fix CAN-2004-1143 (weak password generation)

2005-02-11 19:33:55 +00:00 · 2005-02-11 19:33:55 +00:00 · 5ad1f2f3a8
commit 5ad1f2f3a8
parent b5751ce71b
3 changed files with 102 additions and 6 deletions
--- a/mail/mailman/Makefile
+++ b/mail/mailman/Makefile
@ -1,9 +1,9 @@
-# $OpenBSD: Makefile,v 1.31 2005/02/10 14:58:06 jakob Exp $
+# $OpenBSD: Makefile,v 1.32 2005/02/11 19:33:55 jakob Exp $

 COMMENT=	"mailing list manager with web interface"

 DISTNAME=	mailman-2.1.5
-PKGNAME=	${DISTNAME}p3
+PKGNAME=	${DISTNAME}p4
 CATEGORIES=	mail www

 HOMEPAGE=	http://www.gnu.org/software/mailman/
--- a/mail/mailman/patches/patch-Mailman_Defaults_py_in
+++ b/mail/mailman/patches/patch-Mailman_Defaults_py_in
@ -1,12 +1,27 @@
-$OpenBSD: patch-Mailman_Defaults_py_in,v 1.5 2004/01/01 17:29:08 jakob Exp $
--- Mailman/Defaults.py.in.orig	2003-12-13 17:34:17.000000000 +0100
-+++ Mailman/Defaults.py.in	2004-01-01 17:56:23.000000000 +0100
-@@ -410,7 +410,7 @@ SMTPPORT = 0                            
+$OpenBSD: patch-Mailman_Defaults_py_in,v 1.6 2005/02/11 19:33:55 jakob Exp $
+--- Mailman/Defaults.py.in.orig	Sun Apr 25 04:30:03 2004
+++ Mailman/Defaults.py.in	Fri Feb 11 20:30:06 2005
+@@ -410,7 +410,22 @@ SMTPPORT = 0                            
 
 # Command for direct command pipe delivery to sendmail compatible program,
 # when DELIVERY_MODULE is 'Sendmail'.
 -SENDMAIL_CMD = '/usr/lib/sendmail'
 +SENDMAIL_CMD = '/usr/sbin/sendmail'
+
+# Specify the type of passwords to use, when Mailman generates the passwords
+# itself, as would be the case for membership requests where the user did not
+# fill in a password, or during list creation, when auto-generation of admin
+# passwords was selected.
+#
+# Set this value to Yes for classic Mailman user-friendly(er) passwords.
+# These generate semi-pronounceable passwords which are easier to remember.
+# Set this value to No to use more cryptographically secure, but harder to
+# remember, passwords -- if your operating system and Python version support
+# the necessary feature (specifically that /dev/urandom be available).
+USER_FRIENDLY_PASSWORDS = Yes
+
+# This value specifies the default lengths of member passwords
+MEMBER_PASSWORD_LENGTH = 8
 
 # Set these variables if you need to authenticate to your NNTP server for
 # Usenet posting or reading.  If no authentication is necessary, specify None
--- a/mail/mailman/patches/patch-Mailman_Utils_py
+++ b/mail/mailman/patches/patch-Mailman_Utils_py
@ -0,0 +1,81 @@
+$OpenBSD: patch-Mailman_Utils_py,v 1.1 2005/02/11 19:33:55 jakob Exp $
+--- Mailman/Utils.py.orig	Fri Dec 26 23:50:04 2003
+++ Mailman/Utils.py	Fri Feb 11 20:23:16 2005
+@@ -1,4 +1,4 @@
+-# Copyright (C) 1998-2003 by the Free Software Foundation, Inc.
+# Copyright (C) 1998-2004 by the Free Software Foundation, Inc.
+ #
+ # This program is free software; you can redistribute it and/or
+ # modify it under the terms of the GNU General Public License
+@@ -27,12 +27,13 @@ from __future__ import nested_scopes
+ 
+ import os
+ import re
+-import random
+-import urlparse
+import cgi
+ import sha
+-import errno
+ import time
+-import cgi
+import errno
+import base64
+import random
+import urlparse
+ import htmlentitydefs
+ import email.Header
+ import email.Iterators
+@@ -297,11 +298,52 @@ for v in _vowels:
+         _syllables.append(v+c)
+ del c, v
+ 
+-def MakeRandomPassword(length=6):
+def UserFriendly_MakeRandomPassword(length):
+     syls = []
+     while len(syls) * 2 < length:
+         syls.append(random.choice(_syllables))
+     return EMPTYSTRING.join(syls)[:length]
+
+
+def Secure_MakeRandomPassword(length):
+    bytesread = 0
+    bytes = []
+    fd = None
+    try:
+        while bytesread < length:
+            try:
+                # Python 2.4 has this on available systems.
+                newbytes = os.urandom(length - bytesread)
+            except (AttributeError, NotImplementedError):
+                if fd is None:
+                    try:
+                        fd = os.open('/dev/urandom', os.O_RDONLY)
+                    except OSError, e:
+                        if e.errno <> errno.ENOENT:
+                            raise
+                        # We have no available source of cryptographically
+                        # secure random characters.  Log an error and fallback
+                        # to the user friendly passwords.
+                        from Mailman.Logging.Syslog import syslog
+                        syslog('error',
+                               'urandom not available, passwords not secure')
+                        return UserFriendly_MakeRandomPassword(length)
+                newbytes = os.read(fd, length - bytesread)
+            bytes.append(newbytes)
+            bytesread += len(newbytes)
+        s = base64.encodestring(EMPTYSTRING.join(bytes))
+        # base64 will expand the string by 4/3rds
+        return s.replace('\n', '')[:length]
+    finally:
+        if fd is not None:
+            os.close(fd)
+
+
+def MakeRandomPassword(length=mm_cfg.MEMBER_PASSWORD_LENGTH):
+    if mm_cfg.USER_FRIENDLY_PASSWORDS:
+        return UserFriendly_MakeRandomPassword(length)
+    return Secure_MakeRandomPassword(length)
+
+ 
+ def GetRandomSeed():
+     chr1 = int(random.random() * 52)