Accepting request 20011 from Base:System

Copy from Base:System/glibc based on submit request 20011 from user pbaudis

OBS-URL: https://build.opensuse.org/request/show/20011
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/glibc?expand=0&rev=9

crypt_blowfish-1.0-suse.diff

@@ -49,7 +49,7 @@ diff -ruN crypt-/crypt_blowfish.c crypt/crypt_blowfish.c
 +#endif
 +
 +#ifdef __i386__
-+#define BF_ASM				1
++#define BF_ASM				0 /* original OW patch has 1 */
 +#define BF_SCALE			1
 +#elif defined(__alpha__) || defined(__hppa__)
 +#define BF_ASM				0
@@ -745,586 +745,51 @@ diff -ruN crypt-/crypt_blowfish.c crypt/crypt_blowfish.c
 +
 +	return output;
 +}
-diff -ruN crypt-/crypt_gensalt.c crypt/crypt_gensalt.c
+diff --git a/crypt/Makefile b/crypt/Makefile
---- crypt-/crypt_gensalt.c	1970-01-01 01:00:00.000000000 +0100
+index b9c8797..6c51263 100644
-+++ crypt/crypt_gensalt.c	2006-09-20 20:56:59.000000000 +0200
+--- crypt/Makefile
-@@ -0,0 +1,111 @@
++++ crypt/Makefile
-+/*
+@@ -27,7 +27,7 @@ extra-libs := libcrypt
-+ * Written by Solar Designer and placed in the public domain.
+ extra-libs-others := $(extra-libs)
-+ * See crypt_blowfish.c for more information.
+ 
-+ *
+ libcrypt-routines := crypt-entry md5-crypt sha256-crypt sha512-crypt crypt \
-+ * This file contains salt generation functions for the traditional and
+-		     crypt_util
-+ * other common crypt(3) algorithms, except for bcrypt which is defined
++		     crypt_util crypt_blowfish
-+ * entirely in crypt_blowfish.c.
+ 
-+ */
+ tests := cert md5c-test sha256c-test sha512c-test
-+
+ 
-+#include <string.h>
+diff --git a/crypt/crypt-entry.c b/crypt/crypt-entry.c
-+
+index fdddad2..6e6ba58 100644
-+#include <errno.h>
+--- crypt/crypt-entry.c
-+#ifndef __set_errno
++++ crypt/crypt-entry.c
-+#define __set_errno(val) errno = (val)
+@@ -61,6 +61,8 @@ extern char *__sha256_crypt (const char *key, const char *salt);
-+#endif
+ extern char *__sha512_crypt_r (const char *key, const char *salt,
-+
+ 			       char *buffer, int buflen);
-+#undef __CONST
+ extern char *__sha512_crypt (const char *key, const char *salt);
-+#ifdef __GNUC__
++extern char *_crypt_blowfish_rn (const char *key, const char *setting,
-+#define __CONST __const
-+#else
-+#define __CONST
-+#endif
-+
-+unsigned char _crypt_itoa64[64 + 1] =
-+	"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
-+
-+char *_crypt_gensalt_traditional_rn(unsigned long count,
-+	__CONST char *input, int size, char *output, int output_size)
-+{
-+	if (size < 2 || output_size < 2 + 1 || (count && count != 25)) {
-+		if (output_size > 0) output[0] = '\0';
-+		__set_errno((output_size < 2 + 1) ? ERANGE : EINVAL);
-+		return NULL;
-+	}
-+
-+	output[0] = _crypt_itoa64[(unsigned int)input[0] & 0x3f];
-+	output[1] = _crypt_itoa64[(unsigned int)input[1] & 0x3f];
-+	output[2] = '\0';
-+
-+	return output;
-+}
-+
-+char *_crypt_gensalt_extended_rn(unsigned long count,
-+	__CONST char *input, int size, char *output, int output_size)
-+{
-+	unsigned long value;
-+
-+/* Even iteration counts make it easier to detect weak DES keys from a look
-+ * at the hash, so they should be avoided */
-+	if (size < 3 || output_size < 1 + 4 + 4 + 1 ||
-+	    (count && (count > 0xffffff || !(count & 1)))) {
-+		if (output_size > 0) output[0] = '\0';
-+		__set_errno((output_size < 1 + 4 + 4 + 1) ? ERANGE : EINVAL);
-+		return NULL;
-+	}
-+
-+	if (!count) count = 725;
-+
-+	output[0] = '_';
-+	output[1] = _crypt_itoa64[count & 0x3f];
-+	output[2] = _crypt_itoa64[(count >> 6) & 0x3f];
-+	output[3] = _crypt_itoa64[(count >> 12) & 0x3f];
-+	output[4] = _crypt_itoa64[(count >> 18) & 0x3f];
-+	value = (unsigned long)(unsigned char)input[0] |
-+		((unsigned long)(unsigned char)input[1] << 8) |
-+		((unsigned long)(unsigned char)input[2] << 16);
-+	output[5] = _crypt_itoa64[value & 0x3f];
-+	output[6] = _crypt_itoa64[(value >> 6) & 0x3f];
-+	output[7] = _crypt_itoa64[(value >> 12) & 0x3f];
-+	output[8] = _crypt_itoa64[(value >> 18) & 0x3f];
-+	output[9] = '\0';
-+
-+	return output;
-+}
-+
-+char *_crypt_gensalt_md5_rn(unsigned long count,
-+	__CONST char *input, int size, char *output, int output_size)
-+{
-+	unsigned long value;
-+
-+	if (size < 3 || output_size < 3 + 4 + 1 || (count && count != 1000)) {
-+		if (output_size > 0) output[0] = '\0';
-+		__set_errno((output_size < 3 + 4 + 1) ? ERANGE : EINVAL);
-+		return NULL;
-+	}
-+
-+	output[0] = '$';
-+	output[1] = '1';
-+	output[2] = '$';
-+	value = (unsigned long)(unsigned char)input[0] |
-+		((unsigned long)(unsigned char)input[1] << 8) |
-+		((unsigned long)(unsigned char)input[2] << 16);
-+	output[3] = _crypt_itoa64[value & 0x3f];
-+	output[4] = _crypt_itoa64[(value >> 6) & 0x3f];
-+	output[5] = _crypt_itoa64[(value >> 12) & 0x3f];
-+	output[6] = _crypt_itoa64[(value >> 18) & 0x3f];
-+	output[7] = '\0';
-+
-+	if (size >= 6 && output_size >= 3 + 4 + 4 + 1) {
-+		value = (unsigned long)(unsigned char)input[3] |
-+			((unsigned long)(unsigned char)input[4] << 8) |
-+			((unsigned long)(unsigned char)input[5] << 16);
-+		output[7] = _crypt_itoa64[value & 0x3f];
-+		output[8] = _crypt_itoa64[(value >> 6) & 0x3f];
-+		output[9] = _crypt_itoa64[(value >> 12) & 0x3f];
-+		output[10] = _crypt_itoa64[(value >> 18) & 0x3f];
-+		output[11] = '\0';
-+	}
-+
-+	return output;
-+}
-diff -ruN crypt-/ow-crypt.h crypt/ow-crypt.h
---- crypt-/ow-crypt.h	1970-01-01 01:00:00.000000000 +0100
-+++ crypt/ow-crypt.h	2006-09-20 20:56:59.000000000 +0200
-@@ -0,0 +1,34 @@
-+/*
-+ * Written by Solar Designer and placed in the public domain.
-+ * See crypt_blowfish.c for more information.
-+ */
-+
-+#ifndef _OW_CRYPT_H
-+#define _OW_CRYPT_H
-+
-+#undef __CONST
-+#ifdef __GNUC__
-+#define __CONST __const
-+#else
-+#define __CONST
-+#endif
-+
-+#ifndef __SKIP_GNU
-+extern char *crypt(__CONST char *key, __CONST char *setting);
-+extern char *crypt_r(__CONST char *key, __CONST char *setting, void *data);
-+#endif
-+
-+#ifndef __SKIP_OW
-+extern char *crypt_rn(__CONST char *key, __CONST char *setting,
-+	void *data, int size);
-+extern char *crypt_ra(__CONST char *key, __CONST char *setting,
-+	void **data, int *size);
-+extern char *crypt_gensalt(__CONST char *prefix, unsigned long count,
-+	__CONST char *input, int size);
-+extern char *crypt_gensalt_rn(__CONST char *prefix, unsigned long count,
-+	__CONST char *input, int size, char *output, int output_size);
-+extern char *crypt_gensalt_ra(__CONST char *prefix, unsigned long count,
-+	__CONST char *input, int size);
-+#endif
-+
-+#endif
-diff -ruN crypt-/wrapper.c crypt/wrapper.c
---- crypt-/wrapper.c	1970-01-01 01:00:00.000000000 +0100
-+++ crypt/wrapper.c	2006-09-20 20:56:59.000000000 +0200
-@@ -0,0 +1,426 @@
-+/*
-+ * Written by Solar Designer and placed in the public domain.
-+ * See crypt_blowfish.c for more information.
-+ */
-+
-+#include <stdlib.h>
-+#include <string.h>
-+
-+#include <errno.h>
-+#ifndef __set_errno
-+#define __set_errno(val) errno = (val)
-+#endif
-+
-+#ifdef TEST
-+#include <stdio.h>
-+#include <signal.h>
-+#include <time.h>
-+#include <sys/time.h>
-+#include <sys/times.h>
-+#ifdef TEST_THREADS
-+#include <pthread.h>
-+#endif
-+#endif
-+
-+#define CRYPT_OUTPUT_SIZE		(7 + 22 + 31 + 1)
-+#define CRYPT_GENSALT_OUTPUT_SIZE	(7 + 22 + 1)
-+
-+#if defined(__GLIBC__) && defined(_LIBC)
-+#define __SKIP_GNU
-+#endif
-+#include "ow-crypt.h"
-+
-+extern char *_crypt_blowfish_rn(__CONST char *key, __CONST char *setting,
 +				 char *output, int size);
-+extern char *_crypt_gensalt_blowfish_rn(unsigned long count,
+ #endif
-+	__CONST char *input, int size, char *output, int output_size);
+ 
+ /* Define our magic string to mark salt for MD5 encryption
+@@ -74,6 +76,9 @@ static const char sha256_salt_prefix[] = "$5$";
+ /* Magic string for SHA512 encryption.  */
+ static const char sha512_salt_prefix[] = "$6$";
+ 
++/* Magic string for Blowfish encryption.  */
++static const char blowfish_salt_prefix[] = "$2a$";
 +
-+extern unsigned char _crypt_itoa64[];
+ /* For use by the old, non-reentrant routines (crypt/encrypt/setkey)  */
-+extern char *_crypt_gensalt_traditional_rn(unsigned long count,
+ extern struct crypt_data _ufc_foobar;
-+	__CONST char *input, int size, char *output, int output_size);
+ 
-+extern char *_crypt_gensalt_extended_rn(unsigned long count,
+@@ -106,6 +111,11 @@ __crypt_r (key, salt, data)
-+	__CONST char *input, int size, char *output, int output_size);
+   if (strncmp (sha512_salt_prefix, salt, sizeof (sha512_salt_prefix) - 1) == 0)
-+extern char *_crypt_gensalt_md5_rn(unsigned long count,
+     return __sha512_crypt_r (key, salt, (char *) data,
-+	__CONST char *input, int size, char *output, int output_size);
+ 			     sizeof (struct crypt_data));
 +
-+#if defined(__GLIBC__) && defined(_LIBC)
++  /* Try to find out whether we have to use Blowfish encryption replacement.  */
-+/* crypt.h from glibc-crypt-2.1 will define struct crypt_data for us */
++  if (strncmp (blowfish_salt_prefix, salt, sizeof (blowfish_salt_prefix) - 1) == 0)
-+#include "crypt.h"
++    return _crypt_blowfish_rn (key, salt, (char *) data,
-+extern char *__md5_crypt_r(const char *key, const char *salt,
++			     sizeof (struct crypt_data));
-+	char *buffer, int buflen);
+ #endif
-+/* crypt-entry.c needs to be patched to define __des_crypt_r rather than
+ 
-+ * __crypt_r, and not define crypt_r and crypt at all */
+   /*
-+extern char *__des_crypt_r(const char *key, const char *salt,
-+	struct crypt_data *data);
-+extern struct crypt_data _ufc_foobar;
-+#endif
-+
-+static int _crypt_data_alloc(void **data, int *size, int need)
-+{
-+	void *updated;
-+
-+	if (*data && *size >= need) return 0;
-+
-+	updated = realloc(*data, need);
-+
-+	if (!updated) {
-+#ifndef __GLIBC__
-+		/* realloc(3) on glibc sets errno, so we don't need to bother */
-+		__set_errno(ENOMEM);
-+#endif
-+		return -1;
-+	}
-+
-+#if defined(__GLIBC__) && defined(_LIBC)
-+	if (need >= sizeof(struct crypt_data))
-+		((struct crypt_data *)updated)->initialized = 0;
-+#endif
-+
-+	*data = updated;
-+	*size = need;
-+
-+	return 0;
-+}
-+
-+static char *_crypt_retval_magic(char *retval, __CONST char *setting,
-+	char *output)
-+{
-+	if (retval) return retval;
-+
-+	output[0] = '*';
-+	output[1] = '0';
-+	output[2] = '\0';
-+
-+	if (setting[0] == '*' && setting[1] == '0')
-+		output[1] = '1';
-+
-+	return output;
-+}
-+
-+#if defined(__GLIBC__) && defined(_LIBC)
-+/*
-+ * Applications may re-use the same instance of struct crypt_data without
-+ * resetting the initialized field in order to let crypt_r() skip some of
-+ * its initialization code. Thus, it is important that our multiple hashing
-+ * algorithms either don't conflict with each other in their use of the
-+ * data area or reset the initialized field themselves whenever required.
-+ * Currently, the hashing algorithms simply have no conflicts: the first
-+ * field of struct crypt_data is the 128-byte large DES key schedule which
-+ * __des_crypt_r() calculates each time it is called while the two other
-+ * hashing algorithms use less than 128 bytes of the data area.
-+ */
-+
-+char *__crypt_rn(__const char *key, __const char *setting,
-+	void *data, int size)
-+{
-+	if (setting[0] == '$' && setting[1] == '2')
-+		return _crypt_blowfish_rn(key, setting, (char *)data, size);
-+	if (setting[0] == '$' && setting[1] == '1')
-+		return __md5_crypt_r(key, setting, (char *)data, size);
-+	if (setting[0] == '$' || setting[0] == '_') {
-+		__set_errno(EINVAL);
-+		return NULL;
-+	}
-+	if (size >= sizeof(struct crypt_data))
-+		return __des_crypt_r(key, setting, (struct crypt_data *)data);
-+	__set_errno(ERANGE);
-+	return NULL;
-+}
-+
-+char *__crypt_ra(__const char *key, __const char *setting,
-+	void **data, int *size)
-+{
-+	if (setting[0] == '$' && setting[1] == '2') {
-+		if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE))
-+			return NULL;
-+		return _crypt_blowfish_rn(key, setting, (char *)*data, *size);
-+	}
-+	if (setting[0] == '$' && setting[1] == '1') {
-+		if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE))
-+			return NULL;
-+		return __md5_crypt_r(key, setting, (char *)*data, *size);
-+	}
-+	if (setting[0] == '$' || setting[0] == '_') {
-+		__set_errno(EINVAL);
-+		return NULL;
-+	}
-+	if (_crypt_data_alloc(data, size, sizeof(struct crypt_data)))
-+		return NULL;
-+	return __des_crypt_r(key, setting, (struct crypt_data *)*data);
-+}
-+
-+char *__crypt_r(__const char *key, __const char *setting,
-+	struct crypt_data *data)
-+{
-+	return _crypt_retval_magic(
-+		__crypt_rn(key, setting, data, sizeof(*data)),
-+		setting, (char *)data);
-+}
-+
-+char *__crypt(__const char *key, __const char *setting)
-+{
-+	return _crypt_retval_magic(
-+		__crypt_rn(key, setting, &_ufc_foobar, sizeof(_ufc_foobar)),
-+		setting, (char *)&_ufc_foobar);
-+}
-+#else
-+char *crypt_rn(__CONST char *key, __CONST char *setting, void *data, int size)
-+{
-+	return _crypt_blowfish_rn(key, setting, (char *)data, size);
-+}
-+
-+char *crypt_ra(__CONST char *key, __CONST char *setting,
-+	void **data, int *size)
-+{
-+	if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE))
-+		return NULL;
-+	return _crypt_blowfish_rn(key, setting, (char *)*data, *size);
-+}
-+
-+char *crypt_r(__CONST char *key, __CONST char *setting, void *data)
-+{
-+	return _crypt_retval_magic(
-+		crypt_rn(key, setting, data, CRYPT_OUTPUT_SIZE),
-+		setting, (char *)data);
-+}
-+
-+char *crypt(__CONST char *key, __CONST char *setting)
-+{
-+	static char output[CRYPT_OUTPUT_SIZE];
-+
-+	return _crypt_retval_magic(
-+		crypt_rn(key, setting, output, sizeof(output)),
-+		setting, output);
-+}
-+
-+#define __crypt_gensalt_rn crypt_gensalt_rn
-+#define __crypt_gensalt_ra crypt_gensalt_ra
-+#define __crypt_gensalt crypt_gensalt
-+#endif
-+
-+char *__crypt_gensalt_rn(__CONST char *prefix, unsigned long count,
-+	__CONST char *input, int size, char *output, int output_size)
-+{
-+	char *(*use)(unsigned long count,
-+		__CONST char *input, int size, char *output, int output_size);
-+
-+	/* This may be supported on some platforms in the future */
-+	if (!input) {
-+		__set_errno(EINVAL);
-+		return NULL;
-+	}
-+
-+	if (!strncmp(prefix, "$2a$", 4))
-+		use = _crypt_gensalt_blowfish_rn;
-+	else
-+	if (!strncmp(prefix, "$1$", 3))
-+		use = _crypt_gensalt_md5_rn;
-+	else
-+	if (prefix[0] == '_')
-+		use = _crypt_gensalt_extended_rn;
-+	else
-+	if (!prefix[0] ||
-+	    (prefix[0] && prefix[1] &&
-+	    memchr(_crypt_itoa64, prefix[0], 64) &&
-+	    memchr(_crypt_itoa64, prefix[1], 64)))
-+		use = _crypt_gensalt_traditional_rn;
-+	else {
-+		__set_errno(EINVAL);
-+		return NULL;
-+	}
-+
-+	return use(count, input, size, output, output_size);
-+}
-+
-+char *__crypt_gensalt_ra(__CONST char *prefix, unsigned long count,
-+	__CONST char *input, int size)
-+{
-+	char output[CRYPT_GENSALT_OUTPUT_SIZE];
-+	char *retval;
-+
-+	retval = __crypt_gensalt_rn(prefix, count,
-+		input, size, output, sizeof(output));
-+
-+	if (retval) {
-+		retval = strdup(retval);
-+#ifndef __GLIBC__
-+		/* strdup(3) on glibc sets errno, so we don't need to bother */
-+		if (!retval)
-+			__set_errno(ENOMEM);
-+#endif
-+	}
-+
-+	return retval;
-+}
-+
-+char *__crypt_gensalt(__CONST char *prefix, unsigned long count,
-+	__CONST char *input, int size)
-+{
-+	static char output[CRYPT_GENSALT_OUTPUT_SIZE];
-+
-+	return __crypt_gensalt_rn(prefix, count,
-+		input, size, output, sizeof(output));
-+}
-+
-+#if defined(__GLIBC__) && defined(_LIBC)
-+weak_alias(__crypt_rn, crypt_rn)
-+weak_alias(__crypt_ra, crypt_ra)
-+weak_alias(__crypt_r, crypt_r)
-+weak_alias(__crypt, crypt)
-+weak_alias(__crypt_gensalt_rn, crypt_gensalt_rn)
-+weak_alias(__crypt_gensalt_ra, crypt_gensalt_ra)
-+weak_alias(__crypt_gensalt, crypt_gensalt)
-+#endif
-+
-+#ifdef TEST
-+static struct {
-+	char *hash;
-+	char *pw;
-+} tests[] = {
-+	{"$2a$05$CCCCCCCCCCCCCCCCCCCCC.E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW",
-+		"U*U"},
-+	{"$2a$05$CCCCCCCCCCCCCCCCCCCCC.VGOzA784oUp/Z0DY336zx7pLYAy0lwK",
-+		"U*U*"},
-+	{"$2a$05$XXXXXXXXXXXXXXXXXXXXXOAcXxm9kjPGEMsLznoKqmqw7tc8WCx4a",
-+		"U*U*U"},
-+	{"$2a$05$CCCCCCCCCCCCCCCCCCCCC.7uG0VCzI2bS7j6ymqJi9CdcdxiRTWNy",
-+		""},
-+	{"$2a$05$abcdefghijklmnopqrstuu5s2v8.iXieOjg/.AySBTTZIIVFJeBui",
-+		"0123456789abcdefghijklmnopqrstuvwxyz"
-+		"ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"},
-+	{NULL, NULL}
-+};
-+
-+#define which				tests[0]
-+
-+static volatile sig_atomic_t running;
-+
-+static void handle_timer(int signum)
-+{
-+	running = 0;
-+}
-+
-+static void *run(void *arg)
-+{
-+	unsigned long count = 0;
-+	int i = 0;
-+	void *data = NULL;
-+	int size = 0x12345678;
-+
-+	do {
-+		if (strcmp(crypt_ra(tests[i].pw, tests[i].hash, &data, &size),
-+		    tests[i].hash)) {
-+			printf("%d: FAILED (crypt_ra/%d/%lu)\n",
-+				(char *)arg - (char *)0, i, count);
-+			free(data);
-+			return NULL;
-+		}
-+		if (!tests[++i].hash) i = 0;
-+		count++;
-+	} while (running);
-+
-+	free(data);
-+	return count + (char *)0;
-+}
-+
-+int main(void)
-+{
-+	struct itimerval it;
-+	struct tms buf;
-+	clock_t start_real, start_virtual, end_real, end_virtual;
-+	unsigned long count;
-+	void *data;
-+	int size;
-+	char *setting1, *setting2;
-+	int i;
-+#ifdef TEST_THREADS
-+	pthread_t t[TEST_THREADS];
-+	void *t_retval;
-+#endif
-+
-+	for (i = 0; tests[i].hash; i++)
-+	if (strcmp(crypt(tests[i].pw, tests[i].hash), tests[i].hash)) {
-+		printf("FAILED (crypt/%d)\n", i);
-+		return 1;
-+	}
-+
-+	data = NULL;
-+	size = 0x12345678;
-+	for (i = 0; tests[i].hash; i++)
-+	if (strcmp(crypt_ra(tests[i].pw, tests[i].hash, &data, &size),
-+	    tests[i].hash)) {
-+		printf("FAILED (crypt_ra/%d)\n", i);
-+		return 1;
-+	}
-+
-+	setting1 = crypt_gensalt(which.hash, 12, data, size);
-+	if (!setting1 || strncmp(setting1, "$2a$12$", 7)) {
-+		puts("FAILED (crypt_gensalt)\n");
-+		return 1;
-+	}
-+
-+	setting2 = crypt_gensalt_ra(setting1, 12, data, size);
-+	if (strcmp(setting1, setting2)) {
-+		puts("FAILED (crypt_gensalt_ra/1)\n");
-+		return 1;
-+	}
-+
-+	(*(char *)data)++;
-+	setting1 = crypt_gensalt_ra(setting2, 12, data, size);
-+	if (!strcmp(setting1, setting2)) {
-+		puts("FAILED (crypt_gensalt_ra/2)\n");
-+		return 1;
-+	}
-+
-+	free(setting1);
-+	free(setting2);
-+	free(data);
-+
-+	running = 1;
-+	signal(SIGALRM, handle_timer);
-+
-+	memset(&it, 0, sizeof(it));
-+	it.it_value.tv_sec = 5;
-+	setitimer(ITIMER_REAL, &it, NULL);
-+
-+	start_real = times(&buf);
-+	start_virtual = buf.tms_utime + buf.tms_stime;
-+
-+	count = (char *)run((char *)0) - (char *)0;
-+
-+	end_real = times(&buf);
-+	end_virtual = buf.tms_utime + buf.tms_stime;
-+	if (end_virtual == start_virtual) end_virtual++;
-+
-+	printf("%.1f c/s real, %.1f c/s virtual\n",
-+		(float)count * CLK_TCK / (end_real - start_real),
-+		(float)count * CLK_TCK / (end_virtual - start_virtual));
-+
-+#ifdef TEST_THREADS
-+	running = 1;
-+	it.it_value.tv_sec = 60;
-+	setitimer(ITIMER_REAL, &it, NULL);
-+	start_real = times(&buf);
-+
-+	for (i = 0; i < TEST_THREADS; i++)
-+	if (pthread_create(&t[i], NULL, run, i + (char *)0)) {
-+		perror("pthread_create");
-+		return 1;
-+	}
-+
-+	for (i = 0; i < TEST_THREADS; i++) {
-+		if (pthread_join(t[i], &t_retval)) {
-+			perror("pthread_join");
-+			continue;
-+		}
-+		if (!t_retval) continue;
-+		count = (char *)t_retval - (char *)0;
-+		end_real = times(&buf);
-+		printf("%d: %.1f c/s real\n", i,
-+			(float)count * CLK_TCK / (end_real - start_real));
-+	}
-+#endif
-+
-+	return 0;
-+}
-+#endif

crypt_blowfish-glibc-2.3.diff

@@ -1,105 +0,0 @@
---- crypt/crypt-entry.c	2001-07-06 09:37:47.000000000 +0200
-+++ crypt/crypt-entry.c	2003-10-01 11:23:27.000000000 +0200
-@@ -70,7 +70,7 @@
-  */
- 
- char *
--__crypt_r (key, salt, data)
-+__des_crypt_r (key, salt, data)
-      const char *key;
-      const char *salt;
-      struct crypt_data * __restrict data;
-@@ -115,6 +115,7 @@
-   _ufc_output_conversion_r (res[0], res[1], salt, data);
-   return data->crypt_3_buf;
- }
-+#if 0
- weak_alias (__crypt_r, crypt_r)
- 
- char *
-@@ -147,3 +148,4 @@
-   return crypt (key, salt);
- }
- #endif
-+#endif
---- crypt/crypt-private.h	2001-07-06 09:37:47.000000000 +0200
-+++ crypt/crypt-private.h	2003-10-01 11:23:27.000000000 +0200
-@@ -55,6 +55,8 @@
- /* crypt-entry.c */
- extern char *__crypt_r (__const char *__key, __const char *__salt,
- 			     struct crypt_data * __restrict __data);
-+extern char *__des_crypt_r (__const char *__key, __const char *__salt,
-+                             struct crypt_data * __restrict __data);
- extern char *fcrypt (__const char *key, __const char *salt);
- 
- #endif  /* crypt-private.h */
---- crypt/Makefile~	2007-11-06 05:27:13.635014000 +0100
-+++ crypt/Makefile	2007-11-06 05:27:27.500142000 +0100
-@@ -27,7 +27,7 @@
- extra-libs-others := $(extra-libs)
- 
- libcrypt-routines := crypt-entry md5-crypt sha256-crypt sha512-crypt crypt \
--		     crypt_util
-+		     crypt_util crypt_blowfish crypt_gensalt wrapper
- 
- tests := cert md5c-test sha256c-test sha512c-test
- 
---- crypt/ow-crypt.h	2001-05-01 13:14:31.000000000 +0200
-+++ crypt/ow-crypt.h	2003-10-01 11:23:27.000000000 +0200
-@@ -13,12 +13,6 @@
- #define __CONST
- #endif
- 
--#ifndef __SKIP_GNU
--extern char *crypt(__CONST char *key, __CONST char *setting);
--extern char *crypt_r(__CONST char *key, __CONST char *setting, void *data);
--#endif
--
--#ifndef __SKIP_OW
- extern char *crypt_rn(__CONST char *key, __CONST char *setting,
- 	void *data, int size);
- extern char *crypt_ra(__CONST char *key, __CONST char *setting,
-@@ -29,6 +23,5 @@
- 	__CONST char *input, int size, char *output, int output_size);
- extern char *crypt_gensalt_ra(__CONST char *prefix, unsigned long count,
- 	__CONST char *input, int size);
--#endif
- 
- #endif
---- crypt/wrapper.c	2002-11-08 01:26:31.000000000 +0100
-+++ crypt/wrapper.c	2003-10-01 11:59:03.000000000 +0200
-@@ -45,12 +45,11 @@
- #if defined(__GLIBC__) && defined(_LIBC)
- /* crypt.h from glibc-crypt-2.1 will define struct crypt_data for us */
- #include "crypt.h"
-+#include "ufc-crypt.h"
-+#include "crypt-private.h"
-+
- extern char *__md5_crypt_r(const char *key, const char *salt,
- 	char *buffer, int buflen);
--/* crypt-entry.c needs to be patched to define __des_crypt_r rather than
-- * __crypt_r, and not define crypt_r and crypt at all */
--extern char *__des_crypt_r(const char *key, const char *salt,
--	struct crypt_data *data);
- extern struct crypt_data _ufc_foobar;
- #endif
- 
-@@ -266,6 +264,7 @@
- weak_alias(__crypt_ra, crypt_ra)
- weak_alias(__crypt_r, crypt_r)
- weak_alias(__crypt, crypt)
-+weak_alias(__crypt, fcrypt)
- weak_alias(__crypt_gensalt_rn, crypt_gensalt_rn)
- weak_alias(__crypt_gensalt_ra, crypt_gensalt_ra)
- weak_alias(__crypt_gensalt, crypt_gensalt)
---- crypt/crypt_blowfish.c
-+++ crypt/crypt_blowfish.c	2005/04/28 10:59:24
-@@ -45,7 +45,7 @@
- #endif
- 
- #ifdef __i386__
--#define BF_ASM				1
-+#define BF_ASM				0
- #define BF_SCALE			1
- #elif defined(__alpha__) || defined(__hppa__)
- #define BF_ASM				0

glibc-2.8-clone.diff

@@ -1,3 +1,5 @@
+http://sources.redhat.com/bugzilla/show_bug.cgi?id=6693
+
 Index: sysdeps/unix/sysv/linux/x86_64/clone.S
 ===================================================================
 RCS file: /cvs/glibc/libc/sysdeps/unix/sysv/linux/x86_64/clone.S,v

glibc-nscd-assert.diff

@@ -0,0 +1,136 @@
+2009-08-18  Anders Johansson  <ajohansson@novell.com>
+
+	* nscd/aicache.c: Fix mixing up dataset and dataset->resp
+	offsets and record sizes in assert()s and response sending.
+	* nscd/grpcache.c: Likewise.
+	* nscd/hstcache.c: Likewise.
+	* nscd/initgrcache.c: Likewise.
+	* nscd/pwdcache.c: Likewise.
+
+diff -ur glibc-2.4.orig/nscd/aicache.c glibc-2.4/nscd/aicache.c
+--- nscd/aicache.c	2009-06-18 14:20:53.000000000 +0200
++++ nscd/aicache.c	2009-06-18 14:21:20.000000000 +0200
+@@ -450,6 +450,6 @@
+ 	    {
+ 	      assert (db->wr_fd != -1);
+ 	      assert ((char *) &dataset->resp > (char *) db->data);
+-	      assert ((char *) &dataset->resp - (char *) db->head + total
++	      assert ((char *) dataset - (char *) db->head + total
+ 		      <= (sizeof (struct database_pers_head)
+ 			  + db->head->module * sizeof (ref_t)
+@@ -458,6 +458,6 @@
+ 	      ssize_t written;
+ 	      written = sendfileall (fd, db->wr_fd, (char *) &dataset->resp
+-				     - (char *) db->head, total);
++				     - (char *) db->head, dataset->head.recsize);
+ # ifndef __ASSUME_SENDFILE
+ 		      if (written == -1 && errno == ENOSYS)
+ 			goto use_write;
+@@ -469,7 +469,7 @@
+ 		  use_write:
+ # endif
+ #endif
+-	    writeall (fd, &dataset->resp, total);
++	    writeall (fd, &dataset->resp, dataset->head.recsize);
+ 	}
+ 
+ 	      goto out;
+diff -ur glibc-2.4.orig/nscd/grpcache.c glibc-2.4/nscd/grpcache.c
+--- nscd/grpcache.c	2009-06-18 14:20:53.000000000 +0200
++++ nscd/grpcache.c	2009-06-18 14:21:20.000000000 +0200
+@@ -317,14 +317,14 @@
+ 	    {
+ 	      assert (db->wr_fd != -1);
+ 	      assert ((char *) &dataset->resp > (char *) db->data);
+-	      assert ((char *) &dataset->resp - (char *) db->head
++	      assert ((char *) dataset - (char *) db->head
+ 		      + total
+ 		      <= (sizeof (struct database_pers_head)
+ 			  + db->head->module * sizeof (ref_t)
+ 			  + db->head->data_size));
+ 	      written = sendfileall (fd, db->wr_fd,
+ 				     (char *) &dataset->resp
+-				     - (char *) db->head, total);
++				     - (char *) db->head, dataset->head.recsize);
+ # ifndef __ASSUME_SENDFILE
+ 	      if (written == -1 && errno == ENOSYS)
+ 		goto use_write;
+@@ -335,7 +335,7 @@
+ 	  use_write:
+ # endif
+ #endif
+-	    written = writeall (fd, &dataset->resp, total);
++	    written = writeall (fd, &dataset->resp, dataset->head.recsize);
+ 	}
+ 
+       /* Add the record to the database.  But only if it has not been
+diff -ur glibc-2.4.orig/nscd/hstcache.c glibc-2.4/nscd/hstcache.c
+--- nscd/hstcache.c	2009-06-18 14:20:53.000000000 +0200
++++ nscd/hstcache.c	2009-06-18 14:22:22.000000000 +0200
+@@ -365,7 +365,7 @@
+ 	    {
+ 	      assert (db->wr_fd != -1);
+ 	      assert ((char *) &dataset->resp > (char *) db->data);
+-	      assert ((char *) &dataset->resp - (char *) db->head
++	      assert ((char *) dataset - (char *) db->head
+ 		      + total
+ 		      <= (sizeof (struct database_pers_head)
+ 			  + db->head->module * sizeof (ref_t)
+diff -ur glibc-2.4.orig/nscd/initgrcache.c glibc-2.4/nscd/initgrcache.c
+--- nscd/initgrcache.c	2009-06-18 14:20:53.000000000 +0200
++++ nscd/initgrcache.c	2009-06-18 14:21:20.000000000 +0200
+@@ -367,14 +367,14 @@
+ 	    {
+ 	      assert (db->wr_fd != -1);
+ 	      assert ((char *) &dataset->resp > (char *) db->data);
+-	      assert ((char *) &dataset->resp - (char *) db->head
++	      assert ((char *) dataset - (char *) db->head
+ 		      + total
+ 		      <= (sizeof (struct database_pers_head)
+ 			  + db->head->module * sizeof (ref_t)
+ 			  + db->head->data_size));
+ 	      written = sendfileall (fd, db->wr_fd,
+ 				     (char *) &dataset->resp
+-				     - (char *) db->head, total);
++				     - (char *) db->head, dataset->head.recsize);
+ # ifndef __ASSUME_SENDFILE
+ 	      if (written == -1 && errno == ENOSYS)
+ 		goto use_write;
+@@ -385,7 +385,7 @@
+ 	  use_write:
+ # endif
+ #endif
+-	    written = writeall (fd, &dataset->resp, total);
++	    written = writeall (fd, &dataset->resp, dataset->head.recsize);
+ 	}
+ 
+ 
+diff -ur glibc-2.4.orig/nscd/pwdcache.c glibc-2.4/nscd/pwdcache.c
+--- nscd/pwdcache.c	2009-06-18 14:20:53.000000000 +0200
++++ nscd/pwdcache.c	2009-06-18 14:21:20.000000000 +0200
+@@ -311,14 +311,14 @@
+ 	    {
+ 	      assert (db->wr_fd != -1);
+ 	      assert ((char *) &dataset->resp > (char *) db->data);
+-	      assert ((char *) &dataset->resp - (char *) db->head
++	      assert ((char *) dataset - (char *) db->head
+ 		      + total
+ 		      <= (sizeof (struct database_pers_head)
+                           + db->head->module * sizeof (ref_t)
+                           + db->head->data_size));
+ 	      written = sendfileall (fd, db->wr_fd,
+ 				     (char *) &dataset->resp
+-				     - (char *) db->head, total);
++				     - (char *) db->head, dataset->head.recsize );
+ # ifndef __ASSUME_SENDFILE
+ 	      if (written == -1 && errno == ENOSYS)
+ 		goto use_write;
+@@ -329,7 +329,7 @@
+ 	  use_write:
+ # endif
+ #endif
+-	    written = writeall (fd, &dataset->resp, total);
++	    written = writeall (fd, &dataset->resp, dataset->head.recsize);
+ 	}
+ 
+ 

glibc-utmp-timeout-raise.diff

@@ -0,0 +1,16 @@
+On extremely loaded systems, the default timeout may not be enough and some
+entries may not appear in the utmp log. With 30s login delay, the system
+should still stay usable for repair in case the utmp locking somehow breaks
+down.
+
+--- login/utmp_file.c~	2009-06-16 12:36:31.000000000 +0200
++++ login/utmp_file.c	2009-06-16 12:36:33.000000000 +0200
+@@ -42,7 +42,7 @@
+ 
+ /* Locking timeout.  */
+ #ifndef TIMEOUT
+-# define TIMEOUT 1
++# define TIMEOUT 30
+ #endif
+ 
+ /* Do-nothing handler for locking timeout.  */

glibc.changes

@@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Sat Sep  5 23:19:51 CEST 2009 - pbaudis@suse.cz
+
+- Raise utmp locking timeout from 1s to 30s to ensure logins get recorded
+  even on heavily loaded systems [bnc#486631]
+- Fix invalid pointer handling in some nscd assertions and the code to send
+  data to the client [bnc#513617]
+- Radically trim down the Blowfish support patch - keeps only crypt_blowfish
+  from the original OWL patch, but does the rest within the current glibc
+  crypt infrastructure [bnc#529495]
+
 -------------------------------------------------------------------
 Wed Aug 26 12:53:54 CEST 2009 - mls@suse.de
 

glibc.spec

@@ -69,7 +69,7 @@ Obsoletes:      glibc-32bit
 Provides:       rtld(GNU_HASH)
 AutoReqProv:    on
 Version:        2.10.1
-Release:        6
+Release:        7
 Url:            http://www.gnu.org/software/libc/libc.html
 PreReq:         filesystem
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
@@ -97,8 +97,7 @@ Patch1:         glibc-2.3.90-noversion.diff
 Patch2:         glibc-2.3.90-fnmatch.diff
 Patch3:         resolv.dynamic.diff
 Patch4:         glibc-2.3.locales.diff.bz2
-Patch5:         crypt_blowfish-1.0.diff
+Patch5:         crypt_blowfish-1.0-suse.diff
-Patch6:         crypt_blowfish-glibc-2.3.diff
 Patch7:         glibc-version.diff
 Patch8:         glibc-2.4.90-revert-only-euro.diff
 Patch9:         glibc-2.3-regcomp.diff
@@ -138,6 +137,8 @@ Patch44:        glibc-cpusetsize.diff
 Patch45:        glibc-nis-splitgroups.diff
 Patch46:        glibc-2.10-mcheck-free-race.diff
 Patch47:        glibc-2.10.99-ia64-include.diff
+Patch48:        glibc-utmp-timeout-raise.diff
+Patch49:        glibc-nscd-assert.diff
 Patch500:       ARM_glibc-2.10.1-local-eabi-wchar.diff
 Patch501:       ARM_glibc-2.10.1-local-hwcap-updates.diff 
 Patch502:       ARM_glibc-2.10.1-local-lowlevellock.diff
@@ -301,7 +302,6 @@ versions of your software.
 %patch3
 %patch4
 %patch5
-%patch6
 %patch7
 %patch8
 %patch9
@@ -343,6 +343,8 @@ rm sysdeps/x86_64/fpu/s_sincos.S
 %patch45
 %patch46
 %patch47
+%patch48
+%patch49
 %ifarch %arm armv5tel armv7l
 %patch500
 %patch501