Hello community,
here is the log from the commit of package glibc for openSUSE:Factory
checked in at Thu Jul 21 08:55:17 CEST 2011.
--------
--- glibc/glibc.changes 2011-07-06 11:53:20.000000000 +0200
+++ /mounts/work_src_done/STABLE/glibc/glibc.changes 2011-07-19 14:23:33.000000000 +0200
@@ -1,0 +2,25 @@
+Tue Jul 19 12:19:22 UTC 2011 - aj@suse.de
+
+- Back to old glibc-2.2-sunrpc.diff for now.
+
+-------------------------------------------------------------------
+Tue Jul 19 08:41:55 UTC 2011 - lnussel@suse.de
+
+- update crypt_blowfish to version 1.2 (bnc#700876)
+ * due to the signedness bug fix 2a hashes are incompatible with
+ previous versions if the password contains 8bit chracters!
+ * libcrypt now exports crypt_gensalt
+
+-------------------------------------------------------------------
+Tue Jul 12 14:21:29 UTC 2011 - aj@suse.de
+
+- Remove ppc-atomic.diff after discussion with glibc PPC experts
+ since it does not bring any real benefit.
+
+-------------------------------------------------------------------
+Thu Jul 7 14:50:15 UTC 2011 - aj@suse.de
+
+- Update glibc-2.2-sunrpc.diff with newer patch from sourceware
+ bugzilla (bs#bso#5379).
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
crypt_blowfish-1.0-suse.diff
minmem
ppc-atomic.diff
New:
----
crypt_blowfish-1.1-sha.diff
crypt_blowfish-1.2.tar.gz
crypt_blowfish-1.2.tar.gz.sign
glibc-2.14-crypt.diff
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ glibc.spec ++++++
--- /var/tmp/diff_new_pack.wnjDqL/_old 2011-07-21 08:49:56.000000000 +0200
+++ /var/tmp/diff_new_pack.wnjDqL/_new 2011-07-21 08:49:56.000000000 +0200
@@ -16,6 +16,7 @@
#
+%define crypt_bf_version 1.2
Name: glibc
License: GPLv2+
@@ -77,7 +78,7 @@
Obsoletes: glibc-32bit
%endif
Version: 2.13
-Release: 23
+Release: 25
Url: http://www.gnu.org/software/libc/libc.html
Source: glibc-%{version}-996cf2ef0727.tar.bz2
Source2: http://ftp.gnu.org/gnu/glibc/glibc-ports-2.13.tar.bz2
@@ -94,6 +95,9 @@
Source20: nscd.conf
Source21: nscd.service
Source22: nscd.socket
+#
+Source50: http://www.openwall.com/crypt/crypt_blowfish-%{crypt_bf_version}.tar.gz
+Source51: http://www.openwall.com/crypt/crypt_blowfish-%{crypt_bf_version}.tar.gz.sign
Requires(pre): filesystem
Provides: rtld(GNU_HASH)
@@ -114,8 +118,8 @@
Patch3: glibc-resolv-reload.diff
# PATCH-MISSING-TAG -- See http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines
Patch4: glibc-2.3.locales.diff.bz2
-# PATCH-MISSING-TAG -- See http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines
-Patch5: crypt_blowfish-1.0-suse.diff
+# PATCH-FEATURE-OPENSUSE -- add crypt_blowfish support - bnc#700876
+Patch5: glibc-2.14-crypt.diff
# PATCH-FIX-OPENSUSE add some extra information to version output - kukuk@suse.de
Patch7: glibc-version.diff
# PATCH-MISSING-TAG -- See http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines
@@ -146,15 +150,13 @@
Patch25: glibc-2.3.90-langpackdir.diff
# PATCH-MISSING-TAG -- See http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines
Patch27: glibc-2.6-configure.diff
-# PATCH-FIX-OPENSUSE Fix hangs in UDP RPC calls bso#5379
+# PATCH-FIX-OPENSUSE Fix hangs in UDP RPC calls bso#5379 bnc#257745 aj@suse.de
Patch28: glibc-2.2-sunrpc.diff
# PATCH-FIX-OPENSUSE Do not generate hardlink for getconf
Patch29: glibc-2.8-getconf.diff
# PATCH-FIX-OPENSUSE only use ipv6 if real ipv6 address exists bnc#361697, bnc#684534
Patch30: getaddrinfo-ipv6-sanity.diff
# PATCH-MISSING-TAG -- See http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines
-Patch31: ppc-atomic.diff
-# PATCH-MISSING-TAG -- See http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines
Patch33: glibc-compiled-binaries.diff
# PATCH-MISSING-TAG -- See http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines
Patch36: glibc-no-unwind-tables.diff
@@ -164,7 +166,7 @@
Patch38: glibc-cpusetsize.diff
# PATCH-MISSING-TAG -- See http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines
Patch40: libm-x86-64-exceptions.diff
-# PATCH-MISSING-TAG -- See http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines
+# PATCH-FIX-OPENSUSE - Allow compilation with -altivec aj@suse.de
Patch41: glibc-uio-cell.diff
# PATCH-FIX-UPSTREAM -- add missing includes aj@suse.de
Patch43: missing-include-build-fix.diff
@@ -206,6 +208,9 @@
Patch63: glibc-2.13-localedef.patch
# PATCH-FIX-UPSTREAM Fix futex bug bso#12403 aj@suse.de
Patch64: glibc-fix-rwlock-stack-imbalance.patch
+#
+# PATCH-FEATURE-OPENSUSE -- add sha support to crypt_blowfish lnussel@suse.de
+Patch80: crypt_blowfish-1.1-sha.diff
%description
The GNU C Library provides the most important standard libraries used
@@ -369,6 +374,14 @@
# any other leave out ports
%setup -n glibc-%{version} -q -a 3 -a 4
%endif
+# Owl crypt_blowfish
+tar -xzf %SOURCE50
+pushd crypt_blowfish-%{crypt_bf_version}
+%patch80 -p1
+popd
+mv crypt/{crypt.h,gnu-crypt.h}
+mv crypt_blowfish-%crypt_bf_version/*.[chS] crypt/
+#
%patch0
# libNoVersion part is only active on ix86
%patch1
@@ -376,7 +389,7 @@
# %patch2 -p1
%patch3
%patch4
-%patch5
+%patch5 -p1
%patch7
%patch8
# Disabled
@@ -403,7 +416,6 @@
%patch28
%patch29
%patch30
-%patch31
%patch33
%patch36
# Disable for now
++++++ crypt_blowfish-1.1-sha.diff ++++++
From 22a0cc20633a4ddd61233410563c9fabe6b515ed Mon Sep 17 00:00:00 2001
From: Ludwig Nussel
Date: Tue, 5 Jul 2011 17:25:12 +0200
Subject: [PATCH crypt_blowfish 1/2] support for sha256 and sha512
---
crypt_gensalt.c | 119 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
wrapper.c | 28 +++++++++++++
2 files changed, 147 insertions(+), 0 deletions(-)
diff --git a/crypt_gensalt.c b/crypt_gensalt.c
index 43b0f6c..4600e30 100644
--- a/crypt_gensalt.c
+++ b/crypt_gensalt.c
@@ -7,6 +7,11 @@
* entirely in crypt_blowfish.c.
*/
+/* asprintf&free */
+#define _GNU_SOURCE
+#include
+#include
+
#include
#include
@@ -105,3 +110,117 @@ char *_crypt_gensalt_md5_rn(unsigned long count,
return output;
}
+
+char *_crypt_gensalt_sha256_rn (unsigned long count,
+ const char *input, int size, char *output, int output_size)
+{
+ unsigned long value;
+ char *buf;
+ char buf2[12];
+
+ if (count > 0) {
+ if (asprintf (&buf, "$5$rounds=%ld$", count) < 0) {
+ if (output_size > 0)
+ output[0] = '\0';
+ errno = ENOMEM;
+ return NULL;
+ }
+ } else {
+ if (asprintf (&buf, "$5$") < 0) {
+ if (output_size > 0)
+ output[0] = '\0';
+ errno = ENOMEM;
+ return NULL;
+ }
+ }
+
+ if (size < 3 || output_size < (int)strlen (buf) + 4 + 1) {
+ free (buf);
+ if (output_size > 0)
+ output[0] = '\0';
+ errno = ERANGE;
+ return NULL;
+ }
+
+ value = (unsigned long)(unsigned char)input[0] |
+ ((unsigned long)(unsigned char)input[1] << 8) |
+ ((unsigned long)(unsigned char)input[2] << 16);
+ buf2[0] = _crypt_itoa64[value & 0x3f];
+ buf2[1] = _crypt_itoa64[(value >> 6) & 0x3f];
+ buf2[2] = _crypt_itoa64[(value >> 12) & 0x3f];
+ buf2[3] = _crypt_itoa64[(value >> 18) & 0x3f];
+ buf2[4] = '\0';
+
+ if (size >= 6 && output_size >= (int)strlen (buf) + 4 + 4 + 1) {
+ value = (unsigned long)(unsigned char)input[3] |
+ ((unsigned long)(unsigned char)input[4] << 8) |
+ ((unsigned long)(unsigned char)input[5] << 16);
+ buf2[4] = _crypt_itoa64[value & 0x3f];
+ buf2[5] = _crypt_itoa64[(value >> 6) & 0x3f];
+ buf2[6] = _crypt_itoa64[(value >> 12) & 0x3f];
+ buf2[7] = _crypt_itoa64[(value >> 18) & 0x3f];
+ buf2[8] = '\0';
+ }
+
+ snprintf (output, output_size, "%s%s", buf, buf2);
+ free (buf);
+
+ return output;
+}
+
+char *_crypt_gensalt_sha512_rn (unsigned long count,
+ const char *input, int size, char *output, int output_size)
+{
+ unsigned long value;
+ char *buf;
+ char buf2[12];
+
+ if (count > 0) {
+ if (asprintf (&buf, "$6$rounds=%ld$", count) < 0) {
+ if (output_size > 0)
+ output[0] = '\0';
+ errno = ENOMEM;
+ return NULL;
+ }
+ } else {
+ if (asprintf (&buf, "$6$") < 0) {
+ if (output_size > 0)
+ output[0] = '\0';
+ errno = ENOMEM;
+ return NULL;
+ }
+ }
+
+ if (size < 3 || output_size < (int)strlen (buf) + 4 + 1) {
+ free (buf);
+ if (output_size > 0)
+ output[0] = '\0';
+ __set_errno(ERANGE);
+ return NULL;
+ }
+
+ value = (unsigned long)(unsigned char)input[0] |
+ ((unsigned long)(unsigned char)input[1] << 8) |
+ ((unsigned long)(unsigned char)input[2] << 16);
+ buf2[0] = _crypt_itoa64[value & 0x3f];
+ buf2[1] = _crypt_itoa64[(value >> 6) & 0x3f];
+ buf2[2] = _crypt_itoa64[(value >> 12) & 0x3f];
+ buf2[3] = _crypt_itoa64[(value >> 18) & 0x3f];
+ buf2[4] = '\0';
+
+ if (size >= 6 && output_size >= (int)strlen (buf) + 4 + 4 + 1) {
+ value = (unsigned long)(unsigned char)input[3] |
+ ((unsigned long)(unsigned char)input[4] << 8) |
+ ((unsigned long)(unsigned char)input[5] << 16);
+ buf2[4] = _crypt_itoa64[value & 0x3f];
+ buf2[5] = _crypt_itoa64[(value >> 6) & 0x3f];
+ buf2[6] = _crypt_itoa64[(value >> 12) & 0x3f];
+ buf2[7] = _crypt_itoa64[(value >> 18) & 0x3f];
+ buf2[8] = '\0';
+ }
+
+ snprintf (output, output_size, "%s%s", buf, buf2);
+ free (buf);
+
+ return output;
+}
diff --git a/wrapper.c b/wrapper.c
index af441bc..07772bc 100644
--- a/wrapper.c
+++ b/wrapper.c
@@ -33,12 +33,20 @@
#include "crypt_blowfish.h"
#include "crypt_gensalt.h"
+extern char *_crypt_gensalt_sha256_rn(unsigned long count,
+ const char *input, int size, char *output, int output_size);
+extern char *_crypt_gensalt_sha512_rn(unsigned long count,
+ const char *input, int size, char *output, int output_size);
#if defined(__GLIBC__) && defined(_LIBC)
/* crypt.h from glibc-crypt-2.1 will define struct crypt_data for us */
#include "crypt.h"
extern char *__md5_crypt_r(const char *key, const char *salt,
char *buffer, int buflen);
+extern char *__sha256_crypt_r (const char *key, const char *salt,
+ char *buffer, int buflen);
+extern char *__sha512_crypt_r (const char *key, const char *salt,
+ char *buffer, int buflen);
/* crypt-entry.c needs to be patched to define __des_crypt_r rather than
* __crypt_r, and not define crypt_r and crypt at all */
extern char *__des_crypt_r(const char *key, const char *salt,
@@ -101,6 +109,10 @@ static char *_crypt_retval_magic(char *retval, const char *setting,
char *__crypt_rn(__const char *key, __const char *setting,
void *data, int size)
{
+ if (setting[0] == '$' && setting[1] == '6')
+ return __sha512_crypt_r(key, setting, (char *)data, size);
+ if (setting[0] == '$' && setting[1] == '5')
+ return __sha256_crypt_r(key, setting, (char *)data, size);
if (setting[0] == '$' && setting[1] == '2')
return _crypt_blowfish_rn(key, setting, (char *)data, size);
if (setting[0] == '$' && setting[1] == '1')
@@ -118,6 +130,16 @@ char *__crypt_rn(__const char *key, __const char *setting,
char *__crypt_ra(__const char *key, __const char *setting,
void **data, int *size)
{
+ if (setting[0] == '$' && setting[1] == '6') {
+ if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE))
+ return NULL;
+ return __sha512_crypt_r(key, setting, (char *)*data, *size);
+ }
+ if (setting[0] == '$' && setting[1] == '5') {
+ if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE))
+ return NULL;
+ return __sha256_crypt_r(key, setting, (char *)*data, *size);
+ }
if (setting[0] == '$' && setting[1] == '2') {
if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE))
return NULL;
@@ -199,6 +221,12 @@ char *__crypt_gensalt_rn(const char *prefix, unsigned long count,
return NULL;
}
+ if (!strncmp(prefix, "$6$", 3))
+ use = _crypt_gensalt_sha512_rn;
+ else
+ if (!strncmp(prefix, "$5$", 3))
+ use = _crypt_gensalt_sha256_rn;
+ else
if (!strncmp(prefix, "$2a$", 4) || !strncmp(prefix, "$2y$", 4))
use = _crypt_gensalt_blowfish_rn;
else
--
1.7.3.4
++++++ glibc-2.14-crypt.diff ++++++
diff -urp glibc-2.14.orig/crypt/Makefile glibc-2.14/crypt/Makefile
--- glibc-2.14.orig/crypt/Makefile 2011-05-31 04:12:33 +0000
+++ glibc-2.14/crypt/Makefile 2011-07-16 21:40:56 +0000
@@ -22,6 +22,7 @@
subdir := crypt
headers := crypt.h
+headers += gnu-crypt.h ow-crypt.h
extra-libs := libcrypt
extra-libs-others := $(extra-libs)
@@ -29,6 +30,8 @@ extra-libs-others := $(extra-libs)
libcrypt-routines := crypt-entry md5-crypt sha256-crypt sha512-crypt crypt \
crypt_util
+libcrypt-routines += crypt_blowfish x86 crypt_gensalt wrapper
+
tests := cert md5c-test sha256c-test sha512c-test
distribute := ufc-crypt.h crypt-private.h ufc.c speeds.c README.ufc-crypt \
diff -urp glibc-2.14.orig/crypt/Versions glibc-2.14/crypt/Versions
--- glibc-2.14.orig/crypt/Versions 2011-05-31 04:12:33 +0000
+++ glibc-2.14/crypt/Versions 2011-07-16 21:40:56 +0000
@@ -1,5 +1,6 @@
libcrypt {
GLIBC_2.0 {
crypt; crypt_r; encrypt; encrypt_r; fcrypt; setkey; setkey_r;
+ crypt_rn; crypt_ra; crypt_gensalt; crypt_gensalt_rn; crypt_gensalt_ra;
}
}
diff -urp glibc-2.14.orig/crypt/crypt-entry.c glibc-2.14/crypt/crypt-entry.c
--- glibc-2.14.orig/crypt/crypt-entry.c 2011-05-31 04:12:33 +0000
+++ glibc-2.14/crypt/crypt-entry.c 2011-07-16 21:40:56 +0000
@@ -82,7 +82,7 @@ extern struct crypt_data _ufc_foobar;
*/
char *
-__crypt_r (key, salt, data)
+__des_crypt_r (key, salt, data)
const char *key;
const char *salt;
struct crypt_data * __restrict data;
@@ -137,6 +137,7 @@ __crypt_r (key, salt, data)
_ufc_output_conversion_r (res[0], res[1], salt, data);
return data->crypt_3_buf;
}
+#if 0
weak_alias (__crypt_r, crypt_r)
char *
@@ -177,3 +178,4 @@ __fcrypt (key, salt)
return crypt (key, salt);
}
#endif
+#endif
++++++ glibc-2.2-sunrpc.diff ++++++
--- /var/tmp/diff_new_pack.wnjDqL/_old 2011-07-21 08:49:56.000000000 +0200
+++ /var/tmp/diff_new_pack.wnjDqL/_new 2011-07-21 08:49:56.000000000 +0200
@@ -1,8 +1,6 @@
-The following patch was not accepted upstream, see:
+For details see:
http://sourceware.org/bugzilla/show_bug.cgi?id=5379
-It needs rework.
-
Index: sunrpc/clnt_udp.c
===================================================================
--- sunrpc/clnt_udp.c.orig
++++++ glibc-uio-cell.diff ++++++
--- /var/tmp/diff_new_pack.wnjDqL/_old 2011-07-21 08:49:57.000000000 +0200
+++ /var/tmp/diff_new_pack.wnjDqL/_new 2011-07-21 08:49:57.000000000 +0200
@@ -1,3 +1,8 @@
+Refused by Ulrich Drepper:
+http://sourceware.org/ml/libc-alpha/2011-07/msg00046.html
+
+We have to keep it until gcc handles this better.
+
2009-11-06 Petr Baudis
* include/sys/uio.h: Change __vector to __iovec to avoid clash
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org