Sync from SUSE:SLFO:Main libxcrypt revision 8fce5697d19e0b7e74f70bd1be354f99

This commit is contained in:
Adrian Schröter 2024-05-03 16:09:18 +02:00
commit cae88e36a4
7 changed files with 455 additions and 0 deletions

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

7
baselibs.conf Normal file
View File

@ -0,0 +1,7 @@
libcrypt1
arch i586 provides "libowcrypt.so.1"
arch i586 provides "libowcrypt.so.1(OW_CRYPT_1.0)"
libxcrypt-devel
requires -libxcrypt-<targettype>
requires "libcrypt1-<targettype> = <version>"
conflicts "glibc-devel-<targettype> < 2.28"

BIN
libxcrypt-4.4.36.tar.xz (Stored with Git LFS) Normal file

Binary file not shown.

View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZ4zj/uQwMRWW24wW9S6YAHWUwh0FAmSlr0UACgkQ9S6YAHWU
wh0/Pg/+M0zxkElg/2YPCFNeSo+zsVjGozdnPF4DvISk54+owXULo2fkx7VW15LC
4DcvKKg3p+6bCz1rdOnJbzSfNiO3d7VS1mGNOECWUTF4q3eiXhgDy5QrHbZfDaqR
DohWDNJPY1RwTfMf8qhtnTukjutnNpUdPJHV5wavJsBr8mLQ6qBXTsgfORJsfGi0
cz+GTn3IZX/xcMvbFx9VrY/ixzYZZMFOmy+00T2yURlA/A5XjNPldTDRYVBtYUre
Phiox3Oz9BRh65hnLjPFIYvMrjAGnOxl2lWfHK6Mdu46QV7qB7nGryOSbr4OHvN8
YpukVexz5YlSM09ws9AHqUzf4nn2fo+M1v9YftrLYa0vKM5oUW5+nJp2oRm+q2WW
UYy7J60rM7Rg8HvpAXriIbyOz758xSA3dwSMAVFrY9mLZdCipBfdAD9xNIysaWTo
ockJ13TYzK6m8F8aL3tYGT/7M1IbdUMqGa7wPEkg5bkb0IGOI45yH4VN4AbU3h4v
ZZrMNkMNl84Y3rYgq2QcqoMf9Wg/dv9zuXpkF0COipk4qxiEiBZlebFSAZEX1LSO
6O5AlUtHb9Mue7CTv61dV//C7l2/TOADsvWN4dBqQzioPx+uH4wJAdEY6afeePAR
GniSzdtbuszlVcd7E8sqN/DFofhOBBXrX6QpJkapMTnfoKDL3SQ=
=wTDU
-----END PGP SIGNATURE-----

234
libxcrypt.changes Normal file
View File

@ -0,0 +1,234 @@
-------------------------------------------------------------------
Mon Jul 17 10:51:58 UTC 2023 - Andreas Schwab <schwab@suse.de>
- Update to 4.4.36
* Fix left over bits failing with Perl v5.38.0
-------------------------------------------------------------------
Sat Jul 1 22:32:06 UTC 2023 - Dirk Müller <dmueller@suse.com>
- update to 4.4.35:
* Fix build with Perl v5.38.0 (issue #170).
* Fix build with MinGW-w(32|64).
-------------------------------------------------------------------
Thu Jun 1 13:36:26 UTC 2023 - Andreas Schwab <schwab@suse.de>
- Update to 4.4.34
* Optimize some cast operation for performance in
lib/alg-yescrypt-platform.c.
* Add SHA-2 Maj() optimization proposed by Wei Dai in lib/alg-sha512.c.
* Explicitly clean the stack and context state after computation in
lib/alg-gost3411-2012-hmac.c, lib/alg-hmac-sha1.c, and lib/alg-sha256.c
(issue #168).
-------------------------------------------------------------------
Thu Mar 23 12:58:47 UTC 2023 - Martin Liška <mliska@suse.cz>
- Enable LTO now (boo#1138833) and use FAT LTO objects for static libs.
-------------------------------------------------------------------
Fri Mar 10 20:29:48 UTC 2023 - Giuliano Belinassi <giuliano.belinassi@suse.com>
- Enable livepatching support on x86_64.
-------------------------------------------------------------------
Wed Nov 30 15:02:10 UTC 2022 - Andreas Schwab <schwab@suse.de>
- Update to 4.4.33
* Fix variable name in crypt(3) for a datamember of 'struct crypt_data'
* Fix -Werror=strict-overflow in lib/crypt-des.c, which is seen
by GCC 12.x
* Add some SHA-2 Maj() optimization in lib/alg-sha256.c
* Fix -Werror=conversion in lib/alg-yescrypt-opt.c
* Improvements to huge page handling in lib/alg-yescrypt-platform.c
* Fix -Werror=sign-conversion in lib/alg-yescrypt-platform.c
-------------------------------------------------------------------
Sun Apr 10 09:34:30 UTC 2022 - Dirk Müller <dmueller@suse.com>
- update to 4.4.28:
No changes whatsoever.
-------------------------------------------------------------------
Mon Dec 20 22:45:41 UTC 2021 - Dirk Müller <dmueller@suse.com>
- update to 4.4.27:
* Limit the maximum amount of rbytes to 64 bytes (512 bits) for yescrypt,
gost-yescrypt, and scrypt
-------------------------------------------------------------------
Sun Nov 28 19:44:05 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de>
- update to 4.4.26:
* fix compilation on system with gcc >= 10 that do not support
declarations with __attribute__((symver))
- switch to bootstrapped tarball, add upstream signing key and
verify source signature
-------------------------------------------------------------------
Wed Aug 18 10:22:27 UTC 2021 - Andreas Schwab <schwab@suse.de>
- Update to 4.4.25
* Fix several issues found by Covscan in the testsuite. These include:
- CWE-170: String not null terminated (STRING_NULL)
- CWE-188: Reliance on integer endianness (INCOMPATIBLE_CAST)
- CWE-190: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
- CWE-569: Wrong sizeof argument (SIZEOF_MISMATCH)
- CWE-573: Missing varargs init or cleanup (VARARGS)
- CWE-687: Argument cannot be negative (NEGATIVE_RETURNS)
* Stricter checking of invalid salt characters (issue #135).
-------------------------------------------------------------------
Thu Jun 24 08:48:06 UTC 2021 - Paolo Stivanin <info@paolostivanin.com>
- Update to 4.4.23
* Fix output calculation for gensalt_yescrypt_rn().
* Fix -Werror=conversion in lib/crypt-des-obsolete.c,
test/des-obsolete.c, and test/des-obsolete_r.c.
* The crypt_checksalt() function has been fixed to correctly return
with 'CRYPT_SALT_INVALID', in case the setting, that is passed
to be checked, represents an empty passphrase or an uncomputed
setting for descrypt without any salt characters.
* The crypt_checksalt() function will now return the value
'CRYPT_SALT_METHOD_LEGACY' in case the setting, that is passed
to be checked, uses a hashing method, which is considered to be
too weak for use with new passphrases.
* Fix build when the CFLAGS variable, that is passed into the
configure script, has a leading whitespace character in it
(issue #123).
-------------------------------------------------------------------
Tue Apr 13 14:59:57 UTC 2021 - Paolo Stivanin <info@paolostivanin.com>
- Update to 4.4.19
* Improve fallback implementation of explicit_bzero.
* Add glibc-on-CSKY, ARC, and RISCV-32 entries to libcrypt.minver.
These were added in GNU libc 2.29, 2.32, and 2.33 respectively
* Do not build xcrypt.h if were not going to install it.
* Do not apply --enable-obsolete-api-enosys mode to fcrypt.
* Compilation fix for NetBSD. NetBSDs <unistd.h> declares encrypt
and setkey to return int, contrary to POSIX (which says they return
void). Rename those declarations out of the way with macros.
* Compilation fixes for building with GCC 11.
Basically fixes for explicit type-casting.
* Force update of existing symlinks during installation
-------------------------------------------------------------------
Mon Feb 22 10:41:24 UTC 2021 - Andreas Schwab <schwab@suse.de>
- Update to version 4.4.18
* Fix conversion error in lib/alg-gost3411-core.c
-------------------------------------------------------------------
Tue Sep 1 14:47:37 UTC 2020 - Andreas Schwab <schwab@suse.de>
- Add compatibility provides for SLE15
- Update to version 4.4.17
* Salt string compatibility with generic implementations
-------------------------------------------------------------------
Mon Mar 2 09:50:17 UTC 2020 - Andreas Schwab <schwab@suse.de>
- Update to version 4.4.15
* The compatibility symbols crypt_gensalt_r, xcrypt, xcrypt_r,
xcrypt_gensalt, and xcrypt_gensalt_r are deprecated further
* Speed up ka-sunmd5 by skipping most of the test phrases
- Package README.md and TODO.md (bsc#1165389)
-------------------------------------------------------------------
Thu Jan 30 13:34:00 UTC 2020 - Andreas Schwab <schwab@suse.de>
- Update to version 4.4.12
* Another fix for GCC v10.x, which occurs on s390 architectures only.
-------------------------------------------------------------------
Wed Jan 22 11:35:17 UTC 2020 - Andreas Schwab <schwab@suse.de>
- Update to version 4.4.11
* Fixes for GCC v10.x
* Change how the known-answer tests are parallelized
- gcc10.patch: remove
-------------------------------------------------------------------
Thu Dec 12 08:23:08 UTC 2019 - Andreas Schwab <schwab@suse.de>
- gcc10.patch: fix build with gcc10 (bsc#1158192)
-------------------------------------------------------------------
Sat Dec 7 14:19:35 UTC 2019 - Andreas Schwab <schwab@suse.de>
- Update to version 4.4.10
* Fix alignment problem for GOST 34.11 (Streebog) in gost-yestcrypt.
* The crypt_* functions will now all fail and set errno to ERANGE if
their 'phrase' argument is longer than CRYPT_MAX_PASSPHRASE_SIZE
characters (this is currently 512)
* The NT hashing method no longer truncates passphrases at 128
characters; Windows does not do this.
- format-overflow.patch: remove
-------------------------------------------------------------------
Thu Jun 20 11:49:28 UTC 2019 - Martin Liška <mliska@suse.cz>
- Disable LTO due to symbol versioning (boo#1138833).
-------------------------------------------------------------------
Tue Feb 19 10:49:30 UTC 2019 - schwab@suse.de
- format-overflow.patch: Fix -Werror=format-overflow
-------------------------------------------------------------------
Thu Feb 14 13:54:55 UTC 2019 - Martin Liška <mliska@suse.cz>
- Update to version 4.4.3:
* Add libxcrypt.so, libxcrypt.a and xcrypt.h.
* Add new man3 manual pages.
-------------------------------------------------------------------
Tue Oct 9 11:43:13 UTC 2018 - schwab@suse.de
- Set compatibility level to suse
-------------------------------------------------------------------
Wed Aug 8 11:44:16 UTC 2018 - schwab@suse.de
- Add conflicts with glibc-devel < 2.28
-------------------------------------------------------------------
Mon Aug 6 16:34:12 UTC 2018 - jengelh@inai.de
- Fix RPM groups for Factory.
-------------------------------------------------------------------
Wed Aug 1 08:50:25 UTC 2018 - schwab@suse.de
- Update to libxcrypt 4.1.0
* Fix spelling of SUSE.
* Lower the minimum required automake version to 1.14.
* Fix build with USE_SWAPCONTEXT turned off.
* Extend --enable-weak-hashes configure option to accept optional
"glibc" parameter.
* Fix the leak of obtained random bytes.
* Check expected output strings for deterministic methods.
* Fix memory leak in crypt_sha1_rn.
* Fix read of random bytes out of bounds in gensalt_sha1_rn.
* Make it possible to disable individual hashes at configure time.
* Make salt validation pickier.
* Replace crypt-sunmd5.c with BSD-licensed cleanroom reimplementation.
* Make crypt_gensalt for $sha1 deterministic.
* Fix incorrect output-size computation in crypt_sha1_rn.
* Add docs for SHA1, MD5/Sun, NTHASH.
* Introduce CRYPT_GENSALT_IMPLEMENTS_* feature test macros.
* Install libcrypt.pc symlink along with libxcrypt.pc.
* Extend --enable-obsolete-api configure option.
* Extend overall test coverage.
-------------------------------------------------------------------
Wed May 23 10:01:29 UTC 2018 - schwab@suse.de
- Update to libxcrypt 4.0.1
-------------------------------------------------------------------
Wed May 9 13:51:35 UTC 2018 - schwab@suse.de
- ABI compatible replacement for libcypt from glibc

BIN
libxcrypt.keyring Normal file

Binary file not shown.

172
libxcrypt.spec Normal file
View File

@ -0,0 +1,172 @@
#
# spec file for package libxcrypt
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: libxcrypt
Version: 4.4.36
Release: 0
Summary: Extended crypt library for DES, MD5, Blowfish and others
License: BSD-2-Clause AND GPL-3.0-or-later AND LGPL-2.1-or-later AND BSD-3-Clause AND SUSE-Public-Domain
Group: Development/Libraries/C and C++
URL: https://github.com/besser82/libxcrypt
Source0: https://github.com/besser82/libxcrypt/releases/download/v%{version}/%{name}-%{version}.tar.xz
Source1: https://github.com/besser82/libxcrypt/releases/download/v%{version}/%{name}-%{version}.tar.xz.asc
Source2: https://github.com/besser82/libxcrypt/releases/download/v%{version}/libxcrypt-gpgkey.gpg#/%{name}.keyring
Source3: baselibs.conf
BuildRequires: pkgconfig
# Enable support for livepatching.
%ifarch x86_64
%bcond_without livepatching
%else
%bcond_with livepatching
%endif
%description
libxcrypt is a modern library for one-way hashing of passwords. It
supports DES, MD5, SHA-2-256, SHA-2-512, and bcrypt-based password
hashes, and provides the traditional Unix 'crypt' and 'crypt_r'
interfaces, as well as a set of extended interfaces pioneered by
Openwall Linux, 'crypt_rn', 'crypt_ra', 'crypt_gensalt',
'crypt_gensalt_rn', and 'crypt_gensalt_ra'.
%package -n libcrypt1
Summary: Extended crypt library for DES, MD5, Blowfish and others
License: BSD-2-Clause AND LGPL-2.1-or-later AND BSD-3-Clause AND SUSE-Public-Domain
Group: System/Libraries
# Compatibility provides to help the transition from libowcrypt.so.1
# to libcrypt.so.1, which provides all symbols of the former
%ifarch x86_64 s390x ppc64le aarch64
Provides: libowcrypt.so.1()(64bit)
Provides: libowcrypt.so.1(OW_CRYPT_1.0)(64bit)
%endif
%ifarch i586
Provides: libowcrypt.so.1
Provides: libowcrypt.so.1(OW_CRYPT_1.0)
%endif
%description -n libcrypt1
libxcrypt is a modern library for one-way hashing of passwords. It
supports DES, MD5, SHA-2-256, SHA-2-512, and bcrypt-based password
hashes, and provides the traditional Unix 'crypt' and 'crypt_r'
interfaces, as well as a set of extended interfaces pioneered by
Openwall Linux, 'crypt_rn', 'crypt_ra', 'crypt_gensalt',
'crypt_gensalt_rn', and 'crypt_gensalt_ra'.
%package devel
Summary: Development files for %{name}
License: BSD-2-Clause AND LGPL-2.1-or-later AND BSD-3-Clause AND SUSE-Public-Domain
Group: Development/Languages/C and C++
Requires: libcrypt1 = %{version}
Requires: pkgconfig >= 0.9.0
Conflicts: glibc-devel < 2.28
Provides: glibc-devel:%{_libdir}/libcrypt.so
%description devel
The %{name}-devel package contains libraries and header files for
developing applications that use %{name}.
%package devel-static
Summary: Static library for -static linking with %{name}
License: BSD-2-Clause AND GPL-3.0-or-later AND LGPL-2.1-or-later AND BSD-3-Clause AND SUSE-Public-Domain
Group: Development/Libraries/C and C++
Requires: %{name}-devel = %{version}
Requires: glibc-devel-static
Conflicts: glibc-devel-static < 2.28
Provides: glibc-devel-static:%{_libdir}/libcrypt.a
%description devel-static
This package contains the libxcrypt static libraries for -static
linking. You don't need this, unless you link statically, which
is highly discouraged.
%prep
%autosetup -p 1
%build
%global _lto_cflags %_lto_cflags -ffat-lto-objects
%configure \
--disable-silent-rules \
--enable-shared \
--enable-static \
--enable-obsolete-api=suse \
--enable-hashes=all \
--with-pkgconfigdir=%{_libdir}/pkgconfig
%if %{with livepatching}
%make_build CFLAGS="$CFLAGS -fpatchable-function-entry=16,14 -fdump-ipa-clones"
%else
%make_build
%endif
%install
%if %{with livepatching}
%define tar_basename libxcrypt-livepatch-%{version}-%{release}
%define tar_package_name %{tar_basename}.%{_arch}.tar.xz
%define clones_dest_dir %{tar_basename}/%{_arch}
# Ipa-clones are files generated by gcc which logs changes made across
# functions, and we need to know such changes to build livepatches
# correctly. These files are intended to be used by the livepatch
# developers and may be retrieved by using `osc getbinaries`.
#
# Create ipa-clones destination folder and move clones there.
mkdir -p ipa-clones/%{clones_dest_dir}
find . -name "*.ipa-clones" ! -empty \
-exec cp -t ipa-clones/%{clones_dest_dir} --parents {} +
# Create tarball with ipa-clones.
tar -cJf %{tar_package_name} -C ipa-clones \
--owner root --group root --sort name %{tar_basename}
# Copy tarball to the OTHER folder to store it as artifact.
cp %{tar_package_name} %{_topdir}/OTHER
%endif
%make_install
rm -v %{buildroot}%{_libdir}/*.la
%check
%make_build check || \
{
rc=$?;
echo "-----BEGIN TESTLOG-----";
cat test-suite.log;
echo "-----END TESTLOG-----";
exit $rc;
}
%post -n libcrypt1 -p /sbin/ldconfig
%postun -n libcrypt1 -p /sbin/ldconfig
%files -n libcrypt1
%license COPYING.LIB LICENSING
%doc AUTHORS NEWS THANKS
%{_libdir}/*.so.*
%files devel
%doc TODO
%{_libdir}/*.so
%{_includedir}/*.h
%{_libdir}/pkgconfig/*.pc
%{_mandir}/man?/*%{?ext_man}
%files devel-static
%{_libdir}/*.a
%changelog