Pourquoi?
Ce patch a été écrit à l'origine pour me permettre de créer des mots de passe pseudo aléatoires, c'est à dire que je peux les regénerer ultérieurement à l'identique. Tant que j'avais les mains dans le code, j'en ai profité pour modifier et/ou corriger 2 3 choses qui étaient signalées sur la page du Bug Tracking System de Debian (http://bugs.debian.org/cgi-bin/pkgreport.cgi?which=pkg&data=pwgen)Attention
- J'ai corrigé un bug majeur le 5 février 2005. Ce bug peut provoquer une corruption de la mémoire, ou une génération de mots de passe inattendus. Les archives ci-dessous ont été mises à jour, le patch pour ceux qui auraient déjà installé ma version est disponible (http://www.guerrier.org/dev/pwgen/bug-20050205.diff).
- I've found a serious bug on february 5, 2005, which may lead to memory corruption or unexpected passwords generation. Archives below have been updated. The patch for thoses who may have already installed my pwgen release is available (http://www.guerrier.org/dev/pwgen/bug-20050205.diff).
Changelog
- Proposal for a 2.04 release
- General cleanup, remove some unused variable and structure declarations, make code compile without warning
- pw_phonemes.c: Modify pw_element and pw_phonemes to generate more readable, but (I hope) more secure passwords. Based on comments from Debian bug #276976, but does not adresses it. (Human readeable passwords cannot be as secure as pure random password, it's obvious)
- pw_rand.c: Take care of pw_flags to generate passwords without capitals and/or without digits. Adresse Debian bug #276307
- pw_rand.c: Fix what seems to be a bug, to allow more than one digit and more than one capital in passwords. Fix Debian bug #182595
- sha1.c: Gpl'd lib to compute sha1 hash, contributed by Christophe Devine
- sha1num.c: Add an alternative to true random numbers, by using sha1 hash of given file and given seed.
- pwgen.c: Add -B, --ambiguous option, to prevent use of ambiguous characters in generated passwords. (ie: 2/Z, 0/O, etc...) Adresses (?) Debian bug #51307 This option is effective in pw_rand and pw_phonemes
- pwgen.c: Make -A an alias to --no-capitalize, and make this option effective in pw_rand.
- pwgen.c: Make -0 an alias to --no-numerals and make this option effective in pw_rand.
- pwgen.c: Add -H, --sha1 option, to allow computing reproducibles passwords, given a know file, and a know seed. (ie: pwgen -H ~/my_favourite.mp3#olivier@guerrier.com gives me a list of possibles passwords for my pop3 account, and I can ask this list again and again) This option is effective in pw_rand and pw_phonemes
- pwgen.c: Add -y, --symbols option, which add one one more specials characters in generated passwords. This option is effective in pw_rand and pw_phonemes
- pwgen.1: Updated with new options and features
- Makefile.in: Add sha1.c sha1.h sha1num.c where needed
Le patch
Le patch est enregistré sur sourceforge:http://sourceforge.net/tracker/index.php?func=detail&aid=1108220&group_id=28391&atid=393206
il est aussi téléchargeable en local (http://www.guerrier.org/dev/pwgen/2.03_2.04.diff)
Une archive prépatchée (http://www.guerrier.org/dev/pwgen/pwgen-2.04.tar.gz) est aussi disponible.
