Accepting request 20011 from Base:System
Copy from Base:System/glibc based on submit request 20011 from user pbaudis OBS-URL: https://build.opensuse.org/request/show/20011 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/glibc?expand=0&rev=9
This commit is contained in:
parent
1f65f4bc21
commit
1c7706889b
@ -49,7 +49,7 @@ diff -ruN crypt-/crypt_blowfish.c crypt/crypt_blowfish.c
|
||||
+#endif
|
||||
+
|
||||
+#ifdef __i386__
|
||||
+#define BF_ASM 1
|
||||
+#define BF_ASM 0 /* original OW patch has 1 */
|
||||
+#define BF_SCALE 1
|
||||
+#elif defined(__alpha__) || defined(__hppa__)
|
||||
+#define BF_ASM 0
|
||||
@ -745,586 +745,51 @@ diff -ruN crypt-/crypt_blowfish.c crypt/crypt_blowfish.c
|
||||
+
|
||||
+ return output;
|
||||
+}
|
||||
diff -ruN crypt-/crypt_gensalt.c crypt/crypt_gensalt.c
|
||||
--- crypt-/crypt_gensalt.c 1970-01-01 01:00:00.000000000 +0100
|
||||
+++ crypt/crypt_gensalt.c 2006-09-20 20:56:59.000000000 +0200
|
||||
@@ -0,0 +1,111 @@
|
||||
+/*
|
||||
+ * Written by Solar Designer and placed in the public domain.
|
||||
+ * See crypt_blowfish.c for more information.
|
||||
+ *
|
||||
+ * This file contains salt generation functions for the traditional and
|
||||
+ * other common crypt(3) algorithms, except for bcrypt which is defined
|
||||
+ * entirely in crypt_blowfish.c.
|
||||
+ */
|
||||
+
|
||||
+#include <string.h>
|
||||
+
|
||||
+#include <errno.h>
|
||||
+#ifndef __set_errno
|
||||
+#define __set_errno(val) errno = (val)
|
||||
+#endif
|
||||
+
|
||||
+#undef __CONST
|
||||
+#ifdef __GNUC__
|
||||
+#define __CONST __const
|
||||
+#else
|
||||
+#define __CONST
|
||||
+#endif
|
||||
+
|
||||
+unsigned char _crypt_itoa64[64 + 1] =
|
||||
+ "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
|
||||
+
|
||||
+char *_crypt_gensalt_traditional_rn(unsigned long count,
|
||||
+ __CONST char *input, int size, char *output, int output_size)
|
||||
+{
|
||||
+ if (size < 2 || output_size < 2 + 1 || (count && count != 25)) {
|
||||
+ if (output_size > 0) output[0] = '\0';
|
||||
+ __set_errno((output_size < 2 + 1) ? ERANGE : EINVAL);
|
||||
+ return NULL;
|
||||
+ }
|
||||
+
|
||||
+ output[0] = _crypt_itoa64[(unsigned int)input[0] & 0x3f];
|
||||
+ output[1] = _crypt_itoa64[(unsigned int)input[1] & 0x3f];
|
||||
+ output[2] = '\0';
|
||||
+
|
||||
+ return output;
|
||||
+}
|
||||
+
|
||||
+char *_crypt_gensalt_extended_rn(unsigned long count,
|
||||
+ __CONST char *input, int size, char *output, int output_size)
|
||||
+{
|
||||
+ unsigned long value;
|
||||
+
|
||||
+/* Even iteration counts make it easier to detect weak DES keys from a look
|
||||
+ * at the hash, so they should be avoided */
|
||||
+ if (size < 3 || output_size < 1 + 4 + 4 + 1 ||
|
||||
+ (count && (count > 0xffffff || !(count & 1)))) {
|
||||
+ if (output_size > 0) output[0] = '\0';
|
||||
+ __set_errno((output_size < 1 + 4 + 4 + 1) ? ERANGE : EINVAL);
|
||||
+ return NULL;
|
||||
+ }
|
||||
+
|
||||
+ if (!count) count = 725;
|
||||
+
|
||||
+ output[0] = '_';
|
||||
+ output[1] = _crypt_itoa64[count & 0x3f];
|
||||
+ output[2] = _crypt_itoa64[(count >> 6) & 0x3f];
|
||||
+ output[3] = _crypt_itoa64[(count >> 12) & 0x3f];
|
||||
+ output[4] = _crypt_itoa64[(count >> 18) & 0x3f];
|
||||
+ value = (unsigned long)(unsigned char)input[0] |
|
||||
+ ((unsigned long)(unsigned char)input[1] << 8) |
|
||||
+ ((unsigned long)(unsigned char)input[2] << 16);
|
||||
+ output[5] = _crypt_itoa64[value & 0x3f];
|
||||
+ output[6] = _crypt_itoa64[(value >> 6) & 0x3f];
|
||||
+ output[7] = _crypt_itoa64[(value >> 12) & 0x3f];
|
||||
+ output[8] = _crypt_itoa64[(value >> 18) & 0x3f];
|
||||
+ output[9] = '\0';
|
||||
+
|
||||
+ return output;
|
||||
+}
|
||||
+
|
||||
+char *_crypt_gensalt_md5_rn(unsigned long count,
|
||||
+ __CONST char *input, int size, char *output, int output_size)
|
||||
+{
|
||||
+ unsigned long value;
|
||||
+
|
||||
+ if (size < 3 || output_size < 3 + 4 + 1 || (count && count != 1000)) {
|
||||
+ if (output_size > 0) output[0] = '\0';
|
||||
+ __set_errno((output_size < 3 + 4 + 1) ? ERANGE : EINVAL);
|
||||
+ return NULL;
|
||||
+ }
|
||||
+
|
||||
+ output[0] = '$';
|
||||
+ output[1] = '1';
|
||||
+ output[2] = '$';
|
||||
+ value = (unsigned long)(unsigned char)input[0] |
|
||||
+ ((unsigned long)(unsigned char)input[1] << 8) |
|
||||
+ ((unsigned long)(unsigned char)input[2] << 16);
|
||||
+ output[3] = _crypt_itoa64[value & 0x3f];
|
||||
+ output[4] = _crypt_itoa64[(value >> 6) & 0x3f];
|
||||
+ output[5] = _crypt_itoa64[(value >> 12) & 0x3f];
|
||||
+ output[6] = _crypt_itoa64[(value >> 18) & 0x3f];
|
||||
+ output[7] = '\0';
|
||||
+
|
||||
+ if (size >= 6 && output_size >= 3 + 4 + 4 + 1) {
|
||||
+ value = (unsigned long)(unsigned char)input[3] |
|
||||
+ ((unsigned long)(unsigned char)input[4] << 8) |
|
||||
+ ((unsigned long)(unsigned char)input[5] << 16);
|
||||
+ output[7] = _crypt_itoa64[value & 0x3f];
|
||||
+ output[8] = _crypt_itoa64[(value >> 6) & 0x3f];
|
||||
+ output[9] = _crypt_itoa64[(value >> 12) & 0x3f];
|
||||
+ output[10] = _crypt_itoa64[(value >> 18) & 0x3f];
|
||||
+ output[11] = '\0';
|
||||
+ }
|
||||
+
|
||||
+ return output;
|
||||
+}
|
||||
diff -ruN crypt-/ow-crypt.h crypt/ow-crypt.h
|
||||
--- crypt-/ow-crypt.h 1970-01-01 01:00:00.000000000 +0100
|
||||
+++ crypt/ow-crypt.h 2006-09-20 20:56:59.000000000 +0200
|
||||
@@ -0,0 +1,34 @@
|
||||
+/*
|
||||
+ * Written by Solar Designer and placed in the public domain.
|
||||
+ * See crypt_blowfish.c for more information.
|
||||
+ */
|
||||
+
|
||||
+#ifndef _OW_CRYPT_H
|
||||
+#define _OW_CRYPT_H
|
||||
+
|
||||
+#undef __CONST
|
||||
+#ifdef __GNUC__
|
||||
+#define __CONST __const
|
||||
+#else
|
||||
+#define __CONST
|
||||
+#endif
|
||||
+
|
||||
+#ifndef __SKIP_GNU
|
||||
+extern char *crypt(__CONST char *key, __CONST char *setting);
|
||||
+extern char *crypt_r(__CONST char *key, __CONST char *setting, void *data);
|
||||
+#endif
|
||||
+
|
||||
+#ifndef __SKIP_OW
|
||||
+extern char *crypt_rn(__CONST char *key, __CONST char *setting,
|
||||
+ void *data, int size);
|
||||
+extern char *crypt_ra(__CONST char *key, __CONST char *setting,
|
||||
+ void **data, int *size);
|
||||
+extern char *crypt_gensalt(__CONST char *prefix, unsigned long count,
|
||||
+ __CONST char *input, int size);
|
||||
+extern char *crypt_gensalt_rn(__CONST char *prefix, unsigned long count,
|
||||
+ __CONST char *input, int size, char *output, int output_size);
|
||||
+extern char *crypt_gensalt_ra(__CONST char *prefix, unsigned long count,
|
||||
+ __CONST char *input, int size);
|
||||
+#endif
|
||||
+
|
||||
+#endif
|
||||
diff -ruN crypt-/wrapper.c crypt/wrapper.c
|
||||
--- crypt-/wrapper.c 1970-01-01 01:00:00.000000000 +0100
|
||||
+++ crypt/wrapper.c 2006-09-20 20:56:59.000000000 +0200
|
||||
@@ -0,0 +1,426 @@
|
||||
+/*
|
||||
+ * Written by Solar Designer and placed in the public domain.
|
||||
+ * See crypt_blowfish.c for more information.
|
||||
+ */
|
||||
+
|
||||
+#include <stdlib.h>
|
||||
+#include <string.h>
|
||||
+
|
||||
+#include <errno.h>
|
||||
+#ifndef __set_errno
|
||||
+#define __set_errno(val) errno = (val)
|
||||
+#endif
|
||||
+
|
||||
+#ifdef TEST
|
||||
+#include <stdio.h>
|
||||
+#include <signal.h>
|
||||
+#include <time.h>
|
||||
+#include <sys/time.h>
|
||||
+#include <sys/times.h>
|
||||
+#ifdef TEST_THREADS
|
||||
+#include <pthread.h>
|
||||
+#endif
|
||||
+#endif
|
||||
+
|
||||
+#define CRYPT_OUTPUT_SIZE (7 + 22 + 31 + 1)
|
||||
+#define CRYPT_GENSALT_OUTPUT_SIZE (7 + 22 + 1)
|
||||
+
|
||||
+#if defined(__GLIBC__) && defined(_LIBC)
|
||||
+#define __SKIP_GNU
|
||||
+#endif
|
||||
+#include "ow-crypt.h"
|
||||
+
|
||||
+extern char *_crypt_blowfish_rn(__CONST char *key, __CONST char *setting,
|
||||
+ char *output, int size);
|
||||
+extern char *_crypt_gensalt_blowfish_rn(unsigned long count,
|
||||
+ __CONST char *input, int size, char *output, int output_size);
|
||||
+
|
||||
+extern unsigned char _crypt_itoa64[];
|
||||
+extern char *_crypt_gensalt_traditional_rn(unsigned long count,
|
||||
+ __CONST char *input, int size, char *output, int output_size);
|
||||
+extern char *_crypt_gensalt_extended_rn(unsigned long count,
|
||||
+ __CONST char *input, int size, char *output, int output_size);
|
||||
+extern char *_crypt_gensalt_md5_rn(unsigned long count,
|
||||
+ __CONST char *input, int size, char *output, int output_size);
|
||||
+
|
||||
+#if defined(__GLIBC__) && defined(_LIBC)
|
||||
+/* crypt.h from glibc-crypt-2.1 will define struct crypt_data for us */
|
||||
+#include "crypt.h"
|
||||
+extern char *__md5_crypt_r(const char *key, const char *salt,
|
||||
+ char *buffer, int buflen);
|
||||
+/* crypt-entry.c needs to be patched to define __des_crypt_r rather than
|
||||
+ * __crypt_r, and not define crypt_r and crypt at all */
|
||||
+extern char *__des_crypt_r(const char *key, const char *salt,
|
||||
+ struct crypt_data *data);
|
||||
+extern struct crypt_data _ufc_foobar;
|
||||
+#endif
|
||||
+
|
||||
+static int _crypt_data_alloc(void **data, int *size, int need)
|
||||
+{
|
||||
+ void *updated;
|
||||
+
|
||||
+ if (*data && *size >= need) return 0;
|
||||
+
|
||||
+ updated = realloc(*data, need);
|
||||
+
|
||||
+ if (!updated) {
|
||||
+#ifndef __GLIBC__
|
||||
+ /* realloc(3) on glibc sets errno, so we don't need to bother */
|
||||
+ __set_errno(ENOMEM);
|
||||
+#endif
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+#if defined(__GLIBC__) && defined(_LIBC)
|
||||
+ if (need >= sizeof(struct crypt_data))
|
||||
+ ((struct crypt_data *)updated)->initialized = 0;
|
||||
+#endif
|
||||
+
|
||||
+ *data = updated;
|
||||
+ *size = need;
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+static char *_crypt_retval_magic(char *retval, __CONST char *setting,
|
||||
+ char *output)
|
||||
+{
|
||||
+ if (retval) return retval;
|
||||
+
|
||||
+ output[0] = '*';
|
||||
+ output[1] = '0';
|
||||
+ output[2] = '\0';
|
||||
+
|
||||
+ if (setting[0] == '*' && setting[1] == '0')
|
||||
+ output[1] = '1';
|
||||
+
|
||||
+ return output;
|
||||
+}
|
||||
+
|
||||
+#if defined(__GLIBC__) && defined(_LIBC)
|
||||
+/*
|
||||
+ * Applications may re-use the same instance of struct crypt_data without
|
||||
+ * resetting the initialized field in order to let crypt_r() skip some of
|
||||
+ * its initialization code. Thus, it is important that our multiple hashing
|
||||
+ * algorithms either don't conflict with each other in their use of the
|
||||
+ * data area or reset the initialized field themselves whenever required.
|
||||
+ * Currently, the hashing algorithms simply have no conflicts: the first
|
||||
+ * field of struct crypt_data is the 128-byte large DES key schedule which
|
||||
+ * __des_crypt_r() calculates each time it is called while the two other
|
||||
+ * hashing algorithms use less than 128 bytes of the data area.
|
||||
+ */
|
||||
+
|
||||
+char *__crypt_rn(__const char *key, __const char *setting,
|
||||
+ void *data, int size)
|
||||
+{
|
||||
+ if (setting[0] == '$' && setting[1] == '2')
|
||||
+ return _crypt_blowfish_rn(key, setting, (char *)data, size);
|
||||
+ if (setting[0] == '$' && setting[1] == '1')
|
||||
+ return __md5_crypt_r(key, setting, (char *)data, size);
|
||||
+ if (setting[0] == '$' || setting[0] == '_') {
|
||||
+ __set_errno(EINVAL);
|
||||
+ return NULL;
|
||||
+ }
|
||||
+ if (size >= sizeof(struct crypt_data))
|
||||
+ return __des_crypt_r(key, setting, (struct crypt_data *)data);
|
||||
+ __set_errno(ERANGE);
|
||||
+ return NULL;
|
||||
+}
|
||||
+
|
||||
+char *__crypt_ra(__const char *key, __const char *setting,
|
||||
+ void **data, int *size)
|
||||
+{
|
||||
+ if (setting[0] == '$' && setting[1] == '2') {
|
||||
+ if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE))
|
||||
+ return NULL;
|
||||
+ return _crypt_blowfish_rn(key, setting, (char *)*data, *size);
|
||||
+ }
|
||||
+ if (setting[0] == '$' && setting[1] == '1') {
|
||||
+ if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE))
|
||||
+ return NULL;
|
||||
+ return __md5_crypt_r(key, setting, (char *)*data, *size);
|
||||
+ }
|
||||
+ if (setting[0] == '$' || setting[0] == '_') {
|
||||
+ __set_errno(EINVAL);
|
||||
+ return NULL;
|
||||
+ }
|
||||
+ if (_crypt_data_alloc(data, size, sizeof(struct crypt_data)))
|
||||
+ return NULL;
|
||||
+ return __des_crypt_r(key, setting, (struct crypt_data *)*data);
|
||||
+}
|
||||
+
|
||||
+char *__crypt_r(__const char *key, __const char *setting,
|
||||
+ struct crypt_data *data)
|
||||
+{
|
||||
+ return _crypt_retval_magic(
|
||||
+ __crypt_rn(key, setting, data, sizeof(*data)),
|
||||
+ setting, (char *)data);
|
||||
+}
|
||||
+
|
||||
+char *__crypt(__const char *key, __const char *setting)
|
||||
+{
|
||||
+ return _crypt_retval_magic(
|
||||
+ __crypt_rn(key, setting, &_ufc_foobar, sizeof(_ufc_foobar)),
|
||||
+ setting, (char *)&_ufc_foobar);
|
||||
+}
|
||||
+#else
|
||||
+char *crypt_rn(__CONST char *key, __CONST char *setting, void *data, int size)
|
||||
+{
|
||||
+ return _crypt_blowfish_rn(key, setting, (char *)data, size);
|
||||
+}
|
||||
+
|
||||
+char *crypt_ra(__CONST char *key, __CONST char *setting,
|
||||
+ void **data, int *size)
|
||||
+{
|
||||
+ if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE))
|
||||
+ return NULL;
|
||||
+ return _crypt_blowfish_rn(key, setting, (char *)*data, *size);
|
||||
+}
|
||||
+
|
||||
+char *crypt_r(__CONST char *key, __CONST char *setting, void *data)
|
||||
+{
|
||||
+ return _crypt_retval_magic(
|
||||
+ crypt_rn(key, setting, data, CRYPT_OUTPUT_SIZE),
|
||||
+ setting, (char *)data);
|
||||
+}
|
||||
+
|
||||
+char *crypt(__CONST char *key, __CONST char *setting)
|
||||
+{
|
||||
+ static char output[CRYPT_OUTPUT_SIZE];
|
||||
+
|
||||
+ return _crypt_retval_magic(
|
||||
+ crypt_rn(key, setting, output, sizeof(output)),
|
||||
+ setting, output);
|
||||
+}
|
||||
+
|
||||
+#define __crypt_gensalt_rn crypt_gensalt_rn
|
||||
+#define __crypt_gensalt_ra crypt_gensalt_ra
|
||||
+#define __crypt_gensalt crypt_gensalt
|
||||
+#endif
|
||||
+
|
||||
+char *__crypt_gensalt_rn(__CONST char *prefix, unsigned long count,
|
||||
+ __CONST char *input, int size, char *output, int output_size)
|
||||
+{
|
||||
+ char *(*use)(unsigned long count,
|
||||
+ __CONST char *input, int size, char *output, int output_size);
|
||||
+
|
||||
+ /* This may be supported on some platforms in the future */
|
||||
+ if (!input) {
|
||||
+ __set_errno(EINVAL);
|
||||
+ return NULL;
|
||||
+ }
|
||||
+
|
||||
+ if (!strncmp(prefix, "$2a$", 4))
|
||||
+ use = _crypt_gensalt_blowfish_rn;
|
||||
+ else
|
||||
+ if (!strncmp(prefix, "$1$", 3))
|
||||
+ use = _crypt_gensalt_md5_rn;
|
||||
+ else
|
||||
+ if (prefix[0] == '_')
|
||||
+ use = _crypt_gensalt_extended_rn;
|
||||
+ else
|
||||
+ if (!prefix[0] ||
|
||||
+ (prefix[0] && prefix[1] &&
|
||||
+ memchr(_crypt_itoa64, prefix[0], 64) &&
|
||||
+ memchr(_crypt_itoa64, prefix[1], 64)))
|
||||
+ use = _crypt_gensalt_traditional_rn;
|
||||
+ else {
|
||||
+ __set_errno(EINVAL);
|
||||
+ return NULL;
|
||||
+ }
|
||||
+
|
||||
+ return use(count, input, size, output, output_size);
|
||||
+}
|
||||
+
|
||||
+char *__crypt_gensalt_ra(__CONST char *prefix, unsigned long count,
|
||||
+ __CONST char *input, int size)
|
||||
+{
|
||||
+ char output[CRYPT_GENSALT_OUTPUT_SIZE];
|
||||
+ char *retval;
|
||||
+
|
||||
+ retval = __crypt_gensalt_rn(prefix, count,
|
||||
+ input, size, output, sizeof(output));
|
||||
+
|
||||
+ if (retval) {
|
||||
+ retval = strdup(retval);
|
||||
+#ifndef __GLIBC__
|
||||
+ /* strdup(3) on glibc sets errno, so we don't need to bother */
|
||||
+ if (!retval)
|
||||
+ __set_errno(ENOMEM);
|
||||
+#endif
|
||||
+ }
|
||||
+
|
||||
+ return retval;
|
||||
+}
|
||||
+
|
||||
+char *__crypt_gensalt(__CONST char *prefix, unsigned long count,
|
||||
+ __CONST char *input, int size)
|
||||
+{
|
||||
+ static char output[CRYPT_GENSALT_OUTPUT_SIZE];
|
||||
+
|
||||
+ return __crypt_gensalt_rn(prefix, count,
|
||||
+ input, size, output, sizeof(output));
|
||||
+}
|
||||
+
|
||||
+#if defined(__GLIBC__) && defined(_LIBC)
|
||||
+weak_alias(__crypt_rn, crypt_rn)
|
||||
+weak_alias(__crypt_ra, crypt_ra)
|
||||
+weak_alias(__crypt_r, crypt_r)
|
||||
+weak_alias(__crypt, crypt)
|
||||
+weak_alias(__crypt_gensalt_rn, crypt_gensalt_rn)
|
||||
+weak_alias(__crypt_gensalt_ra, crypt_gensalt_ra)
|
||||
+weak_alias(__crypt_gensalt, crypt_gensalt)
|
||||
+#endif
|
||||
+
|
||||
+#ifdef TEST
|
||||
+static struct {
|
||||
+ char *hash;
|
||||
+ char *pw;
|
||||
+} tests[] = {
|
||||
+ {"$2a$05$CCCCCCCCCCCCCCCCCCCCC.E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW",
|
||||
+ "U*U"},
|
||||
+ {"$2a$05$CCCCCCCCCCCCCCCCCCCCC.VGOzA784oUp/Z0DY336zx7pLYAy0lwK",
|
||||
+ "U*U*"},
|
||||
+ {"$2a$05$XXXXXXXXXXXXXXXXXXXXXOAcXxm9kjPGEMsLznoKqmqw7tc8WCx4a",
|
||||
+ "U*U*U"},
|
||||
+ {"$2a$05$CCCCCCCCCCCCCCCCCCCCC.7uG0VCzI2bS7j6ymqJi9CdcdxiRTWNy",
|
||||
+ ""},
|
||||
+ {"$2a$05$abcdefghijklmnopqrstuu5s2v8.iXieOjg/.AySBTTZIIVFJeBui",
|
||||
+ "0123456789abcdefghijklmnopqrstuvwxyz"
|
||||
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"},
|
||||
+ {NULL, NULL}
|
||||
+};
|
||||
+
|
||||
+#define which tests[0]
|
||||
+
|
||||
+static volatile sig_atomic_t running;
|
||||
+
|
||||
+static void handle_timer(int signum)
|
||||
+{
|
||||
+ running = 0;
|
||||
+}
|
||||
+
|
||||
+static void *run(void *arg)
|
||||
+{
|
||||
+ unsigned long count = 0;
|
||||
+ int i = 0;
|
||||
+ void *data = NULL;
|
||||
+ int size = 0x12345678;
|
||||
+
|
||||
+ do {
|
||||
+ if (strcmp(crypt_ra(tests[i].pw, tests[i].hash, &data, &size),
|
||||
+ tests[i].hash)) {
|
||||
+ printf("%d: FAILED (crypt_ra/%d/%lu)\n",
|
||||
+ (char *)arg - (char *)0, i, count);
|
||||
+ free(data);
|
||||
+ return NULL;
|
||||
+ }
|
||||
+ if (!tests[++i].hash) i = 0;
|
||||
+ count++;
|
||||
+ } while (running);
|
||||
+
|
||||
+ free(data);
|
||||
+ return count + (char *)0;
|
||||
+}
|
||||
+
|
||||
+int main(void)
|
||||
+{
|
||||
+ struct itimerval it;
|
||||
+ struct tms buf;
|
||||
+ clock_t start_real, start_virtual, end_real, end_virtual;
|
||||
+ unsigned long count;
|
||||
+ void *data;
|
||||
+ int size;
|
||||
+ char *setting1, *setting2;
|
||||
+ int i;
|
||||
+#ifdef TEST_THREADS
|
||||
+ pthread_t t[TEST_THREADS];
|
||||
+ void *t_retval;
|
||||
+#endif
|
||||
+
|
||||
+ for (i = 0; tests[i].hash; i++)
|
||||
+ if (strcmp(crypt(tests[i].pw, tests[i].hash), tests[i].hash)) {
|
||||
+ printf("FAILED (crypt/%d)\n", i);
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ data = NULL;
|
||||
+ size = 0x12345678;
|
||||
+ for (i = 0; tests[i].hash; i++)
|
||||
+ if (strcmp(crypt_ra(tests[i].pw, tests[i].hash, &data, &size),
|
||||
+ tests[i].hash)) {
|
||||
+ printf("FAILED (crypt_ra/%d)\n", i);
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ setting1 = crypt_gensalt(which.hash, 12, data, size);
|
||||
+ if (!setting1 || strncmp(setting1, "$2a$12$", 7)) {
|
||||
+ puts("FAILED (crypt_gensalt)\n");
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ setting2 = crypt_gensalt_ra(setting1, 12, data, size);
|
||||
+ if (strcmp(setting1, setting2)) {
|
||||
+ puts("FAILED (crypt_gensalt_ra/1)\n");
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ (*(char *)data)++;
|
||||
+ setting1 = crypt_gensalt_ra(setting2, 12, data, size);
|
||||
+ if (!strcmp(setting1, setting2)) {
|
||||
+ puts("FAILED (crypt_gensalt_ra/2)\n");
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ free(setting1);
|
||||
+ free(setting2);
|
||||
+ free(data);
|
||||
+
|
||||
+ running = 1;
|
||||
+ signal(SIGALRM, handle_timer);
|
||||
+
|
||||
+ memset(&it, 0, sizeof(it));
|
||||
+ it.it_value.tv_sec = 5;
|
||||
+ setitimer(ITIMER_REAL, &it, NULL);
|
||||
+
|
||||
+ start_real = times(&buf);
|
||||
+ start_virtual = buf.tms_utime + buf.tms_stime;
|
||||
+
|
||||
+ count = (char *)run((char *)0) - (char *)0;
|
||||
+
|
||||
+ end_real = times(&buf);
|
||||
+ end_virtual = buf.tms_utime + buf.tms_stime;
|
||||
+ if (end_virtual == start_virtual) end_virtual++;
|
||||
+
|
||||
+ printf("%.1f c/s real, %.1f c/s virtual\n",
|
||||
+ (float)count * CLK_TCK / (end_real - start_real),
|
||||
+ (float)count * CLK_TCK / (end_virtual - start_virtual));
|
||||
+
|
||||
+#ifdef TEST_THREADS
|
||||
+ running = 1;
|
||||
+ it.it_value.tv_sec = 60;
|
||||
+ setitimer(ITIMER_REAL, &it, NULL);
|
||||
+ start_real = times(&buf);
|
||||
+
|
||||
+ for (i = 0; i < TEST_THREADS; i++)
|
||||
+ if (pthread_create(&t[i], NULL, run, i + (char *)0)) {
|
||||
+ perror("pthread_create");
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ for (i = 0; i < TEST_THREADS; i++) {
|
||||
+ if (pthread_join(t[i], &t_retval)) {
|
||||
+ perror("pthread_join");
|
||||
+ continue;
|
||||
+ }
|
||||
+ if (!t_retval) continue;
|
||||
+ count = (char *)t_retval - (char *)0;
|
||||
+ end_real = times(&buf);
|
||||
+ printf("%d: %.1f c/s real\n", i,
|
||||
+ (float)count * CLK_TCK / (end_real - start_real));
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+#endif
|
||||
diff --git a/crypt/Makefile b/crypt/Makefile
|
||||
index b9c8797..6c51263 100644
|
||||
--- crypt/Makefile
|
||||
+++ crypt/Makefile
|
||||
@@ -27,7 +27,7 @@ extra-libs := libcrypt
|
||||
extra-libs-others := $(extra-libs)
|
||||
|
||||
libcrypt-routines := crypt-entry md5-crypt sha256-crypt sha512-crypt crypt \
|
||||
- crypt_util
|
||||
+ crypt_util crypt_blowfish
|
||||
|
||||
tests := cert md5c-test sha256c-test sha512c-test
|
||||
|
||||
diff --git a/crypt/crypt-entry.c b/crypt/crypt-entry.c
|
||||
index fdddad2..6e6ba58 100644
|
||||
--- crypt/crypt-entry.c
|
||||
+++ crypt/crypt-entry.c
|
||||
@@ -61,6 +61,8 @@ extern char *__sha256_crypt (const char *key, const char *salt);
|
||||
extern char *__sha512_crypt_r (const char *key, const char *salt,
|
||||
char *buffer, int buflen);
|
||||
extern char *__sha512_crypt (const char *key, const char *salt);
|
||||
+extern char *_crypt_blowfish_rn (const char *key, const char *setting,
|
||||
+ char *output, int size);
|
||||
#endif
|
||||
|
||||
/* Define our magic string to mark salt for MD5 encryption
|
||||
@@ -74,6 +76,9 @@ static const char sha256_salt_prefix[] = "$5$";
|
||||
/* Magic string for SHA512 encryption. */
|
||||
static const char sha512_salt_prefix[] = "$6$";
|
||||
|
||||
+/* Magic string for Blowfish encryption. */
|
||||
+static const char blowfish_salt_prefix[] = "$2a$";
|
||||
+
|
||||
/* For use by the old, non-reentrant routines (crypt/encrypt/setkey) */
|
||||
extern struct crypt_data _ufc_foobar;
|
||||
|
||||
@@ -106,6 +111,11 @@ __crypt_r (key, salt, data)
|
||||
if (strncmp (sha512_salt_prefix, salt, sizeof (sha512_salt_prefix) - 1) == 0)
|
||||
return __sha512_crypt_r (key, salt, (char *) data,
|
||||
sizeof (struct crypt_data));
|
||||
+
|
||||
+ /* Try to find out whether we have to use Blowfish encryption replacement. */
|
||||
+ if (strncmp (blowfish_salt_prefix, salt, sizeof (blowfish_salt_prefix) - 1) == 0)
|
||||
+ return _crypt_blowfish_rn (key, salt, (char *) data,
|
||||
+ sizeof (struct crypt_data));
|
||||
#endif
|
||||
|
||||
/*
|
@ -1,105 +0,0 @@
|
||||
--- crypt/crypt-entry.c 2001-07-06 09:37:47.000000000 +0200
|
||||
+++ crypt/crypt-entry.c 2003-10-01 11:23:27.000000000 +0200
|
||||
@@ -70,7 +70,7 @@
|
||||
*/
|
||||
|
||||
char *
|
||||
-__crypt_r (key, salt, data)
|
||||
+__des_crypt_r (key, salt, data)
|
||||
const char *key;
|
||||
const char *salt;
|
||||
struct crypt_data * __restrict data;
|
||||
@@ -115,6 +115,7 @@
|
||||
_ufc_output_conversion_r (res[0], res[1], salt, data);
|
||||
return data->crypt_3_buf;
|
||||
}
|
||||
+#if 0
|
||||
weak_alias (__crypt_r, crypt_r)
|
||||
|
||||
char *
|
||||
@@ -147,3 +148,4 @@
|
||||
return crypt (key, salt);
|
||||
}
|
||||
#endif
|
||||
+#endif
|
||||
--- crypt/crypt-private.h 2001-07-06 09:37:47.000000000 +0200
|
||||
+++ crypt/crypt-private.h 2003-10-01 11:23:27.000000000 +0200
|
||||
@@ -55,6 +55,8 @@
|
||||
/* crypt-entry.c */
|
||||
extern char *__crypt_r (__const char *__key, __const char *__salt,
|
||||
struct crypt_data * __restrict __data);
|
||||
+extern char *__des_crypt_r (__const char *__key, __const char *__salt,
|
||||
+ struct crypt_data * __restrict __data);
|
||||
extern char *fcrypt (__const char *key, __const char *salt);
|
||||
|
||||
#endif /* crypt-private.h */
|
||||
--- crypt/Makefile~ 2007-11-06 05:27:13.635014000 +0100
|
||||
+++ crypt/Makefile 2007-11-06 05:27:27.500142000 +0100
|
||||
@@ -27,7 +27,7 @@
|
||||
extra-libs-others := $(extra-libs)
|
||||
|
||||
libcrypt-routines := crypt-entry md5-crypt sha256-crypt sha512-crypt crypt \
|
||||
- crypt_util
|
||||
+ crypt_util crypt_blowfish crypt_gensalt wrapper
|
||||
|
||||
tests := cert md5c-test sha256c-test sha512c-test
|
||||
|
||||
--- crypt/ow-crypt.h 2001-05-01 13:14:31.000000000 +0200
|
||||
+++ crypt/ow-crypt.h 2003-10-01 11:23:27.000000000 +0200
|
||||
@@ -13,12 +13,6 @@
|
||||
#define __CONST
|
||||
#endif
|
||||
|
||||
-#ifndef __SKIP_GNU
|
||||
-extern char *crypt(__CONST char *key, __CONST char *setting);
|
||||
-extern char *crypt_r(__CONST char *key, __CONST char *setting, void *data);
|
||||
-#endif
|
||||
-
|
||||
-#ifndef __SKIP_OW
|
||||
extern char *crypt_rn(__CONST char *key, __CONST char *setting,
|
||||
void *data, int size);
|
||||
extern char *crypt_ra(__CONST char *key, __CONST char *setting,
|
||||
@@ -29,6 +23,5 @@
|
||||
__CONST char *input, int size, char *output, int output_size);
|
||||
extern char *crypt_gensalt_ra(__CONST char *prefix, unsigned long count,
|
||||
__CONST char *input, int size);
|
||||
-#endif
|
||||
|
||||
#endif
|
||||
--- crypt/wrapper.c 2002-11-08 01:26:31.000000000 +0100
|
||||
+++ crypt/wrapper.c 2003-10-01 11:59:03.000000000 +0200
|
||||
@@ -45,12 +45,11 @@
|
||||
#if defined(__GLIBC__) && defined(_LIBC)
|
||||
/* crypt.h from glibc-crypt-2.1 will define struct crypt_data for us */
|
||||
#include "crypt.h"
|
||||
+#include "ufc-crypt.h"
|
||||
+#include "crypt-private.h"
|
||||
+
|
||||
extern char *__md5_crypt_r(const char *key, const char *salt,
|
||||
char *buffer, int buflen);
|
||||
-/* crypt-entry.c needs to be patched to define __des_crypt_r rather than
|
||||
- * __crypt_r, and not define crypt_r and crypt at all */
|
||||
-extern char *__des_crypt_r(const char *key, const char *salt,
|
||||
- struct crypt_data *data);
|
||||
extern struct crypt_data _ufc_foobar;
|
||||
#endif
|
||||
|
||||
@@ -266,6 +264,7 @@
|
||||
weak_alias(__crypt_ra, crypt_ra)
|
||||
weak_alias(__crypt_r, crypt_r)
|
||||
weak_alias(__crypt, crypt)
|
||||
+weak_alias(__crypt, fcrypt)
|
||||
weak_alias(__crypt_gensalt_rn, crypt_gensalt_rn)
|
||||
weak_alias(__crypt_gensalt_ra, crypt_gensalt_ra)
|
||||
weak_alias(__crypt_gensalt, crypt_gensalt)
|
||||
--- crypt/crypt_blowfish.c
|
||||
+++ crypt/crypt_blowfish.c 2005/04/28 10:59:24
|
||||
@@ -45,7 +45,7 @@
|
||||
#endif
|
||||
|
||||
#ifdef __i386__
|
||||
-#define BF_ASM 1
|
||||
+#define BF_ASM 0
|
||||
#define BF_SCALE 1
|
||||
#elif defined(__alpha__) || defined(__hppa__)
|
||||
#define BF_ASM 0
|
@ -1,3 +1,5 @@
|
||||
http://sources.redhat.com/bugzilla/show_bug.cgi?id=6693
|
||||
|
||||
Index: sysdeps/unix/sysv/linux/x86_64/clone.S
|
||||
===================================================================
|
||||
RCS file: /cvs/glibc/libc/sysdeps/unix/sysv/linux/x86_64/clone.S,v
|
||||
|
136
glibc-nscd-assert.diff
Normal file
136
glibc-nscd-assert.diff
Normal file
@ -0,0 +1,136 @@
|
||||
2009-08-18 Anders Johansson <ajohansson@novell.com>
|
||||
|
||||
* nscd/aicache.c: Fix mixing up dataset and dataset->resp
|
||||
offsets and record sizes in assert()s and response sending.
|
||||
* nscd/grpcache.c: Likewise.
|
||||
* nscd/hstcache.c: Likewise.
|
||||
* nscd/initgrcache.c: Likewise.
|
||||
* nscd/pwdcache.c: Likewise.
|
||||
|
||||
diff -ur glibc-2.4.orig/nscd/aicache.c glibc-2.4/nscd/aicache.c
|
||||
--- nscd/aicache.c 2009-06-18 14:20:53.000000000 +0200
|
||||
+++ nscd/aicache.c 2009-06-18 14:21:20.000000000 +0200
|
||||
@@ -450,6 +450,6 @@
|
||||
{
|
||||
assert (db->wr_fd != -1);
|
||||
assert ((char *) &dataset->resp > (char *) db->data);
|
||||
- assert ((char *) &dataset->resp - (char *) db->head + total
|
||||
+ assert ((char *) dataset - (char *) db->head + total
|
||||
<= (sizeof (struct database_pers_head)
|
||||
+ db->head->module * sizeof (ref_t)
|
||||
@@ -458,6 +458,6 @@
|
||||
ssize_t written;
|
||||
written = sendfileall (fd, db->wr_fd, (char *) &dataset->resp
|
||||
- - (char *) db->head, total);
|
||||
+ - (char *) db->head, dataset->head.recsize);
|
||||
# ifndef __ASSUME_SENDFILE
|
||||
if (written == -1 && errno == ENOSYS)
|
||||
goto use_write;
|
||||
@@ -469,7 +469,7 @@
|
||||
use_write:
|
||||
# endif
|
||||
#endif
|
||||
- writeall (fd, &dataset->resp, total);
|
||||
+ writeall (fd, &dataset->resp, dataset->head.recsize);
|
||||
}
|
||||
|
||||
goto out;
|
||||
diff -ur glibc-2.4.orig/nscd/grpcache.c glibc-2.4/nscd/grpcache.c
|
||||
--- nscd/grpcache.c 2009-06-18 14:20:53.000000000 +0200
|
||||
+++ nscd/grpcache.c 2009-06-18 14:21:20.000000000 +0200
|
||||
@@ -317,14 +317,14 @@
|
||||
{
|
||||
assert (db->wr_fd != -1);
|
||||
assert ((char *) &dataset->resp > (char *) db->data);
|
||||
- assert ((char *) &dataset->resp - (char *) db->head
|
||||
+ assert ((char *) dataset - (char *) db->head
|
||||
+ total
|
||||
<= (sizeof (struct database_pers_head)
|
||||
+ db->head->module * sizeof (ref_t)
|
||||
+ db->head->data_size));
|
||||
written = sendfileall (fd, db->wr_fd,
|
||||
(char *) &dataset->resp
|
||||
- - (char *) db->head, total);
|
||||
+ - (char *) db->head, dataset->head.recsize);
|
||||
# ifndef __ASSUME_SENDFILE
|
||||
if (written == -1 && errno == ENOSYS)
|
||||
goto use_write;
|
||||
@@ -335,7 +335,7 @@
|
||||
use_write:
|
||||
# endif
|
||||
#endif
|
||||
- written = writeall (fd, &dataset->resp, total);
|
||||
+ written = writeall (fd, &dataset->resp, dataset->head.recsize);
|
||||
}
|
||||
|
||||
/* Add the record to the database. But only if it has not been
|
||||
diff -ur glibc-2.4.orig/nscd/hstcache.c glibc-2.4/nscd/hstcache.c
|
||||
--- nscd/hstcache.c 2009-06-18 14:20:53.000000000 +0200
|
||||
+++ nscd/hstcache.c 2009-06-18 14:22:22.000000000 +0200
|
||||
@@ -365,7 +365,7 @@
|
||||
{
|
||||
assert (db->wr_fd != -1);
|
||||
assert ((char *) &dataset->resp > (char *) db->data);
|
||||
- assert ((char *) &dataset->resp - (char *) db->head
|
||||
+ assert ((char *) dataset - (char *) db->head
|
||||
+ total
|
||||
<= (sizeof (struct database_pers_head)
|
||||
+ db->head->module * sizeof (ref_t)
|
||||
diff -ur glibc-2.4.orig/nscd/initgrcache.c glibc-2.4/nscd/initgrcache.c
|
||||
--- nscd/initgrcache.c 2009-06-18 14:20:53.000000000 +0200
|
||||
+++ nscd/initgrcache.c 2009-06-18 14:21:20.000000000 +0200
|
||||
@@ -367,14 +367,14 @@
|
||||
{
|
||||
assert (db->wr_fd != -1);
|
||||
assert ((char *) &dataset->resp > (char *) db->data);
|
||||
- assert ((char *) &dataset->resp - (char *) db->head
|
||||
+ assert ((char *) dataset - (char *) db->head
|
||||
+ total
|
||||
<= (sizeof (struct database_pers_head)
|
||||
+ db->head->module * sizeof (ref_t)
|
||||
+ db->head->data_size));
|
||||
written = sendfileall (fd, db->wr_fd,
|
||||
(char *) &dataset->resp
|
||||
- - (char *) db->head, total);
|
||||
+ - (char *) db->head, dataset->head.recsize);
|
||||
# ifndef __ASSUME_SENDFILE
|
||||
if (written == -1 && errno == ENOSYS)
|
||||
goto use_write;
|
||||
@@ -385,7 +385,7 @@
|
||||
use_write:
|
||||
# endif
|
||||
#endif
|
||||
- written = writeall (fd, &dataset->resp, total);
|
||||
+ written = writeall (fd, &dataset->resp, dataset->head.recsize);
|
||||
}
|
||||
|
||||
|
||||
diff -ur glibc-2.4.orig/nscd/pwdcache.c glibc-2.4/nscd/pwdcache.c
|
||||
--- nscd/pwdcache.c 2009-06-18 14:20:53.000000000 +0200
|
||||
+++ nscd/pwdcache.c 2009-06-18 14:21:20.000000000 +0200
|
||||
@@ -311,14 +311,14 @@
|
||||
{
|
||||
assert (db->wr_fd != -1);
|
||||
assert ((char *) &dataset->resp > (char *) db->data);
|
||||
- assert ((char *) &dataset->resp - (char *) db->head
|
||||
+ assert ((char *) dataset - (char *) db->head
|
||||
+ total
|
||||
<= (sizeof (struct database_pers_head)
|
||||
+ db->head->module * sizeof (ref_t)
|
||||
+ db->head->data_size));
|
||||
written = sendfileall (fd, db->wr_fd,
|
||||
(char *) &dataset->resp
|
||||
- - (char *) db->head, total);
|
||||
+ - (char *) db->head, dataset->head.recsize );
|
||||
# ifndef __ASSUME_SENDFILE
|
||||
if (written == -1 && errno == ENOSYS)
|
||||
goto use_write;
|
||||
@@ -329,7 +329,7 @@
|
||||
use_write:
|
||||
# endif
|
||||
#endif
|
||||
- written = writeall (fd, &dataset->resp, total);
|
||||
+ written = writeall (fd, &dataset->resp, dataset->head.recsize);
|
||||
}
|
||||
|
||||
|
16
glibc-utmp-timeout-raise.diff
Normal file
16
glibc-utmp-timeout-raise.diff
Normal file
@ -0,0 +1,16 @@
|
||||
On extremely loaded systems, the default timeout may not be enough and some
|
||||
entries may not appear in the utmp log. With 30s login delay, the system
|
||||
should still stay usable for repair in case the utmp locking somehow breaks
|
||||
down.
|
||||
|
||||
--- login/utmp_file.c~ 2009-06-16 12:36:31.000000000 +0200
|
||||
+++ login/utmp_file.c 2009-06-16 12:36:33.000000000 +0200
|
||||
@@ -42,7 +42,7 @@
|
||||
|
||||
/* Locking timeout. */
|
||||
#ifndef TIMEOUT
|
||||
-# define TIMEOUT 1
|
||||
+# define TIMEOUT 30
|
||||
#endif
|
||||
|
||||
/* Do-nothing handler for locking timeout. */
|
@ -1,3 +1,14 @@
|
||||
-------------------------------------------------------------------
|
||||
Sat Sep 5 23:19:51 CEST 2009 - pbaudis@suse.cz
|
||||
|
||||
- Raise utmp locking timeout from 1s to 30s to ensure logins get recorded
|
||||
even on heavily loaded systems [bnc#486631]
|
||||
- Fix invalid pointer handling in some nscd assertions and the code to send
|
||||
data to the client [bnc#513617]
|
||||
- Radically trim down the Blowfish support patch - keeps only crypt_blowfish
|
||||
from the original OWL patch, but does the rest within the current glibc
|
||||
crypt infrastructure [bnc#529495]
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Aug 26 12:53:54 CEST 2009 - mls@suse.de
|
||||
|
||||
|
10
glibc.spec
10
glibc.spec
@ -69,7 +69,7 @@ Obsoletes: glibc-32bit
|
||||
Provides: rtld(GNU_HASH)
|
||||
AutoReqProv: on
|
||||
Version: 2.10.1
|
||||
Release: 6
|
||||
Release: 7
|
||||
Url: http://www.gnu.org/software/libc/libc.html
|
||||
PreReq: filesystem
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
@ -97,8 +97,7 @@ Patch1: glibc-2.3.90-noversion.diff
|
||||
Patch2: glibc-2.3.90-fnmatch.diff
|
||||
Patch3: resolv.dynamic.diff
|
||||
Patch4: glibc-2.3.locales.diff.bz2
|
||||
Patch5: crypt_blowfish-1.0.diff
|
||||
Patch6: crypt_blowfish-glibc-2.3.diff
|
||||
Patch5: crypt_blowfish-1.0-suse.diff
|
||||
Patch7: glibc-version.diff
|
||||
Patch8: glibc-2.4.90-revert-only-euro.diff
|
||||
Patch9: glibc-2.3-regcomp.diff
|
||||
@ -138,6 +137,8 @@ Patch44: glibc-cpusetsize.diff
|
||||
Patch45: glibc-nis-splitgroups.diff
|
||||
Patch46: glibc-2.10-mcheck-free-race.diff
|
||||
Patch47: glibc-2.10.99-ia64-include.diff
|
||||
Patch48: glibc-utmp-timeout-raise.diff
|
||||
Patch49: glibc-nscd-assert.diff
|
||||
Patch500: ARM_glibc-2.10.1-local-eabi-wchar.diff
|
||||
Patch501: ARM_glibc-2.10.1-local-hwcap-updates.diff
|
||||
Patch502: ARM_glibc-2.10.1-local-lowlevellock.diff
|
||||
@ -301,7 +302,6 @@ versions of your software.
|
||||
%patch3
|
||||
%patch4
|
||||
%patch5
|
||||
%patch6
|
||||
%patch7
|
||||
%patch8
|
||||
%patch9
|
||||
@ -343,6 +343,8 @@ rm sysdeps/x86_64/fpu/s_sincos.S
|
||||
%patch45
|
||||
%patch46
|
||||
%patch47
|
||||
%patch48
|
||||
%patch49
|
||||
%ifarch %arm armv5tel armv7l
|
||||
%patch500
|
||||
%patch501
|
||||
|
Loading…
Reference in New Issue
Block a user