rpm/glibc
SHA256
1
0
Fork 0
forked from pool/glibc
Code Pull Requests Activity

Accepting request 20011 from Base:System

Browse Source 
Copy from Base:System/glibc based on submit request 20011 from user pbaudis

OBS-URL: https://build.opensuse.org/request/show/20011
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/glibc?expand=0&rev=9
This commit is contained in:
OBS User autobuild 2009-09-10 10:38:51 +00:00 committed by Git OBS Bridge
parent 1f65f4bc21
commit 1c7706889b
7 changed files with 220 additions and 693 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

633
crypt_blowfish-1.0.diff → crypt_blowfish-1.0-suse.diff
View File

@ -49,7 +49,7 @@ diff -ruN crypt-/crypt_blowfish.c crypt/crypt_blowfish.c
+#endif
+
+#ifdef __i386__
+#define BF_ASM 1
+#define BF_ASM 0 /* original OW patch has 1 */
+#define BF_SCALE 1
+#elif defined(__alpha__) || defined(__hppa__)
+#define BF_ASM 0
@ -745,586 +745,51 @@ diff -ruN crypt-/crypt_blowfish.c crypt/crypt_blowfish.c
+
+ return output;
+}
diff -ruN crypt-/crypt_gensalt.c crypt/crypt_gensalt.c
--- crypt-/crypt_gensalt.c 1970-01-01 01:00:00.000000000 +0100
+++ crypt/crypt_gensalt.c 2006-09-20 20:56:59.000000000 +0200
@@ -0,0 +1,111 @@
+/*
+ * Written by Solar Designer and placed in the public domain.
+ * See crypt_blowfish.c for more information.
+ *
+ * This file contains salt generation functions for the traditional and
+ * other common crypt(3) algorithms, except for bcrypt which is defined
+ * entirely in crypt_blowfish.c.
+ */
+
+#include <string.h>
+
+#include <errno.h>
+#ifndef __set_errno
+#define __set_errno(val) errno = (val)
+#endif
+
+#undef __CONST
+#ifdef __GNUC__
+#define __CONST __const
+#else
+#define __CONST
+#endif
+
+unsigned char _crypt_itoa64[64 + 1] =
+ "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+
+char *_crypt_gensalt_traditional_rn(unsigned long count,
+ __CONST char *input, int size, char *output, int output_size)
+{
+ if (size < 2 || output_size < 2 + 1 || (count && count != 25)) {
+ if (output_size > 0) output[0] = '\0';
+ __set_errno((output_size < 2 + 1) ? ERANGE : EINVAL);
+ return NULL;
+ }
+
+ output[0] = _crypt_itoa64[(unsigned int)input[0] & 0x3f];
+ output[1] = _crypt_itoa64[(unsigned int)input[1] & 0x3f];
+ output[2] = '\0';
+
+ return output;
+}
+
+char *_crypt_gensalt_extended_rn(unsigned long count,
+ __CONST char *input, int size, char *output, int output_size)
+{
+ unsigned long value;
+
+/* Even iteration counts make it easier to detect weak DES keys from a look
+ * at the hash, so they should be avoided */
+ if (size < 3 || output_size < 1 + 4 + 4 + 1 ||
+ (count && (count > 0xffffff || !(count & 1)))) {
+ if (output_size > 0) output[0] = '\0';
+ __set_errno((output_size < 1 + 4 + 4 + 1) ? ERANGE : EINVAL);
+ return NULL;
+ }
+
+ if (!count) count = 725;
+
+ output[0] = '_';
+ output[1] = _crypt_itoa64[count & 0x3f];
+ output[2] = _crypt_itoa64[(count >> 6) & 0x3f];
+ output[3] = _crypt_itoa64[(count >> 12) & 0x3f];
+ output[4] = _crypt_itoa64[(count >> 18) & 0x3f];
+ value = (unsigned long)(unsigned char)input[0] |
+ ((unsigned long)(unsigned char)input[1] << 8) |
+ ((unsigned long)(unsigned char)input[2] << 16);
+ output[5] = _crypt_itoa64[value & 0x3f];
+ output[6] = _crypt_itoa64[(value >> 6) & 0x3f];
+ output[7] = _crypt_itoa64[(value >> 12) & 0x3f];
+ output[8] = _crypt_itoa64[(value >> 18) & 0x3f];
+ output[9] = '\0';
+
+ return output;
+}
+
+char *_crypt_gensalt_md5_rn(unsigned long count,
+ __CONST char *input, int size, char *output, int output_size)
+{
+ unsigned long value;
+
+ if (size < 3 || output_size < 3 + 4 + 1 || (count && count != 1000)) {
+ if (output_size > 0) output[0] = '\0';
+ __set_errno((output_size < 3 + 4 + 1) ? ERANGE : EINVAL);
+ return NULL;
+ }
+
+ output[0] = '$';
+ output[1] = '1';
+ output[2] = '$';
+ value = (unsigned long)(unsigned char)input[0] |
+ ((unsigned long)(unsigned char)input[1] << 8) |
+ ((unsigned long)(unsigned char)input[2] << 16);
+ output[3] = _crypt_itoa64[value & 0x3f];
+ output[4] = _crypt_itoa64[(value >> 6) & 0x3f];
+ output[5] = _crypt_itoa64[(value >> 12) & 0x3f];
+ output[6] = _crypt_itoa64[(value >> 18) & 0x3f];
+ output[7] = '\0';
+
+ if (size >= 6 && output_size >= 3 + 4 + 4 + 1) {
+ value = (unsigned long)(unsigned char)input[3] |
+ ((unsigned long)(unsigned char)input[4] << 8) |
+ ((unsigned long)(unsigned char)input[5] << 16);
+ output[7] = _crypt_itoa64[value & 0x3f];
+ output[8] = _crypt_itoa64[(value >> 6) & 0x3f];
+ output[9] = _crypt_itoa64[(value >> 12) & 0x3f];
+ output[10] = _crypt_itoa64[(value >> 18) & 0x3f];
+ output[11] = '\0';
+ }
+
+ return output;
+}
diff -ruN crypt-/ow-crypt.h crypt/ow-crypt.h
--- crypt-/ow-crypt.h 1970-01-01 01:00:00.000000000 +0100
+++ crypt/ow-crypt.h 2006-09-20 20:56:59.000000000 +0200
@@ -0,0 +1,34 @@
+/*
+ * Written by Solar Designer and placed in the public domain.
+ * See crypt_blowfish.c for more information.
+ */
+
+#ifndef _OW_CRYPT_H
+#define _OW_CRYPT_H
+
+#undef __CONST
+#ifdef __GNUC__
+#define __CONST __const
+#else
+#define __CONST
+#endif
+
+#ifndef __SKIP_GNU
+extern char *crypt(__CONST char *key, __CONST char *setting);
+extern char *crypt_r(__CONST char *key, __CONST char *setting, void *data);
+#endif
+
+#ifndef __SKIP_OW
+extern char *crypt_rn(__CONST char *key, __CONST char *setting,
+ void *data, int size);
+extern char *crypt_ra(__CONST char *key, __CONST char *setting,
+ void **data, int *size);
+extern char *crypt_gensalt(__CONST char *prefix, unsigned long count,
+ __CONST char *input, int size);
+extern char *crypt_gensalt_rn(__CONST char *prefix, unsigned long count,
+ __CONST char *input, int size, char *output, int output_size);
+extern char *crypt_gensalt_ra(__CONST char *prefix, unsigned long count,
+ __CONST char *input, int size);
+#endif
+
+#endif
diff -ruN crypt-/wrapper.c crypt/wrapper.c
--- crypt-/wrapper.c 1970-01-01 01:00:00.000000000 +0100
+++ crypt/wrapper.c 2006-09-20 20:56:59.000000000 +0200
@@ -0,0 +1,426 @@
+/*
+ * Written by Solar Designer and placed in the public domain.
+ * See crypt_blowfish.c for more information.
+ */
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <errno.h>
+#ifndef __set_errno
+#define __set_errno(val) errno = (val)
+#endif
+
+#ifdef TEST
+#include <stdio.h>
+#include <signal.h>
+#include <time.h>
+#include <sys/time.h>
+#include <sys/times.h>
+#ifdef TEST_THREADS
+#include <pthread.h>
+#endif
+#endif
+
+#define CRYPT_OUTPUT_SIZE (7 + 22 + 31 + 1)
+#define CRYPT_GENSALT_OUTPUT_SIZE (7 + 22 + 1)
+
+#if defined(__GLIBC__) && defined(_LIBC)
+#define __SKIP_GNU
+#endif
+#include "ow-crypt.h"
+
+extern char *_crypt_blowfish_rn(__CONST char *key, __CONST char *setting,
+ char *output, int size);
+extern char *_crypt_gensalt_blowfish_rn(unsigned long count,
+ __CONST char *input, int size, char *output, int output_size);
+
+extern unsigned char _crypt_itoa64[];
+extern char *_crypt_gensalt_traditional_rn(unsigned long count,
+ __CONST char *input, int size, char *output, int output_size);
+extern char *_crypt_gensalt_extended_rn(unsigned long count,
+ __CONST char *input, int size, char *output, int output_size);
+extern char *_crypt_gensalt_md5_rn(unsigned long count,
+ __CONST char *input, int size, char *output, int output_size);
+
+#if defined(__GLIBC__) && defined(_LIBC)
+/* crypt.h from glibc-crypt-2.1 will define struct crypt_data for us */
+#include "crypt.h"
+extern char *__md5_crypt_r(const char *key, const char *salt,
+ char *buffer, int buflen);
+/* crypt-entry.c needs to be patched to define __des_crypt_r rather than
+ * __crypt_r, and not define crypt_r and crypt at all */
+extern char *__des_crypt_r(const char *key, const char *salt,
+ struct crypt_data *data);
+extern struct crypt_data _ufc_foobar;
+#endif
+
+static int _crypt_data_alloc(void **data, int *size, int need)
+{
+ void *updated;
+
+ if (*data && *size >= need) return 0;
+
+ updated = realloc(*data, need);
+
+ if (!updated) {
+#ifndef __GLIBC__
+ /* realloc(3) on glibc sets errno, so we don't need to bother */
+ __set_errno(ENOMEM);
+#endif
+ return -1;
+ }
+
+#if defined(__GLIBC__) && defined(_LIBC)
+ if (need >= sizeof(struct crypt_data))
+ ((struct crypt_data *)updated)->initialized = 0;
+#endif
+
+ *data = updated;
+ *size = need;
+
+ return 0;
+}
+
+static char *_crypt_retval_magic(char *retval, __CONST char *setting,
+ char *output)
+{
+ if (retval) return retval;
+
+ output[0] = '*';
+ output[1] = '0';
+ output[2] = '\0';
+
+ if (setting[0] == '*' && setting[1] == '0')
+ output[1] = '1';
+
+ return output;
+}
+
+#if defined(__GLIBC__) && defined(_LIBC)
+/*
+ * Applications may re-use the same instance of struct crypt_data without
+ * resetting the initialized field in order to let crypt_r() skip some of
+ * its initialization code. Thus, it is important that our multiple hashing
+ * algorithms either don't conflict with each other in their use of the
+ * data area or reset the initialized field themselves whenever required.
+ * Currently, the hashing algorithms simply have no conflicts: the first
+ * field of struct crypt_data is the 128-byte large DES key schedule which
+ * __des_crypt_r() calculates each time it is called while the two other
+ * hashing algorithms use less than 128 bytes of the data area.
+ */
+
+char *__crypt_rn(__const char *key, __const char *setting,
+ void *data, int size)
+{
+ if (setting[0] == '$' && setting[1] == '2')
+ return _crypt_blowfish_rn(key, setting, (char *)data, size);
+ if (setting[0] == '$' && setting[1] == '1')
+ return __md5_crypt_r(key, setting, (char *)data, size);
+ if (setting[0] == '$' || setting[0] == '_') {
+ __set_errno(EINVAL);
+ return NULL;
+ }
+ if (size >= sizeof(struct crypt_data))
+ return __des_crypt_r(key, setting, (struct crypt_data *)data);
+ __set_errno(ERANGE);
+ return NULL;
+}
+
+char *__crypt_ra(__const char *key, __const char *setting,
+ void **data, int *size)
+{
+ if (setting[0] == '$' && setting[1] == '2') {
+ if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE))
+ return NULL;
+ return _crypt_blowfish_rn(key, setting, (char *)*data, *size);
+ }
+ if (setting[0] == '$' && setting[1] == '1') {
+ if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE))
+ return NULL;
+ return __md5_crypt_r(key, setting, (char *)*data, *size);
+ }
+ if (setting[0] == '$' || setting[0] == '_') {
+ __set_errno(EINVAL);
+ return NULL;
+ }
+ if (_crypt_data_alloc(data, size, sizeof(struct crypt_data)))
+ return NULL;
+ return __des_crypt_r(key, setting, (struct crypt_data *)*data);
+}
+
+char *__crypt_r(__const char *key, __const char *setting,
+ struct crypt_data *data)
+{
+ return _crypt_retval_magic(
+ __crypt_rn(key, setting, data, sizeof(*data)),
+ setting, (char *)data);
+}
+
+char *__crypt(__const char *key, __const char *setting)
+{
+ return _crypt_retval_magic(
+ __crypt_rn(key, setting, &_ufc_foobar, sizeof(_ufc_foobar)),
+ setting, (char *)&_ufc_foobar);
+}
+#else
+char *crypt_rn(__CONST char *key, __CONST char *setting, void *data, int size)
+{
+ return _crypt_blowfish_rn(key, setting, (char *)data, size);
+}
+
+char *crypt_ra(__CONST char *key, __CONST char *setting,
+ void **data, int *size)
+{
+ if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE))
+ return NULL;
+ return _crypt_blowfish_rn(key, setting, (char *)*data, *size);
+}
+
+char *crypt_r(__CONST char *key, __CONST char *setting, void *data)
+{
+ return _crypt_retval_magic(
+ crypt_rn(key, setting, data, CRYPT_OUTPUT_SIZE),
+ setting, (char *)data);
+}
+
+char *crypt(__CONST char *key, __CONST char *setting)
+{
+ static char output[CRYPT_OUTPUT_SIZE];
+
+ return _crypt_retval_magic(
+ crypt_rn(key, setting, output, sizeof(output)),
+ setting, output);
+}
+
+#define __crypt_gensalt_rn crypt_gensalt_rn
+#define __crypt_gensalt_ra crypt_gensalt_ra
+#define __crypt_gensalt crypt_gensalt
+#endif
+
+char *__crypt_gensalt_rn(__CONST char *prefix, unsigned long count,
+ __CONST char *input, int size, char *output, int output_size)
+{
+ char *(*use)(unsigned long count,
+ __CONST char *input, int size, char *output, int output_size);
+
+ /* This may be supported on some platforms in the future */
+ if (!input) {
+ __set_errno(EINVAL);
+ return NULL;
+ }
+
+ if (!strncmp(prefix, "$2a$", 4))
+ use = _crypt_gensalt_blowfish_rn;
+ else
+ if (!strncmp(prefix, "$1$", 3))
+ use = _crypt_gensalt_md5_rn;
+ else
+ if (prefix[0] == '_')
+ use = _crypt_gensalt_extended_rn;
+ else
+ if (!prefix[0] ||
+ (prefix[0] && prefix[1] &&
+ memchr(_crypt_itoa64, prefix[0], 64) &&
+ memchr(_crypt_itoa64, prefix[1], 64)))
+ use = _crypt_gensalt_traditional_rn;
+ else {
+ __set_errno(EINVAL);
+ return NULL;
+ }
+
+ return use(count, input, size, output, output_size);
+}
+
+char *__crypt_gensalt_ra(__CONST char *prefix, unsigned long count,
+ __CONST char *input, int size)
+{
+ char output[CRYPT_GENSALT_OUTPUT_SIZE];
+ char *retval;
+
+ retval = __crypt_gensalt_rn(prefix, count,
+ input, size, output, sizeof(output));
+
+ if (retval) {
+ retval = strdup(retval);
+#ifndef __GLIBC__
+ /* strdup(3) on glibc sets errno, so we don't need to bother */
+ if (!retval)
+ __set_errno(ENOMEM);
+#endif
+ }
+
+ return retval;
+}
+
+char *__crypt_gensalt(__CONST char *prefix, unsigned long count,
+ __CONST char *input, int size)
+{
+ static char output[CRYPT_GENSALT_OUTPUT_SIZE];
+
+ return __crypt_gensalt_rn(prefix, count,
+ input, size, output, sizeof(output));
+}
+
+#if defined(__GLIBC__) && defined(_LIBC)
+weak_alias(__crypt_rn, crypt_rn)
+weak_alias(__crypt_ra, crypt_ra)
+weak_alias(__crypt_r, crypt_r)
+weak_alias(__crypt, crypt)
+weak_alias(__crypt_gensalt_rn, crypt_gensalt_rn)
+weak_alias(__crypt_gensalt_ra, crypt_gensalt_ra)
+weak_alias(__crypt_gensalt, crypt_gensalt)
+#endif
+
+#ifdef TEST
+static struct {
+ char *hash;
+ char *pw;
+} tests[] = {
+ {"$2a$05$CCCCCCCCCCCCCCCCCCCCC.E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW",
+ "U*U"},
+ {"$2a$05$CCCCCCCCCCCCCCCCCCCCC.VGOzA784oUp/Z0DY336zx7pLYAy0lwK",
+ "U*U*"},
+ {"$2a$05$XXXXXXXXXXXXXXXXXXXXXOAcXxm9kjPGEMsLznoKqmqw7tc8WCx4a",
+ "U*U*U"},
+ {"$2a$05$CCCCCCCCCCCCCCCCCCCCC.7uG0VCzI2bS7j6ymqJi9CdcdxiRTWNy",
+ ""},
+ {"$2a$05$abcdefghijklmnopqrstuu5s2v8.iXieOjg/.AySBTTZIIVFJeBui",
+ "0123456789abcdefghijklmnopqrstuvwxyz"
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"},
+ {NULL, NULL}
+};
+
+#define which tests[0]
+
+static volatile sig_atomic_t running;
+
+static void handle_timer(int signum)
+{
+ running = 0;
+}
+
+static void *run(void *arg)
+{
+ unsigned long count = 0;
+ int i = 0;
+ void *data = NULL;
+ int size = 0x12345678;
+
+ do {
+ if (strcmp(crypt_ra(tests[i].pw, tests[i].hash, &data, &size),
+ tests[i].hash)) {
+ printf("%d: FAILED (crypt_ra/%d/%lu)\n",
+ (char *)arg - (char *)0, i, count);
+ free(data);
+ return NULL;
+ }
+ if (!tests[++i].hash) i = 0;
+ count++;
+ } while (running);
+
+ free(data);
+ return count + (char *)0;
+}
+
+int main(void)
+{
+ struct itimerval it;
+ struct tms buf;
+ clock_t start_real, start_virtual, end_real, end_virtual;
+ unsigned long count;
+ void *data;
+ int size;
+ char *setting1, *setting2;
+ int i;
+#ifdef TEST_THREADS
+ pthread_t t[TEST_THREADS];
+ void *t_retval;
+#endif
+
+ for (i = 0; tests[i].hash; i++)
+ if (strcmp(crypt(tests[i].pw, tests[i].hash), tests[i].hash)) {
+ printf("FAILED (crypt/%d)\n", i);
+ return 1;
+ }
+
+ data = NULL;
+ size = 0x12345678;
+ for (i = 0; tests[i].hash; i++)
+ if (strcmp(crypt_ra(tests[i].pw, tests[i].hash, &data, &size),
+ tests[i].hash)) {
+ printf("FAILED (crypt_ra/%d)\n", i);
+ return 1;
+ }
+
+ setting1 = crypt_gensalt(which.hash, 12, data, size);
+ if (!setting1 || strncmp(setting1, "$2a$12$", 7)) {
+ puts("FAILED (crypt_gensalt)\n");
+ return 1;
+ }
+
+ setting2 = crypt_gensalt_ra(setting1, 12, data, size);
+ if (strcmp(setting1, setting2)) {
+ puts("FAILED (crypt_gensalt_ra/1)\n");
+ return 1;
+ }
+
+ (*(char *)data)++;
+ setting1 = crypt_gensalt_ra(setting2, 12, data, size);
+ if (!strcmp(setting1, setting2)) {
+ puts("FAILED (crypt_gensalt_ra/2)\n");
+ return 1;
+ }
+
+ free(setting1);
+ free(setting2);
+ free(data);
+
+ running = 1;
+ signal(SIGALRM, handle_timer);
+
+ memset(&it, 0, sizeof(it));
+ it.it_value.tv_sec = 5;
+ setitimer(ITIMER_REAL, &it, NULL);
+
+ start_real = times(&buf);
+ start_virtual = buf.tms_utime + buf.tms_stime;
+
+ count = (char *)run((char *)0) - (char *)0;
+
+ end_real = times(&buf);
+ end_virtual = buf.tms_utime + buf.tms_stime;
+ if (end_virtual == start_virtual) end_virtual++;
+
+ printf("%.1f c/s real, %.1f c/s virtual\n",
+ (float)count * CLK_TCK / (end_real - start_real),
+ (float)count * CLK_TCK / (end_virtual - start_virtual));
+
+#ifdef TEST_THREADS
+ running = 1;
+ it.it_value.tv_sec = 60;
+ setitimer(ITIMER_REAL, &it, NULL);
+ start_real = times(&buf);
+
+ for (i = 0; i < TEST_THREADS; i++)
+ if (pthread_create(&t[i], NULL, run, i + (char *)0)) {
+ perror("pthread_create");
+ return 1;
+ }
+
+ for (i = 0; i < TEST_THREADS; i++) {
+ if (pthread_join(t[i], &t_retval)) {
+ perror("pthread_join");
+ continue;
+ }
+ if (!t_retval) continue;
+ count = (char *)t_retval - (char *)0;
+ end_real = times(&buf);
+ printf("%d: %.1f c/s real\n", i,
+ (float)count * CLK_TCK / (end_real - start_real));
+ }
+#endif
+
+ return 0;
+}
+#endif
diff --git a/crypt/Makefile b/crypt/Makefile
index b9c8797..6c51263 100644
--- crypt/Makefile
+++ crypt/Makefile
@@ -27,7 +27,7 @@ extra-libs := libcrypt
extra-libs-others := $(extra-libs)
libcrypt-routines := crypt-entry md5-crypt sha256-crypt sha512-crypt crypt \
- crypt_util
+ crypt_util crypt_blowfish
tests := cert md5c-test sha256c-test sha512c-test
diff --git a/crypt/crypt-entry.c b/crypt/crypt-entry.c
index fdddad2..6e6ba58 100644
--- crypt/crypt-entry.c
+++ crypt/crypt-entry.c
@@ -61,6 +61,8 @@ extern char *__sha256_crypt (const char *key, const char *salt);
extern char *__sha512_crypt_r (const char *key, const char *salt,
char *buffer, int buflen);
extern char *__sha512_crypt (const char *key, const char *salt);
+extern char *_crypt_blowfish_rn (const char *key, const char *setting,
+ char *output, int size);
#endif
/* Define our magic string to mark salt for MD5 encryption
@@ -74,6 +76,9 @@ static const char sha256_salt_prefix[] = "$5$";
/* Magic string for SHA512 encryption. */
static const char sha512_salt_prefix[] = "$6$";
+/* Magic string for Blowfish encryption. */
+static const char blowfish_salt_prefix[] = "$2a$";
+
/* For use by the old, non-reentrant routines (crypt/encrypt/setkey) */
extern struct crypt_data _ufc_foobar;
@@ -106,6 +111,11 @@ __crypt_r (key, salt, data)
if (strncmp (sha512_salt_prefix, salt, sizeof (sha512_salt_prefix) - 1) == 0)
return __sha512_crypt_r (key, salt, (char *) data,
sizeof (struct crypt_data));
+
+ /* Try to find out whether we have to use Blowfish encryption replacement. */
+ if (strncmp (blowfish_salt_prefix, salt, sizeof (blowfish_salt_prefix) - 1) == 0)
+ return _crypt_blowfish_rn (key, salt, (char *) data,
+ sizeof (struct crypt_data));
#endif
/*

105
crypt_blowfish-glibc-2.3.diff
View File

@ -1,105 +0,0 @@
--- crypt/crypt-entry.c 2001-07-06 09:37:47.000000000 +0200
+++ crypt/crypt-entry.c 2003-10-01 11:23:27.000000000 +0200
@@ -70,7 +70,7 @@
*/
char *
-__crypt_r (key, salt, data)
+__des_crypt_r (key, salt, data)
const char *key;
const char *salt;
struct crypt_data * __restrict data;
@@ -115,6 +115,7 @@
_ufc_output_conversion_r (res[0], res[1], salt, data);
return data->crypt_3_buf;
}
+#if 0
weak_alias (__crypt_r, crypt_r)
char *
@@ -147,3 +148,4 @@
return crypt (key, salt);
}
#endif
+#endif
--- crypt/crypt-private.h 2001-07-06 09:37:47.000000000 +0200
+++ crypt/crypt-private.h 2003-10-01 11:23:27.000000000 +0200
@@ -55,6 +55,8 @@
/* crypt-entry.c */
extern char *__crypt_r (__const char *__key, __const char *__salt,
struct crypt_data * __restrict __data);
+extern char *__des_crypt_r (__const char *__key, __const char *__salt,
+ struct crypt_data * __restrict __data);
extern char *fcrypt (__const char *key, __const char *salt);
#endif /* crypt-private.h */
--- crypt/Makefile~ 2007-11-06 05:27:13.635014000 +0100
+++ crypt/Makefile 2007-11-06 05:27:27.500142000 +0100
@@ -27,7 +27,7 @@
extra-libs-others := $(extra-libs)
libcrypt-routines := crypt-entry md5-crypt sha256-crypt sha512-crypt crypt \
- crypt_util
+ crypt_util crypt_blowfish crypt_gensalt wrapper
tests := cert md5c-test sha256c-test sha512c-test
--- crypt/ow-crypt.h 2001-05-01 13:14:31.000000000 +0200
+++ crypt/ow-crypt.h 2003-10-01 11:23:27.000000000 +0200
@@ -13,12 +13,6 @@
#define __CONST
#endif
-#ifndef __SKIP_GNU
-extern char *crypt(__CONST char *key, __CONST char *setting);
-extern char *crypt_r(__CONST char *key, __CONST char *setting, void *data);
-#endif
-
-#ifndef __SKIP_OW
extern char *crypt_rn(__CONST char *key, __CONST char *setting,
void *data, int size);
extern char *crypt_ra(__CONST char *key, __CONST char *setting,
@@ -29,6 +23,5 @@
__CONST char *input, int size, char *output, int output_size);
extern char *crypt_gensalt_ra(__CONST char *prefix, unsigned long count,
__CONST char *input, int size);
-#endif
#endif
--- crypt/wrapper.c 2002-11-08 01:26:31.000000000 +0100
+++ crypt/wrapper.c 2003-10-01 11:59:03.000000000 +0200
@@ -45,12 +45,11 @@
#if defined(__GLIBC__) && defined(_LIBC)
/* crypt.h from glibc-crypt-2.1 will define struct crypt_data for us */
#include "crypt.h"
+#include "ufc-crypt.h"
+#include "crypt-private.h"
+
extern char *__md5_crypt_r(const char *key, const char *salt,
char *buffer, int buflen);
-/* crypt-entry.c needs to be patched to define __des_crypt_r rather than
- * __crypt_r, and not define crypt_r and crypt at all */
-extern char *__des_crypt_r(const char *key, const char *salt,
- struct crypt_data *data);
extern struct crypt_data _ufc_foobar;
#endif
@@ -266,6 +264,7 @@
weak_alias(__crypt_ra, crypt_ra)
weak_alias(__crypt_r, crypt_r)
weak_alias(__crypt, crypt)
+weak_alias(__crypt, fcrypt)
weak_alias(__crypt_gensalt_rn, crypt_gensalt_rn)
weak_alias(__crypt_gensalt_ra, crypt_gensalt_ra)
weak_alias(__crypt_gensalt, crypt_gensalt)
--- crypt/crypt_blowfish.c
+++ crypt/crypt_blowfish.c 2005/04/28 10:59:24
@@ -45,7 +45,7 @@
#endif
#ifdef __i386__
-#define BF_ASM 1
+#define BF_ASM 0
#define BF_SCALE 1
#elif defined(__alpha__) || defined(__hppa__)
#define BF_ASM 0

2
glibc-2.8-clone.diff
View File

@ -1,3 +1,5 @@
http://sources.redhat.com/bugzilla/show_bug.cgi?id=6693
Index: sysdeps/unix/sysv/linux/x86_64/clone.S
===================================================================
RCS file: /cvs/glibc/libc/sysdeps/unix/sysv/linux/x86_64/clone.S,v

136
glibc-nscd-assert.diff Normal file
View File

@ -0,0 +1,136 @@
2009-08-18 Anders Johansson <ajohansson@novell.com>
* nscd/aicache.c: Fix mixing up dataset and dataset->resp
offsets and record sizes in assert()s and response sending.
* nscd/grpcache.c: Likewise.
* nscd/hstcache.c: Likewise.
* nscd/initgrcache.c: Likewise.
* nscd/pwdcache.c: Likewise.
diff -ur glibc-2.4.orig/nscd/aicache.c glibc-2.4/nscd/aicache.c
--- nscd/aicache.c 2009-06-18 14:20:53.000000000 +0200
+++ nscd/aicache.c 2009-06-18 14:21:20.000000000 +0200
@@ -450,6 +450,6 @@
{
assert (db->wr_fd != -1);
assert ((char *) &dataset->resp > (char *) db->data);
- assert ((char *) &dataset->resp - (char *) db->head + total
+ assert ((char *) dataset - (char *) db->head + total
<= (sizeof (struct database_pers_head)
+ db->head->module * sizeof (ref_t)
@@ -458,6 +458,6 @@
ssize_t written;
written = sendfileall (fd, db->wr_fd, (char *) &dataset->resp
- - (char *) db->head, total);
+ - (char *) db->head, dataset->head.recsize);
# ifndef __ASSUME_SENDFILE
if (written == -1 && errno == ENOSYS)
goto use_write;
@@ -469,7 +469,7 @@
use_write:
# endif
#endif
- writeall (fd, &dataset->resp, total);
+ writeall (fd, &dataset->resp, dataset->head.recsize);
}
goto out;
diff -ur glibc-2.4.orig/nscd/grpcache.c glibc-2.4/nscd/grpcache.c
--- nscd/grpcache.c 2009-06-18 14:20:53.000000000 +0200
+++ nscd/grpcache.c 2009-06-18 14:21:20.000000000 +0200
@@ -317,14 +317,14 @@
{
assert (db->wr_fd != -1);
assert ((char *) &dataset->resp > (char *) db->data);
- assert ((char *) &dataset->resp - (char *) db->head
+ assert ((char *) dataset - (char *) db->head
+ total
<= (sizeof (struct database_pers_head)
+ db->head->module * sizeof (ref_t)
+ db->head->data_size));
written = sendfileall (fd, db->wr_fd,
(char *) &dataset->resp
- - (char *) db->head, total);
+ - (char *) db->head, dataset->head.recsize);
# ifndef __ASSUME_SENDFILE
if (written == -1 && errno == ENOSYS)
goto use_write;
@@ -335,7 +335,7 @@
use_write:
# endif
#endif
- written = writeall (fd, &dataset->resp, total);
+ written = writeall (fd, &dataset->resp, dataset->head.recsize);
}
/* Add the record to the database. But only if it has not been
diff -ur glibc-2.4.orig/nscd/hstcache.c glibc-2.4/nscd/hstcache.c
--- nscd/hstcache.c 2009-06-18 14:20:53.000000000 +0200
+++ nscd/hstcache.c 2009-06-18 14:22:22.000000000 +0200
@@ -365,7 +365,7 @@
{
assert (db->wr_fd != -1);
assert ((char *) &dataset->resp > (char *) db->data);
- assert ((char *) &dataset->resp - (char *) db->head
+ assert ((char *) dataset - (char *) db->head
+ total
<= (sizeof (struct database_pers_head)
+ db->head->module * sizeof (ref_t)
diff -ur glibc-2.4.orig/nscd/initgrcache.c glibc-2.4/nscd/initgrcache.c
--- nscd/initgrcache.c 2009-06-18 14:20:53.000000000 +0200
+++ nscd/initgrcache.c 2009-06-18 14:21:20.000000000 +0200
@@ -367,14 +367,14 @@
{
assert (db->wr_fd != -1);
assert ((char *) &dataset->resp > (char *) db->data);
- assert ((char *) &dataset->resp - (char *) db->head
+ assert ((char *) dataset - (char *) db->head
+ total
<= (sizeof (struct database_pers_head)
+ db->head->module * sizeof (ref_t)
+ db->head->data_size));
written = sendfileall (fd, db->wr_fd,
(char *) &dataset->resp
- - (char *) db->head, total);
+ - (char *) db->head, dataset->head.recsize);
# ifndef __ASSUME_SENDFILE
if (written == -1 && errno == ENOSYS)
goto use_write;
@@ -385,7 +385,7 @@
use_write:
# endif
#endif
- written = writeall (fd, &dataset->resp, total);
+ written = writeall (fd, &dataset->resp, dataset->head.recsize);
}
diff -ur glibc-2.4.orig/nscd/pwdcache.c glibc-2.4/nscd/pwdcache.c
--- nscd/pwdcache.c 2009-06-18 14:20:53.000000000 +0200
+++ nscd/pwdcache.c 2009-06-18 14:21:20.000000000 +0200
@@ -311,14 +311,14 @@
{
assert (db->wr_fd != -1);
assert ((char *) &dataset->resp > (char *) db->data);
- assert ((char *) &dataset->resp - (char *) db->head
+ assert ((char *) dataset - (char *) db->head
+ total
<= (sizeof (struct database_pers_head)
+ db->head->module * sizeof (ref_t)
+ db->head->data_size));
written = sendfileall (fd, db->wr_fd,
(char *) &dataset->resp
- - (char *) db->head, total);
+ - (char *) db->head, dataset->head.recsize );
# ifndef __ASSUME_SENDFILE
if (written == -1 && errno == ENOSYS)
goto use_write;
@@ -329,7 +329,7 @@
use_write:
# endif
#endif
- written = writeall (fd, &dataset->resp, total);
+ written = writeall (fd, &dataset->resp, dataset->head.recsize);
}

16
glibc-utmp-timeout-raise.diff Normal file
View File

@ -0,0 +1,16 @@
On extremely loaded systems, the default timeout may not be enough and some
entries may not appear in the utmp log. With 30s login delay, the system
should still stay usable for repair in case the utmp locking somehow breaks
down.
--- login/utmp_file.c~ 2009-06-16 12:36:31.000000000 +0200
+++ login/utmp_file.c 2009-06-16 12:36:33.000000000 +0200
@@ -42,7 +42,7 @@
/* Locking timeout. */
#ifndef TIMEOUT
-# define TIMEOUT 1
+# define TIMEOUT 30
#endif
/* Do-nothing handler for locking timeout. */

11
glibc.changes
View File

@ -1,3 +1,14 @@
-------------------------------------------------------------------
Sat Sep 5 23:19:51 CEST 2009 - pbaudis@suse.cz
- Raise utmp locking timeout from 1s to 30s to ensure logins get recorded
even on heavily loaded systems [bnc#486631]
- Fix invalid pointer handling in some nscd assertions and the code to send
data to the client [bnc#513617]
- Radically trim down the Blowfish support patch - keeps only crypt_blowfish
from the original OWL patch, but does the rest within the current glibc
crypt infrastructure [bnc#529495]
-------------------------------------------------------------------
Wed Aug 26 12:53:54 CEST 2009 - mls@suse.de

10
glibc.spec
View File

@ -69,7 +69,7 @@ Obsoletes: glibc-32bit
Provides: rtld(GNU_HASH)
AutoReqProv: on
Version: 2.10.1
Release: 6
Release: 7
Url: http://www.gnu.org/software/libc/libc.html
PreReq: filesystem
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@ -97,8 +97,7 @@ Patch1: glibc-2.3.90-noversion.diff
Patch2: glibc-2.3.90-fnmatch.diff
Patch3: resolv.dynamic.diff
Patch4: glibc-2.3.locales.diff.bz2
Patch5: crypt_blowfish-1.0.diff
Patch6: crypt_blowfish-glibc-2.3.diff
Patch5: crypt_blowfish-1.0-suse.diff
Patch7: glibc-version.diff
Patch8: glibc-2.4.90-revert-only-euro.diff
Patch9: glibc-2.3-regcomp.diff
@ -138,6 +137,8 @@ Patch44: glibc-cpusetsize.diff
Patch45: glibc-nis-splitgroups.diff
Patch46: glibc-2.10-mcheck-free-race.diff
Patch47: glibc-2.10.99-ia64-include.diff
Patch48: glibc-utmp-timeout-raise.diff
Patch49: glibc-nscd-assert.diff
Patch500: ARM_glibc-2.10.1-local-eabi-wchar.diff
Patch501: ARM_glibc-2.10.1-local-hwcap-updates.diff
Patch502: ARM_glibc-2.10.1-local-lowlevellock.diff
@ -301,7 +302,6 @@ versions of your software.
%patch3
%patch4
%patch5
%patch6
%patch7
%patch8
%patch9
@ -343,6 +343,8 @@ rm sysdeps/x86_64/fpu/s_sincos.S
%patch45
%patch46
%patch47
%patch48
%patch49
%ifarch %arm armv5tel armv7l
%patch500
%patch501