From: Eric Bavier <ericbavier@centurylink.net>
To: "Ludovic Courtès" <ludo@gnu.org>
Cc: 28429@debbugs.gnu.org
Subject: [bug#28429] [PATCH] gnu: Add John the Ripper.
Date: Wed, 13 Sep 2017 08:46:27 -0500 [thread overview]
Message-ID: <20170913084627.535c4ec5@centurylink.net> (raw)
In-Reply-To: <87vakn3tog.fsf@gnu.org>
[-- Attachment #1: Type: text/plain, Size: 2046 bytes --]
On Wed, 13 Sep 2017 10:10:39 +0200
ludo@gnu.org (Ludovic Courtès) wrote:
> Hi Eric,
>
> Eric Bavier <bavier@member.fsf.org> skribis:
>
> > * gnu/packages/password-utils.scm (john-the-ripper-jumbo): New variable.
>
> [...]
>
> > + `(#:configure-flags
> > + (list (string-append
> > + "CFLAGS="
>
> Is this to clear CFLAGS? We should make sure to get “-O2 -g”.
The macro definitions below must be put in CFLAGS, but yes, -O2 should
be included.
>
> > + "-DJOHN_SYSTEMWIDE=1 "
> > + "-DJOHN_SYSTEMWIDE_EXEC='\"" %output "/libexec/john\"' "
> > + "-DJOHN_SYSTEMWIDE_HOME='\"" %output "/share/john\"'")
> > + "--disable-native-tests"
> > + "--disable-native-macro")
>
> Perhaps add a comment on these two flags.
Sure. John supports a "cpu fallback" feature to match, at runtime, the
current processor with an executable appropriate for its supported
instruction set. This involves configuring and building multiple times
with different optimization flags. I wanted to implement this later
after getting the rest of things working, so these two flags turn off
the "-march=native" flag and instruction set discovery during
'configure'.
>
> > + #:tests? #f ;tests assume /etc/passwd has a pw_dir for the build user
>
> /etc/passwd in the build environment has this line (see
> nix/libstore/build.cc:1859):
>
> nixbld:x:%1%:%2%:Nix build user:/:/noshell
>
> Isn’t it sufficient to have “/” as the home directory?
It seems the build user noes not have sufficient permissions to create a
directory there? The tests want to create "~/.john" (specifically
"//.john").
>
> > + (description "John the Ripper is a fast password cracker. Its primary
> > +purpose is to detect weak Unix passwords. Besides several crypt(3) password
>
> Rather @code{crypt}.
ok.
>
> Otherwise LGTM, thank you!
Thanks, updated patch attached,
`~Eric
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-gnu-Add-John-the-Ripper.patch --]
[-- Type: text/x-patch, Size: 6561 bytes --]
From dd9795e5d63beaf06f2e3c76944e82a5564dc87d Mon Sep 17 00:00:00 2001
From: Eric Bavier <bavier@member.fsf.org>
Date: Mon, 11 Sep 2017 21:44:14 -0500
Subject: [PATCH] gnu: Add John the Ripper.
* gnu/packages/password-utils.scm (john-the-ripper-jumbo): New variable.
---
gnu/packages/password-utils.scm | 98 +++++++++++++++++++++++++++++++++++++++++
1 file changed, 98 insertions(+)
diff --git a/gnu/packages/password-utils.scm b/gnu/packages/password-utils.scm
index bde1ea854..52689a71d 100644
--- a/gnu/packages/password-utils.scm
+++ b/gnu/packages/password-utils.scm
@@ -11,6 +11,7 @@
;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Jelle Licht <jlicht@fsfe.org>
+;;; Copyright © 2017 Eric Bavier <bavier@member.fsf.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -41,10 +42,13 @@
#:use-module (gnu packages freedesktop)
#:use-module (gnu packages glib)
#:use-module (gnu packages gnupg)
+ #:use-module (gnu packages gnuzilla)
#:use-module (gnu packages gtk)
#:use-module (gnu packages guile)
+ #:use-module (gnu packages kerberos)
#:use-module (gnu packages linux)
#:use-module (gnu packages man)
+ #:use-module (gnu packages multiprecision)
#:use-module (gnu packages ncurses)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages python)
@@ -480,3 +484,97 @@ use pass, the standard unix password manager, as the credential backend for
your git repositories. This is achieved by explicitly defining mappings
between hosts and entries in the password store.")
(license license:lgpl3+)))
+
+(define-public john-the-ripper-jumbo
+ (let ((official-version "1.8.0")
+ (jumbo-version "1"))
+ (package
+ (name "john-the-ripper-jumbo")
+ (version (string-append official-version "-" jumbo-version))
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "http://www.openwall.com/john/j/john-"
+ official-version "-jumbo-" jumbo-version ".tar.xz"))
+ (sha256
+ (base32
+ "08q92sfdvkz47rx6qjn7qv57cmlpy7i7rgddapq5384mb413vjds"))
+ (patches
+ (list (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/magnumripper/"
+ "JohnTheRipper/commit/"
+ "e2e868db3e153b3f959e119a51703d4afb99c624.patch"))
+ (file-name "john-the-ripper-jumbo-gcc5-inline.patch")
+ (sha256
+ (base32
+ "1shvcf1y2097115mxhzdkm64dr106a8zr6pqjqyh171q5ng5vfra")))
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/magnumripper/"
+ "JohnTheRipper/commit/"
+ "480e95b0e449863be3e1a5b0bc634a67df28b618.patch"))
+ (file-name "john-the-ripper-jumbo-non-x86.patch")
+ (sha256
+ (base32
+ "1ffd9dvhk0sb6ss8dv5yalh01lz30i7rilqilf2xv68gax2hyjqx")))))))
+ (build-system gnu-build-system)
+ (inputs
+ `(("gmp" ,gmp)
+ ("krb5" ,mit-krb5)
+ ("libpcap" ,libpcap)
+ ("nss" ,nss)
+ ("openssl" ,openssl)
+ ("zlib" ,zlib)))
+ (arguments
+ `(#:configure-flags
+ (list (string-append
+ "CFLAGS=-O2 -g "
+ "-DJOHN_SYSTEMWIDE=1 "
+ "-DJOHN_SYSTEMWIDE_EXEC='\"" %output "/libexec/john\"' "
+ "-DJOHN_SYSTEMWIDE_HOME='\"" %output "/share/john\"'")
+ ;; For now, do not test for instruction set in configure, and
+ ;; do not pass '-march=native' to gcc:
+ "--disable-native-tests"
+ "--disable-native-macro")
+ #:tests? #f ;tests try to create '.john' in the build user's $HOME
+ #:phases
+ (modify-phases %standard-phases
+ (add-before 'configure 'chdir-src
+ (lambda _ (chdir "src")))
+ (replace 'install
+ (lambda _
+ (let ((bindir (string-append %output "/bin"))
+ (docdir (string-append %output "/share/doc/john"))
+ (execdir (string-append %output "/libexec/john"))
+ (homedir (string-append %output "/share/john"))
+ (install-file-to (lambda (dir)
+ (lambda (f) (install-file f dir))))
+ (symlink? (lambda (_ s) (eq? (stat:type s) 'symlink))))
+ (with-directory-excursion "../run"
+ (for-each (install-file-to execdir)
+ (cons* "mailer" "benchmark-unify"
+ (find-files "." ".*\\.(py|rb|pl)")))
+ (for-each (install-file-to homedir)
+ (append (find-files "." "(stats|dictionary.*)")
+ (find-files "." "(.*\\.chr|.*\\.lst)")
+ (find-files "." ".*\\.conf")))
+ (for-each (install-file-to bindir)
+ '("tgtsnarf" "genmkvpwd" "mkvcalcproba"
+ "raw2dyna" "luks2john" "vncpcap2john"
+ "uaf2john" "calc_stat" "wpapcap2john"
+ "cprepair" "relbench" "SIPdump" "john"))
+ (for-each (lambda (f) ;install symlinked aliases
+ (symlink "john"
+ (string-append bindir "/" (basename f))))
+ (find-files "." symlink?)))
+ (copy-recursively "../doc" docdir)
+ #t))))))
+ (home-page "http://www.openwall.com/john/")
+ (synopsis "Password cracker")
+ (description "John the Ripper is a fast password cracker. Its primary
+purpose is to detect weak Unix passwords. Besides several @code{crypt}
+password hash types most commonly found on various Unix systems, supported out
+of the box are Windows LM hashes, plus lots of other hashes and ciphers. This
+is the community-enhanced, \"jumbo\" version of John the Ripper.")
+ (license license:gpl2+))))
--
2.14.1
next prev parent reply other threads:[~2017-09-13 13:47 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-12 2:50 [bug#28429] [PATCH] gnu: Add John the Ripper Eric Bavier
2017-09-13 8:10 ` Ludovic Courtès
2017-09-13 13:46 ` Eric Bavier [this message]
2017-09-13 21:22 ` Ludovic Courtès
2017-09-14 3:20 ` bug#28429: " Eric Bavier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170913084627.535c4ec5@centurylink.net \
--to=ericbavier@centurylink.net \
--cc=28429@debbugs.gnu.org \
--cc=ludo@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).