commit 61cc1aa470712ff4e0a7fe35a8767a65b13834c4 Author: Adrian Schröter Date: Wed Aug 16 16:43:58 2023 +0200 Sync from SUSE:ALP:Source:Standard:1.0 libxcrypt revision 8fce5697d19e0b7e74f70bd1be354f99 diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..fecc750 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/baselibs.conf b/baselibs.conf new file mode 100644 index 0000000..3489e44 --- /dev/null +++ b/baselibs.conf @@ -0,0 +1,7 @@ +libcrypt1 + arch i586 provides "libowcrypt.so.1" + arch i586 provides "libowcrypt.so.1(OW_CRYPT_1.0)" +libxcrypt-devel + requires -libxcrypt- + requires "libcrypt1- = " + conflicts "glibc-devel- < 2.28" diff --git a/libxcrypt-4.4.36.tar.xz b/libxcrypt-4.4.36.tar.xz new file mode 100644 index 0000000..903b1cc --- /dev/null +++ b/libxcrypt-4.4.36.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e5e1f4caee0a01de2aee26e3138807d6d3ca2b8e67287966d1fefd65e1fd8943 +size 624112 diff --git a/libxcrypt-4.4.36.tar.xz.asc b/libxcrypt-4.4.36.tar.xz.asc new file mode 100644 index 0000000..3ae6527 --- /dev/null +++ b/libxcrypt-4.4.36.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEZ4zj/uQwMRWW24wW9S6YAHWUwh0FAmSlr0UACgkQ9S6YAHWU +wh0/Pg/+M0zxkElg/2YPCFNeSo+zsVjGozdnPF4DvISk54+owXULo2fkx7VW15LC +4DcvKKg3p+6bCz1rdOnJbzSfNiO3d7VS1mGNOECWUTF4q3eiXhgDy5QrHbZfDaqR +DohWDNJPY1RwTfMf8qhtnTukjutnNpUdPJHV5wavJsBr8mLQ6qBXTsgfORJsfGi0 +cz+GTn3IZX/xcMvbFx9VrY/ixzYZZMFOmy+00T2yURlA/A5XjNPldTDRYVBtYUre +Phiox3Oz9BRh65hnLjPFIYvMrjAGnOxl2lWfHK6Mdu46QV7qB7nGryOSbr4OHvN8 +YpukVexz5YlSM09ws9AHqUzf4nn2fo+M1v9YftrLYa0vKM5oUW5+nJp2oRm+q2WW +UYy7J60rM7Rg8HvpAXriIbyOz758xSA3dwSMAVFrY9mLZdCipBfdAD9xNIysaWTo +ockJ13TYzK6m8F8aL3tYGT/7M1IbdUMqGa7wPEkg5bkb0IGOI45yH4VN4AbU3h4v +ZZrMNkMNl84Y3rYgq2QcqoMf9Wg/dv9zuXpkF0COipk4qxiEiBZlebFSAZEX1LSO +6O5AlUtHb9Mue7CTv61dV//C7l2/TOADsvWN4dBqQzioPx+uH4wJAdEY6afeePAR +GniSzdtbuszlVcd7E8sqN/DFofhOBBXrX6QpJkapMTnfoKDL3SQ= +=wTDU +-----END PGP SIGNATURE----- diff --git a/libxcrypt.changes b/libxcrypt.changes new file mode 100644 index 0000000..24a1e15 --- /dev/null +++ b/libxcrypt.changes @@ -0,0 +1,234 @@ +------------------------------------------------------------------- +Mon Jul 17 10:51:58 UTC 2023 - Andreas Schwab + +- Update to 4.4.36 + * Fix left over bits failing with Perl v5.38.0 + +------------------------------------------------------------------- +Sat Jul 1 22:32:06 UTC 2023 - Dirk Müller + +- update to 4.4.35: + * Fix build with Perl v5.38.0 (issue #170). + * Fix build with MinGW-w(32|64). + +------------------------------------------------------------------- +Thu Jun 1 13:36:26 UTC 2023 - Andreas Schwab + +- Update to 4.4.34 + * Optimize some cast operation for performance in + lib/alg-yescrypt-platform.c. + * Add SHA-2 Maj() optimization proposed by Wei Dai in lib/alg-sha512.c. + * Explicitly clean the stack and context state after computation in + lib/alg-gost3411-2012-hmac.c, lib/alg-hmac-sha1.c, and lib/alg-sha256.c + (issue #168). + +------------------------------------------------------------------- +Thu Mar 23 12:58:47 UTC 2023 - Martin Liška + +- Enable LTO now (boo#1138833) and use FAT LTO objects for static libs. + +------------------------------------------------------------------- +Fri Mar 10 20:29:48 UTC 2023 - Giuliano Belinassi + +- Enable livepatching support on x86_64. + +------------------------------------------------------------------- +Wed Nov 30 15:02:10 UTC 2022 - Andreas Schwab + +- Update to 4.4.33 + * Fix variable name in crypt(3) for a datamember of 'struct crypt_data' + * Fix -Werror=strict-overflow in lib/crypt-des.c, which is seen + by GCC 12.x + * Add some SHA-2 Maj() optimization in lib/alg-sha256.c + * Fix -Werror=conversion in lib/alg-yescrypt-opt.c + * Improvements to huge page handling in lib/alg-yescrypt-platform.c + * Fix -Werror=sign-conversion in lib/alg-yescrypt-platform.c + +------------------------------------------------------------------- +Sun Apr 10 09:34:30 UTC 2022 - Dirk Müller + +- update to 4.4.28: + No changes whatsoever. + +------------------------------------------------------------------- +Mon Dec 20 22:45:41 UTC 2021 - Dirk Müller + +- update to 4.4.27: + * Limit the maximum amount of rbytes to 64 bytes (512 bits) for yescrypt, + gost-yescrypt, and scrypt + +------------------------------------------------------------------- +Sun Nov 28 19:44:05 UTC 2021 - Andreas Stieger + +- update to 4.4.26: + * fix compilation on system with gcc >= 10 that do not support + declarations with __attribute__((symver)) +- switch to bootstrapped tarball, add upstream signing key and + verify source signature + +------------------------------------------------------------------- +Wed Aug 18 10:22:27 UTC 2021 - Andreas Schwab + +- Update to 4.4.25 + * Fix several issues found by Covscan in the testsuite. These include: + - CWE-170: String not null terminated (STRING_NULL) + - CWE-188: Reliance on integer endianness (INCOMPATIBLE_CAST) + - CWE-190: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN) + - CWE-569: Wrong sizeof argument (SIZEOF_MISMATCH) + - CWE-573: Missing varargs init or cleanup (VARARGS) + - CWE-687: Argument cannot be negative (NEGATIVE_RETURNS) + * Stricter checking of invalid salt characters (issue #135). + +------------------------------------------------------------------- +Thu Jun 24 08:48:06 UTC 2021 - Paolo Stivanin + +- Update to 4.4.23 + * Fix output calculation for gensalt_yescrypt_rn(). + * Fix -Werror=conversion in lib/crypt-des-obsolete.c, + test/des-obsolete.c, and test/des-obsolete_r.c. + * The crypt_checksalt() function has been fixed to correctly return + with 'CRYPT_SALT_INVALID', in case the setting, that is passed + to be checked, represents an empty passphrase or an uncomputed + setting for descrypt without any salt characters. + * The crypt_checksalt() function will now return the value + 'CRYPT_SALT_METHOD_LEGACY' in case the setting, that is passed + to be checked, uses a hashing method, which is considered to be + too weak for use with new passphrases. + * Fix build when the CFLAGS variable, that is passed into the + configure script, has a leading whitespace character in it + (issue #123). + +------------------------------------------------------------------- +Tue Apr 13 14:59:57 UTC 2021 - Paolo Stivanin + +- Update to 4.4.19 + * Improve fallback implementation of explicit_bzero. + * Add glibc-on-CSKY, ARC, and RISCV-32 entries to libcrypt.minver. + These were added in GNU libc 2.29, 2.32, and 2.33 respectively + * Do not build xcrypt.h if we’re not going to install it. + * Do not apply --enable-obsolete-api-enosys mode to fcrypt. + * Compilation fix for NetBSD. NetBSD’s declares encrypt + and setkey to return int, contrary to POSIX (which says they return + void). Rename those declarations out of the way with macros. + * Compilation fixes for building with GCC 11. + Basically fixes for explicit type-casting. + * Force update of existing symlinks during installation + +------------------------------------------------------------------- +Mon Feb 22 10:41:24 UTC 2021 - Andreas Schwab + +- Update to version 4.4.18 + * Fix conversion error in lib/alg-gost3411-core.c + +------------------------------------------------------------------- +Tue Sep 1 14:47:37 UTC 2020 - Andreas Schwab + +- Add compatibility provides for SLE15 +- Update to version 4.4.17 + * Salt string compatibility with generic implementations + +------------------------------------------------------------------- +Mon Mar 2 09:50:17 UTC 2020 - Andreas Schwab + +- Update to version 4.4.15 + * The compatibility symbols crypt_gensalt_r, xcrypt, xcrypt_r, + xcrypt_gensalt, and xcrypt_gensalt_r are deprecated further + * Speed up ka-sunmd5 by skipping most of the test phrases +- Package README.md and TODO.md (bsc#1165389) + +------------------------------------------------------------------- +Thu Jan 30 13:34:00 UTC 2020 - Andreas Schwab + +- Update to version 4.4.12 + * Another fix for GCC v10.x, which occurs on s390 architectures only. + +------------------------------------------------------------------- +Wed Jan 22 11:35:17 UTC 2020 - Andreas Schwab + +- Update to version 4.4.11 + * Fixes for GCC v10.x + * Change how the known-answer tests are parallelized +- gcc10.patch: remove + +------------------------------------------------------------------- +Thu Dec 12 08:23:08 UTC 2019 - Andreas Schwab + +- gcc10.patch: fix build with gcc10 (bsc#1158192) + +------------------------------------------------------------------- +Sat Dec 7 14:19:35 UTC 2019 - Andreas Schwab + +- Update to version 4.4.10 + * Fix alignment problem for GOST 34.11 (Streebog) in gost-yestcrypt. + * The crypt_* functions will now all fail and set errno to ERANGE if + their 'phrase' argument is longer than CRYPT_MAX_PASSPHRASE_SIZE + characters (this is currently 512) + * The NT hashing method no longer truncates passphrases at 128 + characters; Windows does not do this. +- format-overflow.patch: remove + +------------------------------------------------------------------- +Thu Jun 20 11:49:28 UTC 2019 - Martin Liška + +- Disable LTO due to symbol versioning (boo#1138833). + +------------------------------------------------------------------- +Tue Feb 19 10:49:30 UTC 2019 - schwab@suse.de + +- format-overflow.patch: Fix -Werror=format-overflow + +------------------------------------------------------------------- +Thu Feb 14 13:54:55 UTC 2019 - Martin Liška + +- Update to version 4.4.3: + * Add libxcrypt.so, libxcrypt.a and xcrypt.h. + * Add new man3 manual pages. + +------------------------------------------------------------------- +Tue Oct 9 11:43:13 UTC 2018 - schwab@suse.de + +- Set compatibility level to suse + +------------------------------------------------------------------- +Wed Aug 8 11:44:16 UTC 2018 - schwab@suse.de + +- Add conflicts with glibc-devel < 2.28 + +------------------------------------------------------------------- +Mon Aug 6 16:34:12 UTC 2018 - jengelh@inai.de + +- Fix RPM groups for Factory. + +------------------------------------------------------------------- +Wed Aug 1 08:50:25 UTC 2018 - schwab@suse.de + +- Update to libxcrypt 4.1.0 + * Fix spelling of SUSE. + * Lower the minimum required automake version to 1.14. + * Fix build with USE_SWAPCONTEXT turned off. + * Extend --enable-weak-hashes configure option to accept optional + "glibc" parameter. + * Fix the leak of obtained random bytes. + * Check expected output strings for deterministic methods. + * Fix memory leak in crypt_sha1_rn. + * Fix read of random bytes out of bounds in gensalt_sha1_rn. + * Make it possible to disable individual hashes at configure time. + * Make salt validation pickier. + * Replace crypt-sunmd5.c with BSD-licensed cleanroom reimplementation. + * Make crypt_gensalt for $sha1 deterministic. + * Fix incorrect output-size computation in crypt_sha1_rn. + * Add docs for SHA1, MD5/Sun, NTHASH. + * Introduce CRYPT_GENSALT_IMPLEMENTS_* feature test macros. + * Install libcrypt.pc symlink along with libxcrypt.pc. + * Extend --enable-obsolete-api configure option. + * Extend overall test coverage. + +------------------------------------------------------------------- +Wed May 23 10:01:29 UTC 2018 - schwab@suse.de + +- Update to libxcrypt 4.0.1 + +------------------------------------------------------------------- +Wed May 9 13:51:35 UTC 2018 - schwab@suse.de + +- ABI compatible replacement for libcypt from glibc diff --git a/libxcrypt.keyring b/libxcrypt.keyring new file mode 100644 index 0000000..fb4a456 Binary files /dev/null and b/libxcrypt.keyring differ diff --git a/libxcrypt.spec b/libxcrypt.spec new file mode 100644 index 0000000..7c7116d --- /dev/null +++ b/libxcrypt.spec @@ -0,0 +1,172 @@ +# +# spec file for package libxcrypt +# +# Copyright (c) 2023 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +Name: libxcrypt +Version: 4.4.36 +Release: 0 +Summary: Extended crypt library for DES, MD5, Blowfish and others +License: BSD-2-Clause AND GPL-3.0-or-later AND LGPL-2.1-or-later AND BSD-3-Clause AND SUSE-Public-Domain +Group: Development/Libraries/C and C++ +URL: https://github.com/besser82/libxcrypt +Source0: https://github.com/besser82/libxcrypt/releases/download/v%{version}/%{name}-%{version}.tar.xz +Source1: https://github.com/besser82/libxcrypt/releases/download/v%{version}/%{name}-%{version}.tar.xz.asc +Source2: https://github.com/besser82/libxcrypt/releases/download/v%{version}/libxcrypt-gpgkey.gpg#/%{name}.keyring +Source3: baselibs.conf +BuildRequires: pkgconfig + +# Enable support for livepatching. +%ifarch x86_64 +%bcond_without livepatching +%else +%bcond_with livepatching +%endif + +%description +libxcrypt is a modern library for one-way hashing of passwords. It +supports DES, MD5, SHA-2-256, SHA-2-512, and bcrypt-based password +hashes, and provides the traditional Unix 'crypt' and 'crypt_r' +interfaces, as well as a set of extended interfaces pioneered by +Openwall Linux, 'crypt_rn', 'crypt_ra', 'crypt_gensalt', +'crypt_gensalt_rn', and 'crypt_gensalt_ra'. + +%package -n libcrypt1 +Summary: Extended crypt library for DES, MD5, Blowfish and others +License: BSD-2-Clause AND LGPL-2.1-or-later AND BSD-3-Clause AND SUSE-Public-Domain +Group: System/Libraries +# Compatibility provides to help the transition from libowcrypt.so.1 +# to libcrypt.so.1, which provides all symbols of the former +%ifarch x86_64 s390x ppc64le aarch64 +Provides: libowcrypt.so.1()(64bit) +Provides: libowcrypt.so.1(OW_CRYPT_1.0)(64bit) +%endif +%ifarch i586 +Provides: libowcrypt.so.1 +Provides: libowcrypt.so.1(OW_CRYPT_1.0) +%endif + +%description -n libcrypt1 +libxcrypt is a modern library for one-way hashing of passwords. It +supports DES, MD5, SHA-2-256, SHA-2-512, and bcrypt-based password +hashes, and provides the traditional Unix 'crypt' and 'crypt_r' +interfaces, as well as a set of extended interfaces pioneered by +Openwall Linux, 'crypt_rn', 'crypt_ra', 'crypt_gensalt', +'crypt_gensalt_rn', and 'crypt_gensalt_ra'. + +%package devel +Summary: Development files for %{name} +License: BSD-2-Clause AND LGPL-2.1-or-later AND BSD-3-Clause AND SUSE-Public-Domain +Group: Development/Languages/C and C++ +Requires: libcrypt1 = %{version} +Requires: pkgconfig >= 0.9.0 +Conflicts: glibc-devel < 2.28 +Provides: glibc-devel:%{_libdir}/libcrypt.so + +%description devel +The %{name}-devel package contains libraries and header files for +developing applications that use %{name}. + +%package devel-static +Summary: Static library for -static linking with %{name} +License: BSD-2-Clause AND GPL-3.0-or-later AND LGPL-2.1-or-later AND BSD-3-Clause AND SUSE-Public-Domain +Group: Development/Libraries/C and C++ +Requires: %{name}-devel = %{version} +Requires: glibc-devel-static +Conflicts: glibc-devel-static < 2.28 +Provides: glibc-devel-static:%{_libdir}/libcrypt.a + +%description devel-static +This package contains the libxcrypt static libraries for -static +linking. You don't need this, unless you link statically, which +is highly discouraged. + +%prep +%autosetup -p 1 + +%build +%global _lto_cflags %_lto_cflags -ffat-lto-objects +%configure \ + --disable-silent-rules \ + --enable-shared \ + --enable-static \ + --enable-obsolete-api=suse \ + --enable-hashes=all \ + --with-pkgconfigdir=%{_libdir}/pkgconfig + +%if %{with livepatching} +%make_build CFLAGS="$CFLAGS -fpatchable-function-entry=16,14 -fdump-ipa-clones" +%else +%make_build +%endif + +%install + +%if %{with livepatching} +%define tar_basename libxcrypt-livepatch-%{version}-%{release} +%define tar_package_name %{tar_basename}.%{_arch}.tar.xz +%define clones_dest_dir %{tar_basename}/%{_arch} + +# Ipa-clones are files generated by gcc which logs changes made across +# functions, and we need to know such changes to build livepatches +# correctly. These files are intended to be used by the livepatch +# developers and may be retrieved by using `osc getbinaries`. +# +# Create ipa-clones destination folder and move clones there. +mkdir -p ipa-clones/%{clones_dest_dir} +find . -name "*.ipa-clones" ! -empty \ + -exec cp -t ipa-clones/%{clones_dest_dir} --parents {} + + +# Create tarball with ipa-clones. +tar -cJf %{tar_package_name} -C ipa-clones \ + --owner root --group root --sort name %{tar_basename} + +# Copy tarball to the OTHER folder to store it as artifact. +cp %{tar_package_name} %{_topdir}/OTHER +%endif + +%make_install +rm -v %{buildroot}%{_libdir}/*.la + +%check +%make_build check || \ + { + rc=$?; + echo "-----BEGIN TESTLOG-----"; + cat test-suite.log; + echo "-----END TESTLOG-----"; + exit $rc; + } + +%post -n libcrypt1 -p /sbin/ldconfig +%postun -n libcrypt1 -p /sbin/ldconfig + +%files -n libcrypt1 +%license COPYING.LIB LICENSING +%doc AUTHORS NEWS THANKS +%{_libdir}/*.so.* + +%files devel +%doc TODO +%{_libdir}/*.so +%{_includedir}/*.h +%{_libdir}/pkgconfig/*.pc +%{_mandir}/man?/*%{?ext_man} + +%files devel-static +%{_libdir}/*.a + +%changelog