Hello community,
here is the log from the commit of package glibc for openSUSE:Factory checked in at 2014-11-04 17:27:30
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/glibc (Old)
and /work/SRC/openSUSE:Factory/.glibc.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "glibc"
Changes:
--------
--- /work/SRC/openSUSE:Factory/glibc/glibc-testsuite.changes 2014-10-15 16:19:14.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.glibc.new/glibc-testsuite.changes 2014-11-04 17:27:48.000000000 +0100
@@ -1,0 +2,8 @@
+Tue Oct 28 08:56:47 UTC 2014 - schwab@suse.de
+
+- Update to crypt_blowfish 1.3.
+ * Add support for the $2b$ prefix.
+- ifunc-x86-slow-sse4.patch: Fix misdetected Slow_SSE4_2 cpu feature bit
+ (BZ #17501)
+
+-------------------------------------------------------------------
glibc-utils.changes: same change
glibc.changes: same change
Old:
----
crypt_blowfish-1.2.tar.gz
crypt_blowfish-1.2.tar.gz.sign
New:
----
crypt_blowfish-1.3.tar.gz
crypt_blowfish-1.3.tar.gz.sign
ifunc-x86-slow-sse4.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ glibc-testsuite.spec ++++++
--- /var/tmp/diff_new_pack.j0y5zH/_old 2014-11-04 17:27:49.000000000 +0100
+++ /var/tmp/diff_new_pack.j0y5zH/_new 2014-11-04 17:27:49.000000000 +0100
@@ -24,7 +24,7 @@
# It will avoid building some parts of glibc
%bcond_with fast_build
-%define crypt_bf_version 1.2
+%define crypt_bf_version 1.3
Name: glibc-testsuite
%define normal_build ("%{name}" == "glibc")
@@ -232,6 +232,8 @@
###
# Patches from upstream
###
+# PATCH-FIX-UPSTREAM Fix misdetected Slow_SSE4_2 cpu feature bit (BZ #17501)
+Patch1000: ifunc-x86-slow-sse4.patch
###
# Patches awaiting upstream approval
@@ -450,6 +452,8 @@
%patch304 -p1
%patch306 -p1
+%patch1000 -p1
+
%patch2000 -p1
%patch2002 -p1
%patch2003 -p1
glibc-utils.spec: same change
++++++ glibc.spec ++++++
--- /var/tmp/diff_new_pack.j0y5zH/_old 2014-11-04 17:27:49.000000000 +0100
+++ /var/tmp/diff_new_pack.j0y5zH/_new 2014-11-04 17:27:50.000000000 +0100
@@ -24,7 +24,7 @@
# It will avoid building some parts of glibc
%bcond_with fast_build
-%define crypt_bf_version 1.2
+%define crypt_bf_version 1.3
Name: glibc
%define normal_build ("%{name}" == "glibc")
@@ -232,6 +232,8 @@
###
# Patches from upstream
###
+# PATCH-FIX-UPSTREAM Fix misdetected Slow_SSE4_2 cpu feature bit (BZ #17501)
+Patch1000: ifunc-x86-slow-sse4.patch
###
# Patches awaiting upstream approval
@@ -450,6 +452,8 @@
%patch304 -p1
%patch306 -p1
+%patch1000 -p1
+
%patch2000 -p1
%patch2002 -p1
%patch2003 -p1
++++++ crypt_blowfish-1.2-sha.diff ++++++
--- /var/tmp/diff_new_pack.j0y5zH/_old 2014-11-04 17:27:50.000000000 +0100
+++ /var/tmp/diff_new_pack.j0y5zH/_new 2014-11-04 17:27:50.000000000 +0100
@@ -9,10 +9,10 @@
wrapper.c | 23 +++++++++++++++++++++
3 files changed, 95 insertions(+), 0 deletions(-)
-Index: crypt_blowfish-1.2/crypt.3
+Index: crypt_blowfish-1.3/crypt.3
===================================================================
---- crypt_blowfish-1.2.orig/crypt.3
-+++ crypt_blowfish-1.2/crypt.3
+--- crypt_blowfish-1.3.orig/crypt.3
++++ crypt_blowfish-1.3/crypt.3
@@ -399,6 +399,20 @@ too low for the currently available hard
.hash "$1$" "\e$1\e$[^$]{1,8}\e$[./0-9A-Za-z]{22}" unlimited 8 "" 128 "6 to 48" 1000
.PP
@@ -34,10 +34,10 @@
.BR "OpenBSD-style Blowfish-based" " (" bcrypt )
.br
.B bcrypt
-Index: crypt_blowfish-1.2/crypt_gensalt.c
+Index: crypt_blowfish-1.3/crypt_gensalt.c
===================================================================
---- crypt_blowfish-1.2.orig/crypt_gensalt.c
-+++ crypt_blowfish-1.2/crypt_gensalt.c
+--- crypt_blowfish-1.3.orig/crypt_gensalt.c
++++ crypt_blowfish-1.3/crypt_gensalt.c
@@ -19,6 +19,7 @@
*/
@@ -107,10 +107,10 @@
+ errno = ENOMEM;
+ return NULL;
+}
-Index: crypt_blowfish-1.2/crypt_gensalt.h
+Index: crypt_blowfish-1.3/crypt_gensalt.h
===================================================================
---- crypt_blowfish-1.2.orig/crypt_gensalt.h
-+++ crypt_blowfish-1.2/crypt_gensalt.h
+--- crypt_blowfish-1.3.orig/crypt_gensalt.h
++++ crypt_blowfish-1.3/crypt_gensalt.h
@@ -26,5 +26,7 @@ extern char *_crypt_gensalt_extended_rn(
const char *input, int size, char *output, int output_size);
extern char *_crypt_gensalt_md5_rn(const char *prefix, unsigned long count,
@@ -119,10 +119,10 @@
+ const char *input, int size, char *output, int output_size);
#endif
-Index: crypt_blowfish-1.2/wrapper.c
+Index: crypt_blowfish-1.3/wrapper.c
===================================================================
---- crypt_blowfish-1.2.orig/wrapper.c
-+++ crypt_blowfish-1.2/wrapper.c
+--- crypt_blowfish-1.3.orig/wrapper.c
++++ crypt_blowfish-1.3/wrapper.c
@@ -50,6 +50,10 @@
#include "crypt.h"
extern char *__md5_crypt_r(const char *key, const char *salt,
@@ -169,6 +169,6 @@
+ if (!strncmp(prefix, "$5$", 3) || !strncmp(prefix, "$6$", 3))
+ use = _crypt_gensalt_sha2_rn;
+ else
- if (!strncmp(prefix, "$2a$", 4) || !strncmp(prefix, "$2y$", 4))
+ if (!strncmp(prefix, "$2a$", 4) || !strncmp(prefix, "$2b$", 4) ||
+ !strncmp(prefix, "$2y$", 4))
use = _crypt_gensalt_blowfish_rn;
- else
++++++ crypt_blowfish-1.2.tar.gz -> crypt_blowfish-1.3.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crypt_blowfish-1.2/README new/crypt_blowfish-1.3/README
--- old/crypt_blowfish-1.2/README 2011-07-16 23:48:45.000000000 +0200
+++ new/crypt_blowfish-1.3/README 2014-07-07 17:19:04.000000000 +0200
@@ -1,8 +1,8 @@
This is an implementation of a password hashing method, provided via the
-crypt(3) and a reentrant interface. It is mostly compatible with
-OpenBSD's bcrypt.c (prefix "$2a$") by Niels Provos and David Mazieres.
-(Please refer to the included crypt(3) man page for information on
-compatibility issues.)
+crypt(3) and a reentrant interface. It is fully compatible with
+OpenBSD's bcrypt.c for prefix "$2b$", originally by Niels Provos and
+David Mazieres. (Please refer to the included crypt(3) man page for
+information on minor compatibility issues for other bcrypt prefixes.)
I've placed this code in the public domain, with fallback to a
permissive license. Please see the comment in crypt_blowfish.c for
@@ -65,4 +65,4 @@
--
Solar Designer <solar at openwall.com>
-$Owl: Owl/packages/glibc/crypt_blowfish/README,v 1.9 2011/07/16 21:48:45 solar Exp $
+$Owl: Owl/packages/glibc/crypt_blowfish/README,v 1.10 2014/07/07 15:19:04 solar Exp $
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crypt_blowfish-1.2/crypt.3 new/crypt_blowfish-1.3/crypt.3
--- old/crypt_blowfish-1.2/crypt.3 2011-07-16 16:55:47.000000000 +0200
+++ new/crypt_blowfish-1.3/crypt.3 2014-07-07 17:15:09.000000000 +0200
@@ -13,7 +13,7 @@
.\" This manual page in its current form is intended for use on systems
.\" based on the GNU C Library with crypt_blowfish patched into libcrypt.
.\"
-.TH CRYPT 3 "July 16, 2011" "Openwall Project" "Library functions"
+.TH CRYPT 3 "July 7, 2014" "Openwall Project" "Library functions"
.ad l
.\" No macros in NAME to keep makewhatis happy.
.SH NAME
@@ -392,8 +392,8 @@
.br
This is Poul-Henning Kamp's MD5-based password hashing method originally
developed for FreeBSD.
-It is currently supported on many free Unix-like systems, on Solaris 10,
-and it is a part of the official glibc.
+It is currently supported on many free Unix-like systems, on Solaris 10
+and newer, and it is part of the official glibc.
Its main disadvantage is the fixed iteration count, which is already
too low for the currently available hardware.
.hash "$1$" "\e$1\e$[^$]{1,8}\e$[./0-9A-Za-z]{22}" unlimited 8 "" 128 "6 to 48" 1000
@@ -404,8 +404,8 @@
.B bcrypt
was originally developed by Niels Provos and David Mazieres for OpenBSD
and is also supported on recent versions of FreeBSD and NetBSD,
-on Solaris 10, and on several GNU/*/Linux distributions.
-It is, however, not a part of the official glibc.
+on Solaris 10 and newer, and on several GNU/*/Linux distributions.
+It is, however, not part of the official glibc.
.PP
While both
.B bcrypt
@@ -414,7 +414,7 @@
may scale to even faster hardware, doesn't allow for certain optimizations
specific to password cracking only, doesn't have the effective key size
limitation, and uses 8-bit characters in passwords.
-.hash "$2y$" "\e$2[axy]\e$[0-9]{2}\e$[./A-Za-z0-9]{53}" 72 8 "" 184 128 "2**4 to 2**99 (current implementations are limited to 2**31 iterations)"
+.hash "$2b$" "\e$2[abxy]\e$[0-9]{2}\e$[./A-Za-z0-9]{53}" 72 8 "" 184 128 "2**4 to 2**99 (current implementations are limited to 2**31 iterations)"
.PP
With
.BR bcrypt ,
@@ -432,20 +432,21 @@
Besides fixing the bug,
to provide for upgrade strategies for existing systems, two new prefixes were
introduced: "$2x$", which fully re-introduces the bug, and "$2y$", which
-guarantees correct handling of both 7- and 8-bit characters (same as OpenBSD's
-"$2a$").
+guarantees correct handling of both 7- and 8-bit characters.
+OpenBSD 5.5 introduced the "$2b$" prefix for behavior that exactly matches
+crypt_blowfish's "$2y$", and current crypt_blowfish supports it as well.
Unfortunately, the behavior of "$2a$" on password characters with the 8th bit
set has to be considered system-specific.
-When generating new password hashes, the "$2y$" prefix should be used.
+When generating new password hashes, the "$2b$" or "$2y$" prefix should be used.
(If such hashes ever need to be migrated to a system that does not yet support
-this new prefix, the prefix in migrated copies of the already-generated hashes
-may be changed to "$2a$".)
+these new prefixes, the prefix in migrated copies of the already-generated
+hashes may be changed to "$2a$".)
.PP
.crypt_gensalt and
-support the "$2y$" and "$2a$" prefixes (the latter for legacy programs or
-configurations), but not "$2x$" (which must not be used for new hashes).
+support the "$2b$", "$2y$", and "$2a$" prefixes (the latter for legacy programs
+or configurations), but not "$2x$" (which must not be used for new hashes).
.crypt and
-support all three of these prefixes.
+support all four of these prefixes.
.SH PORTABILITY NOTES
Programs using any of these functions on a glibc 2.x system must be
linked against
@@ -480,7 +481,7 @@
is an Openwall extension.
There's also a
.B crypt_gensalt
-function on Solaris 10, but the prototypes and semantics differ.
+function on Solaris 10 and newer, but the prototypes and semantics differ.
.PP
.BR crypt_rn ,
.BR crypt_ra ,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crypt_blowfish-1.2/crypt_blowfish.c new/crypt_blowfish-1.3/crypt_blowfish.c
--- old/crypt_blowfish-1.2/crypt_blowfish.c 2011-07-16 17:15:16.000000000 +0200
+++ new/crypt_blowfish-1.3/crypt_blowfish.c 2014-07-07 16:53:34.000000000 +0200
@@ -7,11 +7,11 @@
* and crypt(3) interfaces added, but optimizations specific to password
* cracking removed.
*
- * Written by Solar Designer <solar at openwall.com> in 1998-2011.
+ * Written by Solar Designer <solar at openwall.com> in 1998-2014.
* No copyright is claimed, and the software is hereby placed in the public
* domain. In case this attempt to disclaim copyright and place the software
* in the public domain is deemed null and void, then the software is
- * Copyright (c) 1998-2011 Solar Designer and it is hereby released to the
+ * Copyright (c) 1998-2014 Solar Designer and it is hereby released to the
* general public under the following terms:
*
* Redistribution and use in source and binary forms, with or without
@@ -27,12 +27,12 @@
* you place this code and any modifications you make under a license
* of your choice.
*
- * This implementation is mostly compatible with OpenBSD's bcrypt.c (prefix
- * "$2a$") by Niels Provos <provos at citi.umich.edu>, and uses some of his
- * ideas. The password hashing algorithm was designed by David Mazieres
- * <dm at lcs.mit.edu>. For more information on the level of compatibility,
- * prefer refer to the comments in BF_set_key() below and to the included
- * crypt(3) man page.
+ * This implementation is fully compatible with OpenBSD's bcrypt.c for prefix
+ * "$2b$", originally by Niels Provos <provos at citi.umich.edu>, and it uses
+ * some of his ideas. The password hashing algorithm was designed by David
+ * Mazieres <dm at lcs.mit.edu>. For information on the level of
+ * compatibility for bcrypt hash prefixes other than "$2b$", please refer to
+ * the comments in BF_set_key() below and to the included crypt(3) man page.
*
* There's a paper on the algorithm that explains its design decisions:
*
@@ -578,6 +578,7 @@
* Valid combinations of settings are:
*
* Prefix "$2a$": bug = 0, safety = 0x10000
+ * Prefix "$2b$": bug = 0, safety = 0
* Prefix "$2x$": bug = 1, safety = 0
* Prefix "$2y$": bug = 0, safety = 0
*/
@@ -641,6 +642,10 @@
initial[0] ^= sign;
}
+static const unsigned char flags_by_subtype[26] =
+ {2, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 4, 0};
+
static char *BF_crypt(const char *key, const char *setting,
char *output, int size,
BF_word min)
@@ -648,9 +653,6 @@
#if BF_ASM
extern void _BF_body_r(BF_ctx *ctx);
#endif
- static const unsigned char flags_by_subtype[26] =
- {2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 4, 0};
struct {
BF_ctx ctx;
BF_key expanded_key;
@@ -816,9 +818,10 @@
{
const char *test_key = "8b \xd0\xc1\xd2\xcf\xcc\xd8";
const char *test_setting = "$2a$00$abcdefghijklmnopqrstuu";
- static const char * const test_hash[2] =
- {"VUrPmXD6q/nVSSp7pNDhCR9071IfIRe\0\x55", /* $2x$ */
- "i1D709vfamulimlGcq0qq3UvuUasvEa\0\x55"}; /* $2a$, $2y$ */
+ static const char * const test_hashes[2] =
+ {"i1D709vfamulimlGcq0qq3UvuUasvEa\0\x55", /* 'a', 'b', 'y' */
+ "VUrPmXD6q/nVSSp7pNDhCR9071IfIRe\0\x55"}; /* 'x' */
+ const char *test_hash = test_hashes[0];
char *retval;
const char *p;
int save_errno, ok;
@@ -840,17 +843,19 @@
* detected by the self-test.
*/
memcpy(buf.s, test_setting, sizeof(buf.s));
- if (retval)
+ if (retval) {
+ unsigned int flags = flags_by_subtype[
+ (unsigned int)(unsigned char)setting[2] - 'a'];
+ test_hash = test_hashes[flags & 1];
buf.s[2] = setting[2];
+ }
memset(buf.o, 0x55, sizeof(buf.o));
buf.o[sizeof(buf.o) - 1] = 0;
p = BF_crypt(test_key, buf.s, buf.o, sizeof(buf.o) - (1 + 1), 1);
ok = (p == buf.o &&
!memcmp(p, buf.s, 7 + 22) &&
- !memcmp(p + (7 + 22),
- test_hash[(unsigned int)(unsigned char)buf.s[2] & 1],
- 31 + 1 + 1 + 1));
+ !memcmp(p + (7 + 22), test_hash, 31 + 1 + 1 + 1));
{
const char *k = "\xff\xa3" "34" "\xff\xff\xff\xa3" "345";
@@ -879,7 +884,7 @@
if (size < 16 || output_size < 7 + 22 + 1 ||
(count && (count < 4 || count > 31)) ||
prefix[0] != '$' || prefix[1] != '2' ||
- (prefix[2] != 'a' && prefix[2] != 'y')) {
+ (prefix[2] != 'a' && prefix[2] != 'b' && prefix[2] != 'y')) {
if (output_size > 0) output[0] = '\0';
__set_errno((output_size < 7 + 22 + 1) ? ERANGE : EINVAL);
return NULL;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/crypt_blowfish-1.2/wrapper.c new/crypt_blowfish-1.3/wrapper.c
--- old/crypt_blowfish-1.2/wrapper.c 2011-07-16 17:07:22.000000000 +0200
+++ new/crypt_blowfish-1.3/wrapper.c 2014-07-07 16:49:16.000000000 +0200
@@ -1,9 +1,9 @@
/*
- * Written by Solar Designer <solar at openwall.com> in 2000-2011.
+ * Written by Solar Designer <solar at openwall.com> in 2000-2014.
* No copyright is claimed, and the software is hereby placed in the public
* domain. In case this attempt to disclaim copyright and place the software
* in the public domain is deemed null and void, then the software is
- * Copyright (c) 2000-2011 Solar Designer and it is hereby released to the
+ * Copyright (c) 2000-2014 Solar Designer and it is hereby released to the
* general public under the following terms:
*
* Redistribution and use in source and binary forms, with or without
@@ -210,7 +210,8 @@
return NULL;
}
- if (!strncmp(prefix, "$2a$", 4) || !strncmp(prefix, "$2y$", 4))
+ if (!strncmp(prefix, "$2a$", 4) || !strncmp(prefix, "$2b$", 4) ||
+ !strncmp(prefix, "$2y$", 4))
use = _crypt_gensalt_blowfish_rn;
else
if (!strncmp(prefix, "$1$", 3))
@@ -293,10 +294,14 @@
"\xff\xff\xa3"},
{"$2a$05$/OK.fbVrR/bpIqNJ5ianF.nqd1wy.pTMdcvrRWxyiGL2eMz.2a85.",
"\xff\xff\xa3"},
+ {"$2b$05$/OK.fbVrR/bpIqNJ5ianF.CE5elHaaO4EbggVDjb8P19RukzXSM3e",
+ "\xff\xff\xa3"},
{"$2y$05$/OK.fbVrR/bpIqNJ5ianF.Sa7shbm4.OzKpvFnX1pQLmQW96oUlCq",
"\xa3"},
{"$2a$05$/OK.fbVrR/bpIqNJ5ianF.Sa7shbm4.OzKpvFnX1pQLmQW96oUlCq",
"\xa3"},
+ {"$2b$05$/OK.fbVrR/bpIqNJ5ianF.Sa7shbm4.OzKpvFnX1pQLmQW96oUlCq",
+ "\xa3"},
{"$2x$05$/OK.fbVrR/bpIqNJ5ianF.o./n25XVfn6oAPaUvHe.Csk4zRfsYPi",
"1\xa3" "345"},
{"$2x$05$/OK.fbVrR/bpIqNJ5ianF.o./n25XVfn6oAPaUvHe.Csk4zRfsYPi",
@@ -347,6 +352,7 @@
""},
{"*0", "", "$2a$03$CCCCCCCCCCCCCCCCCCCCC."},
{"*0", "", "$2a$32$CCCCCCCCCCCCCCCCCCCCC."},
+ {"*0", "", "$2c$05$CCCCCCCCCCCCCCCCCCCCC."},
{"*0", "", "$2z$05$CCCCCCCCCCCCCCCCCCCCC."},
{"*0", "", "$2`$05$CCCCCCCCCCCCCCCCCCCCC."},
{"*0", "", "$2{$05$CCCCCCCCCCCCCCCCCCCCC."},
++++++ crypt_blowfish-gensalt.patch ++++++
--- /var/tmp/diff_new_pack.j0y5zH/_old 2014-11-04 17:27:50.000000000 +0100
+++ /var/tmp/diff_new_pack.j0y5zH/_new 2014-11-04 17:27:50.000000000 +0100
@@ -1,8 +1,8 @@
-Index: crypt_blowfish-1.2/crypt_blowfish.c
+Index: crypt_blowfish-1.3/crypt_blowfish.c
===================================================================
---- crypt_blowfish-1.2.orig/crypt_blowfish.c
-+++ crypt_blowfish-1.2/crypt_blowfish.c
-@@ -872,31 +872,3 @@ char *_crypt_blowfish_rn(const char *key
+--- crypt_blowfish-1.3.orig/crypt_blowfish.c
++++ crypt_blowfish-1.3/crypt_blowfish.c
+@@ -877,31 +877,3 @@ char *_crypt_blowfish_rn(const char *key
__set_errno(EINVAL); /* pretend we don't support this hash type */
return NULL;
}
@@ -13,7 +13,7 @@
- if (size < 16 || output_size < 7 + 22 + 1 ||
- (count && (count < 4 || count > 31)) ||
- prefix[0] != '$' || prefix[1] != '2' ||
-- (prefix[2] != 'a' && prefix[2] != 'y')) {
+- (prefix[2] != 'a' && prefix[2] != 'b' && prefix[2] != 'y')) {
- if (output_size > 0) output[0] = '\0';
- __set_errno((output_size < 7 + 22 + 1) ? ERANGE : EINVAL);
- return NULL;
@@ -34,10 +34,10 @@
-
- return output;
-}
-Index: crypt_blowfish-1.2/crypt_blowfish.h
+Index: crypt_blowfish-1.3/crypt_blowfish.h
===================================================================
---- crypt_blowfish-1.2.orig/crypt_blowfish.h
-+++ crypt_blowfish-1.2/crypt_blowfish.h
+--- crypt_blowfish-1.3.orig/crypt_blowfish.h
++++ crypt_blowfish-1.3/crypt_blowfish.h
@@ -20,8 +20,5 @@
extern int _crypt_output_magic(const char *setting, char *output, int size);
extern char *_crypt_blowfish_rn(const char *key, const char *setting,
@@ -47,10 +47,10 @@
- const char *input, int size, char *output, int output_size);
#endif
-Index: crypt_blowfish-1.2/crypt_gensalt.c
+Index: crypt_blowfish-1.3/crypt_gensalt.c
===================================================================
---- crypt_blowfish-1.2.orig/crypt_gensalt.c
-+++ crypt_blowfish-1.2/crypt_gensalt.c
+--- crypt_blowfish-1.3.orig/crypt_gensalt.c
++++ crypt_blowfish-1.3/crypt_gensalt.c
@@ -20,6 +20,7 @@
#include