all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed
* [bug#28429] [PATCH] gnu: Add John the Ripper.
@ 2017-09-12  2:50 Eric Bavier
  2017-09-13  8:10 ` Ludovic Courtès
  0 siblings, 1 reply; 5+ messages in thread
From: Eric Bavier @ 2017-09-12  2:50 UTC (permalink / raw)
  To: 28429; +Cc: Eric Bavier

* gnu/packages/password-utils.scm (john-the-ripper-jumbo): New variable.
---
 gnu/packages/password-utils.scm | 96 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 96 insertions(+)

diff --git a/gnu/packages/password-utils.scm b/gnu/packages/password-utils.scm
index bde1ea854..97e20e7eb 100644
--- a/gnu/packages/password-utils.scm
+++ b/gnu/packages/password-utils.scm
@@ -11,6 +11,7 @@
 ;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
 ;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr>
 ;;; Copyright © 2017 Jelle Licht <jlicht@fsfe.org>
+;;; Copyright © 2017 Eric Bavier <bavier@member.fsf.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -41,10 +42,13 @@
   #:use-module (gnu packages freedesktop)
   #:use-module (gnu packages glib)
   #:use-module (gnu packages gnupg)
+  #:use-module (gnu packages gnuzilla)
   #:use-module (gnu packages gtk)
   #:use-module (gnu packages guile)
+  #:use-module (gnu packages kerberos)
   #:use-module (gnu packages linux)
   #:use-module (gnu packages man)
+  #:use-module (gnu packages multiprecision)
   #:use-module (gnu packages ncurses)
   #:use-module (gnu packages pkg-config)
   #:use-module (gnu packages python)
@@ -480,3 +484,95 @@ use pass, the standard unix password manager, as the credential backend for
 your git repositories.  This is achieved by explicitly defining mappings
 between hosts and entries in the password store.")
     (license license:lgpl3+)))
+
+(define-public john-the-ripper-jumbo
+  (let ((official-version "1.8.0")
+        (jumbo-version "1"))
+    (package
+      (name "john-the-ripper-jumbo")
+      (version (string-append official-version "-" jumbo-version))
+      (source
+       (origin
+         (method url-fetch)
+         (uri (string-append "http://www.openwall.com/john/j/john-"
+                             official-version "-jumbo-" jumbo-version ".tar.xz"))
+         (sha256
+          (base32
+           "08q92sfdvkz47rx6qjn7qv57cmlpy7i7rgddapq5384mb413vjds"))
+         (patches
+          (list (origin
+                  (method url-fetch)
+                  (uri (string-append "https://github.com/magnumripper/"
+                                      "JohnTheRipper/commit/"
+                                      "e2e868db3e153b3f959e119a51703d4afb99c624.patch"))
+                  (file-name "john-the-ripper-jumbo-gcc5-inline.patch")
+                  (sha256
+                   (base32
+                    "1shvcf1y2097115mxhzdkm64dr106a8zr6pqjqyh171q5ng5vfra")))
+                (origin
+                  (method url-fetch)
+                  (uri (string-append "https://github.com/magnumripper/"
+                                      "JohnTheRipper/commit/"
+                                      "480e95b0e449863be3e1a5b0bc634a67df28b618.patch"))
+                  (file-name "john-the-ripper-jumbo-non-x86.patch")
+                  (sha256
+                   (base32
+                    "1ffd9dvhk0sb6ss8dv5yalh01lz30i7rilqilf2xv68gax2hyjqx")))))))
+      (build-system gnu-build-system)
+      (inputs
+       `(("gmp" ,gmp)
+         ("krb5" ,mit-krb5)
+         ("libpcap" ,libpcap)
+         ("nss" ,nss)
+         ("openssl" ,openssl)
+         ("zlib" ,zlib)))
+      (arguments
+       `(#:configure-flags
+         (list (string-append
+                "CFLAGS="
+                "-DJOHN_SYSTEMWIDE=1 "
+                "-DJOHN_SYSTEMWIDE_EXEC='\"" %output "/libexec/john\"' "
+                "-DJOHN_SYSTEMWIDE_HOME='\"" %output "/share/john\"'")
+               "--disable-native-tests"
+               "--disable-native-macro")
+         #:tests? #f ;tests assume /etc/passwd has a pw_dir for the build user
+         #:phases
+         (modify-phases %standard-phases
+           (add-before 'configure 'chdir-src
+             (lambda _ (chdir "src")))
+           (replace 'install
+             (lambda _
+               (let ((bindir (string-append %output "/bin"))
+                     (docdir (string-append %output "/share/doc/john"))
+                     (execdir (string-append %output "/libexec/john"))
+                     (homedir (string-append %output "/share/john"))
+                     (install-file-to (lambda (dir)
+                                        (lambda (f) (install-file f dir))))
+                     (symlink? (lambda (_ s) (eq? (stat:type s) 'symlink))))
+                 (with-directory-excursion "../run"
+                   (for-each (install-file-to execdir)
+                             (cons* "mailer" "benchmark-unify"
+                                    (find-files "." ".*\\.(py|rb|pl)")))
+                   (for-each (install-file-to homedir)
+                             (append (find-files "." "(stats|dictionary.*)")
+                                     (find-files "." "(.*\\.chr|.*\\.lst)")
+                                     (find-files "." ".*\\.conf")))
+                   (for-each (install-file-to bindir)
+                             '("tgtsnarf" "genmkvpwd" "mkvcalcproba"
+                               "raw2dyna" "luks2john" "vncpcap2john"
+                               "uaf2john" "calc_stat" "wpapcap2john"
+                               "cprepair" "relbench"  "SIPdump" "john"))
+                   (for-each (lambda (f) ;install symlinked aliases
+                               (symlink "john"
+                                        (string-append bindir "/" (basename f))))
+                             (find-files "." symlink?)))
+                 (copy-recursively "../doc" docdir)
+                 #t))))))
+      (home-page "http://www.openwall.com/john/")
+      (synopsis "Password cracker")
+      (description "John the Ripper is a fast password cracker.  Its primary
+purpose is to detect weak Unix passwords.  Besides several crypt(3) password
+hash types most commonly found on various Unix systems, supported out of the
+box are Windows LM hashes, plus lots of other hashes and ciphers.  This is the
+community-enhanced, \"jumbo\" version of John the Ripper.")
+      (license license:gpl2+))))
--
2.14.1

^ permalink raw reply related	[flat|nested] 5+ messages in thread

* [bug#28429] [PATCH] gnu: Add John the Ripper.
  2017-09-12  2:50 [bug#28429] [PATCH] gnu: Add John the Ripper Eric Bavier
@ 2017-09-13  8:10 ` Ludovic Courtès
  2017-09-13 13:46   ` Eric Bavier
  0 siblings, 1 reply; 5+ messages in thread
From: Ludovic Courtès @ 2017-09-13  8:10 UTC (permalink / raw)
  To: Eric Bavier; +Cc: 28429

Hi Eric,

Eric Bavier <bavier@member.fsf.org> skribis:

> * gnu/packages/password-utils.scm (john-the-ripper-jumbo): New variable.

[...]

> +       `(#:configure-flags
> +         (list (string-append
> +                "CFLAGS="

Is this to clear CFLAGS?  We should make sure to get “-O2 -g”.

> +                "-DJOHN_SYSTEMWIDE=1 "
> +                "-DJOHN_SYSTEMWIDE_EXEC='\"" %output "/libexec/john\"' "
> +                "-DJOHN_SYSTEMWIDE_HOME='\"" %output "/share/john\"'")
> +               "--disable-native-tests"
> +               "--disable-native-macro")

Perhaps add a comment on these two flags.

> +         #:tests? #f ;tests assume /etc/passwd has a pw_dir for the build user

/etc/passwd in the build environment has this line (see
nix/libstore/build.cc:1859):

  nixbld:x:%1%:%2%:Nix build user:/:/noshell

Isn’t it sufficient to have “/” as the home directory?

> +      (description "John the Ripper is a fast password cracker.  Its primary
> +purpose is to detect weak Unix passwords.  Besides several crypt(3) password

Rather @code{crypt}.

Otherwise LGTM, thank you!

Ludo’.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [bug#28429] [PATCH] gnu: Add John the Ripper.
  2017-09-13  8:10 ` Ludovic Courtès
@ 2017-09-13 13:46   ` Eric Bavier
  2017-09-13 21:22     ` Ludovic Courtès
  0 siblings, 1 reply; 5+ messages in thread
From: Eric Bavier @ 2017-09-13 13:46 UTC (permalink / raw)
  To: Ludovic Courtès; +Cc: 28429

[-- Attachment #1: Type: text/plain, Size: 2046 bytes --]

On Wed, 13 Sep 2017 10:10:39 +0200
ludo@gnu.org (Ludovic Courtès) wrote:

> Hi Eric,
> 
> Eric Bavier <bavier@member.fsf.org> skribis:
> 
> > * gnu/packages/password-utils.scm (john-the-ripper-jumbo): New variable.  
> 
> [...]
> 
> > +       `(#:configure-flags
> > +         (list (string-append
> > +                "CFLAGS="  
> 
> Is this to clear CFLAGS?  We should make sure to get “-O2 -g”.

The macro definitions below must be put in CFLAGS, but yes, -O2 should
be included.

> 
> > +                "-DJOHN_SYSTEMWIDE=1 "
> > +                "-DJOHN_SYSTEMWIDE_EXEC='\"" %output "/libexec/john\"' "
> > +                "-DJOHN_SYSTEMWIDE_HOME='\"" %output "/share/john\"'")
> > +               "--disable-native-tests"
> > +               "--disable-native-macro")  
> 
> Perhaps add a comment on these two flags.

Sure.  John supports a "cpu fallback" feature to match, at runtime, the
current processor with an executable appropriate for its supported
instruction set.  This involves configuring and building multiple times
with different optimization flags.  I wanted to implement this later
after getting the rest of things working, so these two flags turn off
the "-march=native" flag and instruction set discovery during
'configure'.

> 
> > +         #:tests? #f ;tests assume /etc/passwd has a pw_dir for the build user  
> 
> /etc/passwd in the build environment has this line (see
> nix/libstore/build.cc:1859):
> 
>   nixbld:x:%1%:%2%:Nix build user:/:/noshell
> 
> Isn’t it sufficient to have “/” as the home directory?

It seems the build user noes not have sufficient permissions to create a
directory there?  The tests want to create "~/.john" (specifically
"//.john").

> 
> > +      (description "John the Ripper is a fast password cracker.  Its primary
> > +purpose is to detect weak Unix passwords.  Besides several crypt(3) password  
> 
> Rather @code{crypt}.

ok.

> 
> Otherwise LGTM, thank you!

Thanks, updated patch attached,
`~Eric

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-gnu-Add-John-the-Ripper.patch --]
[-- Type: text/x-patch, Size: 6561 bytes --]

From dd9795e5d63beaf06f2e3c76944e82a5564dc87d Mon Sep 17 00:00:00 2001
From: Eric Bavier <bavier@member.fsf.org>
Date: Mon, 11 Sep 2017 21:44:14 -0500
Subject: [PATCH] gnu: Add John the Ripper.

* gnu/packages/password-utils.scm (john-the-ripper-jumbo): New variable.
---
 gnu/packages/password-utils.scm | 98 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 98 insertions(+)

diff --git a/gnu/packages/password-utils.scm b/gnu/packages/password-utils.scm
index bde1ea854..52689a71d 100644
--- a/gnu/packages/password-utils.scm
+++ b/gnu/packages/password-utils.scm
@@ -11,6 +11,7 @@
 ;;; Copyright © 2017 Clément Lassieur <clement@lassieur.org>
 ;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr>
 ;;; Copyright © 2017 Jelle Licht <jlicht@fsfe.org>
+;;; Copyright © 2017 Eric Bavier <bavier@member.fsf.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -41,10 +42,13 @@
   #:use-module (gnu packages freedesktop)
   #:use-module (gnu packages glib)
   #:use-module (gnu packages gnupg)
+  #:use-module (gnu packages gnuzilla)
   #:use-module (gnu packages gtk)
   #:use-module (gnu packages guile)
+  #:use-module (gnu packages kerberos)
   #:use-module (gnu packages linux)
   #:use-module (gnu packages man)
+  #:use-module (gnu packages multiprecision)
   #:use-module (gnu packages ncurses)
   #:use-module (gnu packages pkg-config)
   #:use-module (gnu packages python)
@@ -480,3 +484,97 @@ use pass, the standard unix password manager, as the credential backend for
 your git repositories.  This is achieved by explicitly defining mappings
 between hosts and entries in the password store.")
     (license license:lgpl3+)))
+
+(define-public john-the-ripper-jumbo
+  (let ((official-version "1.8.0")
+        (jumbo-version "1"))
+    (package
+      (name "john-the-ripper-jumbo")
+      (version (string-append official-version "-" jumbo-version))
+      (source
+       (origin
+         (method url-fetch)
+         (uri (string-append "http://www.openwall.com/john/j/john-"
+                             official-version "-jumbo-" jumbo-version ".tar.xz"))
+         (sha256
+          (base32
+           "08q92sfdvkz47rx6qjn7qv57cmlpy7i7rgddapq5384mb413vjds"))
+         (patches
+          (list (origin
+                  (method url-fetch)
+                  (uri (string-append "https://github.com/magnumripper/"
+                                      "JohnTheRipper/commit/"
+                                      "e2e868db3e153b3f959e119a51703d4afb99c624.patch"))
+                  (file-name "john-the-ripper-jumbo-gcc5-inline.patch")
+                  (sha256
+                   (base32
+                    "1shvcf1y2097115mxhzdkm64dr106a8zr6pqjqyh171q5ng5vfra")))
+                (origin
+                  (method url-fetch)
+                  (uri (string-append "https://github.com/magnumripper/"
+                                      "JohnTheRipper/commit/"
+                                      "480e95b0e449863be3e1a5b0bc634a67df28b618.patch"))
+                  (file-name "john-the-ripper-jumbo-non-x86.patch")
+                  (sha256
+                   (base32
+                    "1ffd9dvhk0sb6ss8dv5yalh01lz30i7rilqilf2xv68gax2hyjqx")))))))
+      (build-system gnu-build-system)
+      (inputs
+       `(("gmp" ,gmp)
+         ("krb5" ,mit-krb5)
+         ("libpcap" ,libpcap)
+         ("nss" ,nss)
+         ("openssl" ,openssl)
+         ("zlib" ,zlib)))
+      (arguments
+       `(#:configure-flags
+         (list (string-append
+                "CFLAGS=-O2 -g "
+                "-DJOHN_SYSTEMWIDE=1 "
+                "-DJOHN_SYSTEMWIDE_EXEC='\"" %output "/libexec/john\"' "
+                "-DJOHN_SYSTEMWIDE_HOME='\"" %output "/share/john\"'")
+               ;; For now, do not test for instruction set in configure, and
+               ;; do not pass '-march=native' to gcc:
+               "--disable-native-tests"
+               "--disable-native-macro")
+         #:tests? #f ;tests try to create '.john' in the build user's $HOME
+         #:phases
+         (modify-phases %standard-phases
+           (add-before 'configure 'chdir-src
+             (lambda _ (chdir "src")))
+           (replace 'install
+             (lambda _
+               (let ((bindir (string-append %output "/bin"))
+                     (docdir (string-append %output "/share/doc/john"))
+                     (execdir (string-append %output "/libexec/john"))
+                     (homedir (string-append %output "/share/john"))
+                     (install-file-to (lambda (dir)
+                                        (lambda (f) (install-file f dir))))
+                     (symlink? (lambda (_ s) (eq? (stat:type s) 'symlink))))
+                 (with-directory-excursion "../run"
+                   (for-each (install-file-to execdir)
+                             (cons* "mailer" "benchmark-unify"
+                                    (find-files "." ".*\\.(py|rb|pl)")))
+                   (for-each (install-file-to homedir)
+                             (append (find-files "." "(stats|dictionary.*)")
+                                     (find-files "." "(.*\\.chr|.*\\.lst)")
+                                     (find-files "." ".*\\.conf")))
+                   (for-each (install-file-to bindir)
+                             '("tgtsnarf" "genmkvpwd" "mkvcalcproba"
+                               "raw2dyna" "luks2john" "vncpcap2john"
+                               "uaf2john" "calc_stat" "wpapcap2john"
+                               "cprepair" "relbench"  "SIPdump" "john"))
+                   (for-each (lambda (f) ;install symlinked aliases
+                               (symlink "john"
+                                        (string-append bindir "/" (basename f))))
+                             (find-files "." symlink?)))
+                 (copy-recursively "../doc" docdir)
+                 #t))))))
+      (home-page "http://www.openwall.com/john/")
+      (synopsis "Password cracker")
+      (description "John the Ripper is a fast password cracker.  Its primary
+purpose is to detect weak Unix passwords.  Besides several @code{crypt}
+password hash types most commonly found on various Unix systems, supported out
+of the box are Windows LM hashes, plus lots of other hashes and ciphers.  This
+is the community-enhanced, \"jumbo\" version of John the Ripper.")
+      (license license:gpl2+))))
-- 
2.14.1


^ permalink raw reply related	[flat|nested] 5+ messages in thread

* [bug#28429] [PATCH] gnu: Add John the Ripper.
  2017-09-13 13:46   ` Eric Bavier
@ 2017-09-13 21:22     ` Ludovic Courtès
  2017-09-14  3:20       ` bug#28429: " Eric Bavier
  0 siblings, 1 reply; 5+ messages in thread
From: Ludovic Courtès @ 2017-09-13 21:22 UTC (permalink / raw)
  To: Eric Bavier; +Cc: 28429

Heya,

Eric Bavier <ericbavier@centurylink.net> skribis:

> On Wed, 13 Sep 2017 10:10:39 +0200

[...]

>> 
>> > +       `(#:configure-flags
>> > +         (list (string-append
>> > +                "CFLAGS="  
>> 
>> Is this to clear CFLAGS?  We should make sure to get “-O2 -g”.
>
> The macro definitions below must be put in CFLAGS, but yes, -O2 should
> be included.

OK.

>> 
>> > +                "-DJOHN_SYSTEMWIDE=1 "
>> > +                "-DJOHN_SYSTEMWIDE_EXEC='\"" %output "/libexec/john\"' "
>> > +                "-DJOHN_SYSTEMWIDE_HOME='\"" %output "/share/john\"'")
>> > +               "--disable-native-tests"
>> > +               "--disable-native-macro")  
>> 
>> Perhaps add a comment on these two flags.
>
> Sure.  John supports a "cpu fallback" feature to match, at runtime, the
> current processor with an executable appropriate for its supported
> instruction set.  This involves configuring and building multiple times
> with different optimization flags.  I wanted to implement this later
> after getting the rest of things working, so these two flags turn off
> the "-march=native" flag and instruction set discovery during
> 'configure'.

Oh, I see.  Thanks for explaining.

>> /etc/passwd in the build environment has this line (see
>> nix/libstore/build.cc:1859):
>> 
>>   nixbld:x:%1%:%2%:Nix build user:/:/noshell
>> 
>> Isn’t it sufficient to have “/” as the home directory?
>
> It seems the build user noes not have sufficient permissions to create a
> directory there?  The tests want to create "~/.john" (specifically
> "//.john").

And setting ‘HOME’ isn’t enough?  (There are several packages where we
do that right before the ‘check’ phase.)

> From dd9795e5d63beaf06f2e3c76944e82a5564dc87d Mon Sep 17 00:00:00 2001
> From: Eric Bavier <bavier@member.fsf.org>
> Date: Mon, 11 Sep 2017 21:44:14 -0500
> Subject: [PATCH] gnu: Add John the Ripper.
>
> * gnu/packages/password-utils.scm (john-the-ripper-jumbo): New variable.

Perfect, thanks!

Ludo’.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* bug#28429: [PATCH] gnu: Add John the Ripper.
  2017-09-13 21:22     ` Ludovic Courtès
@ 2017-09-14  3:20       ` Eric Bavier
  0 siblings, 0 replies; 5+ messages in thread
From: Eric Bavier @ 2017-09-14  3:20 UTC (permalink / raw)
  To: Ludovic Courtès; +Cc: 28429-done

On Wed, 13 Sep 2017 23:22:21 +0200
ludo@gnu.org (Ludovic Courtès) wrote:

> >> /etc/passwd in the build environment has this line (see
> >> nix/libstore/build.cc:1859):
> >> 
> >>   nixbld:x:%1%:%2%:Nix build user:/:/noshell
> >> 
> >> Isn’t it sufficient to have “/” as the home directory?  
> >
> > It seems the build user noes not have sufficient permissions to create a
> > directory there?  The tests want to create "~/.john" (specifically
> > "//.john").  
> 
> And setting ‘HOME’ isn’t enough?  (There are several packages where we
> do that right before the ‘check’ phase.)

The code accesses 'getpwuid(getuid())->pw_dir', so effectively ignores
'HOME'.

> 
> > From dd9795e5d63beaf06f2e3c76944e82a5564dc87d Mon Sep 17 00:00:00 2001
> > From: Eric Bavier <bavier@member.fsf.org>
> > Date: Mon, 11 Sep 2017 21:44:14 -0500
> > Subject: [PATCH] gnu: Add John the Ripper.
> >
> > * gnu/packages/password-utils.scm (john-the-ripper-jumbo): New variable.  
> 
> Perfect, thanks!

Pushed in eb28a777b5ad13e88d5932e9f97c976a079c94ac.

`~Eric

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2017-09-14  3:21 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-09-12  2:50 [bug#28429] [PATCH] gnu: Add John the Ripper Eric Bavier
2017-09-13  8:10 ` Ludovic Courtès
2017-09-13 13:46   ` Eric Bavier
2017-09-13 21:22     ` Ludovic Courtès
2017-09-14  3:20       ` bug#28429: " Eric Bavier

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.