From 45c9ee77bf78aec4c4f078dffab74ae6555186ae Mon Sep 17 00:00:00 2001 From: Daniel Engberg Date: Sat, 5 Aug 2023 21:12:30 +0200 Subject: [PATCH] security/fcrackzip: Switch to fork that utilizes libzip Instead of launching unzip external for each try utilize libzip for much better performance PR: 272700 Approved by: bofh (private conversation) --- security/fcrackzip/Makefile | 20 ++- security/fcrackzip/distinfo | 5 +- security/fcrackzip/files/patch-crack.h | 10 -- security/fcrackzip/files/patch-fcrackzip.1 | 22 ++++ security/fcrackzip/files/patch-main.c | 134 +++------------------ 5 files changed, 58 insertions(+), 133 deletions(-) delete mode 100644 security/fcrackzip/files/patch-crack.h create mode 100644 security/fcrackzip/files/patch-fcrackzip.1 diff --git a/security/fcrackzip/Makefile b/security/fcrackzip/Makefile index c41f661c60d7..0f71e54f7748 100644 --- a/security/fcrackzip/Makefile +++ b/security/fcrackzip/Makefile @@ -1,19 +1,27 @@ PORTNAME= fcrackzip -PORTVERSION= 1.0 -PORTREVISION= 1 +DISTVERSION= 1.0 +PORTREVISION= 2 CATEGORIES= security archivers -MASTER_SITES= http://oldhome.schmorp.de/data/marc/ \ - http://distfiles.macports.org/${PORTNAME}/ MAINTAINER= bofh@FreeBSD.org COMMENT= Portable, fast, and featureful ZIP password cracker WWW= http://home.schmorp.de/marc/fcrackzip.html LICENSE= GPLv2 +LICENSE_FILE= ${WRKSRC}/COPYING + +LIB_DEPENDS= libzip.so:archivers/libzip + +USES= perl5 localbase:ldflags +USE_PERL5= build + +USE_GITHUB= yes +GH_ACCOUNT= hyc +GH_TAGNAME= c713631 GNU_CONFIGURE= yes -USES= perl5 -USE_PERL5= build + +LDFLAGS+= -lzip PLIST_FILES= bin/fcrackzip bin/fcrackzipinfo man/man1/fcrackzip.1.gz diff --git a/security/fcrackzip/distinfo b/security/fcrackzip/distinfo index aef6067f472c..4846a5c46a35 100644 --- a/security/fcrackzip/distinfo +++ b/security/fcrackzip/distinfo @@ -1,2 +1,3 @@ -SHA256 (fcrackzip-1.0.tar.gz) = 4a58c8cb98177514ba17ee30d28d4927918bf0bdc3c94d260adfee44d2d43850 -SIZE (fcrackzip-1.0.tar.gz) = 114786 +TIMESTAMP = 1690148443 +SHA256 (hyc-fcrackzip-1.0-c713631_GH0.tar.gz) = c416e8a112287d0c68c7edfb049d54a979ab9897b45d3647e0296406bf959765 +SIZE (hyc-fcrackzip-1.0-c713631_GH0.tar.gz) = 110021 diff --git a/security/fcrackzip/files/patch-crack.h b/security/fcrackzip/files/patch-crack.h deleted file mode 100644 index 9416816bcf4d..000000000000 --- a/security/fcrackzip/files/patch-crack.h +++ /dev/null @@ -1,10 +0,0 @@ ---- crack.h.orig 2000-06-18 23:19:07 UTC -+++ crack.h -@@ -24,7 +24,6 @@ extern u8 bf_next[256]; - extern u8 bf_last; - - extern int verbosity; --extern int use_unzip; - - #define FILE_SIZE 12 - #define CRC_SIZE 2 diff --git a/security/fcrackzip/files/patch-fcrackzip.1 b/security/fcrackzip/files/patch-fcrackzip.1 new file mode 100644 index 000000000000..f2b7403528eb --- /dev/null +++ b/security/fcrackzip/files/patch-fcrackzip.1 @@ -0,0 +1,22 @@ +--- fcrackzip.1.orig 2023-07-24 19:25:07 UTC ++++ fcrackzip.1 +@@ -6,7 +6,7 @@ + .B fcrackzip + [-bDBchVvplum2] [--brute-force] [--dictionary] [--benchmark] [--charset characterset] + [--help] [--validate] [--verbose] [--init-password string/path] [--length min-max] +-[--use-unzip] [--method name] [--modulo r/m] file... ++[--use-libzip] [--method name] [--modulo r/m] file... + .SH DESCRIPTION + .I fcrackzip + searches each zipfile given for encrypted files and tries to guess the +@@ -57,8 +57,8 @@ Use an initial password of length min, and check all p + upto passwords of length max (including). You can omit the max + parameter. + .TP +-.B \-u, \--use-unzip +-Try to decompress the first file by calling unzip with the guessed ++.B \-u, \--use-libzip ++Try to decompress the first file by calling libzip with the guessed + password. This weeds out false positives when not enough files have + been given. + .TP diff --git a/security/fcrackzip/files/patch-main.c b/security/fcrackzip/files/patch-main.c index b3b7e34f949d..c40fbf9eb508 100644 --- a/security/fcrackzip/files/patch-main.c +++ b/security/fcrackzip/files/patch-main.c @@ -1,116 +1,20 @@ ---- main.c.orig 2005-09-10 19:58:44 UTC +--- main.c.orig 2023-07-24 19:20:45 UTC +++ main.c -@@ -44,13 +44,112 @@ static int modul = 1; - - static FILE *dict_file; - -+char * -+path_for_shell (char *dest, const char *str) -+{ -+ /* backslash shell special charatcers */ -+ -+ char ch, *p = dest; -+ size_t len = strlen(str); -+ int i; -+ -+ for (i = 0; i < len; i++) -+ { -+ ch = str[i]; -+ -+ switch (ch) -+ { -+ /* ASCII table order */ -+ case 0x20: /* space */ -+ case '!': -+ case '"': -+ case '#': -+ case '$': -+ case '&': -+ case 0x27: /* single quote */ -+ case '(': -+ case ')': -+ case '*': -+ case '+': -+ case 0x2C: /* comma */ -+ case ':': -+ case ';': -+ case '<': -+ case '>': -+ case '?': -+ case '[': -+ case '\\': -+ case ']': -+ case '^': -+ case '`': -+ case '{': -+ case '|': -+ case '}': -+ case '~': -+ /* backslash special characters */ -+ *p++ = '\\'; -+ *p++ = ch; -+ break; -+ default: -+ *p++ = ch; -+ } -+ } -+ -+ /* terminate string */ -+ *p = '\0'; -+ -+ return dest; -+} -+ -+char * -+escape_pw (char *dest, const char *str) -+{ -+ /* backslash shell special charatcers */ -+ -+ char ch, *p = dest; -+ size_t len = strlen(str); -+ int i; -+ -+ for (i = 0; i < len; i++) -+ { -+ ch = str[i]; -+ -+ switch (ch) -+ { -+ /* ASCII table order */ -+ case '"': -+ case '$': -+ case 0x27: /* single quote */ -+ case '\\': -+ case '`': -+ /* backslash special characters */ -+ *p++ = '\\'; -+ *p++ = ch; -+ break; -+ default: -+ *p++ = ch; -+ } -+ } -+ -+ /* terminate string */ -+ *p = '\0'; -+ -+ return dest; -+} -+ - int REGPARAM - check_unzip (const char *pw) - { - char buff[1024]; -+ char path[1024]; -+ char escpw[256]; - int status; - -- sprintf (buff, "unzip -qqtP \"%s\" %s " DEVNULL, pw, file_path[0]); -+ escape_pw (escpw, pw); -+ path_for_shell (path, file_path[0]); -+ -+ sprintf (buff, "unzip -qqtP \"%s\" %s " DEVNULL, escpw, path); -+ - status = system (buff); - - #undef REDIR +@@ -351,7 +351,7 @@ usage (int ec) + " [-v|--verbose] be more verbose\n" + " [-p|--init-password string] use string as initial password/file\n" + " [-l|--length min-max] check password with length min to max\n" +- " [-u|--use-unzip] use unzip to weed out wrong passwords\n" ++ " [-u|--use-libzip] use libzip to weed out wrong passwords\n" + " [-m|--method num] use method number \"num\" (see below)\n" + " [-2|--modulo r/m] only calculcate 1/m of the password\n" + " file... the zipfiles to crack\n" +@@ -381,7 +381,7 @@ static struct option options[] = + {"verbose", no_argument, 0, 'v'}, + {"init-password", required_argument, 0, 'p'}, + {"length", required_argument, 0, 'l'}, +- {"use-unzip", no_argument, 0, 'u'}, ++ {"use-libzip", no_argument, 0, 'u'}, + {"method", required_argument, 0, 'm'}, + {"modulo", required_argument, 0, 2}, + {0, 0, 0, 0},