronjob if the + user is removing the package and has enabled the cronjob (Closes: #220845) + * Also modified the cron.d file to only run the cronjob if the file + exists and is executable. + + -- Javier Fernandez-Sanguino Pen~a Fri, 14 Nov 2003 01:34:22 +0100 + +john (1.6-22) unstable; urgency=low + + * Really fixed src/Makefile (I should have noticed that sparc.h was + not being created) since it still fails to build in sparc. + + -- Javier Fernandez-Sanguino Pen~a Wed, 12 Nov 2003 17:36:35 +0100 + +john (1.6-21) unstable; urgency=low + + * Modified src/Makefile in an attempt to fix the sparc build (broken since + 1.6-19) + + -- Javier Fernandez-Sanguino Pen~a Wed, 12 Nov 2003 11:15:04 +0100 + +john (1.6-20) unstable; urgency=low + + * New co-maintainer (myself) in an attempt to offload Christian + of some of work in this package. + * Fixed typos in debian/rules (Closes: #220013, #213154) + * Included some more information in the description as well as the + upstream location (Closes: #220008) + * Added template in order to allow for configuration of wordlists + by the user, as well as a README.wordlist document + (Closes: #159488, #123837, #220015) + * Recovered configuration note regarding cron jobs so john will now + properly enable/disable it if asked to (Closes: #220021) + * Included Spanish debconf translation (Closes: #220011) + * Recovered German translation of the cronjob and added a de.po file. + * Added Dutch debconf translation provided by Philippe Faes + (Closes: #211349) + * Added French debconf translation provided by Frederic Zulian + (Closes: #211540) + * Added author's name and updated email address in copyright. + * Creation of /var/run/john/ in order to use this location + for the temporary file in john-mail.conf (this is mode 0700 so that + even if the passwords are stored there the impact is reduced) + + -- Javier Fernandez-Sanguino Pen~a Mon, 10 Nov 2003 22:01:00 +0100 + +john (1.6-19) unstable; urgency=low + + * This release wouldn't have been possible without the help from Jeronimo + Pellegrini and Gergely Nagy. Both were a great help for me and so it's + only fair to credit them here and say a big "THANK YOU"! + * john will create now the files john.pot, john.ini and restore in the + directory where it was started from. + * Changed the unshadow.1 manpage as suggested by Colin Watson. This means + that one occurance of .br was replaced by .PP and an newline was added. + This will address the issue of the slightly broken unshadow manpage, + that has been reported as bug #142848. + * The manpage john.1 won't mention the non-existing john-ini.5 anymore. This + is going to fix the bug #122438. + * Integrated two patches from Jeronimo Pellegrini that are going to improve + the cronjob. Also thanks to Gergely Nagy for his help with devising and + developing the patches. This should address bug #162991. + * Also the whole setup and behaviour of the cronjob has been modified. This + should also fix the bug #118012 since the code has been changed. + * Updated the URL pointer in the FAQ. This should fix the bug report + #159580. + * Changed the wrong comment in the file /etc/john-mail.conf. This will fix + the bug #162599. + * Fixed the location of password.lst and the location of the files for the + incremental mode in /etc/john.ini. This will fix the bugreport #79831. + * Reworked support for translation of debconf messages. Now this package is + using po-debconf for this purpose. + + -- Christian Kurz Wed, 11 Dec 2002 22:17:09 +0100 + +john (1.6-18) unstable; urgency=low + + * Applied a patch from Jeronimo Pellegrini to remove the reference + to the unexisting john.ini(5) manpage. (Closes: #122438) + * Applied a fix from Ben Okopnik to the unshadow manpage. + (Closes: #142848) + + -- Christian Kurz Sun, 14 Apr 2002 23:33:09 +0200 + +john (1.6-17) unstable; urgency=low + + * Rewording of comments in config file. (Closes: #115556) + (Thanks to Martin F Krafft) + * Included hack to remove cronjob if needed. (Closes: #114835,#117034) + + -- Christian Kurz Sun, 14 Oct 2001 20:14:42 +0200 + +john (1.6-16) unstable; urgency=low + + * Integrated patch from Damyan Ivanov to fix unquoted sed + expressions. (Closes: #113557) + + -- Christian Kurz Wed, 26 Sep 2001 12:57:53 +0200 + +john (1.6-15) unstable; urgency=low + + * Fixed typo in debconf templates. (Closes: #112058,#113166) + * Should fix another problem with the lock-file. (Closes: #113332) + + -- Christian Kurz Wed, 12 Sep 2001 16:08:30 +0200 + +john (1.6-14) unstable; urgency=low + + * Added german debconf translation from Sebastian Feltel. + (Closes: #109980) + * Fixed two typos in the john.1 manpage, noted by Stephen Frost. + * Applied patch from Daniel Kobras to fix two oversights in the + cronjob script. (Closes: #110272) + * Applied patch from Jeronimo Pellegrini to fix some small problems + in the scripts. (Closes: #110957) + + -- Christian Kurz Sat, 25 Aug 2001 09:09:18 +0200 + +john (1.6-13) unstable; urgency=low + + * We'll gzip the example file, which is about 12k. But the other files + which are just 2-6k will be stay uncompressed, until some very good + reasons are presented to convince me. (Closes: #96650) + * Integration of Patch from Jeronimo Pellegrini to support the + installation and deinstallation of a cronjob. (Closes: #101970) + + -- Christian Kurz Thu, 12 Jul 2001 22:55:09 +0200 + +john (1.6-12) unstable; urgency=low + + * Now we finally added manpages for john which have been written by + Jordi Mallach and Jeronimo Pellegrini. (Closes: #62498) + * Applied a patch from Jeronimo Pellegrini to make the mailer script + more configurable. (Closes: #101968) + + -- Christian Kurz Sun, 20 May 2001 10:18:56 +0200 + +john (1.6-11) unstable; urgency=low + + * Fixed Symlinks for $ARCHITECURE != i386. (Closes: #92280) + + -- Christian Kurz Sat, 31 Mar 2001 18:34:42 +0200 + +john (1.6-10) unstable; urgency=low + + * Fixed the symlinks, since we didn't notice that we broke them with + the 1.6-8 release. Now, it should work fine again. (Closes: #91824) + + -- Christian Kurz Wed, 28 Mar 2001 08:22:18 +0200 + +john (1.6-9) unstable; urgency=low + + * Fixed the name of the override file for john and also it' + location. (Closes: #81218) + + -- Christian Kurz Sun, 25 Mar 2001 00:30:33 +0100 + +john (1.6-8) unstable; urgency=low + + * Fixed the startup script for john to correctly use bash. + + -- Christian Kurz Thu, 1 Mar 2001 20:00:13 +0100 + +john (1.6-7) unstable; urgency=low + + * Fixed a typo to build john also on Alpha (Closes: #83696) + + -- Christian Kurz Sat, 27 Jan 2001 09:13:13 +0100 + +john (1.6-6) unstable; urgency=low + + * Added sparc-fix from Solar Designer (Closes: #81756). + * Changed rules file to build two different versions of john, one with + mmx extensions, and one without. + * Added wrapper script to start john. + + -- Christian Kurz Fri, 12 Jan 2001 22:31:05 +0100 + +john (1.6-5) unstable; urgency=low + + * Moved overrides file to correct location (Closes: 81218). + * Added 3 lines to overrides file for the symlinks. + + -- Christian Kurz Thu, 4 Jan 2001 20:51:32 +0100 + +john (1.6-4) unstable; urgency=low + + * Hopefully I fixed now the logfile-path-bug. + + -- Christian Kurz Fri, 8 Dec 2000 22:26:26 +0100 + +john (1.6-3) unstable; urgency=low + + * Fixed pre-rm to allow removal of package (Closes: 74091). + + -- Christian Kurz Thu, 5 Oct 2000 21:55:51 +0200 + +john (1.6-2) unstable; urgency=low + + * Changed debian/rules to be faster and more portable. + * Fixed prerm-script to run only on purges. + * Fixed some pathes to better defaults. + + -- Christian Kurz Mon, 15 May 2000 19:37:07 +0200 + +john (1.6-1) unstable; urgency=low + + * First Debian release. + + -- Christian Kurz Sat, 1 Apr 2000 12:23:57 +0200 --- john-1.7.2.orig/debian/man/unafs.8 +++ john-1.7.2/debian/man/unafs.8 @@ -0,0 +1,40 @@ +.\" Hey, EMACS: -*- nroff -*- +.\" +.\" unafs.8 is copyright 1999-2001 by +.\" Jordi Mallach +.\" This is free documentation, see the latest version of the GNU General +.\" Public License for copying conditions. There is NO warranty. +.TH UNAFS 8 "June 03, 2004" john +.\" Please adjust this date whenever revising the manpage. +.SH NAME +unafs \- script to warn users about their weak passwords +.SH SYNOPSIS +.B unafs +\fIpassword-files cell-name\fP +.SH DESCRIPTION +This manual page documents briefly the +.B unafs +command, which is part of the john package. +This manual page was written for the Debian GNU/Linux distribution +because the original program does not have a manual page. +\fBjohn\fP, better known as John the Ripper, is a tool to find weak +passwords of users in a server. +.br +The \fBunafs\fP tool gets password hashes out of the binary AFS +database, and produces a file usable by John. +.SH SEE ALSO +.BR john (8), +.BR mailer (8), +.BR unique (8), +.BR unshadow (8). +.PP +The programs are documented fully by John's documentation, +which should be available in \fI/usr/share/doc/john\fP or other +location, depending on your system. +.SH AUTHOR +This manual page was written by Jordi Mallach , +for the Debian GNU/Linux system (but may be used by others). +.br +John the Ripper and mailer were written by Solar Designer +. The complete list of contributors can be found in +the CREDITS file in the documentation directory. --- john-1.7.2.orig/debian/man/john.8 +++ john-1.7.2/debian/man/john.8 @@ -0,0 +1,218 @@ +.\" Hey, EMACS: -*- nroff -*- +.\" +.\" john.8 is copyright 1999-2001 by +.\" Jordi Mallach +.\" This is free documentation, see the latest version of the GNU General +.\" Public License for copying conditions. There is NO warranty. +.TH JOHN 8 "June 03, 2004" john +.\" Please adjust this date whenever revising the manpage. +.SH NAME +john \- a tool to find weak passwords of your users +.SH SYNOPSIS +.B john +.RI [ options ] "password-files" +.SH DESCRIPTION +This manual page documents briefly the +.B john +command. +This manual page was written for the Debian GNU/Linux distribution +because the original program does not have a manual page. +\fBjohn\fP, better known as John the Ripper, is a tool to find weak +passwords of users in a server. John can use a dictionary or some search +pattern as well as a password file to check for passwords. John supports +different cracking modes and understands many ciphertext formats, like +several DES variants, MD5 and blowfish. It can also be used to extract AFS +and Windows NT passwords. +.SH USAGE +To use John, you just need to supply it a password file and the desired +options. If no mode is specified, john will try "single" first, then +"wordlist" and finally "incremental". +.P +Once John finds a password, it will be printed to the terminal and saved +into a file called ~/john.pot. John will read this file when it restarts +so it doesn't try to crack already done passwords. +.P +To see the cracked passwords, use +.P +john \-show passwd +.P +Important: do this under the same directory where the password was cracked +(when using the cronjob, /var/lib/john), otherwise it won't work. +.P +While cracking, you can press any key for status, or Ctrl+C to abort the +session, saving point information to a file ( +.I ~/restore +by default). By the +way, if you press Ctrl+C twice John will abort immediately without saving. +The point information is also saved every 10 minutes (configurable in the +configuration file, +.I ~/john.ini +) in case of a crash. +.P +To continue an interrupted session, run: +.P +john \-restore +.P +Now, you may notice that many accounts have a disabled shell, you can make +John ignore these (assume that shell is called +.I /etc/expired +): +.P +john \-show \-shells:\-/etc/expired passwd +.P +You might want to mail all the users who got weak passwords, +to tell them to change the passwords. It's not always a good idea though +(unfortunately, lots of people seem to ignore such mail, it can be used +as a hint for crackers, etc), but anyway, I'll assume you know what you're +doing. Get a copy of the 'mailer' script supplied with John, so you won't +change anything that's under +.I /usr/bin +; edit the message it sends, and +possibly the mail command inside it (especially if the password file is +from a different box than you got John running on). +Then run: +.P + ./mailer passwd +.P +Anyway, you probably should have a look at +.I /usr/share/doc/john/OPTIONS +for a list of all the command line options, and at +.I /usr/share/doc/john/EXAMPLES +for more John usage examples with other cracking modes. +.SH OPTIONS +All the options recognized by john start with a single dash (`\-'). +A summary of options is included below. +.TP +.B \-external:MODE +Enables an external mode, using external functions defined in ~/john.ini's +[List.External:MODE] section. +.TP +.B \-format:NAME +Allows you to override the ciphertext format detection. Currently, valid +format names are DES, BSDI, MD5, BF, AFS, LM. You can use this option when +cracking or with '\-test'. Note that John can't crack password files with +different ciphertext formats at the same time. +.TP +.B \-groups:[\-]GID[,..] +Tells John to load users of the specified group(s) only. +.TP +.B \-incremental[:MODE] +Enables the incremental mode, using the specified ~/john.ini definition +(section [Incremental:MODE], or [Incremental:All] by default). +.TP +.B \-makechars:FILE +Generates a charset file, based on character frequencies from ~/john.pot, +for use with the incremental mode. The entire ~/john.pot will be used for +the charset file unless you specify some password files. You can also use +an external filter() routine with this option. +.TP +.B \-restore[:FILE] +Continues an interrupted cracking session, reading point information from +the specified file (~/restore by default). +.TP +.B \-rules +Enables wordlist rules, that are read from [List.Rules:Wordlist]. +.TP +.B \-salts:[\-]COUNT +This feature sometimes allows to achieve better performance. For example +you can crack only some salts using '\-salts:2' faster, and then crack the +rest using '\-salts:\-2'. Total cracking time will be about the same, but +you will get some passwords cracked earlier. +.TP +.B \-savemem:LEVEL +You might need this option if you don't have enough memory, or don't want +John to affect other processes too much. Level 1 tells John not to waste +memory on login names, so you won't see them while cracking. Higher levels +have a performance impact: you should probably avoid using them unless John +doesn't work or gets into swap otherwise. +.TP +.B \-session:FILE +Allows you to specify another point information file's name to use for +this cracking session. This is useful for running multiple instances of +John in parallel, or just to be able to recover an older session later, +not always continue the latest one. +.TP +.B \-shells:[\-]SHELL[,..] +This option is useful to load accounts with a valid shell only, or not to +load accounts with a bad shell. You can omit the path before a shell name, +so '\-shells:csh' will match both '/bin/csh' and '/usr/bin/csh', while +\'\-shells:/bin/csh' will only match '/bin/csh'. +.TP +.B \-show +Shows the cracked passwords in a convenient form. You should also specify +the password files. You can use this option while another John is cracking, +to see what it did so far. +.TP +.B \-single +Enables the "single crack" mode, using rules from [List.Rules:Single]. +.TP +.B \-status[:FILE] +Prints status of an interrupted or running session. To get an up to date +status information of a detached running session, send that copy of John +a SIGHUP before using this option. +.TP +.B \-stdin +These are used to enable the wordlist mode (reading from stdin). +.TP +.B \-stdout[:LENGTH] +When used with a cracking mode, except for "single crack", makes John +print the words it generates to stdout instead of cracking. While applying +wordlist rules, the significant password length is assumed to be LENGTH, +or unlimited by default. +.TP +.B \-test +Benchmarks all the enabled ciphertext format crackers, and tests them for +correct operation at the same time. +.TP +.B \-users:[\-]LOGIN|UID[,..] +Allows you to filter a few accounts for cracking, etc. A dash before the +list can be used to invert the check (that is, load all the users that +aren't listed). +.TP +.B \-wordfile:FILE +These are used to enable the wordlist mode, reading words from FILE. +.SH MODES +John can work in the following modes: +.TP +\fBWordlist\fP +John will simply use a file with a list of words that will be checked +against the passwords. See RULES for the format of wordlist files. +.TP +\fBSingle crack\fP +In this mode, john will try to crack the password using the login/GECOS +information as passwords. +.TP +\fBIncremental\fP +This is the most powerful mode. John will try any character combination +to resolve the password. +Details about these modes can be found in the MODES file in john's +documentation, including how to define your own cracking methods. +.SH FILES +.TP +.I /etc/john/john.conf +is where you configure how john will behave. +.TP +.I /etc/john/john\-mail.msg +has the message sent to users when their passwords are successfully cracked. +.TP +.I /etc/john/john\-mail.conf +is used to configure how john will send messages to users that had their passwords +cracked. +.P +.SH SEE ALSO +.BR mailer (8), +.BR unafs (8), +.BR unique (8), +.BR unshadow (8), +.PP +The programs and the configuration files are documented fully by John's +documentation, which should be available in \fI/usr/share/doc/john\fP or +other location, depending on your system. +.SH AUTHOR +This manual page was written by Jordi Mallach +and Jeronimo Pellegrini , for the +Debian GNU/Linux system (but may be used by others). +.br +John the Ripper was written by Solar Designer . +The complete list of contributors can be found in the CREDITS file +in the documentation directory. --- john-1.7.2.orig/debian/man/unshadow.8 +++ john-1.7.2/debian/man/unshadow.8 @@ -0,0 +1,43 @@ +.\" Hey, EMACS: -*- nroff -*- +.\" +.\" unshadow.8 is copyright 1999-2001 by +.\" Jordi Mallach +.\" This is free documentation, see the latest version of the GNU General +.\" Public License for copying conditions. There is NO warranty. +.TH UNSHADOW 8 "June 03, 2004" john +.\" Please adjust this date whenever revising the manpage. +.SH NAME +unshadow \- combines passwd and shadow files +.SH SYNOPSIS +.B unshadow +\fIpassword-file shadow-file\fP +.SH DESCRIPTION +This manual page documents briefly the +.B unshadow +command, which is part of the john package. +This manual page was written for the Debian GNU/Linux distribution +because the original program does not have a manual page. +\fBjohn\fP, better known as John the Ripper, is a tool to find weak +passwords of users in a server. +.PP +The \fBunshadow\fP tool combines the passwd and shadow files so John can +use them. You might need this since if you only used your shadow file, the +GECOS information wouldn't be used by the "single crack" mode, and also you +wouldn't be able to use the '\-shells' option. On a normal system you'll need +to run unshadow as root to be able to read the shadow file. +.SH SEE ALSO +.BR john (8), +.BR mailer (8), +.BR unafs (8), +.BR unique (8). +.PP +The programs are documented fully by John's documentation, +which should be available in \fI/usr/share/doc/john\fP or other +location, depending on your system. +.SH AUTHOR +This manual page was written by Jordi Mallach , +for the Debian GNU/Linux system (but may be used by others). +.br +John the Ripper and mailer were written by Solar Designer +. The complete list of contributors can be found in +the CREDITS file in the documentation directory. --- john-1.7.2.orig/debian/man/unique.8 +++ john-1.7.2/debian/man/unique.8 @@ -0,0 +1,41 @@ +.\" Hey, EMACS: -*- nroff -*- +.\" +.\" unique.8 is copyright 1999-2001 by +.\" Jordi Mallach +.\" This is free documentation, see the latest version of the GNU General +.\" Public License for copying conditions. There is NO warranty. +.TH UNIQUE 8 "June 03, 2004" john +.\" Please adjust this date whenever revising the manpage. +.SH NAME +unique \- removes duplicates from a wordlist +.SH SYNOPSIS +.B unique +\fIoutput-file\fP +.SH DESCRIPTION +This manual page documents briefly the +.B unique +command, which is part of the john package. +This manual page was written for the Debian GNU/Linux distribution +because the original program does not have a manual page. +\fBjohn\fP, better known as John the Ripper, is a tool to find weak +passwords of users in a server. +.br +The \fBunique\fP tool finds and removes duplicate entries from a +wordlist (read from stdin), without changing the order. This is important +to increase the performance of john when using the wordlist method. +.SH SEE ALSO +.BR john (8), +.BR mailer (8), +.BR unafs (8), +.BR unshadow (8). +.PP +The programs are documented fully by John's documentation, +which should be available in \fI/usr/share/doc/john\fP or other +location, depending on your system. +.SH AUTHOR +This manual page was written by Jordi Mallach , +for the Debian GNU/Linux system (but may be used by others). +.br +John the Ripper and mailer were written by Solar Designer +. The complete list of contributors can be found in +the CREDITS file in the documentation directory. --- john-1.7.2.orig/debian/man/mailer.8 +++ john-1.7.2/debian/man/mailer.8 @@ -0,0 +1,44 @@ +.\" Hey, EMACS: -*- nroff -*- +.\" +.\" mailer.8 is copyright 1999-2001 by +.\" Jordi Mallach +.\" This is free documentation, see the latest version of the GNU General +.\" Public License for copying conditions. There is NO warranty. +.TH MAILER 8 "June 03, 2004" john +.\" Please adjust this date whenever revising the manpage. +.SH NAME +mailer \- script to warn users about their weak passwords +.SH SYNOPSIS +.B mailer +\fIpassword-files\fP +.SH DESCRIPTION +This manual page documents briefly the +.B mailer +command, which is part of the john package. +This manual page was written for the Debian GNU/Linux distribution +because the original program does not have a manual page. +\fBjohn\fP, better known as John the Ripper, is a tool to find weak +passwords of users in a server. +.br +The \fBmailer\fP tool is useful to inform users which have been found to +be using weak passwords by mail. +.P +You should edit the message mailer will send to the users, but remember to +copy the script to a safe place before editing it, as it's +generally a bad idea to modify things living in /usr. +.SH SEE ALSO +.BR john (8), +.BR unafs (8), +.BR unique (8), +.BR unshadow (8). +.PP +The programs are documented fully by John's documentation, +which should be available in \fI/usr/share/doc/john\fP or other +location, depending on your system. +.SH AUTHOR +This manual page was written by Jordi Mallach , +for the Debian GNU/Linux system (but may be used by others). +.br +John the Ripper and mailer were written by Solar Designer +. The complete list of contributors can be found in +the CREDITS file in the documentation directory. --- john-1.7.2.orig/debian/manpages +++ john-1.7.2/debian/manpages @@ -0,0 +1,5 @@ +debian/man/john.8 +debian/man/mailer.8 +debian/man/unafs.8 +debian/man/unique.8 +debian/man/unshadow.8 --- john-1.7.2.orig/debian/README.wordlists +++ john-1.7.2/debian/README.wordlists @@ -0,0 +1,47 @@ +John the Ripper and word lists +------------------------------ +(or how to remove the false sense of security) + +The Debian version of John the Ripper can be configured to run as a +cron job, which will make it periodically check the passwords used +on the system in order to determine if they are really "secure" +(that is, not easy to guess or crack by brute force). + +Currently, john provides its own word list for password cracking, which +contains a lot of common passwords, as provided by john's author, and +can be found on /usr/share/john/password.lst. However, user passwords +strongly depend on the mother tongue and the cultural background, hence, +the default word list alone might not be ideal for every system. + +This is the reason why, in some cases, installing john and running it +often might give sense of security that is not necessarily true. While +you think it will be able to guess easy passwords, it it only able to +guess easy and common English passwords. + +If you think this is the case, there are a number of wordlists you can +use: provided by Debian or other sources (FTP servers related to security +often provide a directory with those). + +Some spell checkers in Debian provide the word lists used by them (26 at +the time of writing these lines). They may be useful to look for passwords +based on words, and are available for many foreign languages. You can see +the list of packages providing wordlists by running + +$ grep-available -e wordlist -n -F Provides -s package + +Notice that there are some other Debian packages (such as 'jargon') that +might provide word lists useful for password-checking purposes too. + +Some word lists suitable for password cracking can be found on, among +others: + ftp://ftp.zedz.net/pub/crypto/wordlists/ + ftp://ftp.cerias.purdue.edu/pub/dict/ + ftp://ftp.ox.ac.uk/pub/wordlists/ + +They are not simply dictionaries, but a compendium of common names, +heroes, popular teams, etc., which may provide even more useful input +for john. + +-- +The Debian Maintainers of john +Tue, 19 Jul 2005 14:15:15 -0300 --- john-1.7.2.orig/debian/preinst +++ john-1.7.2/debian/preinst @@ -0,0 +1,61 @@ +#!/bin/sh +set -e + +# Relocate a conffile from one location to another; it is removed iff +# unmodified, and moved iff modified. +# The undo path is postrm abort-install|abort-upgrade. +# $1 is the old pathname of the conffile, +# $2 is the new pathname of the conffile. +mv_conffile () +{ + [ ! -f "$1" ] && return + if [ -e "$2" ] ; then + echo "Not moving conffile $1 to $2; new file exists" + return + fi + + orgmd5=`dpkg-query -W -f='${Conffiles}' dpkg | cut -d' ' -f3` + curmd5=`md5sum $1 |sed -e 's/ .*//'` + if [ "$orgmd5" = "$curmd5" ]; then + # conffile unmodified; prepare to remove it, allowing + # dpkg to install a new copy to the new location + # before "configuration" + echo "Preparing to remove unmodified conffile:" + echo -n " " + mv -fv $1 $1.moved_by_preinst + else + # conffile modified by admin; relocate it, causing + # dpkg to prompt, as intended + echo "Relocating modified conffile to new location:" + echo -n " " + mv -fv $1 $2 + fi >&2 +} + +p1=/etc +p2=/etc/john +case $1 in +install|upgrade) + [ -d $p2 ] || mkdir $p2 + if dpkg --compare-versions "$2" le-nl 1.6-27; then + mv_conffile $p1/john.ini $p2/john.conf + mv_conffile $p1/john-mail.conf $p2/john-mail.conf + mv_conffile $p1/john-mail.msg $p2/john-mail.msg + + # No need to remove the obsolete conffile + # /etc/cron.daily/john, since old prerm does so + # unconditionally (and there is nothing we can do to stop it) + fi + ;; + +abort-upgrade) + # This case needs no actions here + ;; + +*) + echo "$0: undocumented call: $@" + exit 1 + ;; +esac + +#DEBHELPER# --- john-1.7.2.orig/debian/patches/02-mipsel.patch +++ john-1.7.2/debian/patches/02-mipsel.patch @@ -0,0 +1,120 @@ +--- john.orig/src/Makefile ++++ john/src/Makefile +@@ -88,6 +88,8 @@ + @echo "linux-ppc32 Linux, PowerPC 32-bit" + # @echo "linux-ppc64-altivec Linux, PowerPC 64-bit w/AltiVec" + @echo "linux-ppc64 Linux, PowerPC 64-bit" ++ @echo "linux-mips Linux, MIPS" ++ @echo "linux-mipsel Linux, MIPSel" + @echo "freebsd-x86-sse2 FreeBSD, x86 with SSE2 (best)" + @echo "freebsd-x86-mmx FreeBSD, x86 with MMX" + @echo "freebsd-x86-any FreeBSD, x86" +@@ -245,6 +247,16 @@ + JOHN_OBJS="$(JOHN_OBJS) x86.o" \ + ASFLAGS="$(ASFLAGS) -DBSD" + ++linux-mips: mips.h ++ $(LN) mips.h arch.h ++ $(MAKE) $(PROJ) \ ++ JOHN_OBJS="$(BITSLICE_OBJS) $(JOHN_OBJS)" ++ ++linux-mipsel: mipsel.h ++ $(LN) mipsel.h arch.h ++ $(MAKE) $(PROJ) \ ++ JOHN_OBJS="$(BITSLICE_OBJS) $(JOHN_OBJS)" ++ + freebsd-x86-any-a.out: + $(LN) x86-any.h arch.h + $(MAKE) $(PROJ) \ +--- /dev/null ++++ john/src/mipsel.h +@@ -0,0 +1,43 @@ ++/* ++ * This file is part of John the Ripper password cracker, ++ * Copyright (c) 1996-98 by Solar Designer ++ */ ++ ++/* ++ * Architecture specific parameters for little-endian MIPS. ++ */ ++ ++#ifndef _JOHN_ARCH_H ++#define _JOHN_ARCH_H ++ ++#define ARCH_GENERIC 1 ++#define ARCH_WORD long ++#define ARCH_SIZE 4 ++#define ARCH_BITS 32 ++#define ARCH_BITS_STR "32" ++#define ARCH_LITTLE_ENDIAN 1 ++#define ARCH_INT_GT_32 0 ++#define ARCH_ALLOWS_UNALIGNED 0 ++#define ARCH_INDEX unsigned int ++ ++#define OS_TIMER 1 ++#define OS_FLOCK 1 ++ ++#define CPU_DETECT 0 ++ ++#define DES_ASM 0 ++#define DES_128K 0 ++#define DES_X2 0 ++#define DES_MASK 0 ++#define DES_SCALE 1 ++#define DES_EXTB 0 ++#define DES_COPY 1 ++#define DES_BS 0 ++ ++#define MD5_ASM 0 ++#define MD5_IMM 0 ++ ++#define BF_ASM 0 ++#define BF_SCALE 0 ++ ++#endif +--- /dev/null ++++ john/src/mips.h +@@ -0,0 +1,43 @@ ++/* ++ * This file is part of John the Ripper password cracker, ++ * Copyright (c) 1996-98 by Solar Designer ++ */ ++ ++/* ++ * Architecture specific parameters for big-endian MIPS. ++ */ ++ ++#ifndef _JOHN_ARCH_H ++#define _JOHN_ARCH_H ++ ++#define ARCH_GENERIC 1 ++#define ARCH_WORD long ++#define ARCH_SIZE 4 ++#define ARCH_BITS 32 ++#define ARCH_BITS_STR "32" ++#define ARCH_LITTLE_ENDIAN 0 ++#define ARCH_INT_GT_32 0 ++#define ARCH_ALLOWS_UNALIGNED 0 ++#define ARCH_INDEX unsigned int ++ ++#define OS_TIMER 1 ++#define OS_FLOCK 1 ++ ++#define CPU_DETECT 0 ++ ++#define DES_ASM 0 ++#define DES_128K 0 ++#define DES_X2 0 ++#define DES_MASK 0 ++#define DES_SCALE 1 ++#define DES_EXTB 0 ++#define DES_COPY 1 ++#define DES_BS 0 ++ ++#define MD5_ASM 0 ++#define MD5_IMM 0 ++ ++#define BF_ASM 0 ++#define BF_SCALE 0 ++ ++#endif --- john-1.7.2.orig/debian/patches/sysconf_clk_tck.diff +++ john-1.7.2/debian/patches/sysconf_clk_tck.diff @@ -0,0 +1,100 @@ +diff -Nur john-1.6/src/bench.c john-1.6.new/src/bench.c +--- john-1.6/src/bench.c 2000-04-01 02:21:43.000000000 -0800 ++++ john-1.6.new/src/bench.c 2006-10-13 09:36:47.906521852 -0700 +@@ -9,6 +9,7 @@ + #include + #include + #include ++#include + + #include "times.h" + +@@ -103,7 +104,7 @@ + it.it_value.tv_sec = BENCHMARK_TIME; + if (setitimer(ITIMER_REAL, &it, NULL)) pexit("setitimer"); + #else +- sig_timer_emu_init(BENCHMARK_TIME * CLK_TCK); ++ sig_timer_emu_init(BENCHMARK_TIME * sysconf(_SC_CLK_TCK)); + #endif + + start_real = times(&buf); +@@ -144,8 +145,8 @@ + { + unsigned long cps_hi, cps_lo; + +- cps_hi = count * CLK_TCK / time; +- cps_lo = count * ((unsigned ARCH_WORD)CLK_TCK * 10) / time % 10; ++ cps_hi = count * sysconf(_SC_CLK_TCK) / time; ++ cps_lo = count * ((unsigned ARCH_WORD)sysconf(_SC_CLK_TCK) * 10) / time % 10; + + sprintf(buffer, cps_hi < 100 ? "%lu.%lu" : "%lu", cps_hi, cps_lo); + } +diff -Nur john-1.6/src/best.c john-1.6.new/src/best.c +--- john-1.6/src/best.c 2000-04-01 02:21:43.000000000 -0800 ++++ john-1.6.new/src/best.c 2006-10-13 09:37:01.859218512 -0700 +@@ -9,6 +9,7 @@ + + #include + #include ++#include + + #include "params.h" + #include "common.h" +@@ -56,7 +57,7 @@ + fprintf(stderr, "FAILED\n"); + } else { + virtual = (unsigned long) +- (results.count * CLK_TCK * 10 / results.virtual); ++ (results.count * sysconf(_SC_CLK_TCK) * 10 / results.virtual); + + benchmark_cps(results.count, results.real, s_real); + benchmark_cps(results.count, results.virtual, s_virtual); +diff -Nur john-1.6/src/signals.c john-1.6.new/src/signals.c +--- john-1.6/src/signals.c 2000-04-01 02:21:43.000000000 -0800 ++++ john-1.6.new/src/signals.c 2006-10-13 09:37:35.480897303 -0700 +@@ -9,6 +9,7 @@ + #include + #include + #include ++#include + + #ifdef __DJGPP__ + #include +@@ -217,7 +218,7 @@ + { + #if !OS_TIMER + signal(SIGALRM, sig_handle_timer); +- sig_timer_emu_init(TIMER_INTERVAL * CLK_TCK); ++ sig_timer_emu_init(TIMER_INTERVAL * sysconf(_SC_CLK_TCK)); + #else + struct sigaction sa; + struct itimerval it; +diff -Nur john-1.6/src/status.c john-1.6.new/src/status.c +--- john-1.6/src/status.c 2000-04-01 02:21:43.000000000 -0800 ++++ john-1.6.new/src/status.c 2006-10-13 09:38:00.130128134 -0700 +@@ -7,6 +7,7 @@ + #include + #include + #include ++#include + + #include "times.h" + +@@ -35,7 +36,7 @@ + if (!status_restored_time) + memset(&status, 0, sizeof(status)); + status.start_time = +- get_time() - status_restored_time * CLK_TCK; ++ get_time() - status_restored_time * sysconf(_SC_CLK_TCK); + } + + status_get_progress = get_progress; +@@ -48,7 +49,7 @@ + + unsigned int status_get_time() + { +- return (get_time() - status.start_time) / CLK_TCK; ++ return (get_time() - status.start_time) / sysconf(_SC_CLK_TCK); + } + + static char *status_get_cps(char *buffer) --- john-1.7.2.orig/debian/patches/03-fix_paths.patch +++ john-1.7.2/debian/patches/03-fix_paths.patch @@ -0,0 +1,15 @@ +--- john-1.7.2.orig/src/params.h ++++ john-1.7.2/src/params.h +@@ -54,10 +54,10 @@ + + #if JOHN_SYSTEMWIDE + #ifndef JOHN_SYSTEMWIDE_EXEC /* please refer to the notes above */ +-#define JOHN_SYSTEMWIDE_EXEC "/usr/libexec/john" ++#define JOHN_SYSTEMWIDE_EXEC "/usr/lib/john" + #endif + #ifndef JOHN_SYSTEMWIDE_HOME +-#define JOHN_SYSTEMWIDE_HOME "/usr/share/john" ++#define JOHN_SYSTEMWIDE_HOME "/etc/john" + #endif + #define JOHN_PRIVATE_HOME "~/.john" + #endif --- john-1.7.2.orig/debian/patches/01-amd64.patch +++ john-1.7.2/debian/patches/01-amd64.patch @@ -0,0 +1,104 @@ +--- john.orig/src/loader.c ++++ john/src/loader.c +@@ -31,7 +31,7 @@ + #define issep \ + "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~\177" + +-static char issep_map[0x100]; ++static unsigned char issep_map[0x100]; + static int issep_initialized = 0; + + static void read_file(struct db_main *db, char *name, int flags, +@@ -67,7 +67,7 @@ + + static void ldr_init_issep(void) + { +- char *pos; ++ unsigned char *pos; + + if (issep_initialized) return; + +@@ -241,7 +241,7 @@ + + static void ldr_split_string(struct list_main *dst, char *src) + { +- char *word, *pos; ++ unsigned char *word, *pos; + + pos = src; + do { +--- john.orig/src/rules.c ++++ john/src/rules.c +@@ -126,9 +126,9 @@ + for (pos = 0; (out[pos] = (conv)[ARCH_INDEX(in[pos])]); pos++); \ + } + +-static void rules_init_class(char name, char *valid) ++static void rules_init_class(unsigned char name, char *valid) + { +- char *pos, inv; ++ unsigned char *pos, inv; + + rules_classes[ARCH_INDEX(name)] = + mem_alloc_tiny(0x100, MEM_ALIGN_NONE); +@@ -163,7 +163,7 @@ + rules_init_class('x', CHARS_LOWER CHARS_UPPER CHARS_DIGITS); + } + +-static char *rules_init_conv(char *src, char *dst) ++static char *rules_init_conv(unsigned char *src, char *dst) + { + char *conv; + int pos; +@@ -215,7 +215,7 @@ + rules_errno = RULES_ERROR_NONE; + } + +-char *rules_reject(char *rule, struct db_main *db) ++char *rules_reject(unsigned char *rule, struct db_main *db) + { + while (RULE) + switch (LAST) { +@@ -257,10 +257,10 @@ + return rule - 1; + } + +-char *rules_apply(char *word, char *rule, int split) ++char *rules_apply(char *word, unsigned char *rule, int split) + { +- static char buffer[3][RULE_WORD_SIZE * 2]; +- char *in = buffer[0], *out = buffer[1]; ++ static unsigned char buffer[3][RULE_WORD_SIZE * 2]; ++ unsigned char *in = buffer[0], *out = buffer[1]; + char memory[RULE_WORD_SIZE]; + int memory_empty, which; + char value, *class; +@@ -653,7 +653,7 @@ + int rules_check(struct rpp_context *start, int split) + { + struct rpp_context ctx; +- char *rule; ++ unsigned char *rule; + int count; + + rules_errno = RULES_ERROR_NONE; +--- john.orig/src/rules.h ++++ john/src/rules.h +@@ -51,7 +51,7 @@ + * error. If the database is NULL, all rules are accepted (to be used + * for syntax checking). + */ +-extern char *rules_reject(char *rule, struct db_main *db); ++extern char *rules_reject(unsigned char *rule, struct db_main *db); + + /* + * Applies rule to a word. Returns the updated word, or NULL if rejected or +@@ -61,7 +61,7 @@ + * split == 0 "single crack" mode, only one word + * split < 0 other cracking modes, "single crack" mode rules are invalid + */ +-extern char *rules_apply(char *word, char *rule, int split); ++extern char *rules_apply(char *word, unsigned char *rule, int split); + + /* + * Checks if all the rules for context are valid. Returns the number of rules, --- john-1.7.2.orig/debian/patches/series +++ john-1.7.2/debian/patches/series @@ -0,0 +1,3 @@ +01-amd64.patch +02-mipsel.patch +03-fix_paths.patch --- john-1.7.2.orig/debian/patches/makefile.diff +++ john-1.7.2/debian/patches/makefile.diff @@ -0,0 +1,105 @@ +--- john-1.6.orig/src/Makefile ++++ john-1.6/src/Makefile +@@ -116,13 +116,13 @@ + $(LN) x86-any.h arch.h + $(MAKE) $(PROJ) \ + JOHN_OBJS="$(JOHN_OBJS) x86.o" \ +- CFLAGS="$(CFLAGS) -m486" ++ CFLAGS="$(CFLAGS) -mcpu=i486" + + linux-x86-mmx-elf: + $(LN) x86-mmx.h arch.h + $(MAKE) $(PROJ) \ + JOHN_OBJS="$(JOHN_OBJS) x86.o" \ +- CFLAGS="$(CFLAGS) -m486" ++ CFLAGS="$(CFLAGS) -mcpu=i486" + + linux-x86-k6-elf: + $(LN) x86-k6.h arch.h +@@ -133,10 +133,10 @@ + $(LN) x86-any.h arch.h + $(MAKE) $(PROJ) \ + JOHN_OBJS="$(JOHN_OBJS) x86.o" \ +- CFLAGS="$(CFLAGS) -m486" \ ++ CFLAGS="$(CFLAGS) -mcpu=i486" \ + ASFLAGS="$(ASFLAGS) -DUNDERSCORES -DALIGN_LOG" + +-linux-alpha: ++linux-alpha: alpha.h + $(LN) alpha.h arch.h + $(MAKE) $(PROJ) \ + JOHN_OBJS="$(BITSLICE_OBJS) $(JOHN_OBJS) alpha.o" +@@ -146,9 +146,9 @@ + $(MAKE) $(PROJ) \ + JOHN_OBJS="$(JOHN_OBJS) alpha.o" + +-linux-sparc: +- $(MAKE) HAMMER=use-linux-sparc sparc.h +- ln -s sparc.h arch.h ++linux-sparc: ++ $(MAKE) use-linux-sparc HAMMER=use-linux-sparc NAIL=sparc.h ++ $(LN) sparc.h arch.h + $(MAKE) use-linux-sparc NAIL="$(PROJ)" + + use-linux-sparc: +@@ -160,7 +160,7 @@ + $(LN) x86-any.h arch.h + $(MAKE) $(PROJ) \ + JOHN_OBJS="$(JOHN_OBJS) x86.o" \ +- CFLAGS="$(CFLAGS) -m486" \ ++ CFLAGS="$(CFLAGS) -mcpu=i486" \ + ASFLAGS="$(ASFLAGS) -DUNDERSCORES -DALIGN_LOG -DBSD" + + freebsd-x86-k6-a.out: +@@ -173,14 +173,14 @@ + $(LN) x86-any.h arch.h + $(MAKE) $(PROJ) \ + JOHN_OBJS="$(JOHN_OBJS) x86.o" \ +- CFLAGS="$(CFLAGS) -m486" \ ++ CFLAGS="$(CFLAGS) -mcpu=i486" \ + ASFLAGS="$(ASFLAGS) -DBSD" + + freebsd-x86-mmx-elf: + $(LN) x86-mmx.h arch.h + $(MAKE) $(PROJ) \ + JOHN_OBJS="$(JOHN_OBJS) x86.o" \ +- CFLAGS="$(CFLAGS) -m486" \ ++ CFLAGS="$(CFLAGS) -mcpu=i486" \ + ASFLAGS="$(ASFLAGS) -DBSD" + + freebsd-x86-k6-elf: +@@ -193,7 +193,7 @@ + $(LN) x86-any.h arch.h + $(MAKE) $(PROJ) \ + JOHN_OBJS="$(JOHN_OBJS) x86.o" \ +- CFLAGS="$(CFLAGS) -m486" \ ++ CFLAGS="$(CFLAGS) -mcpu=i486" \ + ASFLAGS="$(ASFLAGS) -DUNDERSCORES -DALIGN_LOG -DBSD" + + openbsd-x86-k6: +@@ -260,7 +260,7 @@ + $(MAKE) $(PROJ) \ + SHELL=/bin/sh \ + JOHN_OBJS="$(JOHN_OBJS) solaris-x86.o" \ +- CFLAGS="$(CFLAGS) -m486" ++ CFLAGS="$(CFLAGS) -mcpu=i486" + + solaris-x86-k6: + $(RM) arch.h +@@ -340,14 +340,14 @@ + copy x86-any.h arch.h + $(MAKE) $(PROJ_DOS) \ + JOHN_OBJS="$(JOHN_OBJS) x86.o" \ +- CFLAGS="$(CFLAGS) -m486" \ ++ CFLAGS="$(CFLAGS) -mcpu=i486" \ + ASFLAGS="$(ASFLAGS) -DUNDERSCORES -DALIGN_LOG" + + dos-djgpp-x86-mmx: + copy x86-mmx.h arch.h + $(MAKE) $(PROJ_DOS) \ + JOHN_OBJS="$(JOHN_OBJS) x86.o" \ +- CFLAGS="$(CFLAGS) -m486" \ ++ CFLAGS="$(CFLAGS) -mcpu=i486" \ + ASFLAGS="$(ASFLAGS) -DUNDERSCORES -DALIGN_LOG" + + dos-djgpp-x86-k6: --- john-1.7.2.orig/debian/postinst +++ john-1.7.2/debian/postinst @@ -0,0 +1,66 @@ +#!/bin/sh +set -e + +# Versions earlier than 1.6-34 and later than (perhaps) 1.6-19 include +# /var/run/john as mode 0755, which could allow users to read cracked +# passwords. Later versions fixed the permissions of the included +# directory, but dpkg doesn't automatically make changes to directory +# modes. +fixperms () +{ + p=/var/run/john + # If the admin has an override, don't touch it + # (even if the override is to mode 0700?) + dpkg-statoverride --list $p >/dev/null && return + curmod=`stat -c %a $p` + [ $(( 0$curmod & 07077 )) -eq 0 ] && return + chmod -v 0700 $p +} + +# Commit conffile move from preinst +rm_conffile_do () +{ + c=0 + # a=1 is a search if the files exist, + # a=2 is removal of those which do + for a in 1 2; do + for f in john-mail.conf john-mail.msg john.ini; do + g=/etc/$f.moved_by_preinst + [ -e $g ] || continue + c=$(( $c + 1 )) + [ "$a" -eq 1 ] && break + echo -n " " + rm -fv $g + done + + [ "$c" -eq 0 ] && return + [ "$a" -eq 1 ] || continue + echo "Committing removal of unmodified conffiles:" + done >&2 +} + +case $1 in +configure|abort-upgrade|abort-remove|abort-deconfigure) + fixperms + rm_conffile_do + + # this state file has moved to /var/lib/john quite some time ago + old=/usr/share/john/restore + new=/var/lib/john/restore + + if [ -e $old ] ; then + if [ -e $new ] ; then + rm -f $old + else + mv -f $old $new + fi + fi + ;; + +*) + echo "$0: undocumented call $@" >&2 + exit 1 + ;; +esac + +#DEBHELPER# --- john-1.7.2.orig/debian/install +++ john-1.7.2/debian/install @@ -0,0 +1,6 @@ +run/john.conf /etc/john/ + +debian/extra/cronjob /usr/share/john/ +debian/extra/mailer /usr/sbin +debian/extra/john-mail.msg /etc/john +debian/extra/john-mail.conf /etc/john --- john-1.7.2.orig/debian/john-data.install +++ john-1.7.2/debian/john-data.install @@ -0,0 +1,2 @@ +run/*.chr /usr/share/john/ +run/password.lst /usr/share/john/ --- john-1.7.2.orig/debian/dirs +++ john-1.7.2/debian/dirs @@ -0,0 +1,7 @@ +etc/cron.d +etc/john +usr/lib +usr/sbin +usr/share/john +var/lib/john +var/run/john --- john-1.7.2.orig/debian/docs +++ john-1.7.2/debian/docs @@ -0,0 +1,11 @@ +doc/CONFIG +doc/CREDITS +doc/EXAMPLES +doc/EXTERNAL +doc/README +doc/FAQ +doc/MODES +doc/OPTIONS +doc/RULES +debian/README.wordlists +debian/extra/CONFIG.mailer