diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2011-12-23 16:30:18 +0100 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2011-12-23 16:33:50 +0100 |
commit | 293f29e8c45ca0fcb064107e275a477ad1913106 (patch) | |
tree | a79d2b2b93af581c861488f2bca773e4751288f0 | |
parent | 453d9efbeb9055b3762960fb09894a04ded1495f (diff) | |
download | aports-293f29e8c45ca0fcb064107e275a477ad1913106.tar.bz2 aports-293f29e8c45ca0fcb064107e275a477ad1913106.tar.xz |
main/libc0.9.32: reorganize patches
We keep track of our patches in git now:
http://git.alpinelinux.org/cgit/uClibc-alpine
This is so its easier to keep track of upstream and make sure that
our patches are upstreamed.
we also bump pkgrel so we make sure we get the patches tested properly
28 files changed, 2034 insertions, 1974 deletions
diff --git a/main/libc0.9.32/compat-stack-guard.patch b/main/libc0.9.32/0001-Compatible-stack-protector-for-non-Thread-Local-stor.patch index c69a9c5350..b60dd446e7 100644 --- a/main/libc0.9.32/compat-stack-guard.patch +++ b/main/libc0.9.32/0001-Compatible-stack-protector-for-non-Thread-Local-stor.patch @@ -1,5 +1,19 @@ +From 3fb4bfcafbcaff3522e7bab48ff03460fec99023 Mon Sep 17 00:00:00 2001 +From: Natanael Copa <ncopa@alpinelinux.org> +Date: Fri, 23 Dec 2011 14:06:09 +0100 +Subject: [PATCH] Compatible stack protector for non Thread Local storage + +Before we had thread local storage the __stack_chk_guard was a global +variable that was referenced to by the older binaries. + +We since then have changed ABI so this patch can probably go away. +--- + ldso/ldso/ldso.c | 7 +------ + libc/misc/internals/__uClibc_main.c | 8 +------- + 2 files changed, 2 insertions(+), 13 deletions(-) + diff --git a/ldso/ldso/ldso.c b/ldso/ldso/ldso.c -index 2857f7e..dce6fd8 100644 +index 7ee9257..3585cb7 100644 --- a/ldso/ldso/ldso.c +++ b/ldso/ldso/ldso.c @@ -103,11 +103,7 @@ extern void _start(void); @@ -14,7 +28,7 @@ index 2857f7e..dce6fd8 100644 # ifdef __UCLIBC_HAS_SSP_COMPAT__ uintptr_t __guard attribute_relro; # endif -@@ -953,9 +949,8 @@ void _dl_get_ready_to_run(struct elf_resolve *tpnt, DL_LOADADDR_TYPE load_addr, +@@ -951,9 +947,8 @@ void _dl_get_ready_to_run(struct elf_resolve *tpnt, DL_LOADADDR_TYPE load_addr, stack_chk_guard = _dl_setup_stack_chk_guard (); # ifdef THREAD_SET_STACK_GUARD THREAD_SET_STACK_GUARD (stack_chk_guard); @@ -53,3 +67,6 @@ index 315365a..78cd058 100644 # ifdef __UCLIBC_HAS_SSP_COMPAT__ __guard = stack_chk_guard; # endif +-- +1.7.8 + diff --git a/main/libc0.9.32/0002-resolv-res_query-for-CNAMEs.patch b/main/libc0.9.32/0002-resolv-res_query-for-CNAMEs.patch new file mode 100644 index 0000000000..74cd37c505 --- /dev/null +++ b/main/libc0.9.32/0002-resolv-res_query-for-CNAMEs.patch @@ -0,0 +1,41 @@ +From 811e804c7a403783b0c4cc5eb75f24da809081d8 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> +Date: Fri, 23 Dec 2011 14:15:16 +0100 +Subject: [PATCH] resolv: res_query for CNAMEs + +From: http://lists.busybox.net/pipermail/uclibc/2009-June/042583.html + +I had postfix failing for domains with MX->CNAME->A chain. In glibc it works. +I tracked it to be a problem in uclibc res_query. It returns bogus data +for CNAME entries, apparently intentionally, which is wrong. + +glibc return CNAME entries even for CNAME queries and most applications rely +on this. So we should do the same in uclibc. + +Signed-off-by: Natanael Copa <ncopa@alpinelinux.org> +--- + libc/inet/resolv.c | 8 +++----- + 1 files changed, 3 insertions(+), 5 deletions(-) + +diff --git a/libc/inet/resolv.c b/libc/inet/resolv.c +index 021d5bf..2371fb9 100644 +--- a/libc/inet/resolv.c ++++ b/libc/inet/resolv.c +@@ -3099,11 +3099,9 @@ int res_query(const char *dname, int class, int type, + + free(a.dotted); + +- if (a.atype == type) { /* CNAME */ +- if (i > anslen) +- i = anslen; +- memcpy(answer, packet, i); +- } ++ i = MIN(anslen, i); ++ memcpy(answer, packet, i); ++ + free(packet); + return i; + } +-- +1.7.8 + diff --git a/main/libc0.9.32/uclibc-resolv-fix-memory-leak.patch b/main/libc0.9.32/0003-resolv-fix-memory-leak.patch index 8738ba7745..88178e4e0e 100644 --- a/main/libc0.9.32/uclibc-resolv-fix-memory-leak.patch +++ b/main/libc0.9.32/0003-resolv-fix-memory-leak.patch @@ -1,19 +1,23 @@ -From bb8d500a75a3050fe3198773ce7b07f669fe8f13 Mon Sep 17 00:00:00 2001 +From 41e8b28fc02fd966dd089a79dc509a5eff725319 Mon Sep 17 00:00:00 2001 From: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com> -Date: Fri, 14 Oct 2011 15:47:42 +0000 -Subject: resolv: fix memory leak +Date: Fri, 14 Oct 2011 17:47:42 +0200 +Subject: [PATCH] resolv: fix memory leak Timothy Holdener writes: small memory leak in __dns_lookup() when the A record in the DNS answer is preceded by one or more CNAME records. Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com> +(cherry picked from commit bb8d500a75a3050fe3198773ce7b07f669fe8f13) --- + libc/inet/resolv.c | 2 ++ + 1 files changed, 2 insertions(+), 0 deletions(-) + diff --git a/libc/inet/resolv.c b/libc/inet/resolv.c -index 38254bd..e415d30 100644 +index 2371fb9..8781196 100644 --- a/libc/inet/resolv.c +++ b/libc/inet/resolv.c -@@ -1507,6 +1507,7 @@ int attribute_hidden __dns_lookup(const char *name, +@@ -1503,6 +1503,7 @@ int attribute_hidden __dns_lookup(const char *name, DPRINTF("Decoding answer at pos %d\n", pos); first_answer = 1; @@ -21,7 +25,7 @@ index 38254bd..e415d30 100644 for (j = 0; j < h.ancount; j++) { i = __decode_answer(packet, pos, packet_len, &ma); if (i < 0) { -@@ -1523,6 +1524,7 @@ int attribute_hidden __dns_lookup(const char *name, +@@ -1519,6 +1520,7 @@ int attribute_hidden __dns_lookup(const char *name, ma.buf = a->buf; ma.buflen = a->buflen; ma.add_count = a->add_count; @@ -29,5 +33,6 @@ index 38254bd..e415d30 100644 memcpy(a, &ma, sizeof(ma)); if (a->atype != T_SIG && (NULL == a->buf || (type != T_A && type != T_AAAA))) break; --- -cgit v0.9.0.1-2-gef13 +-- +1.7.8 + diff --git a/main/libc0.9.32/0001-resolv-fix-resolver-to-return-TRY_AGAIN-on-timeout.patch b/main/libc0.9.32/0004-resolv-fix-resolver-to-return-TRY_AGAIN-on-timeout.patch index 8d6af3deb5..2978ee806a 100644 --- a/main/libc0.9.32/0001-resolv-fix-resolver-to-return-TRY_AGAIN-on-timeout.patch +++ b/main/libc0.9.32/0004-resolv-fix-resolver-to-return-TRY_AGAIN-on-timeout.patch @@ -1,4 +1,4 @@ -From f32b4d27b352724f28c7409490338929fc7ba58f Mon Sep 17 00:00:00 2001 +From d7d9bf8f32235bfa781d632a0a3ba6b544062ce1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> Date: Thu, 7 Jul 2011 18:47:26 +0300 Subject: [PATCH] resolv: fix resolver to return TRY_AGAIN on timeout @@ -23,12 +23,13 @@ to TRY_AGAIN if upstream nameserver(s) timed out. Previously we would have returned NETDB_INTERNAL. Signed-off-by: Timo Teräs <timo.teras@iki.fi> +Signed-off-by: Natanael Copa <ncopa@alpinelinux.org> --- libc/inet/resolv.c | 95 +++++++++++++++++++++++++++------------------------- 1 files changed, 49 insertions(+), 46 deletions(-) diff --git a/libc/inet/resolv.c b/libc/inet/resolv.c -index dc8a752..90ba31c 100644 +index 8781196..07dff18 100644 --- a/libc/inet/resolv.c +++ b/libc/inet/resolv.c @@ -456,7 +456,8 @@ extern int __read_etc_hosts_r(parser_t *parser, @@ -115,7 +116,7 @@ index dc8a752..90ba31c 100644 goto fail1; } pos = HFIXEDSZ; -@@ -1562,8 +1572,7 @@ int attribute_hidden __dns_lookup(const char *name, +@@ -1564,8 +1574,7 @@ int attribute_hidden __dns_lookup(const char *name, variant = -1; } while (retries_left > 0); @@ -125,7 +126,7 @@ index dc8a752..90ba31c 100644 fail1: if (fd != -1) close(fd); -@@ -2104,9 +2113,8 @@ int gethostbyname_r(const char *name, +@@ -2106,9 +2115,8 @@ int gethostbyname_r(const char *name, * we'll need space of one in_addr + two addr_list[] elems */ a.buflen = buflen - ((sizeof(addr_list[0]) * 2 + sizeof(struct in_addr))); a.add_count = 0; @@ -136,7 +137,7 @@ index dc8a752..90ba31c 100644 DPRINTF("__dns_lookup returned < 0\n"); return TRY_AGAIN; } -@@ -2290,9 +2298,8 @@ int gethostbyname2_r(const char *name, +@@ -2292,9 +2300,8 @@ int gethostbyname2_r(const char *name, int packet_len; /* Hmm why we memset(a) to zeros only once? */ @@ -147,7 +148,7 @@ index dc8a752..90ba31c 100644 return TRY_AGAIN; } strncpy(buf, a.dotted, buflen); -@@ -2448,9 +2455,8 @@ int gethostbyaddr_r(const void *addr, socklen_t addrlen, +@@ -2450,9 +2457,8 @@ int gethostbyaddr_r(const void *addr, socklen_t addrlen, memset(&a, '\0', sizeof(a)); for (;;) { /* Hmm why we memset(a) to zeros only once? */ @@ -158,7 +159,7 @@ index dc8a752..90ba31c 100644 return TRY_AGAIN; } -@@ -3089,7 +3095,7 @@ int res_query(const char *dname, int class, int type, +@@ -3091,7 +3097,7 @@ int res_query(const char *dname, int class, int type, } memset(&a, '\0', sizeof(a)); @@ -261,5 +262,5 @@ index dc8a752..90ba31c 100644 /* * Perform a call on res_query on the concatenation of name and domain, -- -1.7.1 +1.7.8 diff --git a/main/libc0.9.32/0001-libm-x86_64-implement-some-fenv-functions.patch b/main/libc0.9.32/0005-libm-x86_64-implement-some-fenv-functions.patch index 5d42413722..9a47267b8e 100644 --- a/main/libc0.9.32/0001-libm-x86_64-implement-some-fenv-functions.patch +++ b/main/libc0.9.32/0005-libm-x86_64-implement-some-fenv-functions.patch @@ -1,9 +1,14 @@ -From 5db70d560df0ab36751045dcb364c3f9eebdc2d1 Mon Sep 17 00:00:00 2001 +From 6864dfeef979985f9f173b842034183476b95583 Mon Sep 17 00:00:00 2001 From: Natanael Copa <natanael.copa@gmail.com> Date: Sun, 28 Nov 2010 12:43:33 +0000 Subject: [PATCH] libm/x86_64: implement some fenv functions from glibc + +Posted to uclibc: +http://lists.busybox.net/pipermail/uclibc/2010-December/044523.html + +Signed-off-by: Natanael Copa <ncopa@alpinelinux.org> --- libm/x86_64/Makefile.arch | 24 ++++++++++++++++++++ libm/x86_64/fclrexcpt.c | 52 ++++++++++++++++++++++++++++++++++++++++++++ @@ -279,5 +284,5 @@ index 0000000..091c251 + return (temp | mxscr) & excepts & FE_ALL_EXCEPT; +} -- -1.7.7 +1.7.8 diff --git a/main/libc0.9.32/0001-ldso-limited-support-for-ORIGIN-in-rpath.patch b/main/libc0.9.32/0006-ldso-limited-support-for-ORIGIN-in-rpath.patch index 73e0fab2bf..633b7e4f58 100644 --- a/main/libc0.9.32/0001-ldso-limited-support-for-ORIGIN-in-rpath.patch +++ b/main/libc0.9.32/0006-ldso-limited-support-for-ORIGIN-in-rpath.patch @@ -1,7 +1,7 @@ -From 0ba7ee452f26088f6b738c37e05c16c7c9eb1caf Mon Sep 17 00:00:00 2001 +From b1aea0b3872b246cf17f04d5442a94e39e45203e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> Date: Fri, 18 Mar 2011 10:53:56 +0200 -Subject: [PATCH 1/3] ldso: limited support for $ORIGIN in rpath +Subject: [PATCH] ldso: limited support for $ORIGIN in rpath MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -9,14 +9,18 @@ Content-Transfer-Encoding: 8bit Handle it if it's in the beginning of the rpath entry as it should be. +Posted to uclibc ml: +http://old.nabble.com/-PATCH-1-3--ldso%3A-limited-support-for-$ORIGIN-in-rpath-td31181219.html + Signed-off-by: Timo Teräs <timo.teras@iki.fi> +Signed-off-by: Natanael Copa <ncopa@alpinelinux.org> --- ldso/ldso/dl-elf.c | 80 ++++++++++++++++++++++++++++----------------------- ldso/ldso/ldso.c | 18 ++++++++++-- 2 files changed, 59 insertions(+), 39 deletions(-) diff --git a/ldso/ldso/dl-elf.c b/ldso/ldso/dl-elf.c -index 505247e..2b2d429 100644 +index 09b3aaf..558176a 100644 --- a/ldso/ldso/dl-elf.c +++ b/ldso/ldso/dl-elf.c @@ -133,53 +133,60 @@ _dl_protect_relro (struct elf_resolve *l) @@ -158,10 +162,10 @@ index 505247e..2b2d429 100644 return tpnt1; diff --git a/ldso/ldso/ldso.c b/ldso/ldso/ldso.c -index 7ee9257..9423670 100644 +index 3585cb7..df16b4f 100644 --- a/ldso/ldso/ldso.c +++ b/ldso/ldso/ldso.c -@@ -272,6 +272,20 @@ static void __attribute__ ((destructor)) __attribute_used__ _dl_fini(void) +@@ -268,6 +268,20 @@ static void __attribute__ ((destructor)) __attribute_used__ _dl_fini(void) } } @@ -182,7 +186,7 @@ index 7ee9257..9423670 100644 void _dl_get_ready_to_run(struct elf_resolve *tpnt, DL_LOADADDR_TYPE load_addr, ElfW(auxv_t) auxvt[AT_EGID + 1], char **envp, char **argv -@@ -321,9 +335,7 @@ void _dl_get_ready_to_run(struct elf_resolve *tpnt, DL_LOADADDR_TYPE load_addr, +@@ -317,9 +331,7 @@ void _dl_get_ready_to_run(struct elf_resolve *tpnt, DL_LOADADDR_TYPE load_addr, * been fixed up by now. Still no function calls outside of this * library, since the dynamic resolver is not yet ready. */ @@ -194,5 +198,5 @@ index 7ee9257..9423670 100644 if (_start == (void *) auxvt[AT_ENTRY].a_un.a_val) { _dl_dprintf(_dl_debug_file, "Standalone execution is not supported yet\n"); -- -1.7.1 +1.7.8 diff --git a/main/libc0.9.32/0002-stdlib-fix-arc4random-return-type-to-u_int32_t.patch b/main/libc0.9.32/0007-stdlib-fix-arc4random-return-type-to-u_int32_t.patch index 9d924655df..40c938065c 100644 --- a/main/libc0.9.32/0002-stdlib-fix-arc4random-return-type-to-u_int32_t.patch +++ b/main/libc0.9.32/0007-stdlib-fix-arc4random-return-type-to-u_int32_t.patch @@ -1,7 +1,7 @@ -From 70debeff167858502d99e92a221fe14f5428a9b6 Mon Sep 17 00:00:00 2001 +From 8f71a37896be4ce64c009b369117b252eb4de366 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> Date: Fri, 18 Mar 2011 10:57:31 +0200 -Subject: [PATCH 2/3] stdlib: fix arc4random return type to u_int32_t +Subject: [PATCH] stdlib: fix arc4random return type to u_int32_t MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -15,6 +15,7 @@ if stdlib.h is included before #define's for stdint.h we end up missing things and breaking builds (e.g. openjdk). Signed-off-by: Timo Teräs <timo.teras@iki.fi> +Signed-off-by: Natanael Copa <ncopa@alpinelinux.org> --- include/stdlib.h | 4 ++-- libc/stdlib/arc4random.c | 3 ++- @@ -57,5 +58,5 @@ index c7aed66..7b9b12d 100644 { if (!rs_initialized) -- -1.7.1 +1.7.8 diff --git a/main/libc0.9.32/0003-ldso-support-RTLD_NOLOAD.patch b/main/libc0.9.32/0008-ldso-support-RTLD_NOLOAD.patch index f10d6f002d..3902df31e7 100644 --- a/main/libc0.9.32/0003-ldso-support-RTLD_NOLOAD.patch +++ b/main/libc0.9.32/0008-ldso-support-RTLD_NOLOAD.patch @@ -1,7 +1,7 @@ -From 4bb377585b95cb67c90ff4ffc21a6870a4e78a37 Mon Sep 17 00:00:00 2001 +From e6fa350aa23280795a912d0edd989d7c98c62710 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> Date: Fri, 18 Mar 2011 11:40:04 +0200 -Subject: [PATCH 3/3] ldso: support RTLD_NOLOAD +Subject: [PATCH] ldso: support RTLD_NOLOAD MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -10,6 +10,7 @@ So application query if specified modile is loaded or not with dlopen. Signed-off-by: Timo Teräs <timo.teras@iki.fi> +Signed-off-by: Natanael Copa <ncopa@alpinelinux.org> --- ldso/include/dl-elf.h | 6 ++++-- ldso/ldso/dl-elf.c | 30 +++++++++++++++++------------- @@ -19,7 +20,7 @@ Signed-off-by: Timo Teräs <timo.teras@iki.fi> 5 files changed, 29 insertions(+), 20 deletions(-) diff --git a/ldso/include/dl-elf.h b/ldso/include/dl-elf.h -index 7fbb373..7102351 100644 +index e7203fd..753c346 100644 --- a/ldso/include/dl-elf.h +++ b/ldso/include/dl-elf.h @@ -25,16 +25,18 @@ static __inline__ void _dl_map_cache(void) { } @@ -44,7 +45,7 @@ index 7fbb373..7102351 100644 extern struct elf_resolve *_dl_check_if_named_library_is_loaded(const char *full_libname, int trace_loaded_objects); diff --git a/ldso/ldso/dl-elf.c b/ldso/ldso/dl-elf.c -index 2b2d429..6d35bf2 100644 +index 558176a..e32591a 100644 --- a/ldso/ldso/dl-elf.c +++ b/ldso/ldso/dl-elf.c @@ -132,7 +132,7 @@ _dl_protect_relro (struct elf_resolve *l) @@ -145,7 +146,7 @@ index 2b2d429..6d35bf2 100644 UCLIBC_RUNTIME_PREFIX "lib:" UCLIBC_RUNTIME_PREFIX "usr/lib" #ifndef __LDSO_CACHE_SUPPORT__ -@@ -329,7 +329,7 @@ goof: +@@ -444,7 +444,7 @@ map_writeable (int infile, ElfW(Phdr) *ppnt, int piclib, int flags, * are required. */ @@ -154,7 +155,7 @@ index 2b2d429..6d35bf2 100644 struct dyn_elf **rpnt, char *libname) { ElfW(Ehdr) *epnt; -@@ -368,7 +368,7 @@ struct elf_resolve *_dl_load_elf_shared_library(int secure, +@@ -483,7 +483,7 @@ struct elf_resolve *_dl_load_elf_shared_library(int secure, } /* If we are in secure mode (i.e. a setu/gid binary using LD_PRELOAD), we don't load the library if it isn't setuid. */ @@ -163,7 +164,7 @@ index 2b2d429..6d35bf2 100644 if (!(st.st_mode & S_ISUID)) { _dl_close(infile); return NULL; -@@ -384,6 +384,10 @@ struct elf_resolve *_dl_load_elf_shared_library(int secure, +@@ -499,6 +499,10 @@ struct elf_resolve *_dl_load_elf_shared_library(int secure, return tpnt; } } @@ -175,10 +176,10 @@ index 2b2d429..6d35bf2 100644 MAP_PRIVATE | MAP_ANONYMOUS | MAP_UNINITIALIZE, -1, 0); if (_dl_mmap_check_error(header)) { diff --git a/ldso/ldso/ldso.c b/ldso/ldso/ldso.c -index 9423670..b71af34 100644 +index df16b4f..5cefc22 100644 --- a/ldso/ldso/ldso.c +++ b/ldso/ldso/ldso.c -@@ -646,7 +646,9 @@ void _dl_get_ready_to_run(struct elf_resolve *tpnt, DL_LOADADDR_TYPE load_addr, +@@ -642,7 +642,9 @@ void _dl_get_ready_to_run(struct elf_resolve *tpnt, DL_LOADADDR_TYPE load_addr, if (!_dl_secure || _dl_strchr(str, '/') == NULL) { _dl_if_debug_dprint("\tfile='%s'; needed by '%s'\n", str, _dl_progname); @@ -190,7 +191,7 @@ index 9423670..b71af34 100644 #ifdef __LDSO_LDD_SUPPORT__ if (trace_loaded_objects) diff --git a/ldso/libdl/libdl.c b/ldso/libdl/libdl.c -index 68cd579..edf38d2 100644 +index 52c77b0..49e90d0 100644 --- a/ldso/libdl/libdl.c +++ b/ldso/libdl/libdl.c @@ -288,7 +288,7 @@ void *dlopen(const char *libname, int flag) @@ -230,5 +231,5 @@ index 4bfbbff..47b42ad 100644 #endif -- -1.7.1 +1.7.8 diff --git a/main/libc0.9.32/0001-libdl-rudimentary-locking-for-dlopen-dlsym-dlclose.patch b/main/libc0.9.32/0009-libdl-rudimentary-locking-for-dlopen-dlsym-dlclose.patch index d406f030d6..367db170f2 100644 --- a/main/libc0.9.32/0001-libdl-rudimentary-locking-for-dlopen-dlsym-dlclose.patch +++ b/main/libc0.9.32/0009-libdl-rudimentary-locking-for-dlopen-dlsym-dlclose.patch @@ -1,6 +1,6 @@ -From 521807eb4d18c5e693f91ad53cb277c76aab8686 Mon Sep 17 00:00:00 2001 +From e3f3de389e28f2585d1a1e57989440ffea67e689 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> -Date: Thu, 24 Mar 2011 13:24:32 +0200 +Date: Thu, 24 Mar 2011 13:27:36 +0200 Subject: [PATCH] libdl: rudimentary locking for dlopen/dlsym/dlclose MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 @@ -12,6 +12,8 @@ we can use more fine grained locking or even RCU where appropriate. But at least we won't crash now. Signed-off-by: Timo Teräs <timo.teras@iki.fi> +Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com> +(cherry picked from commit f69319d5a7d3a3ccb46b28ee2b0fd9053c6415ac) --- TODO | 1 + ldso/libdl/libdl.c | 54 +++++++++++++++++++++++++++++++++++++++++++++++---- @@ -30,7 +32,7 @@ index ae305a5..95cabd5 100644 diff --git a/ldso/libdl/libdl.c b/ldso/libdl/libdl.c -index 68cd579..e007f54 100644 +index 49e90d0..8b243c6 100644 --- a/ldso/libdl/libdl.c +++ b/ldso/libdl/libdl.c @@ -34,6 +34,7 @@ @@ -61,7 +63,7 @@ index 68cd579..e007f54 100644 { struct elf_resolve *tpnt, *tfrom; struct dyn_elf *dyn_chain, *rpnt = NULL, *dyn_ptr, *relro_ptr, *handle; -@@ -605,7 +610,18 @@ oops: +@@ -606,7 +611,18 @@ oops: return NULL; } @@ -81,7 +83,7 @@ index 68cd579..e007f54 100644 { struct elf_resolve *tpnt, *tfrom; struct dyn_elf *handle; -@@ -653,7 +669,7 @@ void *dlsym(void *vhandle, const char *name) +@@ -654,7 +670,7 @@ void *dlsym(void *vhandle, const char *name) * dynamic loader itself, as it doesn't know * how to properly treat it. */ @@ -90,7 +92,7 @@ index 68cd579..e007f54 100644 tfrom = NULL; for (rpnt = _dl_symbol_tables; rpnt; rpnt = rpnt->next) { -@@ -690,6 +706,17 @@ out: +@@ -691,6 +707,17 @@ out: return ret; } @@ -108,7 +110,7 @@ index 68cd579..e007f54 100644 #if 0 void *dlvsym(void *vhandle, const char *name, const char *version) { -@@ -957,7 +984,13 @@ static int do_dlclose(void *vhandle, int need_fini) +@@ -958,7 +985,13 @@ static int do_dlclose(void *vhandle, int need_fini) int dlclose(void *vhandle) { @@ -123,7 +125,7 @@ index 68cd579..e007f54 100644 } char *dlerror(void) -@@ -1004,7 +1037,7 @@ int dlinfo(void) +@@ -1005,7 +1038,7 @@ int dlinfo(void) return 0; } @@ -132,7 +134,7 @@ index 68cd579..e007f54 100644 { struct elf_resolve *pelf; struct elf_resolve *rpnt; -@@ -1108,3 +1141,14 @@ int dladdr(const void *__address, Dl_info * __info) +@@ -1117,3 +1150,14 @@ int dladdr(const void *__address, Dl_info * __info) } } #endif @@ -148,5 +150,5 @@ index 68cd579..e007f54 100644 + return ret; +} -- -1.7.1 +1.7.8 diff --git a/main/libc0.9.32/0001-malloc-standard-synchronize-on-fork.patch b/main/libc0.9.32/0010-malloc-standard-synchronize-on-fork.patch index eb3bfbe04f..688231f777 100644 --- a/main/libc0.9.32/0001-malloc-standard-synchronize-on-fork.patch +++ b/main/libc0.9.32/0010-malloc-standard-synchronize-on-fork.patch @@ -1,4 +1,4 @@ -From 168215f9c3ec4ec9a2fad9387038ced8b386ebaa Mon Sep 17 00:00:00 2001 +From 1bdf3d74afad552ff99182af70536f23549a434f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> Date: Sat, 26 Mar 2011 20:23:09 +0200 Subject: [PATCH] malloc-standard: synchronize on fork @@ -10,6 +10,7 @@ Otherwise other threads can leave malloc state locked, and the child will hang indefinitely if it tries to malloc something. Signed-off-by: Timo Teräs <timo.teras@iki.fi> +Signed-off-by: Natanael Copa <ncopa@alpinelinux.org> --- libc/stdlib/malloc-standard/free.c | 17 +++++++++++++++++ 1 files changed, 17 insertions(+), 0 deletions(-) @@ -50,5 +51,5 @@ index 39e54d6..df512cc 100644 -- -1.7.1 +1.7.8 diff --git a/main/libc0.9.32/0001-time-fix-parsing-of-tzdata-files-where-off_t-is-64-b.patch b/main/libc0.9.32/0011-time-fix-parsing-of-tzdata-files-where-off_t-is-64-b.patch index e47d89620c..63ee369af6 100644 --- a/main/libc0.9.32/0001-time-fix-parsing-of-tzdata-files-where-off_t-is-64-b.patch +++ b/main/libc0.9.32/0011-time-fix-parsing-of-tzdata-files-where-off_t-is-64-b.patch @@ -1,6 +1,5 @@ -From ef44545eb332eac26577ea2672e89b01b3aa5706 Mon Sep 17 00:00:00 2001 +From 0be0174259a3a35313fe1a0413630b919f910f5b Mon Sep 17 00:00:00 2001 From: William Pitcock <nenolod@dereferenced.org> -To: uclibc@uclibc.org Date: Thu, 28 Apr 2011 03:09:20 -0500 Subject: [PATCH] time: fix parsing of tzdata files where off_t is 64-bit @@ -10,6 +9,7 @@ gcc to pass the constant as off_t type always by casting the constant to off_t. Signed-off-by: William Pitcock <nenolod@dereferenced.org> +Signed-off-by: Natanael Copa <ncopa@alpinelinux.org> --- libc/misc/time/time.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) @@ -28,5 +28,5 @@ index 19d68e1..1b21f9e 100644 goto ERROR; } -- -1.7.4.5 +1.7.8 diff --git a/main/libc0.9.32/0001-getaddrinfo-allow-numeric-service-without-any-hints.patch b/main/libc0.9.32/0012-getaddrinfo-allow-numeric-service-without-any-hints.patch index bdd3ce4892..2cb303a943 100644 --- a/main/libc0.9.32/0001-getaddrinfo-allow-numeric-service-without-any-hints.patch +++ b/main/libc0.9.32/0012-getaddrinfo-allow-numeric-service-without-any-hints.patch @@ -1,6 +1,6 @@ -From 66cdddf50492b9b645200ef580ae957c388694ab Mon Sep 17 00:00:00 2001 +From eb5d129b641c644d82089c3ded3d36288c66123c Mon Sep 17 00:00:00 2001 From: Natanael Copa <natanael.copa@gmail.com> -Date: Wed, 8 Jun 2011 09:12:16 +0000 +Date: Sun, 12 Jun 2011 12:09:04 +0000 Subject: [PATCH] getaddrinfo: allow numeric service without any hints This appears to correspond to what glibc does and this fixes an @@ -10,6 +10,10 @@ issue with iptables-1.4.11 with udp and raw port numbers. This fixes #3841 https://bugs.busybox.net/show_bug.cgi?id=3841 + +Signed-off-by: Natanael Copa <natanael.copa@gmail.com> +Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com> +(cherry picked from commit bc3be18145e4d57e7268506f123c0f0f373a15e2) --- libc/inet/getaddrinfo.c | 7 ------- 1 files changed, 0 insertions(+), 7 deletions(-) @@ -33,5 +37,5 @@ index 1a77c51..e7511f6 100644 pservice = &gaih_service; } else -- -1.7.5.4 +1.7.8 diff --git a/main/libc0.9.32/0001-libc-x86-fix-stack-unwinding-and-backtrace-informati.patch b/main/libc0.9.32/0013-libc-x86-fix-stack-unwinding-and-backtrace-informati.patch index 62c1456949..d8961b2bc2 100644 --- a/main/libc0.9.32/0001-libc-x86-fix-stack-unwinding-and-backtrace-informati.patch +++ b/main/libc0.9.32/0013-libc-x86-fix-stack-unwinding-and-backtrace-informati.patch @@ -1,7 +1,7 @@ -From 5f72f80e7ea0e3429c28ff5de7ca88cdd95e8904 Mon Sep 17 00:00:00 2001 +From 9d28002b230eb01a5db7aecab263d38bf0d6d6c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> Date: Thu, 10 Nov 2011 09:36:44 +0200 -Subject: [PATCHv2] libc/x86: fix stack unwinding and backtrace information +Subject: [PATCH] libc/x86: fix stack unwinding and backtrace information MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @@ -25,6 +25,7 @@ if thread is cancelled and the cancellation handler fails to detect the signal return frame. Signed-off-by: Timo Teräs <timo.teras@iki.fi> +Signed-off-by: Natanael Copa <ncopa@alpinelinux.org> --- libc/sysdeps/linux/i386/bits/syscalls.h | 82 +++---------------------------- libc/sysdeps/linux/i386/clone.S | 17 ++++++ @@ -246,5 +247,5 @@ index de0c75d..f9af3f7 100644 " popl %eax\n" \ " movl $" #syscall ", %eax\n" \ -- -1.7.7 +1.7.8 diff --git a/main/libc0.9.32/libm-cabsf.patch b/main/libc0.9.32/0014-libm-add-cabsf-and-cabsl-functions.patch index 5ffa11455e..cb19a9f954 100644 --- a/main/libc0.9.32/libm-cabsf.patch +++ b/main/libc0.9.32/0014-libm-add-cabsf-and-cabsl-functions.patch @@ -1,9 +1,11 @@ -From 0c71b7626655c1023c5e10ebb3b1a294f8e41353 Mon Sep 17 00:00:00 2001 +From aee19ef04c6abf52f4fd646269fcf8a8609164f9 Mon Sep 17 00:00:00 2001 From: William Pitcock <nenolod@dereferenced.org> Date: Tue, 1 Nov 2011 18:55:25 -0500 -Subject: [PATCH 2/2] libm: add cabsf() and cabsl() functions. +Subject: [PATCH] libm: add cabsf() and cabsl() functions. Signed-off-by: William Pitcock <nenolod@dereferenced.org> +Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com> +(cherry picked from commit 2086015b9a223586c1a2b8d7f015ad3a38bdf8bc) --- libm/w_cabs.c | 16 ++++++++++++++++ 1 files changed, 16 insertions(+), 0 deletions(-) @@ -33,5 +35,5 @@ index 4044f4b..b259248 100644 +libm_hidden_def(cabsl) +#endif -- -1.7.7.1 +1.7.8 diff --git a/main/libc0.9.32/libm-cexp.patch b/main/libc0.9.32/0015-libm-implement-generic-cexp-cexpf-and-cexpl.patch index 82f914fa95..1ac2316580 100644 --- a/main/libc0.9.32/libm-cexp.patch +++ b/main/libc0.9.32/0015-libm-implement-generic-cexp-cexpf-and-cexpl.patch @@ -1,12 +1,14 @@ -From 8733cd43293bfa04b4334db7873c4de613f5cf75 Mon Sep 17 00:00:00 2001 +From bf95401faf3ec57b5f45ada41dc219f6d04770ae Mon Sep 17 00:00:00 2001 From: William Pitcock <nenolod@dereferenced.org> Date: Tue, 1 Nov 2011 18:41:30 -0500 -Subject: [PATCH 1/2] libm: implement generic cexp(), cexpf() and cexpl(). +Subject: [PATCH] libm: implement generic cexp(), cexpf() and cexpl(). The cexp*() family of functions is defined by the C99 math standard as implementing exponential functions for complex types. Signed-off-by: William Pitcock <nenolod@dereferenced.org> +Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com> +(cherry picked from commit 6471fc450b66dcb1ba16fe6568cd52221ca64cd1) --- libm/Makefile.in | 3 +- libm/cexp.c | 63 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ @@ -97,5 +99,5 @@ index 0000000..87512b7 +libm_hidden_def(cexpl) +#endif -- -1.7.7.1 +1.7.8 diff --git a/main/libc0.9.32/0016-libubacktrace-use-.so.-ABI_VERSION.patch b/main/libc0.9.32/0016-libubacktrace-use-.so.-ABI_VERSION.patch new file mode 100644 index 0000000000..bf43e927a9 --- /dev/null +++ b/main/libc0.9.32/0016-libubacktrace-use-.so.-ABI_VERSION.patch @@ -0,0 +1,29 @@ +From 5ca71ddc69ebb3696b63d260e15341653ddef4c0 Mon Sep 17 00:00:00 2001 +From: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com> +Date: Fri, 18 Nov 2011 08:49:25 +0100 +Subject: [PATCH] libubacktrace: use .so.$(ABI_VERSION) + +Thanks to William Pitcock for noticing + +Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com> +(cherry picked from commit 69cba61dd27f2a9c4c34f596ed9d1b7cd0441f74) +--- + Rules.mak | 2 +- + 1 files changed, 1 insertions(+), 1 deletions(-) + +diff --git a/Rules.mak b/Rules.mak +index fe06c24..96074e5 100644 +--- a/Rules.mak ++++ b/Rules.mak +@@ -118,7 +118,7 @@ export MAJOR_VERSION MINOR_VERSION SUBLEVEL VERSION ABI_VERSION LC_ALL + + LIBC := libc + SHARED_LIBNAME := $(LIBC).so.$(ABI_VERSION) +-UBACKTRACE_DSO := libubacktrace.so.$(MAJOR_VERSION) ++UBACKTRACE_DSO := libubacktrace.so.$(ABI_VERSION) + ifneq ($(findstring $(TARGET_ARCH) , hppa64 ia64 mips64 powerpc64 s390x sparc64 x86_64 ),) + UCLIBC_LDSO_NAME := ld64-uClibc + ARCH_NATIVE_BIT := 64 +-- +1.7.8 + diff --git a/main/libc0.9.32/0017-Fix-__libc_epoll_pwait-compile-failure-on-x86.patch b/main/libc0.9.32/0017-Fix-__libc_epoll_pwait-compile-failure-on-x86.patch new file mode 100644 index 0000000000..2377bccbd8 --- /dev/null +++ b/main/libc0.9.32/0017-Fix-__libc_epoll_pwait-compile-failure-on-x86.patch @@ -0,0 +1,44 @@ +From 08164f6a9e839918fa6bae05572916c2defabd94 Mon Sep 17 00:00:00 2001 +From: Phil Blundell <pb@pbcl.net> +Date: Sat, 11 Jun 2011 01:10:46 -0400 +Subject: [PATCH] Fix __libc_epoll_pwait compile failure on x86 + +This prevents "memory input 7 is not directly addressable" errors. + +| libc/sysdeps/linux/common/epoll.c: In function '__libc_epoll_pwait': +| libc/sysdeps/linux/common/epoll.c:71:80: error: memory input 7 is not directly addressable +| libc/sysdeps/linux/common/epoll.c:75:86: error: memory input 7 is not directly addressable +| make: *** [libc/sysdeps/linux/common/epoll.o] Error 1 +| make: *** Waiting for unfinished jobs.... + +Signed-off-by: Phil Blundell <pb@pbcl.net> +Signed-off-by: Jason Woodward <jason.woodward@timesys.com> +Signed-off-by: Khem Raj <raj.khem@gmail.com> +(cherry picked from commit 8245f3b4638fdff2011c2657af1bb211def704bc) +--- + libc/sysdeps/linux/common/epoll.c | 5 +++-- + 1 files changed, 3 insertions(+), 2 deletions(-) + +diff --git a/libc/sysdeps/linux/common/epoll.c b/libc/sysdeps/linux/common/epoll.c +index 85b0cfd..ab3e73b 100644 +--- a/libc/sysdeps/linux/common/epoll.c ++++ b/libc/sysdeps/linux/common/epoll.c +@@ -67,12 +67,13 @@ extern __typeof(epoll_pwait) __libc_epoll_pwait; + int __libc_epoll_pwait(int epfd, struct epoll_event *events, int maxevents, + int timeout, const sigset_t *set) + { ++ int nsig = _NSIG / 8; + if (SINGLE_THREAD_P) +- return INLINE_SYSCALL(epoll_pwait, 6, epfd, events, maxevents, timeout, set, _NSIG / 8); ++ return INLINE_SYSCALL(epoll_pwait, 6, epfd, events, maxevents, timeout, set, nsig); + # ifdef __UCLIBC_HAS_THREADS_NATIVE__ + else { + int oldtype = LIBC_CANCEL_ASYNC (); +- int result = INLINE_SYSCALL(epoll_pwait, 6, epfd, events, maxevents, timeout, set, _NSIG / 8); ++ int result = INLINE_SYSCALL(epoll_pwait, 6, epfd, events, maxevents, timeout, set, nsig); + LIBC_CANCEL_RESET (oldtype); + return result; + } +-- +1.7.8 + diff --git a/main/libc0.9.32/0018-libcrypt-do-not-cast-away-const-of-key-salt.patch b/main/libc0.9.32/0018-libcrypt-do-not-cast-away-const-of-key-salt.patch new file mode 100644 index 0000000000..d79671739b --- /dev/null +++ b/main/libc0.9.32/0018-libcrypt-do-not-cast-away-const-of-key-salt.patch @@ -0,0 +1,34 @@ +From c6363f33f5af361fea483dd6a7e0f42278f913bf Mon Sep 17 00:00:00 2001 +From: Mike Frysinger <vapier@gentoo.org> +Date: Sun, 20 Nov 2011 02:34:49 -0500 +Subject: [PATCH] libcrypt: do not cast away const of key/salt + +Signed-off-by: Mike Frysinger <vapier@gentoo.org> +(cherry picked from commit 4a2b0641a3818ad14b886907368b6f6735615f6d) +--- + libcrypt/crypt.c | 7 +++++-- + 1 files changed, 5 insertions(+), 2 deletions(-) + +diff --git a/libcrypt/crypt.c b/libcrypt/crypt.c +index 8b361d3..89a2614 100644 +--- a/libcrypt/crypt.c ++++ b/libcrypt/crypt.c +@@ -12,10 +12,13 @@ + + char *crypt(const char *key, const char *salt) + { ++ const unsigned char *ukey = (const unsigned char *)key; ++ const unsigned char *usalt = (const unsigned char *)salt; ++ + /* First, check if we are supposed to be using the MD5 replacement + * instead of DES... */ + if (salt[0]=='$' && salt[1]=='1' && salt[2]=='$') +- return __md5_crypt((unsigned char*)key, (unsigned char*)salt); ++ return __md5_crypt(ukey, usalt); + else +- return __des_crypt((unsigned char*)key, (unsigned char*)salt); ++ return __des_crypt(ukey, usalt); + } +-- +1.7.8 + diff --git a/main/libc0.9.32/0019-libcrypt-make-crypt-itself-more-modular.patch b/main/libc0.9.32/0019-libcrypt-make-crypt-itself-more-modular.patch new file mode 100644 index 0000000000..9e8636f95a --- /dev/null +++ b/main/libc0.9.32/0019-libcrypt-make-crypt-itself-more-modular.patch @@ -0,0 +1,64 @@ +From 78f25c8abfc3358a46061772944d30027ceb8288 Mon Sep 17 00:00:00 2001 +From: William Pitcock <nenolod@dereferenced.org> +Date: Mon, 19 Dec 2011 01:21:33 -0600 +Subject: [PATCH] libcrypt: make crypt() itself more modular + +By using a function table, we can more cleanly support new crypt +implementations, such as SHA256 ($5$) and SHA512 ($6$). + +Signed-off-by: William Pitcock <nenolod@dereferenced.org> +Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com> +(cherry picked from commit 40c426ae8f032d794d15f4a7fca8dc17cdc9899d) +--- + libcrypt/crypt.c | 30 ++++++++++++++++++++++++------ + 1 files changed, 24 insertions(+), 6 deletions(-) + +diff --git a/libcrypt/crypt.c b/libcrypt/crypt.c +index 89a2614..33f98b6 100644 +--- a/libcrypt/crypt.c ++++ b/libcrypt/crypt.c +@@ -8,17 +8,35 @@ + #define __FORCE_GLIBC + #include <crypt.h> + #include <unistd.h> ++#include <string.h> ++#include <errno.h> + #include "libcrypt.h" + ++typedef char *(*crypt_impl_f)(const unsigned char *pw, const unsigned char *salt); ++ ++static const struct { ++ const char *salt_pfx; ++ const crypt_impl_f crypt_impl; ++} crypt_impl_tab[] = { ++ { "$1$", __md5_crypt }, ++ { NULL, __des_crypt }, ++}; ++ + char *crypt(const char *key, const char *salt) + { + const unsigned char *ukey = (const unsigned char *)key; + const unsigned char *usalt = (const unsigned char *)salt; ++ size_t i; ++ ++ for (i = 0; i < ARRAY_SIZE(crypt_impl_tab); i++) { ++ if (crypt_impl_tab[i].salt_pfx != NULL && ++ strncmp(crypt_impl_tab[i].salt_pfx, salt, strlen(crypt_impl_tab[i].salt_pfx))) ++ continue; ++ ++ return crypt_impl_tab[i].crypt_impl(ukey, usalt); ++ } + +- /* First, check if we are supposed to be using the MD5 replacement +- * instead of DES... */ +- if (salt[0]=='$' && salt[1]=='1' && salt[2]=='$') +- return __md5_crypt(ukey, usalt); +- else +- return __des_crypt(ukey, usalt); ++ /* no crypt implementation was found, set errno to ENOSYS and return NULL */ ++ __set_errno(ENOSYS); ++ return NULL; + } +-- +1.7.8 + diff --git a/main/libc0.9.32/0020-libcrypt-add-support-for-SHA512-CRYPT-password-hashi.patch b/main/libc0.9.32/0020-libcrypt-add-support-for-SHA512-CRYPT-password-hashi.patch new file mode 100644 index 0000000000..cd67869775 --- /dev/null +++ b/main/libc0.9.32/0020-libcrypt-add-support-for-SHA512-CRYPT-password-hashi.patch @@ -0,0 +1,834 @@ +From 0b68c872deb676b0cb104bfb30a1f356072b5edf Mon Sep 17 00:00:00 2001 +From: William Pitcock <nenolod@dereferenced.org> +Date: Mon, 19 Dec 2011 01:24:16 -0600 +Subject: [PATCH] libcrypt: add support for SHA512-CRYPT password hashing + +This is based on Ulrich Drepper's implementation in GLIBC, but hacked up to work +in uClibc. The differences from the GLIBC version are as follows: + +- b64_from_24bit() has been converted into a macro +- Usage of GLIBC-isms (such as libc_freeres_ptr) have been removed + +It is enabled by the UCLIBC_HAS_SHA512_CRYPT_IMPL configuration symbol. You must +have UCLIBC_HAS_CRYPT_IMPL enabled as well. + +Signed-off-by: William Pitcock <nenolod@dereferenced.org> +Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com> +(cherry picked from commit 4c24dabb9cea4c8148d7a7efc7a1df694424c483) +--- + extra/Configs/Config.in | 7 + + libcrypt/Makefile.in | 1 + + libcrypt/crypt.c | 3 + + libcrypt/libcrypt.h | 3 + + libcrypt/sha512-crypt.c | 339 +++++++++++++++++++++++++++++++++++++++++++++++ + libcrypt/sha512.c | 326 +++++++++++++++++++++++++++++++++++++++++++++ + libcrypt/sha512.h | 58 ++++++++ + 7 files changed, 737 insertions(+), 0 deletions(-) + create mode 100644 libcrypt/sha512-crypt.c + create mode 100644 libcrypt/sha512.c + create mode 100644 libcrypt/sha512.h + +diff --git a/extra/Configs/Config.in b/extra/Configs/Config.in +index e41adc4..eec3ee9 100644 +--- a/extra/Configs/Config.in ++++ b/extra/Configs/Config.in +@@ -1137,6 +1137,13 @@ config UCLIBC_HAS_CRYPT_IMPL + help + libcrypt contains crypt(), setkey() and encrypt() + ++config UCLIBC_HAS_SHA512_CRYPT_IMPL ++ bool "libcrypt SHA512 support" ++ depends on UCLIBC_HAS_CRYPT_IMPL ++ help ++ This adds support for SHA512 password hashing via the crypt() function. ++ Say N here if you do not need SHA512 crypt support. ++ + config UCLIBC_HAS_CRYPT_STUB + bool "libcrypt stubs" + default y +diff --git a/libcrypt/Makefile.in b/libcrypt/Makefile.in +index 1d1fb55..2fceaed 100644 +--- a/libcrypt/Makefile.in ++++ b/libcrypt/Makefile.in +@@ -21,6 +21,7 @@ libcrypt_OUT := $(top_builddir)libcrypt + + libcrypt_SRC-y := + libcrypt_SRC-$(UCLIBC_HAS_CRYPT_IMPL) += crypt.c des.c md5.c ++libcrypt_SRC-$(UCLIBC_HAS_SHA512_CRYPT_IMPL) += sha512.c sha512-crypt.c + libcrypt_SRC-$(UCLIBC_HAS_CRYPT_STUB) += crypt_stub.c + + libcrypt_SRC := $(addprefix $(libcrypt_DIR)/,$(libcrypt_SRC-y)) +diff --git a/libcrypt/crypt.c b/libcrypt/crypt.c +index 33f98b6..b5bf9ee 100644 +--- a/libcrypt/crypt.c ++++ b/libcrypt/crypt.c +@@ -19,6 +19,9 @@ static const struct { + const crypt_impl_f crypt_impl; + } crypt_impl_tab[] = { + { "$1$", __md5_crypt }, ++#ifdef __UCLIBC_HAS_SHA512_CRYPT_IMPL__ ++ { "$6$", __sha512_crypt }, ++#endif + { NULL, __des_crypt }, + }; + +diff --git a/libcrypt/libcrypt.h b/libcrypt/libcrypt.h +index 1186620..fcad6ae 100644 +--- a/libcrypt/libcrypt.h ++++ b/libcrypt/libcrypt.h +@@ -9,8 +9,11 @@ + #define __LIBCRYPT_H__ + + extern char *__md5_crypt(const unsigned char *pw, const unsigned char *salt) attribute_hidden; ++extern char *__sha512_crypt(const unsigned char *pw, const unsigned char *salt) attribute_hidden; + extern char *__des_crypt(const unsigned char *pw, const unsigned char *salt) attribute_hidden; + ++extern char *__sha512_crypt_r (const char *key, const char *salt, char *buffer, int buflen) attribute_hidden; ++ + /* shut up gcc-4.x signed warnings */ + #define strcpy(dst,src) strcpy((char*)dst,(char*)src) + #define strlen(s) strlen((char*)s) +diff --git a/libcrypt/sha512-crypt.c b/libcrypt/sha512-crypt.c +new file mode 100644 +index 0000000..0321be0 +--- /dev/null ++++ b/libcrypt/sha512-crypt.c +@@ -0,0 +1,339 @@ ++/* One way encryption based on SHA512 sum. ++ Copyright (C) 2007, 2009 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ Contributed by Ulrich Drepper <drepper@redhat.com>, 2007. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, write to the Free ++ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA ++ 02111-1307 USA. */ ++ ++#include <assert.h> ++#include <errno.h> ++#include <stdbool.h> ++#include <stdlib.h> ++#include <string.h> ++#include <sys/param.h> ++ ++#include "sha512.h" ++#include "libcrypt.h" ++ ++/* Define our magic string to mark salt for SHA512 "encryption" ++ replacement. */ ++static const char sha512_salt_prefix[] = "$6$"; ++ ++/* Prefix for optional rounds specification. */ ++static const char sha512_rounds_prefix[] = "rounds="; ++ ++/* Maximum salt string length. */ ++#define SALT_LEN_MAX 16 ++/* Default number of rounds if not explicitly specified. */ ++#define ROUNDS_DEFAULT 5000 ++/* Minimum number of rounds. */ ++#define ROUNDS_MIN 1000 ++/* Maximum number of rounds. */ ++#define ROUNDS_MAX 999999999 ++ ++/* Table with characters for base64 transformation. */ ++static const char b64t[64] = ++"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; ++ ++#define B64_FROM_24BIT(b2, b1, b0, steps) \ ++ { \ ++ int n = (steps); \ ++ unsigned int w = ((b2) << 16) | ((b1) << 8) | (b0); \ ++ while (n-- > 0 && buflen > 0) \ ++ { \ ++ *cp++ = b64t[w & 0x3f]; \ ++ --buflen; \ ++ w >>= 6; \ ++ } \ ++ } ++ ++char * ++__sha512_crypt_r (const char *key, ++ const char *salt, ++ char *buffer, ++ int buflen) ++{ ++ unsigned char alt_result[64] ++ __attribute__ ((__aligned__ (__alignof__ (uint64_t)))); ++ unsigned char temp_result[64] ++ __attribute__ ((__aligned__ (__alignof__ (uint64_t)))); ++ size_t salt_len; ++ size_t key_len; ++ size_t cnt; ++ char *cp; ++ char *copied_key = NULL; ++ char *copied_salt = NULL; ++ char *p_bytes; ++ char *s_bytes; ++ /* Default number of rounds. */ ++ size_t rounds = ROUNDS_DEFAULT; ++ bool rounds_custom = false; ++ ++ /* Find beginning of salt string. The prefix should normally always ++ be present. Just in case it is not. */ ++ if (strncmp (sha512_salt_prefix, salt, sizeof (sha512_salt_prefix) - 1) == 0) ++ /* Skip salt prefix. */ ++ salt += sizeof (sha512_salt_prefix) - 1; ++ ++ if (strncmp (salt, sha512_rounds_prefix, sizeof (sha512_rounds_prefix) - 1) ++ == 0) ++ { ++ const char *num = salt + sizeof (sha512_rounds_prefix) - 1; ++ char *endp; ++ unsigned long int srounds = strtoul (num, &endp, 10); ++ if (*endp == '$') ++ { ++ salt = endp + 1; ++ rounds = MAX (ROUNDS_MIN, MIN (srounds, ROUNDS_MAX)); ++ rounds_custom = true; ++ } ++ } ++ ++ salt_len = MIN (strcspn (salt, "$"), SALT_LEN_MAX); ++ key_len = strlen (key); ++ ++ if ((key - (char *) 0) % __alignof__ (uint64_t) != 0) ++ { ++ char *tmp = (char *) alloca (key_len + __alignof__ (uint64_t)); ++ key = copied_key = ++ memcpy (tmp + __alignof__ (uint64_t) ++ - (tmp - (char *) 0) % __alignof__ (uint64_t), ++ key, key_len); ++ assert ((key - (char *) 0) % __alignof__ (uint64_t) == 0); ++ } ++ ++ if ((salt - (char *) 0) % __alignof__ (uint64_t) != 0) ++ { ++ char *tmp = (char *) alloca (salt_len + __alignof__ (uint64_t)); ++ salt = copied_salt = ++ memcpy (tmp + __alignof__ (uint64_t) ++ - (tmp - (char *) 0) % __alignof__ (uint64_t), ++ salt, salt_len); ++ assert ((salt - (char *) 0) % __alignof__ (uint64_t) == 0); ++ } ++ ++ struct sha512_ctx ctx; ++ struct sha512_ctx alt_ctx; ++ ++ /* Prepare for the real work. */ ++ __sha512_init_ctx (&ctx); ++ ++ /* Add the key string. */ ++ __sha512_process_bytes (key, key_len, &ctx); ++ ++ /* The last part is the salt string. This must be at most 16 ++ characters and it ends at the first `$' character. */ ++ __sha512_process_bytes (salt, salt_len, &ctx); ++ ++ ++ /* Compute alternate SHA512 sum with input KEY, SALT, and KEY. The ++ final result will be added to the first context. */ ++ __sha512_init_ctx (&alt_ctx); ++ ++ /* Add key. */ ++ __sha512_process_bytes (key, key_len, &alt_ctx); ++ ++ /* Add salt. */ ++ __sha512_process_bytes (salt, salt_len, &alt_ctx); ++ ++ /* Add key again. */ ++ __sha512_process_bytes (key, key_len, &alt_ctx); ++ ++ /* Now get result of this (64 bytes) and add it to the other ++ context. */ ++ __sha512_finish_ctx (&alt_ctx, alt_result); ++ ++ /* Add for any character in the key one byte of the alternate sum. */ ++ for (cnt = key_len; cnt > 64; cnt -= 64) ++ __sha512_process_bytes (alt_result, 64, &ctx); ++ ++ __sha512_process_bytes (alt_result, cnt, &ctx); ++ ++ /* Take the binary representation of the length of the key and for every ++ 1 add the alternate sum, for every 0 the key. */ ++ for (cnt = key_len; cnt > 0; cnt >>= 1) ++ if ((cnt & 1) != 0) ++ __sha512_process_bytes (alt_result, 64, &ctx); ++ else ++ __sha512_process_bytes (key, key_len, &ctx); ++ ++ /* Create intermediate result. */ ++ __sha512_finish_ctx (&ctx, alt_result); ++ ++ /* Start computation of P byte sequence. */ ++ __sha512_init_ctx (&alt_ctx); ++ ++ /* For every character in the password add the entire password. */ ++ for (cnt = 0; cnt < key_len; ++cnt) ++ __sha512_process_bytes (key, key_len, &alt_ctx); ++ ++ /* Finish the digest. */ ++ __sha512_finish_ctx (&alt_ctx, temp_result); ++ ++ /* Create byte sequence P. */ ++ cp = p_bytes = alloca (key_len); ++ for (cnt = key_len; cnt >= 64; cnt -= 64) ++ cp = mempcpy (cp, temp_result, 64); ++ memcpy (cp, temp_result, cnt); ++ ++ /* Start computation of S byte sequence. */ ++ __sha512_init_ctx (&alt_ctx); ++ ++ /* For every character in the password add the entire password. */ ++ for (cnt = 0; cnt < 16 + alt_result[0]; ++cnt) ++ __sha512_process_bytes (salt, salt_len, &alt_ctx); ++ ++ /* Finish the digest. */ ++ __sha512_finish_ctx (&alt_ctx, temp_result); ++ ++ /* Create byte sequence S. */ ++ cp = s_bytes = alloca (salt_len); ++ for (cnt = salt_len; cnt >= 64; cnt -= 64) ++ cp = mempcpy (cp, temp_result, 64); ++ memcpy (cp, temp_result, cnt); ++ ++ /* Repeatedly run the collected hash value through SHA512 to burn ++ CPU cycles. */ ++ for (cnt = 0; cnt < rounds; ++cnt) ++ { ++ /* New context. */ ++ __sha512_init_ctx (&ctx); ++ ++ /* Add key or last result. */ ++ if ((cnt & 1) != 0) ++ __sha512_process_bytes (p_bytes, key_len, &ctx); ++ else ++ __sha512_process_bytes (alt_result, 64, &ctx); ++ ++ /* Add salt for numbers not divisible by 3. */ ++ if (cnt % 3 != 0) ++ __sha512_process_bytes (s_bytes, salt_len, &ctx); ++ ++ /* Add key for numbers not divisible by 7. */ ++ if (cnt % 7 != 0) ++ __sha512_process_bytes (p_bytes, key_len, &ctx); ++ ++ /* Add key or last result. */ ++ if ((cnt & 1) != 0) ++ __sha512_process_bytes (alt_result, 64, &ctx); ++ else ++ __sha512_process_bytes (p_bytes, key_len, &ctx); ++ ++ /* Create intermediate result. */ ++ __sha512_finish_ctx (&ctx, alt_result); ++ } ++ ++ /* Now we can construct the result string. It consists of three ++ parts. */ ++ cp = stpncpy (buffer, sha512_salt_prefix, MAX (0, buflen)); ++ buflen -= sizeof (sha512_salt_prefix) - 1; ++ ++ if (rounds_custom) ++ { ++ int n = snprintf (cp, MAX (0, buflen), "%s%zu$", ++ sha512_rounds_prefix, rounds); ++ cp += n; ++ buflen -= n; ++ } ++ ++ cp = stpncpy (cp, salt, MIN ((size_t) MAX (0, buflen), salt_len)); ++ buflen -= MIN ((size_t) MAX (0, buflen), salt_len); ++ ++ if (buflen > 0) ++ { ++ *cp++ = '$'; ++ --buflen; ++ } ++ ++ B64_FROM_24BIT (alt_result[0], alt_result[21], alt_result[42], 4); ++ B64_FROM_24BIT (alt_result[22], alt_result[43], alt_result[1], 4); ++ B64_FROM_24BIT (alt_result[44], alt_result[2], alt_result[23], 4); ++ B64_FROM_24BIT (alt_result[3], alt_result[24], alt_result[45], 4); ++ B64_FROM_24BIT (alt_result[25], alt_result[46], alt_result[4], 4); ++ B64_FROM_24BIT (alt_result[47], alt_result[5], alt_result[26], 4); ++ B64_FROM_24BIT (alt_result[6], alt_result[27], alt_result[48], 4); ++ B64_FROM_24BIT (alt_result[28], alt_result[49], alt_result[7], 4); ++ B64_FROM_24BIT (alt_result[50], alt_result[8], alt_result[29], 4); ++ B64_FROM_24BIT (alt_result[9], alt_result[30], alt_result[51], 4); ++ B64_FROM_24BIT (alt_result[31], alt_result[52], alt_result[10], 4); ++ B64_FROM_24BIT (alt_result[53], alt_result[11], alt_result[32], 4); ++ B64_FROM_24BIT (alt_result[12], alt_result[33], alt_result[54], 4); ++ B64_FROM_24BIT (alt_result[34], alt_result[55], alt_result[13], 4); ++ B64_FROM_24BIT (alt_result[56], alt_result[14], alt_result[35], 4); ++ B64_FROM_24BIT (alt_result[15], alt_result[36], alt_result[57], 4); ++ B64_FROM_24BIT (alt_result[37], alt_result[58], alt_result[16], 4); ++ B64_FROM_24BIT (alt_result[59], alt_result[17], alt_result[38], 4); ++ B64_FROM_24BIT (alt_result[18], alt_result[39], alt_result[60], 4); ++ B64_FROM_24BIT (alt_result[40], alt_result[61], alt_result[19], 4); ++ B64_FROM_24BIT (alt_result[62], alt_result[20], alt_result[41], 4); ++ B64_FROM_24BIT (0, 0, alt_result[63], 2); ++ ++ if (buflen <= 0) ++ { ++ __set_errno (ERANGE); ++ buffer = NULL; ++ } ++ else ++ *cp = '\0'; /* Terminate the string. */ ++ ++ /* Clear the buffer for the intermediate result so that people ++ attaching to processes or reading core dumps cannot get any ++ information. We do it in this way to clear correct_words[] ++ inside the SHA512 implementation as well. */ ++ __sha512_init_ctx (&ctx); ++ __sha512_finish_ctx (&ctx, alt_result); ++ memset (&ctx, '\0', sizeof (ctx)); ++ memset (&alt_ctx, '\0', sizeof (alt_ctx)); ++ ++ memset (temp_result, '\0', sizeof (temp_result)); ++ memset (p_bytes, '\0', key_len); ++ memset (s_bytes, '\0', salt_len); ++ if (copied_key != NULL) ++ memset (copied_key, '\0', key_len); ++ if (copied_salt != NULL) ++ memset (copied_salt, '\0', salt_len); ++ ++ return buffer; ++} ++ ++static char *buffer; ++ ++/* This entry point is equivalent to the `crypt' function in Unix ++ libcs. */ ++char * ++__sha512_crypt (const unsigned char *key, const unsigned char *salt) ++{ ++ /* We don't want to have an arbitrary limit in the size of the ++ password. We can compute an upper bound for the size of the ++ result in advance and so we can prepare the buffer we pass to ++ `sha512_crypt_r'. */ ++ static int buflen; ++ int needed = (sizeof (sha512_salt_prefix) - 1 ++ + sizeof (sha512_rounds_prefix) + 9 + 1 ++ + strlen (salt) + 1 + 86 + 1); ++ ++ if (buflen < needed) ++ { ++ char *new_buffer = (char *) realloc (buffer, needed); ++ if (new_buffer == NULL) ++ return NULL; ++ ++ buffer = new_buffer; ++ buflen = needed; ++ } ++ ++ return __sha512_crypt_r ((const char *) key, (const char *) salt, buffer, buflen); ++} +diff --git a/libcrypt/sha512.c b/libcrypt/sha512.c +new file mode 100644 +index 0000000..04e0a06 +--- /dev/null ++++ b/libcrypt/sha512.c +@@ -0,0 +1,326 @@ ++/* Functions to compute SHA512 message digest of files or memory blocks. ++ according to the definition of SHA512 in FIPS 180-2. ++ Copyright (C) 2007 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, write to the Free ++ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA ++ 02111-1307 USA. */ ++ ++/* Written by Ulrich Drepper <drepper@redhat.com>, 2007. */ ++ ++#ifdef HAVE_CONFIG_H ++# include <config.h> ++#endif ++ ++#include <endian.h> ++#include <stdlib.h> ++#include <string.h> ++#include <sys/types.h> ++ ++#include "sha512.h" ++ ++#if __BYTE_ORDER == __LITTLE_ENDIAN ++# ifdef _LIBC ++# include <byteswap.h> ++# define SWAP(n) bswap_64 (n) ++# else ++# define SWAP(n) \ ++ (((n) << 56) \ ++ | (((n) & 0xff00) << 40) \ ++ | (((n) & 0xff0000) << 24) \ ++ | (((n) & 0xff000000) << 8) \ ++ | (((n) >> 8) & 0xff000000) \ ++ | (((n) >> 24) & 0xff0000) \ ++ | (((n) >> 40) & 0xff00) \ ++ | ((n) >> 56)) ++# endif ++#else ++# define SWAP(n) (n) ++#endif ++ ++ ++/* This array contains the bytes used to pad the buffer to the next ++ 64-byte boundary. (FIPS 180-2:5.1.2) */ ++static const unsigned char fillbuf[128] = { 0x80, 0 /* , 0, 0, ... */ }; ++ ++ ++/* Constants for SHA512 from FIPS 180-2:4.2.3. */ ++static const uint64_t K[80] = ++ { ++ UINT64_C (0x428a2f98d728ae22), UINT64_C (0x7137449123ef65cd), ++ UINT64_C (0xb5c0fbcfec4d3b2f), UINT64_C (0xe9b5dba58189dbbc), ++ UINT64_C (0x3956c25bf348b538), UINT64_C (0x59f111f1b605d019), ++ UINT64_C (0x923f82a4af194f9b), UINT64_C (0xab1c5ed5da6d8118), ++ UINT64_C (0xd807aa98a3030242), UINT64_C (0x12835b0145706fbe), ++ UINT64_C (0x243185be4ee4b28c), UINT64_C (0x550c7dc3d5ffb4e2), ++ UINT64_C (0x72be5d74f27b896f), UINT64_C (0x80deb1fe3b1696b1), ++ UINT64_C (0x9bdc06a725c71235), UINT64_C (0xc19bf174cf692694), ++ UINT64_C (0xe49b69c19ef14ad2), UINT64_C (0xefbe4786384f25e3), ++ UINT64_C (0x0fc19dc68b8cd5b5), UINT64_C (0x240ca1cc77ac9c65), ++ UINT64_C (0x2de92c6f592b0275), UINT64_C (0x4a7484aa6ea6e483), ++ UINT64_C (0x5cb0a9dcbd41fbd4), UINT64_C (0x76f988da831153b5), ++ UINT64_C (0x983e5152ee66dfab), UINT64_C (0xa831c66d2db43210), ++ UINT64_C (0xb00327c898fb213f), UINT64_C (0xbf597fc7beef0ee4), ++ UINT64_C (0xc6e00bf33da88fc2), UINT64_C (0xd5a79147930aa725), ++ UINT64_C (0x06ca6351e003826f), UINT64_C (0x142929670a0e6e70), ++ UINT64_C (0x27b70a8546d22ffc), UINT64_C (0x2e1b21385c26c926), ++ UINT64_C (0x4d2c6dfc5ac42aed), UINT64_C (0x53380d139d95b3df), ++ UINT64_C (0x650a73548baf63de), UINT64_C (0x766a0abb3c77b2a8), ++ UINT64_C (0x81c2c92e47edaee6), UINT64_C (0x92722c851482353b), ++ UINT64_C (0xa2bfe8a14cf10364), UINT64_C (0xa81a664bbc423001), ++ UINT64_C (0xc24b8b70d0f89791), UINT64_C (0xc76c51a30654be30), ++ UINT64_C (0xd192e819d6ef5218), UINT64_C (0xd69906245565a910), ++ UINT64_C (0xf40e35855771202a), UINT64_C (0x106aa07032bbd1b8), ++ UINT64_C (0x19a4c116b8d2d0c8), UINT64_C (0x1e376c085141ab53), ++ UINT64_C (0x2748774cdf8eeb99), UINT64_C (0x34b0bcb5e19b48a8), ++ UINT64_C (0x391c0cb3c5c95a63), UINT64_C (0x4ed8aa4ae3418acb), ++ UINT64_C (0x5b9cca4f7763e373), UINT64_C (0x682e6ff3d6b2b8a3), ++ UINT64_C (0x748f82ee5defb2fc), UINT64_C (0x78a5636f43172f60), ++ UINT64_C (0x84c87814a1f0ab72), UINT64_C (0x8cc702081a6439ec), ++ UINT64_C (0x90befffa23631e28), UINT64_C (0xa4506cebde82bde9), ++ UINT64_C (0xbef9a3f7b2c67915), UINT64_C (0xc67178f2e372532b), ++ UINT64_C (0xca273eceea26619c), UINT64_C (0xd186b8c721c0c207), ++ UINT64_C (0xeada7dd6cde0eb1e), UINT64_C (0xf57d4f7fee6ed178), ++ UINT64_C (0x06f067aa72176fba), UINT64_C (0x0a637dc5a2c898a6), ++ UINT64_C (0x113f9804bef90dae), UINT64_C (0x1b710b35131c471b), ++ UINT64_C (0x28db77f523047d84), UINT64_C (0x32caab7b40c72493), ++ UINT64_C (0x3c9ebe0a15c9bebc), UINT64_C (0x431d67c49c100d4c), ++ UINT64_C (0x4cc5d4becb3e42b6), UINT64_C (0x597f299cfc657e2a), ++ UINT64_C (0x5fcb6fab3ad6faec), UINT64_C (0x6c44198c4a475817) ++ }; ++ ++ ++/* Process LEN bytes of BUFFER, accumulating context into CTX. ++ It is assumed that LEN % 128 == 0. */ ++static void ++sha512_process_block (const void *buffer, size_t len, struct sha512_ctx *ctx) ++{ ++ const uint64_t *words = buffer; ++ size_t nwords = len / sizeof (uint64_t); ++ uint64_t a = ctx->H[0]; ++ uint64_t b = ctx->H[1]; ++ uint64_t c = ctx->H[2]; ++ uint64_t d = ctx->H[3]; ++ uint64_t e = ctx->H[4]; ++ uint64_t f = ctx->H[5]; ++ uint64_t g = ctx->H[6]; ++ uint64_t h = ctx->H[7]; ++ ++ /* First increment the byte count. FIPS 180-2 specifies the possible ++ length of the file up to 2^128 bits. Here we only compute the ++ number of bytes. Do a double word increment. */ ++ ctx->total[0] += len; ++ if (ctx->total[0] < len) ++ ++ctx->total[1]; ++ ++ /* Process all bytes in the buffer with 128 bytes in each round of ++ the loop. */ ++ while (nwords > 0) ++ { ++ uint64_t W[80]; ++ uint64_t a_save = a; ++ uint64_t b_save = b; ++ uint64_t c_save = c; ++ uint64_t d_save = d; ++ uint64_t e_save = e; ++ uint64_t f_save = f; ++ uint64_t g_save = g; ++ uint64_t h_save = h; ++ ++ /* Operators defined in FIPS 180-2:4.1.2. */ ++#define Ch(x, y, z) ((x & y) ^ (~x & z)) ++#define Maj(x, y, z) ((x & y) ^ (x & z) ^ (y & z)) ++#define S0(x) (CYCLIC (x, 28) ^ CYCLIC (x, 34) ^ CYCLIC (x, 39)) ++#define S1(x) (CYCLIC (x, 14) ^ CYCLIC (x, 18) ^ CYCLIC (x, 41)) ++#define R0(x) (CYCLIC (x, 1) ^ CYCLIC (x, 8) ^ (x >> 7)) ++#define R1(x) (CYCLIC (x, 19) ^ CYCLIC (x, 61) ^ (x >> 6)) ++ ++ /* It is unfortunate that C does not provide an operator for ++ cyclic rotation. Hope the C compiler is smart enough. */ ++#define CYCLIC(w, s) ((w >> s) | (w << (64 - s))) ++ ++ /* Compute the message schedule according to FIPS 180-2:6.3.2 step 2. */ ++ for (unsigned int t = 0; t < 16; ++t) ++ { ++ W[t] = SWAP (*words); ++ ++words; ++ } ++ for (unsigned int t = 16; t < 80; ++t) ++ W[t] = R1 (W[t - 2]) + W[t - 7] + R0 (W[t - 15]) + W[t - 16]; ++ ++ /* The actual computation according to FIPS 180-2:6.3.2 step 3. */ ++ for (unsigned int t = 0; t < 80; ++t) ++ { ++ uint64_t T1 = h + S1 (e) + Ch (e, f, g) + K[t] + W[t]; ++ uint64_t T2 = S0 (a) + Maj (a, b, c); ++ h = g; ++ g = f; ++ f = e; ++ e = d + T1; ++ d = c; ++ c = b; ++ b = a; ++ a = T1 + T2; ++ } ++ ++ /* Add the starting values of the context according to FIPS 180-2:6.3.2 ++ step 4. */ ++ a += a_save; ++ b += b_save; ++ c += c_save; ++ d += d_save; ++ e += e_save; ++ f += f_save; ++ g += g_save; ++ h += h_save; ++ ++ /* Prepare for the next round. */ ++ nwords -= 16; ++ } ++ ++ /* Put checksum in context given as argument. */ ++ ctx->H[0] = a; ++ ctx->H[1] = b; ++ ctx->H[2] = c; ++ ctx->H[3] = d; ++ ctx->H[4] = e; ++ ctx->H[5] = f; ++ ctx->H[6] = g; ++ ctx->H[7] = h; ++} ++ ++ ++/* Initialize structure containing state of computation. ++ (FIPS 180-2:5.3.3) */ ++void ++__sha512_init_ctx (struct sha512_ctx *ctx) ++{ ++ ctx->H[0] = UINT64_C (0x6a09e667f3bcc908); ++ ctx->H[1] = UINT64_C (0xbb67ae8584caa73b); ++ ctx->H[2] = UINT64_C (0x3c6ef372fe94f82b); ++ ctx->H[3] = UINT64_C (0xa54ff53a5f1d36f1); ++ ctx->H[4] = UINT64_C (0x510e527fade682d1); ++ ctx->H[5] = UINT64_C (0x9b05688c2b3e6c1f); ++ ctx->H[6] = UINT64_C (0x1f83d9abfb41bd6b); ++ ctx->H[7] = UINT64_C (0x5be0cd19137e2179); ++ ++ ctx->total[0] = ctx->total[1] = 0; ++ ctx->buflen = 0; ++} ++ ++ ++/* Process the remaining bytes in the internal buffer and the usual ++ prolog according to the standard and write the result to RESBUF. ++ ++ IMPORTANT: On some systems it is required that RESBUF is correctly ++ aligned for a 32 bits value. */ ++void * ++__sha512_finish_ctx (struct sha512_ctx *ctx, void *resbuf) ++{ ++ /* Take yet unprocessed bytes into account. */ ++ uint64_t bytes = ctx->buflen; ++ size_t pad; ++ ++ /* Now count remaining bytes. */ ++ ctx->total[0] += bytes; ++ if (ctx->total[0] < bytes) ++ ++ctx->total[1]; ++ ++ pad = bytes >= 112 ? 128 + 112 - bytes : 112 - bytes; ++ memcpy (&ctx->buffer[bytes], fillbuf, pad); ++ ++ /* Put the 128-bit file length in *bits* at the end of the buffer. */ ++ *(uint64_t *) &ctx->buffer[bytes + pad + 8] = SWAP (ctx->total[0] << 3); ++ *(uint64_t *) &ctx->buffer[bytes + pad] = SWAP ((ctx->total[1] << 3) | ++ (ctx->total[0] >> 61)); ++ ++ /* Process last bytes. */ ++ sha512_process_block (ctx->buffer, bytes + pad + 16, ctx); ++ ++ /* Put result from CTX in first 64 bytes following RESBUF. */ ++ for (unsigned int i = 0; i < 8; ++i) ++ ((uint64_t *) resbuf)[i] = SWAP (ctx->H[i]); ++ ++ return resbuf; ++} ++ ++ ++void ++__sha512_process_bytes (const void *buffer, size_t len, struct sha512_ctx *ctx) ++{ ++ /* When we already have some bits in our internal buffer concatenate ++ both inputs first. */ ++ if (ctx->buflen != 0) ++ { ++ size_t left_over = ctx->buflen; ++ size_t add = 256 - left_over > len ? len : 256 - left_over; ++ ++ memcpy (&ctx->buffer[left_over], buffer, add); ++ ctx->buflen += add; ++ ++ if (ctx->buflen > 128) ++ { ++ sha512_process_block (ctx->buffer, ctx->buflen & ~127, ctx); ++ ++ ctx->buflen &= 127; ++ /* The regions in the following copy operation cannot overlap. */ ++ memcpy (ctx->buffer, &ctx->buffer[(left_over + add) & ~127], ++ ctx->buflen); ++ } ++ ++ buffer = (const char *) buffer + add; ++ len -= add; ++ } ++ ++ /* Process available complete blocks. */ ++ if (len >= 128) ++ { ++#if __GNUC__ >= 2 ++# define UNALIGNED_P(p) (((uintptr_t) p) % __alignof__ (uint64_t) != 0) ++#else ++# define UNALIGNED_P(p) (((uintptr_t) p) % sizeof (uint64_t) != 0) ++#endif ++ if (UNALIGNED_P (buffer)) ++ while (len > 128) ++ { ++ sha512_process_block (memcpy (ctx->buffer, buffer, 128), 128, ++ ctx); ++ buffer = (const char *) buffer + 128; ++ len -= 128; ++ } ++ else ++ { ++ sha512_process_block (buffer, len & ~127, ctx); ++ buffer = (const char *) buffer + (len & ~127); ++ len &= 127; ++ } ++ } ++ ++ /* Move remaining bytes into internal buffer. */ ++ if (len > 0) ++ { ++ size_t left_over = ctx->buflen; ++ ++ memcpy (&ctx->buffer[left_over], buffer, len); ++ left_over += len; ++ if (left_over >= 128) ++ { ++ sha512_process_block (ctx->buffer, 128, ctx); ++ left_over -= 128; ++ memcpy (ctx->buffer, &ctx->buffer[128], left_over); ++ } ++ ctx->buflen = left_over; ++ } ++} +diff --git a/libcrypt/sha512.h b/libcrypt/sha512.h +new file mode 100644 +index 0000000..5777827 +--- /dev/null ++++ b/libcrypt/sha512.h +@@ -0,0 +1,58 @@ ++/* Declaration of functions and data types used for SHA512 sum computing ++ library functions. ++ Copyright (C) 2007 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, write to the Free ++ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA ++ 02111-1307 USA. */ ++ ++#ifndef _SHA512_H ++#define _SHA512_H 1 ++ ++#include <limits.h> ++#include <stdint.h> ++#include <stdio.h> ++ ++ ++/* Structure to save state of computation between the single steps. */ ++struct sha512_ctx ++{ ++ uint64_t H[8]; ++ ++ uint64_t total[2]; ++ uint64_t buflen; ++ char buffer[256] __attribute__ ((__aligned__ (__alignof__ (uint64_t)))); ++}; ++ ++/* Initialize structure containing state of computation. ++ (FIPS 180-2: 5.3.3) */ ++extern void __sha512_init_ctx (struct sha512_ctx *ctx) attribute_hidden; ++ ++/* Starting with the result of former calls of this function (or the ++ initialization function update the context for the next LEN bytes ++ starting at BUFFER. ++ It is NOT required that LEN is a multiple of 128. */ ++extern void __sha512_process_bytes (const void *buffer, size_t len, ++ struct sha512_ctx *ctx) attribute_hidden; ++ ++/* Process the remaining bytes in the buffer and put result from CTX ++ in first 64 bytes following RESBUF. ++ ++ IMPORTANT: On some systems it is required that RESBUF is correctly ++ aligned for a 64 bits value. */ ++extern void *__sha512_finish_ctx (struct sha512_ctx *ctx, void *resbuf) ++ attribute_hidden; ++ ++#endif /* sha512.h */ +-- +1.7.8 + diff --git a/main/libc0.9.32/0021-libcrypt-add-support-for-SHA256-CRYPT-password-hashi.patch b/main/libc0.9.32/0021-libcrypt-add-support-for-SHA256-CRYPT-password-hashi.patch new file mode 100644 index 0000000000..b49e6da810 --- /dev/null +++ b/main/libc0.9.32/0021-libcrypt-add-support-for-SHA256-CRYPT-password-hashi.patch @@ -0,0 +1,789 @@ +From 243a437f9345fd7182bb4b2f60d892cc86794e8d Mon Sep 17 00:00:00 2001 +From: William Pitcock <nenolod@dereferenced.org> +Date: Mon, 19 Dec 2011 01:25:09 -0600 +Subject: [PATCH] libcrypt: add support for SHA256-CRYPT password hashing + +This is based on Ulrich Drepper's implementation in GLIBC, but hacked up to work +in uClibc. The differences from the GLIBC version are as follows: + +- b64_from_24bit() has been converted into a macro +- Usage of GLIBC-isms (such as libc_freeres_ptr) have been removed + +It is enabled by the UCLIBC_HAS_SHA256_CRYPT_IMPL configuration symbol. You must +have UCLIBC_HAS_CRYPT_IMPL enabled as well. + +Signed-off-by: William Pitcock <nenolod@dereferenced.org> +Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com> +(cherry picked from commit 3ac5fd7ecaeb6721d812c2b93e446bf9a31acdde) +--- + extra/Configs/Config.in | 7 + + libcrypt/Makefile.in | 1 + + libcrypt/crypt.c | 3 + + libcrypt/libcrypt.h | 2 + + libcrypt/sha256-crypt.c | 326 +++++++++++++++++++++++++++++++++++++++++++++++ + libcrypt/sha256.c | 294 ++++++++++++++++++++++++++++++++++++++++++ + libcrypt/sha256.h | 58 +++++++++ + 7 files changed, 691 insertions(+), 0 deletions(-) + create mode 100644 libcrypt/sha256-crypt.c + create mode 100644 libcrypt/sha256.c + create mode 100644 libcrypt/sha256.h + +diff --git a/extra/Configs/Config.in b/extra/Configs/Config.in +index eec3ee9..66e4efb 100644 +--- a/extra/Configs/Config.in ++++ b/extra/Configs/Config.in +@@ -1137,6 +1137,13 @@ config UCLIBC_HAS_CRYPT_IMPL + help + libcrypt contains crypt(), setkey() and encrypt() + ++config UCLIBC_HAS_SHA256_CRYPT_IMPL ++ bool "libcrypt SHA256 support" ++ depends on UCLIBC_HAS_CRYPT_IMPL ++ help ++ This adds support for SHA256 password hashing via the crypt() function. ++ Say N here if you do not need SHA256 crypt support. ++ + config UCLIBC_HAS_SHA512_CRYPT_IMPL + bool "libcrypt SHA512 support" + depends on UCLIBC_HAS_CRYPT_IMPL +diff --git a/libcrypt/Makefile.in b/libcrypt/Makefile.in +index 2fceaed..94753f4 100644 +--- a/libcrypt/Makefile.in ++++ b/libcrypt/Makefile.in +@@ -21,6 +21,7 @@ libcrypt_OUT := $(top_builddir)libcrypt + + libcrypt_SRC-y := + libcrypt_SRC-$(UCLIBC_HAS_CRYPT_IMPL) += crypt.c des.c md5.c ++libcrypt_SRC-$(UCLIBC_HAS_SHA256_CRYPT_IMPL) += sha256.c sha256-crypt.c + libcrypt_SRC-$(UCLIBC_HAS_SHA512_CRYPT_IMPL) += sha512.c sha512-crypt.c + libcrypt_SRC-$(UCLIBC_HAS_CRYPT_STUB) += crypt_stub.c + +diff --git a/libcrypt/crypt.c b/libcrypt/crypt.c +index b5bf9ee..188a6a0 100644 +--- a/libcrypt/crypt.c ++++ b/libcrypt/crypt.c +@@ -19,6 +19,9 @@ static const struct { + const crypt_impl_f crypt_impl; + } crypt_impl_tab[] = { + { "$1$", __md5_crypt }, ++#ifdef __UCLIBC_HAS_SHA256_CRYPT_IMPL__ ++ { "$5$", __sha256_crypt }, ++#endif + #ifdef __UCLIBC_HAS_SHA512_CRYPT_IMPL__ + { "$6$", __sha512_crypt }, + #endif +diff --git a/libcrypt/libcrypt.h b/libcrypt/libcrypt.h +index fcad6ae..67733d1 100644 +--- a/libcrypt/libcrypt.h ++++ b/libcrypt/libcrypt.h +@@ -9,9 +9,11 @@ + #define __LIBCRYPT_H__ + + extern char *__md5_crypt(const unsigned char *pw, const unsigned char *salt) attribute_hidden; ++extern char *__sha256_crypt(const unsigned char *pw, const unsigned char *salt) attribute_hidden; + extern char *__sha512_crypt(const unsigned char *pw, const unsigned char *salt) attribute_hidden; + extern char *__des_crypt(const unsigned char *pw, const unsigned char *salt) attribute_hidden; + ++extern char *__sha256_crypt_r (const char *key, const char *salt, char *buffer, int buflen) attribute_hidden; + extern char *__sha512_crypt_r (const char *key, const char *salt, char *buffer, int buflen) attribute_hidden; + + /* shut up gcc-4.x signed warnings */ +diff --git a/libcrypt/sha256-crypt.c b/libcrypt/sha256-crypt.c +new file mode 100644 +index 0000000..4422148 +--- /dev/null ++++ b/libcrypt/sha256-crypt.c +@@ -0,0 +1,326 @@ ++/* One way encryption based on SHA256 sum. ++ Copyright (C) 2007, 2009 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ Contributed by Ulrich Drepper <drepper@redhat.com>, 2007. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, write to the Free ++ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA ++ 02111-1307 USA. */ ++ ++#include <assert.h> ++#include <errno.h> ++#include <stdbool.h> ++#include <stdlib.h> ++#include <string.h> ++#include <sys/param.h> ++ ++#include "sha256.h" ++#include "libcrypt.h" ++ ++/* Define our magic string to mark salt for SHA256 "encryption" ++ replacement. */ ++static const char sha256_salt_prefix[] = "$5$"; ++ ++/* Prefix for optional rounds specification. */ ++static const char sha256_rounds_prefix[] = "rounds="; ++ ++/* Maximum salt string length. */ ++#define SALT_LEN_MAX 16 ++/* Default number of rounds if not explicitly specified. */ ++#define ROUNDS_DEFAULT 5000 ++/* Minimum number of rounds. */ ++#define ROUNDS_MIN 1000 ++/* Maximum number of rounds. */ ++#define ROUNDS_MAX 999999999 ++ ++/* Table with characters for base64 transformation. */ ++static const char b64t[64] = ++"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; ++ ++#define B64_FROM_24BIT(b2, b1, b0, steps) \ ++ { \ ++ int n = (steps); \ ++ unsigned int w = ((b2) << 16) | ((b1) << 8) | (b0); \ ++ while (n-- > 0 && buflen > 0) \ ++ { \ ++ *cp++ = b64t[w & 0x3f]; \ ++ --buflen; \ ++ w >>= 6; \ ++ } \ ++ } ++ ++char * ++__sha256_crypt_r (const char *key, ++ const char *salt, ++ char *buffer, ++ int buflen) ++{ ++ unsigned char alt_result[32] ++ __attribute__ ((__aligned__ (__alignof__ (uint32_t)))); ++ unsigned char temp_result[32] ++ __attribute__ ((__aligned__ (__alignof__ (uint32_t)))); ++ size_t salt_len; ++ size_t key_len; ++ size_t cnt; ++ char *cp; ++ char *copied_key = NULL; ++ char *copied_salt = NULL; ++ char *p_bytes; ++ char *s_bytes; ++ /* Default number of rounds. */ ++ size_t rounds = ROUNDS_DEFAULT; ++ bool rounds_custom = false; ++ ++ /* Find beginning of salt string. The prefix should normally always ++ be present. Just in case it is not. */ ++ if (strncmp (sha256_salt_prefix, salt, sizeof (sha256_salt_prefix) - 1) == 0) ++ /* Skip salt prefix. */ ++ salt += sizeof (sha256_salt_prefix) - 1; ++ ++ if (strncmp (salt, sha256_rounds_prefix, sizeof (sha256_rounds_prefix) - 1) ++ == 0) ++ { ++ const char *num = salt + sizeof (sha256_rounds_prefix) - 1; ++ char *endp; ++ unsigned long int srounds = strtoul (num, &endp, 10); ++ if (*endp == '$') ++ { ++ salt = endp + 1; ++ rounds = MAX (ROUNDS_MIN, MIN (srounds, ROUNDS_MAX)); ++ rounds_custom = true; ++ } ++ } ++ ++ salt_len = MIN (strcspn (salt, "$"), SALT_LEN_MAX); ++ key_len = strlen (key); ++ ++ if ((key - (char *) 0) % __alignof__ (uint32_t) != 0) ++ { ++ char *tmp = (char *) alloca (key_len + __alignof__ (uint32_t)); ++ key = copied_key = ++ memcpy (tmp + __alignof__ (uint32_t) ++ - (tmp - (char *) 0) % __alignof__ (uint32_t), ++ key, key_len); ++ assert ((key - (char *) 0) % __alignof__ (uint32_t) == 0); ++ } ++ ++ if ((salt - (char *) 0) % __alignof__ (uint32_t) != 0) ++ { ++ char *tmp = (char *) alloca (salt_len + __alignof__ (uint32_t)); ++ salt = copied_salt = ++ memcpy (tmp + __alignof__ (uint32_t) ++ - (tmp - (char *) 0) % __alignof__ (uint32_t), ++ salt, salt_len); ++ assert ((salt - (char *) 0) % __alignof__ (uint32_t) == 0); ++ } ++ ++ struct sha256_ctx ctx; ++ struct sha256_ctx alt_ctx; ++ ++ /* Prepare for the real work. */ ++ __sha256_init_ctx (&ctx); ++ ++ /* Add the key string. */ ++ __sha256_process_bytes (key, key_len, &ctx); ++ ++ /* The last part is the salt string. This must be at most 16 ++ characters and it ends at the first `$' character. */ ++ __sha256_process_bytes (salt, salt_len, &ctx); ++ ++ ++ /* Compute alternate SHA256 sum with input KEY, SALT, and KEY. The ++ final result will be added to the first context. */ ++ __sha256_init_ctx (&alt_ctx); ++ ++ /* Add key. */ ++ __sha256_process_bytes (key, key_len, &alt_ctx); ++ ++ /* Add salt. */ ++ __sha256_process_bytes (salt, salt_len, &alt_ctx); ++ ++ /* Add key again. */ ++ __sha256_process_bytes (key, key_len, &alt_ctx); ++ ++ /* Now get result of this (32 bytes) and add it to the other ++ context. */ ++ __sha256_finish_ctx (&alt_ctx, alt_result); ++ ++ /* Add for any character in the key one byte of the alternate sum. */ ++ for (cnt = key_len; cnt > 32; cnt -= 32) ++ __sha256_process_bytes (alt_result, 32, &ctx); ++ __sha256_process_bytes (alt_result, cnt, &ctx); ++ ++ /* Take the binary representation of the length of the key and for every ++ 1 add the alternate sum, for every 0 the key. */ ++ for (cnt = key_len; cnt > 0; cnt >>= 1) ++ if ((cnt & 1) != 0) ++ __sha256_process_bytes (alt_result, 32, &ctx); ++ else ++ __sha256_process_bytes (key, key_len, &ctx); ++ ++ /* Create intermediate result. */ ++ __sha256_finish_ctx (&ctx, alt_result); ++ ++ /* Start computation of P byte sequence. */ ++ __sha256_init_ctx (&alt_ctx); ++ ++ /* For every character in the password add the entire password. */ ++ for (cnt = 0; cnt < key_len; ++cnt) ++ __sha256_process_bytes (key, key_len, &alt_ctx); ++ ++ /* Finish the digest. */ ++ __sha256_finish_ctx (&alt_ctx, temp_result); ++ ++ /* Create byte sequence P. */ ++ cp = p_bytes = alloca (key_len); ++ for (cnt = key_len; cnt >= 32; cnt -= 32) ++ cp = mempcpy (cp, temp_result, 32); ++ memcpy (cp, temp_result, cnt); ++ ++ /* Start computation of S byte sequence. */ ++ __sha256_init_ctx (&alt_ctx); ++ ++ /* For every character in the password add the entire password. */ ++ for (cnt = 0; cnt < 16 + alt_result[0]; ++cnt) ++ __sha256_process_bytes (salt, salt_len, &alt_ctx); ++ ++ /* Finish the digest. */ ++ __sha256_finish_ctx (&alt_ctx, temp_result); ++ ++ /* Create byte sequence S. */ ++ cp = s_bytes = alloca (salt_len); ++ for (cnt = salt_len; cnt >= 32; cnt -= 32) ++ cp = mempcpy (cp, temp_result, 32); ++ memcpy (cp, temp_result, cnt); ++ ++ /* Repeatedly run the collected hash value through SHA256 to burn ++ CPU cycles. */ ++ for (cnt = 0; cnt < rounds; ++cnt) ++ { ++ /* New context. */ ++ __sha256_init_ctx (&ctx); ++ ++ /* Add key or last result. */ ++ if ((cnt & 1) != 0) ++ __sha256_process_bytes (p_bytes, key_len, &ctx); ++ else ++ __sha256_process_bytes (alt_result, 32, &ctx); ++ ++ /* Add salt for numbers not divisible by 3. */ ++ if (cnt % 3 != 0) ++ __sha256_process_bytes (s_bytes, salt_len, &ctx); ++ ++ /* Add key for numbers not divisible by 7. */ ++ if (cnt % 7 != 0) ++ __sha256_process_bytes (p_bytes, key_len, &ctx); ++ ++ /* Add key or last result. */ ++ if ((cnt & 1) != 0) ++ __sha256_process_bytes (alt_result, 32, &ctx); ++ else ++ __sha256_process_bytes (p_bytes, key_len, &ctx); ++ ++ /* Create intermediate result. */ ++ __sha256_finish_ctx (&ctx, alt_result); ++ } ++ ++ /* Now we can construct the result string. It consists of three ++ parts. */ ++ cp = stpncpy (buffer, sha256_salt_prefix, MAX (0, buflen)); ++ buflen -= sizeof (sha256_salt_prefix) - 1; ++ ++ if (rounds_custom) ++ { ++ int n = snprintf (cp, MAX (0, buflen), "%s%zu$", ++ sha256_rounds_prefix, rounds); ++ cp += n; ++ buflen -= n; ++ } ++ ++ cp = stpncpy (cp, salt, MIN ((size_t) MAX (0, buflen), salt_len)); ++ buflen -= MIN ((size_t) MAX (0, buflen), salt_len); ++ ++ if (buflen > 0) ++ { ++ *cp++ = '$'; ++ --buflen; ++ } ++ ++ B64_FROM_24BIT (alt_result[0], alt_result[10], alt_result[20], 4); ++ B64_FROM_24BIT (alt_result[21], alt_result[1], alt_result[11], 4); ++ B64_FROM_24BIT (alt_result[12], alt_result[22], alt_result[2], 4); ++ B64_FROM_24BIT (alt_result[3], alt_result[13], alt_result[23], 4); ++ B64_FROM_24BIT (alt_result[24], alt_result[4], alt_result[14], 4); ++ B64_FROM_24BIT (alt_result[15], alt_result[25], alt_result[5], 4); ++ B64_FROM_24BIT (alt_result[6], alt_result[16], alt_result[26], 4); ++ B64_FROM_24BIT (alt_result[27], alt_result[7], alt_result[17], 4); ++ B64_FROM_24BIT (alt_result[18], alt_result[28], alt_result[8], 4); ++ B64_FROM_24BIT (alt_result[9], alt_result[19], alt_result[29], 4); ++ B64_FROM_24BIT (0, alt_result[31], alt_result[30], 3); ++ if (buflen <= 0) ++ { ++ __set_errno (ERANGE); ++ buffer = NULL; ++ } ++ else ++ *cp = '\0'; /* Terminate the string. */ ++ ++ /* Clear the buffer for the intermediate result so that people ++ attaching to processes or reading core dumps cannot get any ++ information. We do it in this way to clear correct_words[] ++ inside the SHA256 implementation as well. */ ++ __sha256_init_ctx (&ctx); ++ __sha256_finish_ctx (&ctx, alt_result); ++ memset (&ctx, '\0', sizeof (ctx)); ++ memset (&alt_ctx, '\0', sizeof (alt_ctx)); ++ ++ memset (temp_result, '\0', sizeof (temp_result)); ++ memset (p_bytes, '\0', key_len); ++ memset (s_bytes, '\0', salt_len); ++ if (copied_key != NULL) ++ memset (copied_key, '\0', key_len); ++ if (copied_salt != NULL) ++ memset (copied_salt, '\0', salt_len); ++ ++ return buffer; ++} ++ ++static char *buffer; ++ ++/* This entry point is equivalent to the `crypt' function in Unix ++ libcs. */ ++char * ++__sha256_crypt (const unsigned char *key, const unsigned char *salt) ++{ ++ /* We don't want to have an arbitrary limit in the size of the ++ password. We can compute an upper bound for the size of the ++ result in advance and so we can prepare the buffer we pass to ++ `sha256_crypt_r'. */ ++ static int buflen; ++ int needed = (sizeof (sha256_salt_prefix) - 1 ++ + sizeof (sha256_rounds_prefix) + 9 + 1 ++ + strlen (salt) + 1 + 43 + 1); ++ ++ if (buflen < needed) ++ { ++ char *new_buffer = (char *) realloc (buffer, needed); ++ if (new_buffer == NULL) ++ return NULL; ++ ++ buffer = new_buffer; ++ buflen = needed; ++ } ++ ++ return __sha256_crypt_r ((const char *) key, (const char *) salt, buffer, buflen); ++} +diff --git a/libcrypt/sha256.c b/libcrypt/sha256.c +new file mode 100644 +index 0000000..e652a67 +--- /dev/null ++++ b/libcrypt/sha256.c +@@ -0,0 +1,294 @@ ++/* Functions to compute SHA256 message digest of files or memory blocks. ++ according to the definition of SHA256 in FIPS 180-2. ++ Copyright (C) 2007 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, write to the Free ++ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA ++ 02111-1307 USA. */ ++ ++/* Written by Ulrich Drepper <drepper@redhat.com>, 2007. */ ++ ++#ifdef HAVE_CONFIG_H ++# include <config.h> ++#endif ++ ++#include <endian.h> ++#include <stdlib.h> ++#include <string.h> ++#include <sys/types.h> ++ ++#include "sha256.h" ++ ++#if __BYTE_ORDER == __LITTLE_ENDIAN ++# ifdef _LIBC ++# include <byteswap.h> ++# define SWAP(n) bswap_32 (n) ++# else ++# define SWAP(n) \ ++ (((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24)) ++# endif ++#else ++# define SWAP(n) (n) ++#endif ++ ++ ++/* This array contains the bytes used to pad the buffer to the next ++ 64-byte boundary. (FIPS 180-2:5.1.1) */ ++static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ }; ++ ++ ++/* Constants for SHA256 from FIPS 180-2:4.2.2. */ ++static const uint32_t K[64] = ++ { ++ 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, ++ 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, ++ 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, ++ 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, ++ 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, ++ 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, ++ 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, ++ 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, ++ 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, ++ 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, ++ 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, ++ 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, ++ 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, ++ 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, ++ 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, ++ 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 ++ }; ++ ++ ++/* Process LEN bytes of BUFFER, accumulating context into CTX. ++ It is assumed that LEN % 64 == 0. */ ++static void ++sha256_process_block (const void *buffer, size_t len, struct sha256_ctx *ctx) ++{ ++ const uint32_t *words = buffer; ++ size_t nwords = len / sizeof (uint32_t); ++ uint32_t a = ctx->H[0]; ++ uint32_t b = ctx->H[1]; ++ uint32_t c = ctx->H[2]; ++ uint32_t d = ctx->H[3]; ++ uint32_t e = ctx->H[4]; ++ uint32_t f = ctx->H[5]; ++ uint32_t g = ctx->H[6]; ++ uint32_t h = ctx->H[7]; ++ ++ /* First increment the byte count. FIPS 180-2 specifies the possible ++ length of the file up to 2^64 bits. Here we only compute the ++ number of bytes. Do a double word increment. */ ++ ctx->total[0] += len; ++ if (ctx->total[0] < len) ++ ++ctx->total[1]; ++ ++ /* Process all bytes in the buffer with 64 bytes in each round of ++ the loop. */ ++ while (nwords > 0) ++ { ++ uint32_t W[64]; ++ uint32_t a_save = a; ++ uint32_t b_save = b; ++ uint32_t c_save = c; ++ uint32_t d_save = d; ++ uint32_t e_save = e; ++ uint32_t f_save = f; ++ uint32_t g_save = g; ++ uint32_t h_save = h; ++ ++ /* Operators defined in FIPS 180-2:4.1.2. */ ++#define Ch(x, y, z) ((x & y) ^ (~x & z)) ++#define Maj(x, y, z) ((x & y) ^ (x & z) ^ (y & z)) ++#define S0(x) (CYCLIC (x, 2) ^ CYCLIC (x, 13) ^ CYCLIC (x, 22)) ++#define S1(x) (CYCLIC (x, 6) ^ CYCLIC (x, 11) ^ CYCLIC (x, 25)) ++#define R0(x) (CYCLIC (x, 7) ^ CYCLIC (x, 18) ^ (x >> 3)) ++#define R1(x) (CYCLIC (x, 17) ^ CYCLIC (x, 19) ^ (x >> 10)) ++ ++ /* It is unfortunate that C does not provide an operator for ++ cyclic rotation. Hope the C compiler is smart enough. */ ++#define CYCLIC(w, s) ((w >> s) | (w << (32 - s))) ++ ++ /* Compute the message schedule according to FIPS 180-2:6.2.2 step 2. */ ++ for (unsigned int t = 0; t < 16; ++t) ++ { ++ W[t] = SWAP (*words); ++ ++words; ++ } ++ for (unsigned int t = 16; t < 64; ++t) ++ W[t] = R1 (W[t - 2]) + W[t - 7] + R0 (W[t - 15]) + W[t - 16]; ++ ++ /* The actual computation according to FIPS 180-2:6.2.2 step 3. */ ++ for (unsigned int t = 0; t < 64; ++t) ++ { ++ uint32_t T1 = h + S1 (e) + Ch (e, f, g) + K[t] + W[t]; ++ uint32_t T2 = S0 (a) + Maj (a, b, c); ++ h = g; ++ g = f; ++ f = e; ++ e = d + T1; ++ d = c; ++ c = b; ++ b = a; ++ a = T1 + T2; ++ } ++ ++ /* Add the starting values of the context according to FIPS 180-2:6.2.2 ++ step 4. */ ++ a += a_save; ++ b += b_save; ++ c += c_save; ++ d += d_save; ++ e += e_save; ++ f += f_save; ++ g += g_save; ++ h += h_save; ++ ++ /* Prepare for the next round. */ ++ nwords -= 16; ++ } ++ ++ /* Put checksum in context given as argument. */ ++ ctx->H[0] = a; ++ ctx->H[1] = b; ++ ctx->H[2] = c; ++ ctx->H[3] = d; ++ ctx->H[4] = e; ++ ctx->H[5] = f; ++ ctx->H[6] = g; ++ ctx->H[7] = h; ++} ++ ++ ++/* Initialize structure containing state of computation. ++ (FIPS 180-2:5.3.2) */ ++void ++__sha256_init_ctx (struct sha256_ctx *ctx) ++{ ++ ctx->H[0] = 0x6a09e667; ++ ctx->H[1] = 0xbb67ae85; ++ ctx->H[2] = 0x3c6ef372; ++ ctx->H[3] = 0xa54ff53a; ++ ctx->H[4] = 0x510e527f; ++ ctx->H[5] = 0x9b05688c; ++ ctx->H[6] = 0x1f83d9ab; ++ ctx->H[7] = 0x5be0cd19; ++ ++ ctx->total[0] = ctx->total[1] = 0; ++ ctx->buflen = 0; ++} ++ ++ ++/* Process the remaining bytes in the internal buffer and the usual ++ prolog according to the standard and write the result to RESBUF. ++ ++ IMPORTANT: On some systems it is required that RESBUF is correctly ++ aligned for a 32 bits value. */ ++void * ++__sha256_finish_ctx (struct sha256_ctx *ctx, void *resbuf) ++{ ++ /* Take yet unprocessed bytes into account. */ ++ uint32_t bytes = ctx->buflen; ++ size_t pad; ++ ++ /* Now count remaining bytes. */ ++ ctx->total[0] += bytes; ++ if (ctx->total[0] < bytes) ++ ++ctx->total[1]; ++ ++ pad = bytes >= 56 ? 64 + 56 - bytes : 56 - bytes; ++ memcpy (&ctx->buffer[bytes], fillbuf, pad); ++ ++ /* Put the 64-bit file length in *bits* at the end of the buffer. */ ++ *(uint32_t *) &ctx->buffer[bytes + pad + 4] = SWAP (ctx->total[0] << 3); ++ *(uint32_t *) &ctx->buffer[bytes + pad] = SWAP ((ctx->total[1] << 3) | ++ (ctx->total[0] >> 29)); ++ ++ /* Process last bytes. */ ++ sha256_process_block (ctx->buffer, bytes + pad + 8, ctx); ++ ++ /* Put result from CTX in first 32 bytes following RESBUF. */ ++ for (unsigned int i = 0; i < 8; ++i) ++ ((uint32_t *) resbuf)[i] = SWAP (ctx->H[i]); ++ ++ return resbuf; ++} ++ ++ ++void ++__sha256_process_bytes (const void *buffer, size_t len, struct sha256_ctx *ctx) ++{ ++ /* When we already have some bits in our internal buffer concatenate ++ both inputs first. */ ++ if (ctx->buflen != 0) ++ { ++ size_t left_over = ctx->buflen; ++ size_t add = 128 - left_over > len ? len : 128 - left_over; ++ ++ memcpy (&ctx->buffer[left_over], buffer, add); ++ ctx->buflen += add; ++ ++ if (ctx->buflen > 64) ++ { ++ sha256_process_block (ctx->buffer, ctx->buflen & ~63, ctx); ++ ++ ctx->buflen &= 63; ++ /* The regions in the following copy operation cannot overlap. */ ++ memcpy (ctx->buffer, &ctx->buffer[(left_over + add) & ~63], ++ ctx->buflen); ++ } ++ ++ buffer = (const char *) buffer + add; ++ len -= add; ++ } ++ ++ /* Process available complete blocks. */ ++ if (len >= 64) ++ { ++#if __GNUC__ >= 2 ++# define UNALIGNED_P(p) (((uintptr_t) p) % __alignof__ (uint32_t) != 0) ++#else ++# define UNALIGNED_P(p) (((uintptr_t) p) % sizeof (uint32_t) != 0) ++#endif ++ if (UNALIGNED_P (buffer)) ++ while (len > 64) ++ { ++ sha256_process_block (memcpy (ctx->buffer, buffer, 64), 64, ctx); ++ buffer = (const char *) buffer + 64; ++ len -= 64; ++ } ++ else ++ { ++ sha256_process_block (buffer, len & ~63, ctx); ++ buffer = (const char *) buffer + (len & ~63); ++ len &= 63; ++ } ++ } ++ ++ /* Move remaining bytes into internal buffer. */ ++ if (len > 0) ++ { ++ size_t left_over = ctx->buflen; ++ ++ memcpy (&ctx->buffer[left_over], buffer, len); ++ left_over += len; ++ if (left_over >= 64) ++ { ++ sha256_process_block (ctx->buffer, 64, ctx); ++ left_over -= 64; ++ memcpy (ctx->buffer, &ctx->buffer[64], left_over); ++ } ++ ctx->buflen = left_over; ++ } ++} +diff --git a/libcrypt/sha256.h b/libcrypt/sha256.h +new file mode 100644 +index 0000000..291674f +--- /dev/null ++++ b/libcrypt/sha256.h +@@ -0,0 +1,58 @@ ++/* Declaration of functions and data types used for SHA256 sum computing ++ library functions. ++ Copyright (C) 2007 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, write to the Free ++ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA ++ 02111-1307 USA. */ ++ ++#ifndef _SHA256_H ++#define _SHA256_H 1 ++ ++#include <limits.h> ++#include <stdint.h> ++#include <stdio.h> ++ ++ ++/* Structure to save state of computation between the single steps. */ ++struct sha256_ctx ++{ ++ uint32_t H[8]; ++ ++ uint32_t total[2]; ++ uint32_t buflen; ++ char buffer[128] __attribute__ ((__aligned__ (__alignof__ (uint32_t)))); ++}; ++ ++/* Initialize structure containing state of computation. ++ (FIPS 180-2: 5.3.2) */ ++extern void __sha256_init_ctx (struct sha256_ctx *ctx) attribute_hidden; ++ ++/* Starting with the result of former calls of this function (or the ++ initialization function update the context for the next LEN bytes ++ starting at BUFFER. ++ It is NOT required that LEN is a multiple of 64. */ ++extern void __sha256_process_bytes (const void *buffer, size_t len, ++ struct sha256_ctx *ctx) attribute_hidden; ++ ++/* Process the remaining bytes in the buffer and put result from CTX ++ in first 32 bytes following RESBUF. ++ ++ IMPORTANT: On some systems it is required that RESBUF is correctly ++ aligned for a 32 bits value. */ ++extern void *__sha256_finish_ctx (struct sha256_ctx *ctx, void *resbuf) ++ attribute_hidden; ++ ++#endif /* sha256.h */ +-- +1.7.8 + diff --git a/main/libc0.9.32/uclibc-eventfd.patch b/main/libc0.9.32/0022-Add-eventfd-support.patch index 1525366c34..d42da01206 100644 --- a/main/libc0.9.32/uclibc-eventfd.patch +++ b/main/libc0.9.32/0022-Add-eventfd-support.patch @@ -1,28 +1,7 @@ -From: jc@eclis.ch -To: uclibc@uclibc.org -Subject: [PATCH 1/1] Add eventfd support. -Date: Mon, 24 Oct 2011 19:07:43 +0200 -Message-Id: <1319476064-32442-1-git-send-email-jc@eclis.ch> -X-Mailer: git-send-email 1.7.2.5 -X-BeenThere: uclibc@uclibc.org -X-Mailman-Version: 2.1.14 -Precedence: list -List-Id: "Discussion and development of uClibc \(the embedded C library\)" - <uclibc.uclibc.org> -List-Unsubscribe: <http://lists.busybox.net/mailman/options/uclibc>, - <mailto:uclibc-request@uclibc.org?subject=unsubscribe> -List-Archive: <http://lists.busybox.net/pipermail/uclibc> -List-Post: <mailto:uclibc@uclibc.org> -List-Help: <mailto:uclibc-request@uclibc.org?subject=help> -List-Subscribe: <http://lists.busybox.net/mailman/listinfo/uclibc>, - <mailto:uclibc-request@uclibc.org?subject=subscribe> -MIME-Version: 1.0 -Content-Type: text/plain; charset="us-ascii" -Content-Transfer-Encoding: 7bit -Errors-To: uclibc-bounces@uclibc.org -Sender: uclibc-bounces@uclibc.org - +From 000e9aca3ee3f07c934a154fd375c5f3c7f9cc80 Mon Sep 17 00:00:00 2001 From: Jean-Christian de Rivaz <jc@eclis.ch> +Date: Mon, 24 Oct 2011 19:07:43 +0200 +Subject: [PATCH] Add eventfd support. Hello, @@ -32,6 +11,8 @@ uClibc. Please review so it can be accepted to be merged. Jean-Christian Signed-off-by: Jean-Christian de Rivaz <jc@eclis.ch> +Signed-off-by: Carmelo Amoroso <carmelo.amoroso@st.com> +(cherry picked from commit 9ed163dc0eaebe8734c35b356c406e9eb1c68d76) --- libc/sysdeps/linux/common/Makefile.in | 3 +- libc/sysdeps/linux/common/eventfd.c | 18 +++++++++++ @@ -133,9 +114,5 @@ index 0000000..311f803 + +#endif /* sys/eventfd.h */ -- -1.7.2.5 +1.7.8 -_______________________________________________ -uClibc mailing list -uClibc@uclibc.org -http://lists.busybox.net/mailman/listinfo/uclibc diff --git a/main/libc0.9.32/0023-crypt-build-fix.-define-ARRAY_SIZE-macro.patch b/main/libc0.9.32/0023-crypt-build-fix.-define-ARRAY_SIZE-macro.patch new file mode 100644 index 0000000000..623f93a6b1 --- /dev/null +++ b/main/libc0.9.32/0023-crypt-build-fix.-define-ARRAY_SIZE-macro.patch @@ -0,0 +1,26 @@ +From b7300840e0285239351e33fa613898fbb079efd7 Mon Sep 17 00:00:00 2001 +From: Natanael Copa <ncopa@alpinelinux.org> +Date: Fri, 23 Dec 2011 16:24:52 +0100 +Subject: [PATCH] crypt: build fix. define ARRAY_SIZE macro + +Signed-off-by: Natanael Copa <ncopa@alpinelinux.org> +--- + libcrypt/crypt.c | 2 ++ + 1 files changed, 2 insertions(+), 0 deletions(-) + +diff --git a/libcrypt/crypt.c b/libcrypt/crypt.c +index 188a6a0..19f14d9 100644 +--- a/libcrypt/crypt.c ++++ b/libcrypt/crypt.c +@@ -12,6 +12,8 @@ + #include <errno.h> + #include "libcrypt.h" + ++#define ARRAY_SIZE(v) (sizeof(v) / sizeof((v)[0])) ++ + typedef char *(*crypt_impl_f)(const unsigned char *pw, const unsigned char *salt); + + static const struct { +-- +1.7.8 + diff --git a/main/libc0.9.32/APKBUILD b/main/libc0.9.32/APKBUILD index 019712353b..6c6185ec70 100644 --- a/main/libc0.9.32/APKBUILD +++ b/main/libc0.9.32/APKBUILD @@ -4,7 +4,7 @@ pkgname=libc$_abiver _gitver= pkgver=0.9.32 _ver=${pkgver/_/-} -pkgrel=14 +pkgrel=15 pkgdesc="C library for developing embedded Linux systems" url=http://uclibc.org license="LGPL-2" @@ -19,31 +19,41 @@ triggers="uclibc-utils.trigger=/lib:/usr/lib" _snapurl="http://git.uclibc.org/uClibc/snapshot/master.tar.bz2" _snapfile="$pkgname-$pkgver.tar.bz2" + +# patches are tracked in http://git.alpinelinux.org/cgit/uClibc-alpine/ +# branch 0.9.32-alpine + source="http://uclibc.org/downloads/uClibc-${_ver}.tar.bz2 - compat-stack-guard.patch - uclibc-resolv-cname-fix.diff - uclibc-resolv-fix-memory-leak.patch - 0001-resolv-fix-resolver-to-return-TRY_AGAIN-on-timeout.patch - 0001-libm-x86_64-implement-some-fenv-functions.patch - 0001-ldso-limited-support-for-ORIGIN-in-rpath.patch - 0002-stdlib-fix-arc4random-return-type-to-u_int32_t.patch - 0003-ldso-support-RTLD_NOLOAD.patch - 0001-libdl-rudimentary-locking-for-dlopen-dlsym-dlclose.patch - 0001-malloc-standard-synchronize-on-fork.patch - 0001-time-fix-parsing-of-tzdata-files-where-off_t-is-64-b.patch - 0001-getaddrinfo-allow-numeric-service-without-any-hints.patch - 0001-libc-x86-fix-stack-unwinding-and-backtrace-informati.patch - libm-cabsf.patch - libm-cexp.patch - uclibc-ubacktrace-asneeded-fix.patch - uclibc-epoll_pwait-hack.patch + +0001-Compatible-stack-protector-for-non-Thread-Local-stor.patch +0002-resolv-res_query-for-CNAMEs.patch +0003-resolv-fix-memory-leak.patch +0004-resolv-fix-resolver-to-return-TRY_AGAIN-on-timeout.patch +0005-libm-x86_64-implement-some-fenv-functions.patch +0006-ldso-limited-support-for-ORIGIN-in-rpath.patch +0007-stdlib-fix-arc4random-return-type-to-u_int32_t.patch +0008-ldso-support-RTLD_NOLOAD.patch +0009-libdl-rudimentary-locking-for-dlopen-dlsym-dlclose.patch +0010-malloc-standard-synchronize-on-fork.patch +0011-time-fix-parsing-of-tzdata-files-where-off_t-is-64-b.patch +0012-getaddrinfo-allow-numeric-service-without-any-hints.patch +0013-libc-x86-fix-stack-unwinding-and-backtrace-informati.patch +0014-libm-add-cabsf-and-cabsl-functions.patch +0015-libm-implement-generic-cexp-cexpf-and-cexpl.patch +0016-libubacktrace-use-.so.-ABI_VERSION.patch +0017-Fix-__libc_epoll_pwait-compile-failure-on-x86.patch +0018-libcrypt-do-not-cast-away-const-of-key-salt.patch +0019-libcrypt-make-crypt-itself-more-modular.patch +0020-libcrypt-add-support-for-SHA512-CRYPT-password-hashi.patch +0021-libcrypt-add-support-for-SHA256-CRYPT-password-hashi.patch +0022-Add-eventfd-support.patch +0023-crypt-build-fix.-define-ARRAY_SIZE-macro.patch + uclibcconfig.x86 uclibcconfig.x86_64 uclibcconfig.i486 uclibcconfig.arm uclibcconfig.powerpc - sha512-crypt.patch - uclibc-eventfd.patch uclibc-utils.trigger " @@ -132,28 +142,32 @@ libthread_db() { } md5sums="cfcb6c25d8ebe12817499d8749ee8ae1 uClibc-0.9.32.tar.bz2 -a9bfb77ea7dc5fb9abf4d4b19201c614 compat-stack-guard.patch -5d6e3e382b66f59cfd7242a4fe453f98 uclibc-resolv-cname-fix.diff -6bdb884bd00b053247e02b4024d33b39 uclibc-resolv-fix-memory-leak.patch -08f31006426a0fca561f262f36bcfb01 0001-resolv-fix-resolver-to-return-TRY_AGAIN-on-timeout.patch -68913d6f096fd647e8bdb7ef182c05a4 0001-libm-x86_64-implement-some-fenv-functions.patch -bc164e262c5feab55c800780704fa71c 0001-ldso-limited-support-for-ORIGIN-in-rpath.patch -b4fb68ad3d0e8331b1b40c30eb21dfdc 0002-stdlib-fix-arc4random-return-type-to-u_int32_t.patch -6147efd2eee5af5e734896823c2d1a3d 0003-ldso-support-RTLD_NOLOAD.patch -3e151ae3d3613dff9296d166aca3a800 0001-libdl-rudimentary-locking-for-dlopen-dlsym-dlclose.patch -30f27fe51fdc4d121166ad2af18dfb8d 0001-malloc-standard-synchronize-on-fork.patch -2548d9f470c9a5b2c117ec3d6f35c105 0001-time-fix-parsing-of-tzdata-files-where-off_t-is-64-b.patch -9e1ffc8dae55f4489c770f284734804f 0001-getaddrinfo-allow-numeric-service-without-any-hints.patch -e814d39ab0adab58d69396ac0b9acdea 0001-libc-x86-fix-stack-unwinding-and-backtrace-informati.patch -40e9c7f017cc81ee5b19ead000b9b6b7 libm-cabsf.patch -42416385763f7cd50775ed9bfaf2d59e libm-cexp.patch -7c47e9cb284b0da8df6ed2096b2c9c66 uclibc-ubacktrace-asneeded-fix.patch -0ed588014227935fbb83b207282f3c15 uclibc-epoll_pwait-hack.patch +11c206cd4be86514dd9abd811429ad06 0001-Compatible-stack-protector-for-non-Thread-Local-stor.patch +b905f5f0f27348cc91019275dcff51cb 0002-resolv-res_query-for-CNAMEs.patch +208f6ea0a97f2940319456d32549bfc5 0003-resolv-fix-memory-leak.patch +0f082e4b209bb83feb57a4a7dd8c2eb6 0004-resolv-fix-resolver-to-return-TRY_AGAIN-on-timeout.patch +8573d00e91395779c50af23c6aeb6fc5 0005-libm-x86_64-implement-some-fenv-functions.patch +31da620ecb3894fa6d76ef624cd264bb 0006-ldso-limited-support-for-ORIGIN-in-rpath.patch +afafe88bca1ffc1d4eb49de813c39c5b 0007-stdlib-fix-arc4random-return-type-to-u_int32_t.patch +779dbc9f04ad0c005ec4ea6b6ffff8ff 0008-ldso-support-RTLD_NOLOAD.patch +f0fc6dbeb1467812085b60a49654a955 0009-libdl-rudimentary-locking-for-dlopen-dlsym-dlclose.patch +a1c5871c3b799cce8d1dfcf8ca0f3743 0010-malloc-standard-synchronize-on-fork.patch +b2c09cdfc3116c6236dbe96697241a59 0011-time-fix-parsing-of-tzdata-files-where-off_t-is-64-b.patch +ddd3073f1a2696c1a9b40bfa81bfa5bf 0012-getaddrinfo-allow-numeric-service-without-any-hints.patch +78cdafafc99007da8cbdf8d2f841ea47 0013-libc-x86-fix-stack-unwinding-and-backtrace-informati.patch +63af22efb20d9dfd3cb10bc9900f1615 0014-libm-add-cabsf-and-cabsl-functions.patch +7158d0ae15ca742cc1577b47735751df 0015-libm-implement-generic-cexp-cexpf-and-cexpl.patch +ecca599d286ff18afa7f64ab614e88ff 0016-libubacktrace-use-.so.-ABI_VERSION.patch +430b286df16f21cc4b46b6f1894cd834 0017-Fix-__libc_epoll_pwait-compile-failure-on-x86.patch +57562e6688dcbcf708d574de81debf7e 0018-libcrypt-do-not-cast-away-const-of-key-salt.patch +028d8279da6c44457a8a8de4e1e6de36 0019-libcrypt-make-crypt-itself-more-modular.patch +ebf59b00af0a0c44a5992403255a6582 0020-libcrypt-add-support-for-SHA512-CRYPT-password-hashi.patch +2744db828eb9a0e8a1e01b2ca9d083a5 0021-libcrypt-add-support-for-SHA256-CRYPT-password-hashi.patch +e5bb17073c83dcdb972bf22657ca4cc7 0022-Add-eventfd-support.patch +efafd82e78291171392d4706b80a2fb3 0023-crypt-build-fix.-define-ARRAY_SIZE-macro.patch 0e40006f3c284a27313e0d54f91452e2 uclibcconfig.x86 f6aee6bcbc43dcbfcaaba7be244ad368 uclibcconfig.x86_64 0e40006f3c284a27313e0d54f91452e2 uclibcconfig.i486 8ae78c9ab4bd7b1223c29c335c76a8c5 uclibcconfig.arm 70fcde1955810a2369c023b293bae5c5 uclibcconfig.powerpc -436bf7bea962b477bb93119514c90c9b sha512-crypt.patch -26dd7611fda4d29f3dc4a7cf24916931 uclibc-eventfd.patch f3be4f2bc54d7561d252937e10abf0d2 uclibc-utils.trigger" diff --git a/main/libc0.9.32/sha512-crypt.patch b/main/libc0.9.32/sha512-crypt.patch deleted file mode 100644 index 6a4b1001b4..0000000000 --- a/main/libc0.9.32/sha512-crypt.patch +++ /dev/null @@ -1,1777 +0,0 @@ -From 71ad18ce94b15cd000a3e90a0a30ee81ac1b443a Mon Sep 17 00:00:00 2001 -From: William Pitcock <nenolod@dereferenced.org> -Date: Wed, 16 Nov 2011 05:27:48 -0600 -Subject: [PATCH 1/2] libcrypt: make crypt() more modular -To: uclibc@uclibc.org - -By using a function table, we can more cleanly support new crypt -implementations, such as SHA256 ($5$) and SHA512 ($6$). - -Signed-off-by: William Pitcock <nenolod@dereferenced.org> ---- - libcrypt/crypt.c | 34 ++++++++++++++++++++++++++++------ - 1 files changed, 28 insertions(+), 6 deletions(-) - -diff --git a/libcrypt/crypt.c b/libcrypt/crypt.c -index 8b361d3..28cbc70 100644 ---- a/libcrypt/crypt.c -+++ b/libcrypt/crypt.c -@@ -8,14 +8,36 @@ - #define __FORCE_GLIBC - #include <crypt.h> - #include <unistd.h> -+#include <string.h> -+#include <syscall.h> - #include "libcrypt.h" - -+#define ARRAY_SIZE(v) (sizeof(v) / sizeof((v)[0])) -+ -+typedef char *(*crypt_impl_f)(const unsigned char *pw, const unsigned char *salt); -+ -+static const struct { -+ const char *salt_pfx; -+ const crypt_impl_f crypt_impl; -+} crypt_impl_tab[] = { -+ { "$1$", __md5_crypt }, -+ { NULL, __des_crypt }, -+}; -+ - char *crypt(const char *key, const char *salt) - { -- /* First, check if we are supposed to be using the MD5 replacement -- * instead of DES... */ -- if (salt[0]=='$' && salt[1]=='1' && salt[2]=='$') -- return __md5_crypt((unsigned char*)key, (unsigned char*)salt); -- else -- return __des_crypt((unsigned char*)key, (unsigned char*)salt); -+ unsigned int i; -+ -+ for (i = 0; i < ARRAY_SIZE(crypt_impl_tab); i++) -+ { -+ if (crypt_impl_tab[i].salt_pfx && -+ strncmp(crypt_impl_tab[i].salt_pfx, salt, strlen(crypt_impl_tab[i].salt_pfx))) -+ continue; -+ -+ return crypt_impl_tab[i].crypt_impl((unsigned char *) key, (unsigned char *) salt); -+ } -+ -+ /* this should never happen, but just incase... */ -+ __set_errno(ENOSYS); -+ return NULL; - } --- -1.7.7.3 - -From 3c0ca4dcbb38987bda7981f6c876a291d3051f12 Mon Sep 17 00:00:00 2001 -From: William Pitcock <nenolod@dereferenced.org> -Date: Wed, 16 Nov 2011 05:53:34 -0600 -Subject: [PATCH 2/2] libcrypt: add support for SHA512-crypt. -To: uclibc@uclibc.org - -This is based on Ulrich Drepper's implementation in GLIBC, but hacked up to work -in uClibc. A previous version of this patch was rejected, this is the cleaned up -version. - -Signed-off-by: William Pitcock <nenolod@dereferenced.org> ---- - extra/Configs/Config.in | 6 + - libcrypt/Makefile.in | 1 + - libcrypt/crypt.c | 3 + - libcrypt/libcrypt.h | 3 + - libcrypt/sha512-crypt.c | 339 +++++++++++++++++++++++++++++++++++++++++++++++ - libcrypt/sha512.c | 326 +++++++++++++++++++++++++++++++++++++++++++++ - libcrypt/sha512.h | 58 ++++++++ - 7 files changed, 736 insertions(+), 0 deletions(-) - create mode 100644 libcrypt/sha512-crypt.c - create mode 100644 libcrypt/sha512.c - create mode 100644 libcrypt/sha512.h - -diff --git a/extra/Configs/Config.in b/extra/Configs/Config.in -index 0f0ccfe..1ec041d 100644 ---- a/extra/Configs/Config.in -+++ b/extra/Configs/Config.in -@@ -1174,6 +1174,12 @@ config UCLIBC_HAS_CRYPT_IMPL - help - libcrypt contains crypt(), setkey() and encrypt() - -+config UCLIBC_HAS_SHA512_CRYPT_IMPL -+ bool "libcrypt SHA512 support" -+ default y -+ help -+ Say N here if you do not need SHA512 crypt support. -+ - config UCLIBC_HAS_CRYPT_STUB - bool "libcrypt stubs" - default y -diff --git a/libcrypt/Makefile.in b/libcrypt/Makefile.in -index 1d1fb55..2fceaed 100644 ---- a/libcrypt/Makefile.in -+++ b/libcrypt/Makefile.in -@@ -21,6 +21,7 @@ libcrypt_OUT := $(top_builddir)libcrypt - - libcrypt_SRC-y := - libcrypt_SRC-$(UCLIBC_HAS_CRYPT_IMPL) += crypt.c des.c md5.c -+libcrypt_SRC-$(UCLIBC_HAS_SHA512_CRYPT_IMPL) += sha512.c sha512-crypt.c - libcrypt_SRC-$(UCLIBC_HAS_CRYPT_STUB) += crypt_stub.c - - libcrypt_SRC := $(addprefix $(libcrypt_DIR)/,$(libcrypt_SRC-y)) -diff --git a/libcrypt/crypt.c b/libcrypt/crypt.c -index 28cbc70..2bb2c33 100644 ---- a/libcrypt/crypt.c -+++ b/libcrypt/crypt.c -@@ -21,6 +21,9 @@ static const struct { - const crypt_impl_f crypt_impl; - } crypt_impl_tab[] = { - { "$1$", __md5_crypt }, -+#ifdef __UCLIBC_HAS_SHA512_CRYPT_IMPL__ -+ { "$6$", __sha512_crypt }, -+#endif - { NULL, __des_crypt }, - }; - -diff --git a/libcrypt/libcrypt.h b/libcrypt/libcrypt.h -index 1186620..fcad6ae 100644 ---- a/libcrypt/libcrypt.h -+++ b/libcrypt/libcrypt.h -@@ -9,8 +9,11 @@ - #define __LIBCRYPT_H__ - - extern char *__md5_crypt(const unsigned char *pw, const unsigned char *salt) attribute_hidden; -+extern char *__sha512_crypt(const unsigned char *pw, const unsigned char *salt) attribute_hidden; - extern char *__des_crypt(const unsigned char *pw, const unsigned char *salt) attribute_hidden; - -+extern char *__sha512_crypt_r (const char *key, const char *salt, char *buffer, int buflen) attribute_hidden; -+ - /* shut up gcc-4.x signed warnings */ - #define strcpy(dst,src) strcpy((char*)dst,(char*)src) - #define strlen(s) strlen((char*)s) -diff --git a/libcrypt/sha512-crypt.c b/libcrypt/sha512-crypt.c -new file mode 100644 -index 0000000..dece925 ---- /dev/null -+++ b/libcrypt/sha512-crypt.c -@@ -0,0 +1,339 @@ -+/* One way encryption based on SHA512 sum. -+ Copyright (C) 2007, 2009 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ Contributed by Ulrich Drepper <drepper@redhat.com>, 2007. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, write to the Free -+ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA -+ 02111-1307 USA. */ -+ -+#include <assert.h> -+#include <errno.h> -+#include <stdbool.h> -+#include <stdlib.h> -+#include <string.h> -+#include <sys/param.h> -+ -+#include "sha512.h" -+#include "libcrypt.h" -+ -+/* Define our magic string to mark salt for SHA512 "encryption" -+ replacement. */ -+static const char sha512_salt_prefix[] = "$6$"; -+ -+/* Prefix for optional rounds specification. */ -+static const char sha512_rounds_prefix[] = "rounds="; -+ -+/* Maximum salt string length. */ -+#define SALT_LEN_MAX 16 -+/* Default number of rounds if not explicitly specified. */ -+#define ROUNDS_DEFAULT 5000 -+/* Minimum number of rounds. */ -+#define ROUNDS_MIN 1000 -+/* Maximum number of rounds. */ -+#define ROUNDS_MAX 999999999 -+ -+/* Table with characters for base64 transformation. */ -+static const char b64t[64] = -+"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; -+ -+char * -+__sha512_crypt_r (const char *key, -+ const char *salt, -+ char *buffer, -+ int buflen) -+{ -+ unsigned char alt_result[64] -+ __attribute__ ((__aligned__ (__alignof__ (uint64_t)))); -+ unsigned char temp_result[64] -+ __attribute__ ((__aligned__ (__alignof__ (uint64_t)))); -+ size_t salt_len; -+ size_t key_len; -+ size_t cnt; -+ char *cp; -+ char *copied_key = NULL; -+ char *copied_salt = NULL; -+ char *p_bytes; -+ char *s_bytes; -+ /* Default number of rounds. */ -+ size_t rounds = ROUNDS_DEFAULT; -+ bool rounds_custom = false; -+ -+ /* Find beginning of salt string. The prefix should normally always -+ be present. Just in case it is not. */ -+ if (strncmp (sha512_salt_prefix, salt, sizeof (sha512_salt_prefix) - 1) == 0) -+ /* Skip salt prefix. */ -+ salt += sizeof (sha512_salt_prefix) - 1; -+ -+ if (strncmp (salt, sha512_rounds_prefix, sizeof (sha512_rounds_prefix) - 1) -+ == 0) -+ { -+ const char *num = salt + sizeof (sha512_rounds_prefix) - 1; -+ char *endp; -+ unsigned long int srounds = strtoul (num, &endp, 10); -+ if (*endp == '$') -+ { -+ salt = endp + 1; -+ rounds = MAX (ROUNDS_MIN, MIN (srounds, ROUNDS_MAX)); -+ rounds_custom = true; -+ } -+ } -+ -+ salt_len = MIN (strcspn (salt, "$"), SALT_LEN_MAX); -+ key_len = strlen (key); -+ -+ if ((key - (char *) 0) % __alignof__ (uint64_t) != 0) -+ { -+ char *tmp = (char *) alloca (key_len + __alignof__ (uint64_t)); -+ key = copied_key = -+ memcpy (tmp + __alignof__ (uint64_t) -+ - (tmp - (char *) 0) % __alignof__ (uint64_t), -+ key, key_len); -+ assert ((key - (char *) 0) % __alignof__ (uint64_t) == 0); -+ } -+ -+ if ((salt - (char *) 0) % __alignof__ (uint64_t) != 0) -+ { -+ char *tmp = (char *) alloca (salt_len + __alignof__ (uint64_t)); -+ salt = copied_salt = -+ memcpy (tmp + __alignof__ (uint64_t) -+ - (tmp - (char *) 0) % __alignof__ (uint64_t), -+ salt, salt_len); -+ assert ((salt - (char *) 0) % __alignof__ (uint64_t) == 0); -+ } -+ -+ struct sha512_ctx ctx; -+ struct sha512_ctx alt_ctx; -+ -+ /* Prepare for the real work. */ -+ __sha512_init_ctx (&ctx); -+ -+ /* Add the key string. */ -+ __sha512_process_bytes (key, key_len, &ctx); -+ -+ /* The last part is the salt string. This must be at most 16 -+ characters and it ends at the first `$' character. */ -+ __sha512_process_bytes (salt, salt_len, &ctx); -+ -+ -+ /* Compute alternate SHA512 sum with input KEY, SALT, and KEY. The -+ final result will be added to the first context. */ -+ __sha512_init_ctx (&alt_ctx); -+ -+ /* Add key. */ -+ __sha512_process_bytes (key, key_len, &alt_ctx); -+ -+ /* Add salt. */ -+ __sha512_process_bytes (salt, salt_len, &alt_ctx); -+ -+ /* Add key again. */ -+ __sha512_process_bytes (key, key_len, &alt_ctx); -+ -+ /* Now get result of this (64 bytes) and add it to the other -+ context. */ -+ __sha512_finish_ctx (&alt_ctx, alt_result); -+ -+ /* Add for any character in the key one byte of the alternate sum. */ -+ for (cnt = key_len; cnt > 64; cnt -= 64) -+ __sha512_process_bytes (alt_result, 64, &ctx); -+ -+ __sha512_process_bytes (alt_result, cnt, &ctx); -+ -+ /* Take the binary representation of the length of the key and for every -+ 1 add the alternate sum, for every 0 the key. */ -+ for (cnt = key_len; cnt > 0; cnt >>= 1) -+ if ((cnt & 1) != 0) -+ __sha512_process_bytes (alt_result, 64, &ctx); -+ else -+ __sha512_process_bytes (key, key_len, &ctx); -+ -+ /* Create intermediate result. */ -+ __sha512_finish_ctx (&ctx, alt_result); -+ -+ /* Start computation of P byte sequence. */ -+ __sha512_init_ctx (&alt_ctx); -+ -+ /* For every character in the password add the entire password. */ -+ for (cnt = 0; cnt < key_len; ++cnt) -+ __sha512_process_bytes (key, key_len, &alt_ctx); -+ -+ /* Finish the digest. */ -+ __sha512_finish_ctx (&alt_ctx, temp_result); -+ -+ /* Create byte sequence P. */ -+ cp = p_bytes = alloca (key_len); -+ for (cnt = key_len; cnt >= 64; cnt -= 64) -+ cp = mempcpy (cp, temp_result, 64); -+ memcpy (cp, temp_result, cnt); -+ -+ /* Start computation of S byte sequence. */ -+ __sha512_init_ctx (&alt_ctx); -+ -+ /* For every character in the password add the entire password. */ -+ for (cnt = 0; cnt < 16 + alt_result[0]; ++cnt) -+ __sha512_process_bytes (salt, salt_len, &alt_ctx); -+ -+ /* Finish the digest. */ -+ __sha512_finish_ctx (&alt_ctx, temp_result); -+ -+ /* Create byte sequence S. */ -+ cp = s_bytes = alloca (salt_len); -+ for (cnt = salt_len; cnt >= 64; cnt -= 64) -+ cp = mempcpy (cp, temp_result, 64); -+ memcpy (cp, temp_result, cnt); -+ -+ /* Repeatedly run the collected hash value through SHA512 to burn -+ CPU cycles. */ -+ for (cnt = 0; cnt < rounds; ++cnt) -+ { -+ /* New context. */ -+ __sha512_init_ctx (&ctx); -+ -+ /* Add key or last result. */ -+ if ((cnt & 1) != 0) -+ __sha512_process_bytes (p_bytes, key_len, &ctx); -+ else -+ __sha512_process_bytes (alt_result, 64, &ctx); -+ -+ /* Add salt for numbers not divisible by 3. */ -+ if (cnt % 3 != 0) -+ __sha512_process_bytes (s_bytes, salt_len, &ctx); -+ -+ /* Add key for numbers not divisible by 7. */ -+ if (cnt % 7 != 0) -+ __sha512_process_bytes (p_bytes, key_len, &ctx); -+ -+ /* Add key or last result. */ -+ if ((cnt & 1) != 0) -+ __sha512_process_bytes (alt_result, 64, &ctx); -+ else -+ __sha512_process_bytes (p_bytes, key_len, &ctx); -+ -+ /* Create intermediate result. */ -+ __sha512_finish_ctx (&ctx, alt_result); -+ } -+ -+ /* Now we can construct the result string. It consists of three -+ parts. */ -+ cp = stpncpy (buffer, sha512_salt_prefix, MAX (0, buflen)); -+ buflen -= sizeof (sha512_salt_prefix) - 1; -+ -+ if (rounds_custom) -+ { -+ int n = snprintf (cp, MAX (0, buflen), "%s%zu$", -+ sha512_rounds_prefix, rounds); -+ cp += n; -+ buflen -= n; -+ } -+ -+ cp = stpncpy (cp, salt, MIN ((size_t) MAX (0, buflen), salt_len)); -+ buflen -= MIN ((size_t) MAX (0, buflen), salt_len); -+ -+ if (buflen > 0) -+ { -+ *cp++ = '$'; -+ --buflen; -+ } -+ -+ void b64_from_24bit (unsigned int b2, unsigned int b1, unsigned int b0, -+ int n) -+ { -+ unsigned int w = (b2 << 16) | (b1 << 8) | b0; -+ while (n-- > 0 && buflen > 0) -+ { -+ *cp++ = b64t[w & 0x3f]; -+ --buflen; -+ w >>= 6; -+ } -+ } -+ -+ b64_from_24bit (alt_result[0], alt_result[21], alt_result[42], 4); -+ b64_from_24bit (alt_result[22], alt_result[43], alt_result[1], 4); -+ b64_from_24bit (alt_result[44], alt_result[2], alt_result[23], 4); -+ b64_from_24bit (alt_result[3], alt_result[24], alt_result[45], 4); -+ b64_from_24bit (alt_result[25], alt_result[46], alt_result[4], 4); -+ b64_from_24bit (alt_result[47], alt_result[5], alt_result[26], 4); -+ b64_from_24bit (alt_result[6], alt_result[27], alt_result[48], 4); -+ b64_from_24bit (alt_result[28], alt_result[49], alt_result[7], 4); -+ b64_from_24bit (alt_result[50], alt_result[8], alt_result[29], 4); -+ b64_from_24bit (alt_result[9], alt_result[30], alt_result[51], 4); -+ b64_from_24bit (alt_result[31], alt_result[52], alt_result[10], 4); -+ b64_from_24bit (alt_result[53], alt_result[11], alt_result[32], 4); -+ b64_from_24bit (alt_result[12], alt_result[33], alt_result[54], 4); -+ b64_from_24bit (alt_result[34], alt_result[55], alt_result[13], 4); -+ b64_from_24bit (alt_result[56], alt_result[14], alt_result[35], 4); -+ b64_from_24bit (alt_result[15], alt_result[36], alt_result[57], 4); -+ b64_from_24bit (alt_result[37], alt_result[58], alt_result[16], 4); -+ b64_from_24bit (alt_result[59], alt_result[17], alt_result[38], 4); -+ b64_from_24bit (alt_result[18], alt_result[39], alt_result[60], 4); -+ b64_from_24bit (alt_result[40], alt_result[61], alt_result[19], 4); -+ b64_from_24bit (alt_result[62], alt_result[20], alt_result[41], 4); -+ b64_from_24bit (0, 0, alt_result[63], 2); -+ -+ if (buflen <= 0) -+ { -+ __set_errno (ERANGE); -+ buffer = NULL; -+ } -+ else -+ *cp = '\0'; /* Terminate the string. */ -+ -+ /* Clear the buffer for the intermediate result so that people -+ attaching to processes or reading core dumps cannot get any -+ information. We do it in this way to clear correct_words[] -+ inside the SHA512 implementation as well. */ -+ __sha512_init_ctx (&ctx); -+ __sha512_finish_ctx (&ctx, alt_result); -+ memset (&ctx, '\0', sizeof (ctx)); -+ memset (&alt_ctx, '\0', sizeof (alt_ctx)); -+ -+ memset (temp_result, '\0', sizeof (temp_result)); -+ memset (p_bytes, '\0', key_len); -+ memset (s_bytes, '\0', salt_len); -+ if (copied_key != NULL) -+ memset (copied_key, '\0', key_len); -+ if (copied_salt != NULL) -+ memset (copied_salt, '\0', salt_len); -+ -+ return buffer; -+} -+ -+static char *buffer; -+ -+/* This entry point is equivalent to the `crypt' function in Unix -+ libcs. */ -+char * -+__sha512_crypt (const unsigned char *key, const unsigned char *salt) -+{ -+ /* We don't want to have an arbitrary limit in the size of the -+ password. We can compute an upper bound for the size of the -+ result in advance and so we can prepare the buffer we pass to -+ `sha512_crypt_r'. */ -+ static int buflen; -+ int needed = (sizeof (sha512_salt_prefix) - 1 -+ + sizeof (sha512_rounds_prefix) + 9 + 1 -+ + strlen (salt) + 1 + 86 + 1); -+ -+ if (buflen < needed) -+ { -+ char *new_buffer = (char *) realloc (buffer, needed); -+ if (new_buffer == NULL) -+ return NULL; -+ -+ buffer = new_buffer; -+ buflen = needed; -+ } -+ -+ return __sha512_crypt_r ((const char *) key, (const char *) salt, buffer, buflen); -+} -diff --git a/libcrypt/sha512.c b/libcrypt/sha512.c -new file mode 100644 -index 0000000..04e0a06 ---- /dev/null -+++ b/libcrypt/sha512.c -@@ -0,0 +1,326 @@ -+/* Functions to compute SHA512 message digest of files or memory blocks. -+ according to the definition of SHA512 in FIPS 180-2. -+ Copyright (C) 2007 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, write to the Free -+ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA -+ 02111-1307 USA. */ -+ -+/* Written by Ulrich Drepper <drepper@redhat.com>, 2007. */ -+ -+#ifdef HAVE_CONFIG_H -+# include <config.h> -+#endif -+ -+#include <endian.h> -+#include <stdlib.h> -+#include <string.h> -+#include <sys/types.h> -+ -+#include "sha512.h" -+ -+#if __BYTE_ORDER == __LITTLE_ENDIAN -+# ifdef _LIBC -+# include <byteswap.h> -+# define SWAP(n) bswap_64 (n) -+# else -+# define SWAP(n) \ -+ (((n) << 56) \ -+ | (((n) & 0xff00) << 40) \ -+ | (((n) & 0xff0000) << 24) \ -+ | (((n) & 0xff000000) << 8) \ -+ | (((n) >> 8) & 0xff000000) \ -+ | (((n) >> 24) & 0xff0000) \ -+ | (((n) >> 40) & 0xff00) \ -+ | ((n) >> 56)) -+# endif -+#else -+# define SWAP(n) (n) -+#endif -+ -+ -+/* This array contains the bytes used to pad the buffer to the next -+ 64-byte boundary. (FIPS 180-2:5.1.2) */ -+static const unsigned char fillbuf[128] = { 0x80, 0 /* , 0, 0, ... */ }; -+ -+ -+/* Constants for SHA512 from FIPS 180-2:4.2.3. */ -+static const uint64_t K[80] = -+ { -+ UINT64_C (0x428a2f98d728ae22), UINT64_C (0x7137449123ef65cd), -+ UINT64_C (0xb5c0fbcfec4d3b2f), UINT64_C (0xe9b5dba58189dbbc), -+ UINT64_C (0x3956c25bf348b538), UINT64_C (0x59f111f1b605d019), -+ UINT64_C (0x923f82a4af194f9b), UINT64_C (0xab1c5ed5da6d8118), -+ UINT64_C (0xd807aa98a3030242), UINT64_C (0x12835b0145706fbe), -+ UINT64_C (0x243185be4ee4b28c), UINT64_C (0x550c7dc3d5ffb4e2), -+ UINT64_C (0x72be5d74f27b896f), UINT64_C (0x80deb1fe3b1696b1), -+ UINT64_C (0x9bdc06a725c71235), UINT64_C (0xc19bf174cf692694), -+ UINT64_C (0xe49b69c19ef14ad2), UINT64_C (0xefbe4786384f25e3), -+ UINT64_C (0x0fc19dc68b8cd5b5), UINT64_C (0x240ca1cc77ac9c65), -+ UINT64_C (0x2de92c6f592b0275), UINT64_C (0x4a7484aa6ea6e483), -+ UINT64_C (0x5cb0a9dcbd41fbd4), UINT64_C (0x76f988da831153b5), -+ UINT64_C (0x983e5152ee66dfab), UINT64_C (0xa831c66d2db43210), -+ UINT64_C (0xb00327c898fb213f), UINT64_C (0xbf597fc7beef0ee4), -+ UINT64_C (0xc6e00bf33da88fc2), UINT64_C (0xd5a79147930aa725), -+ UINT64_C (0x06ca6351e003826f), UINT64_C (0x142929670a0e6e70), -+ UINT64_C (0x27b70a8546d22ffc), UINT64_C (0x2e1b21385c26c926), -+ UINT64_C (0x4d2c6dfc5ac42aed), UINT64_C (0x53380d139d95b3df), -+ UINT64_C (0x650a73548baf63de), UINT64_C (0x766a0abb3c77b2a8), -+ UINT64_C (0x81c2c92e47edaee6), UINT64_C (0x92722c851482353b), -+ UINT64_C (0xa2bfe8a14cf10364), UINT64_C (0xa81a664bbc423001), -+ UINT64_C (0xc24b8b70d0f89791), UINT64_C (0xc76c51a30654be30), -+ UINT64_C (0xd192e819d6ef5218), UINT64_C (0xd69906245565a910), -+ UINT64_C (0xf40e35855771202a), UINT64_C (0x106aa07032bbd1b8), -+ UINT64_C (0x19a4c116b8d2d0c8), UINT64_C (0x1e376c085141ab53), -+ UINT64_C (0x2748774cdf8eeb99), UINT64_C (0x34b0bcb5e19b48a8), -+ UINT64_C (0x391c0cb3c5c95a63), UINT64_C (0x4ed8aa4ae3418acb), -+ UINT64_C (0x5b9cca4f7763e373), UINT64_C (0x682e6ff3d6b2b8a3), -+ UINT64_C (0x748f82ee5defb2fc), UINT64_C (0x78a5636f43172f60), -+ UINT64_C (0x84c87814a1f0ab72), UINT64_C (0x8cc702081a6439ec), -+ UINT64_C (0x90befffa23631e28), UINT64_C (0xa4506cebde82bde9), -+ UINT64_C (0xbef9a3f7b2c67915), UINT64_C (0xc67178f2e372532b), -+ UINT64_C (0xca273eceea26619c), UINT64_C (0xd186b8c721c0c207), -+ UINT64_C (0xeada7dd6cde0eb1e), UINT64_C (0xf57d4f7fee6ed178), -+ UINT64_C (0x06f067aa72176fba), UINT64_C (0x0a637dc5a2c898a6), -+ UINT64_C (0x113f9804bef90dae), UINT64_C (0x1b710b35131c471b), -+ UINT64_C (0x28db77f523047d84), UINT64_C (0x32caab7b40c72493), -+ UINT64_C (0x3c9ebe0a15c9bebc), UINT64_C (0x431d67c49c100d4c), -+ UINT64_C (0x4cc5d4becb3e42b6), UINT64_C (0x597f299cfc657e2a), -+ UINT64_C (0x5fcb6fab3ad6faec), UINT64_C (0x6c44198c4a475817) -+ }; -+ -+ -+/* Process LEN bytes of BUFFER, accumulating context into CTX. -+ It is assumed that LEN % 128 == 0. */ -+static void -+sha512_process_block (const void *buffer, size_t len, struct sha512_ctx *ctx) -+{ -+ const uint64_t *words = buffer; -+ size_t nwords = len / sizeof (uint64_t); -+ uint64_t a = ctx->H[0]; -+ uint64_t b = ctx->H[1]; -+ uint64_t c = ctx->H[2]; -+ uint64_t d = ctx->H[3]; -+ uint64_t e = ctx->H[4]; -+ uint64_t f = ctx->H[5]; -+ uint64_t g = ctx->H[6]; -+ uint64_t h = ctx->H[7]; -+ -+ /* First increment the byte count. FIPS 180-2 specifies the possible -+ length of the file up to 2^128 bits. Here we only compute the -+ number of bytes. Do a double word increment. */ -+ ctx->total[0] += len; -+ if (ctx->total[0] < len) -+ ++ctx->total[1]; -+ -+ /* Process all bytes in the buffer with 128 bytes in each round of -+ the loop. */ -+ while (nwords > 0) -+ { -+ uint64_t W[80]; -+ uint64_t a_save = a; -+ uint64_t b_save = b; -+ uint64_t c_save = c; -+ uint64_t d_save = d; -+ uint64_t e_save = e; -+ uint64_t f_save = f; -+ uint64_t g_save = g; -+ uint64_t h_save = h; -+ -+ /* Operators defined in FIPS 180-2:4.1.2. */ -+#define Ch(x, y, z) ((x & y) ^ (~x & z)) -+#define Maj(x, y, z) ((x & y) ^ (x & z) ^ (y & z)) -+#define S0(x) (CYCLIC (x, 28) ^ CYCLIC (x, 34) ^ CYCLIC (x, 39)) -+#define S1(x) (CYCLIC (x, 14) ^ CYCLIC (x, 18) ^ CYCLIC (x, 41)) -+#define R0(x) (CYCLIC (x, 1) ^ CYCLIC (x, 8) ^ (x >> 7)) -+#define R1(x) (CYCLIC (x, 19) ^ CYCLIC (x, 61) ^ (x >> 6)) -+ -+ /* It is unfortunate that C does not provide an operator for -+ cyclic rotation. Hope the C compiler is smart enough. */ -+#define CYCLIC(w, s) ((w >> s) | (w << (64 - s))) -+ -+ /* Compute the message schedule according to FIPS 180-2:6.3.2 step 2. */ -+ for (unsigned int t = 0; t < 16; ++t) -+ { -+ W[t] = SWAP (*words); -+ ++words; -+ } -+ for (unsigned int t = 16; t < 80; ++t) -+ W[t] = R1 (W[t - 2]) + W[t - 7] + R0 (W[t - 15]) + W[t - 16]; -+ -+ /* The actual computation according to FIPS 180-2:6.3.2 step 3. */ -+ for (unsigned int t = 0; t < 80; ++t) -+ { -+ uint64_t T1 = h + S1 (e) + Ch (e, f, g) + K[t] + W[t]; -+ uint64_t T2 = S0 (a) + Maj (a, b, c); -+ h = g; -+ g = f; -+ f = e; -+ e = d + T1; -+ d = c; -+ c = b; -+ b = a; -+ a = T1 + T2; -+ } -+ -+ /* Add the starting values of the context according to FIPS 180-2:6.3.2 -+ step 4. */ -+ a += a_save; -+ b += b_save; -+ c += c_save; -+ d += d_save; -+ e += e_save; -+ f += f_save; -+ g += g_save; -+ h += h_save; -+ -+ /* Prepare for the next round. */ -+ nwords -= 16; -+ } -+ -+ /* Put checksum in context given as argument. */ -+ ctx->H[0] = a; -+ ctx->H[1] = b; -+ ctx->H[2] = c; -+ ctx->H[3] = d; -+ ctx->H[4] = e; -+ ctx->H[5] = f; -+ ctx->H[6] = g; -+ ctx->H[7] = h; -+} -+ -+ -+/* Initialize structure containing state of computation. -+ (FIPS 180-2:5.3.3) */ -+void -+__sha512_init_ctx (struct sha512_ctx *ctx) -+{ -+ ctx->H[0] = UINT64_C (0x6a09e667f3bcc908); -+ ctx->H[1] = UINT64_C (0xbb67ae8584caa73b); -+ ctx->H[2] = UINT64_C (0x3c6ef372fe94f82b); -+ ctx->H[3] = UINT64_C (0xa54ff53a5f1d36f1); -+ ctx->H[4] = UINT64_C (0x510e527fade682d1); -+ ctx->H[5] = UINT64_C (0x9b05688c2b3e6c1f); -+ ctx->H[6] = UINT64_C (0x1f83d9abfb41bd6b); -+ ctx->H[7] = UINT64_C (0x5be0cd19137e2179); -+ -+ ctx->total[0] = ctx->total[1] = 0; -+ ctx->buflen = 0; -+} -+ -+ -+/* Process the remaining bytes in the internal buffer and the usual -+ prolog according to the standard and write the result to RESBUF. -+ -+ IMPORTANT: On some systems it is required that RESBUF is correctly -+ aligned for a 32 bits value. */ -+void * -+__sha512_finish_ctx (struct sha512_ctx *ctx, void *resbuf) -+{ -+ /* Take yet unprocessed bytes into account. */ -+ uint64_t bytes = ctx->buflen; -+ size_t pad; -+ -+ /* Now count remaining bytes. */ -+ ctx->total[0] += bytes; -+ if (ctx->total[0] < bytes) -+ ++ctx->total[1]; -+ -+ pad = bytes >= 112 ? 128 + 112 - bytes : 112 - bytes; -+ memcpy (&ctx->buffer[bytes], fillbuf, pad); -+ -+ /* Put the 128-bit file length in *bits* at the end of the buffer. */ -+ *(uint64_t *) &ctx->buffer[bytes + pad + 8] = SWAP (ctx->total[0] << 3); -+ *(uint64_t *) &ctx->buffer[bytes + pad] = SWAP ((ctx->total[1] << 3) | -+ (ctx->total[0] >> 61)); -+ -+ /* Process last bytes. */ -+ sha512_process_block (ctx->buffer, bytes + pad + 16, ctx); -+ -+ /* Put result from CTX in first 64 bytes following RESBUF. */ -+ for (unsigned int i = 0; i < 8; ++i) -+ ((uint64_t *) resbuf)[i] = SWAP (ctx->H[i]); -+ -+ return resbuf; -+} -+ -+ -+void -+__sha512_process_bytes (const void *buffer, size_t len, struct sha512_ctx *ctx) -+{ -+ /* When we already have some bits in our internal buffer concatenate -+ both inputs first. */ -+ if (ctx->buflen != 0) -+ { -+ size_t left_over = ctx->buflen; -+ size_t add = 256 - left_over > len ? len : 256 - left_over; -+ -+ memcpy (&ctx->buffer[left_over], buffer, add); -+ ctx->buflen += add; -+ -+ if (ctx->buflen > 128) -+ { -+ sha512_process_block (ctx->buffer, ctx->buflen & ~127, ctx); -+ -+ ctx->buflen &= 127; -+ /* The regions in the following copy operation cannot overlap. */ -+ memcpy (ctx->buffer, &ctx->buffer[(left_over + add) & ~127], -+ ctx->buflen); -+ } -+ -+ buffer = (const char *) buffer + add; -+ len -= add; -+ } -+ -+ /* Process available complete blocks. */ -+ if (len >= 128) -+ { -+#if __GNUC__ >= 2 -+# define UNALIGNED_P(p) (((uintptr_t) p) % __alignof__ (uint64_t) != 0) -+#else -+# define UNALIGNED_P(p) (((uintptr_t) p) % sizeof (uint64_t) != 0) -+#endif -+ if (UNALIGNED_P (buffer)) -+ while (len > 128) -+ { -+ sha512_process_block (memcpy (ctx->buffer, buffer, 128), 128, -+ ctx); -+ buffer = (const char *) buffer + 128; -+ len -= 128; -+ } -+ else -+ { -+ sha512_process_block (buffer, len & ~127, ctx); -+ buffer = (const char *) buffer + (len & ~127); -+ len &= 127; -+ } -+ } -+ -+ /* Move remaining bytes into internal buffer. */ -+ if (len > 0) -+ { -+ size_t left_over = ctx->buflen; -+ -+ memcpy (&ctx->buffer[left_over], buffer, len); -+ left_over += len; -+ if (left_over >= 128) -+ { -+ sha512_process_block (ctx->buffer, 128, ctx); -+ left_over -= 128; -+ memcpy (ctx->buffer, &ctx->buffer[128], left_over); -+ } -+ ctx->buflen = left_over; -+ } -+} -diff --git a/libcrypt/sha512.h b/libcrypt/sha512.h -new file mode 100644 -index 0000000..5777827 ---- /dev/null -+++ b/libcrypt/sha512.h -@@ -0,0 +1,58 @@ -+/* Declaration of functions and data types used for SHA512 sum computing -+ library functions. -+ Copyright (C) 2007 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, write to the Free -+ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA -+ 02111-1307 USA. */ -+ -+#ifndef _SHA512_H -+#define _SHA512_H 1 -+ -+#include <limits.h> -+#include <stdint.h> -+#include <stdio.h> -+ -+ -+/* Structure to save state of computation between the single steps. */ -+struct sha512_ctx -+{ -+ uint64_t H[8]; -+ -+ uint64_t total[2]; -+ uint64_t buflen; -+ char buffer[256] __attribute__ ((__aligned__ (__alignof__ (uint64_t)))); -+}; -+ -+/* Initialize structure containing state of computation. -+ (FIPS 180-2: 5.3.3) */ -+extern void __sha512_init_ctx (struct sha512_ctx *ctx) attribute_hidden; -+ -+/* Starting with the result of former calls of this function (or the -+ initialization function update the context for the next LEN bytes -+ starting at BUFFER. -+ It is NOT required that LEN is a multiple of 128. */ -+extern void __sha512_process_bytes (const void *buffer, size_t len, -+ struct sha512_ctx *ctx) attribute_hidden; -+ -+/* Process the remaining bytes in the buffer and put result from CTX -+ in first 64 bytes following RESBUF. -+ -+ IMPORTANT: On some systems it is required that RESBUF is correctly -+ aligned for a 64 bits value. */ -+extern void *__sha512_finish_ctx (struct sha512_ctx *ctx, void *resbuf) -+ attribute_hidden; -+ -+#endif /* sha512.h */ --- -1.7.7.3 - -From aad4fe2d08d930f3a63a5e31ec315cbedb1aa965 Mon Sep 17 00:00:00 2001 -From: William Pitcock <nenolod@dereferenced.org> -Date: Wed, 16 Nov 2011 06:05:07 -0600 -Subject: [PATCH] libcrypt/sha512-crypt: convert nested function - b64_from_24bit() into a macro - -The glibc implementation of sha512-crypt used inline functions which should -really be converted into a macro because otherwise a trampoline is potentially -created. - -Signed-off-by: William Pitcock <nenolod@dereferenced.org> ---- - libcrypt/sha512-crypt.c | 68 +++++++++++++++++++++++----------------------- - 1 files changed, 34 insertions(+), 34 deletions(-) - -diff --git a/libcrypt/sha512-crypt.c b/libcrypt/sha512-crypt.c -index dece925..0321be0 100644 ---- a/libcrypt/sha512-crypt.c -+++ b/libcrypt/sha512-crypt.c -@@ -48,6 +48,18 @@ static const char sha512_rounds_prefix[] = "rounds="; - static const char b64t[64] = - "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; - -+#define B64_FROM_24BIT(b2, b1, b0, steps) \ -+ { \ -+ int n = (steps); \ -+ unsigned int w = ((b2) << 16) | ((b1) << 8) | (b0); \ -+ while (n-- > 0 && buflen > 0) \ -+ { \ -+ *cp++ = b64t[w & 0x3f]; \ -+ --buflen; \ -+ w >>= 6; \ -+ } \ -+ } -+ - char * - __sha512_crypt_r (const char *key, - const char *salt, -@@ -246,40 +258,28 @@ __sha512_crypt_r (const char *key, - --buflen; - } - -- void b64_from_24bit (unsigned int b2, unsigned int b1, unsigned int b0, -- int n) -- { -- unsigned int w = (b2 << 16) | (b1 << 8) | b0; -- while (n-- > 0 && buflen > 0) -- { -- *cp++ = b64t[w & 0x3f]; -- --buflen; -- w >>= 6; -- } -- } -- -- b64_from_24bit (alt_result[0], alt_result[21], alt_result[42], 4); -- b64_from_24bit (alt_result[22], alt_result[43], alt_result[1], 4); -- b64_from_24bit (alt_result[44], alt_result[2], alt_result[23], 4); -- b64_from_24bit (alt_result[3], alt_result[24], alt_result[45], 4); -- b64_from_24bit (alt_result[25], alt_result[46], alt_result[4], 4); -- b64_from_24bit (alt_result[47], alt_result[5], alt_result[26], 4); -- b64_from_24bit (alt_result[6], alt_result[27], alt_result[48], 4); -- b64_from_24bit (alt_result[28], alt_result[49], alt_result[7], 4); -- b64_from_24bit (alt_result[50], alt_result[8], alt_result[29], 4); -- b64_from_24bit (alt_result[9], alt_result[30], alt_result[51], 4); -- b64_from_24bit (alt_result[31], alt_result[52], alt_result[10], 4); -- b64_from_24bit (alt_result[53], alt_result[11], alt_result[32], 4); -- b64_from_24bit (alt_result[12], alt_result[33], alt_result[54], 4); -- b64_from_24bit (alt_result[34], alt_result[55], alt_result[13], 4); -- b64_from_24bit (alt_result[56], alt_result[14], alt_result[35], 4); -- b64_from_24bit (alt_result[15], alt_result[36], alt_result[57], 4); -- b64_from_24bit (alt_result[37], alt_result[58], alt_result[16], 4); -- b64_from_24bit (alt_result[59], alt_result[17], alt_result[38], 4); -- b64_from_24bit (alt_result[18], alt_result[39], alt_result[60], 4); -- b64_from_24bit (alt_result[40], alt_result[61], alt_result[19], 4); -- b64_from_24bit (alt_result[62], alt_result[20], alt_result[41], 4); -- b64_from_24bit (0, 0, alt_result[63], 2); -+ B64_FROM_24BIT (alt_result[0], alt_result[21], alt_result[42], 4); -+ B64_FROM_24BIT (alt_result[22], alt_result[43], alt_result[1], 4); -+ B64_FROM_24BIT (alt_result[44], alt_result[2], alt_result[23], 4); -+ B64_FROM_24BIT (alt_result[3], alt_result[24], alt_result[45], 4); -+ B64_FROM_24BIT (alt_result[25], alt_result[46], alt_result[4], 4); -+ B64_FROM_24BIT (alt_result[47], alt_result[5], alt_result[26], 4); -+ B64_FROM_24BIT (alt_result[6], alt_result[27], alt_result[48], 4); -+ B64_FROM_24BIT (alt_result[28], alt_result[49], alt_result[7], 4); -+ B64_FROM_24BIT (alt_result[50], alt_result[8], alt_result[29], 4); -+ B64_FROM_24BIT (alt_result[9], alt_result[30], alt_result[51], 4); -+ B64_FROM_24BIT (alt_result[31], alt_result[52], alt_result[10], 4); -+ B64_FROM_24BIT (alt_result[53], alt_result[11], alt_result[32], 4); -+ B64_FROM_24BIT (alt_result[12], alt_result[33], alt_result[54], 4); -+ B64_FROM_24BIT (alt_result[34], alt_result[55], alt_result[13], 4); -+ B64_FROM_24BIT (alt_result[56], alt_result[14], alt_result[35], 4); -+ B64_FROM_24BIT (alt_result[15], alt_result[36], alt_result[57], 4); -+ B64_FROM_24BIT (alt_result[37], alt_result[58], alt_result[16], 4); -+ B64_FROM_24BIT (alt_result[59], alt_result[17], alt_result[38], 4); -+ B64_FROM_24BIT (alt_result[18], alt_result[39], alt_result[60], 4); -+ B64_FROM_24BIT (alt_result[40], alt_result[61], alt_result[19], 4); -+ B64_FROM_24BIT (alt_result[62], alt_result[20], alt_result[41], 4); -+ B64_FROM_24BIT (0, 0, alt_result[63], 2); - - if (buflen <= 0) - { --- -1.7.7.3 - -From 9b463f10d2b395c80533fa44876f6a387fc69289 Mon Sep 17 00:00:00 2001 -From: William Pitcock <nenolod@dereferenced.org> -Date: Wed, 16 Nov 2011 06:22:36 -0600 -Subject: [PATCH] libcrypt: add SHA256 crypt support. -To: uclibc@uclibc.org - -This is based on Ulrich Drepper's SHA256 crypt implementation in GLIBC. -I decided to add support for this as an option as there have been a few other -SHA256 patches proposed recently. - -Signed-off-by: William Pitcock <nenolod@dereferenced.org> ---- - extra/Configs/Config.in | 6 + - libcrypt/Makefile.in | 1 + - libcrypt/crypt.c | 3 + - libcrypt/libcrypt.h | 2 + - libcrypt/sha256-crypt.c | 326 +++++++++++++++++++++++++++++++++++++++++++++++ - libcrypt/sha256.c | 294 ++++++++++++++++++++++++++++++++++++++++++ - libcrypt/sha256.h | 58 +++++++++ - 7 files changed, 690 insertions(+), 0 deletions(-) - create mode 100644 libcrypt/sha256-crypt.c - create mode 100644 libcrypt/sha256.c - create mode 100644 libcrypt/sha256.h - -diff --git a/extra/Configs/Config.in b/extra/Configs/Config.in -index 1ec041d..56db0c4 100644 ---- a/extra/Configs/Config.in -+++ b/extra/Configs/Config.in -@@ -1174,6 +1174,12 @@ config UCLIBC_HAS_CRYPT_IMPL - help - libcrypt contains crypt(), setkey() and encrypt() - -+config UCLIBC_HAS_SHA256_CRYPT_IMPL -+ bool "libcrypt SHA256 support" -+ default y -+ help -+ Say N here if you do not need SHA256 crypt support. -+ - config UCLIBC_HAS_SHA512_CRYPT_IMPL - bool "libcrypt SHA512 support" - default y -diff --git a/libcrypt/Makefile.in b/libcrypt/Makefile.in -index 2fceaed..94753f4 100644 ---- a/libcrypt/Makefile.in -+++ b/libcrypt/Makefile.in -@@ -21,6 +21,7 @@ libcrypt_OUT := $(top_builddir)libcrypt - - libcrypt_SRC-y := - libcrypt_SRC-$(UCLIBC_HAS_CRYPT_IMPL) += crypt.c des.c md5.c -+libcrypt_SRC-$(UCLIBC_HAS_SHA256_CRYPT_IMPL) += sha256.c sha256-crypt.c - libcrypt_SRC-$(UCLIBC_HAS_SHA512_CRYPT_IMPL) += sha512.c sha512-crypt.c - libcrypt_SRC-$(UCLIBC_HAS_CRYPT_STUB) += crypt_stub.c - -diff --git a/libcrypt/crypt.c b/libcrypt/crypt.c -index 2bb2c33..15e3b29 100644 ---- a/libcrypt/crypt.c -+++ b/libcrypt/crypt.c -@@ -21,6 +21,9 @@ static const struct { - const crypt_impl_f crypt_impl; - } crypt_impl_tab[] = { - { "$1$", __md5_crypt }, -+#ifdef __UCLIBC_HAS_SHA256_CRYPT_IMPL__ -+ { "$5$", __sha256_crypt }, -+#endif - #ifdef __UCLIBC_HAS_SHA512_CRYPT_IMPL__ - { "$6$", __sha512_crypt }, - #endif -diff --git a/libcrypt/libcrypt.h b/libcrypt/libcrypt.h -index fcad6ae..67733d1 100644 ---- a/libcrypt/libcrypt.h -+++ b/libcrypt/libcrypt.h -@@ -9,9 +9,11 @@ - #define __LIBCRYPT_H__ - - extern char *__md5_crypt(const unsigned char *pw, const unsigned char *salt) attribute_hidden; -+extern char *__sha256_crypt(const unsigned char *pw, const unsigned char *salt) attribute_hidden; - extern char *__sha512_crypt(const unsigned char *pw, const unsigned char *salt) attribute_hidden; - extern char *__des_crypt(const unsigned char *pw, const unsigned char *salt) attribute_hidden; - -+extern char *__sha256_crypt_r (const char *key, const char *salt, char *buffer, int buflen) attribute_hidden; - extern char *__sha512_crypt_r (const char *key, const char *salt, char *buffer, int buflen) attribute_hidden; - - /* shut up gcc-4.x signed warnings */ -diff --git a/libcrypt/sha256-crypt.c b/libcrypt/sha256-crypt.c -new file mode 100644 -index 0000000..4422148 ---- /dev/null -+++ b/libcrypt/sha256-crypt.c -@@ -0,0 +1,326 @@ -+/* One way encryption based on SHA256 sum. -+ Copyright (C) 2007, 2009 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ Contributed by Ulrich Drepper <drepper@redhat.com>, 2007. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, write to the Free -+ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA -+ 02111-1307 USA. */ -+ -+#include <assert.h> -+#include <errno.h> -+#include <stdbool.h> -+#include <stdlib.h> -+#include <string.h> -+#include <sys/param.h> -+ -+#include "sha256.h" -+#include "libcrypt.h" -+ -+/* Define our magic string to mark salt for SHA256 "encryption" -+ replacement. */ -+static const char sha256_salt_prefix[] = "$5$"; -+ -+/* Prefix for optional rounds specification. */ -+static const char sha256_rounds_prefix[] = "rounds="; -+ -+/* Maximum salt string length. */ -+#define SALT_LEN_MAX 16 -+/* Default number of rounds if not explicitly specified. */ -+#define ROUNDS_DEFAULT 5000 -+/* Minimum number of rounds. */ -+#define ROUNDS_MIN 1000 -+/* Maximum number of rounds. */ -+#define ROUNDS_MAX 999999999 -+ -+/* Table with characters for base64 transformation. */ -+static const char b64t[64] = -+"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; -+ -+#define B64_FROM_24BIT(b2, b1, b0, steps) \ -+ { \ -+ int n = (steps); \ -+ unsigned int w = ((b2) << 16) | ((b1) << 8) | (b0); \ -+ while (n-- > 0 && buflen > 0) \ -+ { \ -+ *cp++ = b64t[w & 0x3f]; \ -+ --buflen; \ -+ w >>= 6; \ -+ } \ -+ } -+ -+char * -+__sha256_crypt_r (const char *key, -+ const char *salt, -+ char *buffer, -+ int buflen) -+{ -+ unsigned char alt_result[32] -+ __attribute__ ((__aligned__ (__alignof__ (uint32_t)))); -+ unsigned char temp_result[32] -+ __attribute__ ((__aligned__ (__alignof__ (uint32_t)))); -+ size_t salt_len; -+ size_t key_len; -+ size_t cnt; -+ char *cp; -+ char *copied_key = NULL; -+ char *copied_salt = NULL; -+ char *p_bytes; -+ char *s_bytes; -+ /* Default number of rounds. */ -+ size_t rounds = ROUNDS_DEFAULT; -+ bool rounds_custom = false; -+ -+ /* Find beginning of salt string. The prefix should normally always -+ be present. Just in case it is not. */ -+ if (strncmp (sha256_salt_prefix, salt, sizeof (sha256_salt_prefix) - 1) == 0) -+ /* Skip salt prefix. */ -+ salt += sizeof (sha256_salt_prefix) - 1; -+ -+ if (strncmp (salt, sha256_rounds_prefix, sizeof (sha256_rounds_prefix) - 1) -+ == 0) -+ { -+ const char *num = salt + sizeof (sha256_rounds_prefix) - 1; -+ char *endp; -+ unsigned long int srounds = strtoul (num, &endp, 10); -+ if (*endp == '$') -+ { -+ salt = endp + 1; -+ rounds = MAX (ROUNDS_MIN, MIN (srounds, ROUNDS_MAX)); -+ rounds_custom = true; -+ } -+ } -+ -+ salt_len = MIN (strcspn (salt, "$"), SALT_LEN_MAX); -+ key_len = strlen (key); -+ -+ if ((key - (char *) 0) % __alignof__ (uint32_t) != 0) -+ { -+ char *tmp = (char *) alloca (key_len + __alignof__ (uint32_t)); -+ key = copied_key = -+ memcpy (tmp + __alignof__ (uint32_t) -+ - (tmp - (char *) 0) % __alignof__ (uint32_t), -+ key, key_len); -+ assert ((key - (char *) 0) % __alignof__ (uint32_t) == 0); -+ } -+ -+ if ((salt - (char *) 0) % __alignof__ (uint32_t) != 0) -+ { -+ char *tmp = (char *) alloca (salt_len + __alignof__ (uint32_t)); -+ salt = copied_salt = -+ memcpy (tmp + __alignof__ (uint32_t) -+ - (tmp - (char *) 0) % __alignof__ (uint32_t), -+ salt, salt_len); -+ assert ((salt - (char *) 0) % __alignof__ (uint32_t) == 0); -+ } -+ -+ struct sha256_ctx ctx; -+ struct sha256_ctx alt_ctx; -+ -+ /* Prepare for the real work. */ -+ __sha256_init_ctx (&ctx); -+ -+ /* Add the key string. */ -+ __sha256_process_bytes (key, key_len, &ctx); -+ -+ /* The last part is the salt string. This must be at most 16 -+ characters and it ends at the first `$' character. */ -+ __sha256_process_bytes (salt, salt_len, &ctx); -+ -+ -+ /* Compute alternate SHA256 sum with input KEY, SALT, and KEY. The -+ final result will be added to the first context. */ -+ __sha256_init_ctx (&alt_ctx); -+ -+ /* Add key. */ -+ __sha256_process_bytes (key, key_len, &alt_ctx); -+ -+ /* Add salt. */ -+ __sha256_process_bytes (salt, salt_len, &alt_ctx); -+ -+ /* Add key again. */ -+ __sha256_process_bytes (key, key_len, &alt_ctx); -+ -+ /* Now get result of this (32 bytes) and add it to the other -+ context. */ -+ __sha256_finish_ctx (&alt_ctx, alt_result); -+ -+ /* Add for any character in the key one byte of the alternate sum. */ -+ for (cnt = key_len; cnt > 32; cnt -= 32) -+ __sha256_process_bytes (alt_result, 32, &ctx); -+ __sha256_process_bytes (alt_result, cnt, &ctx); -+ -+ /* Take the binary representation of the length of the key and for every -+ 1 add the alternate sum, for every 0 the key. */ -+ for (cnt = key_len; cnt > 0; cnt >>= 1) -+ if ((cnt & 1) != 0) -+ __sha256_process_bytes (alt_result, 32, &ctx); -+ else -+ __sha256_process_bytes (key, key_len, &ctx); -+ -+ /* Create intermediate result. */ -+ __sha256_finish_ctx (&ctx, alt_result); -+ -+ /* Start computation of P byte sequence. */ -+ __sha256_init_ctx (&alt_ctx); -+ -+ /* For every character in the password add the entire password. */ -+ for (cnt = 0; cnt < key_len; ++cnt) -+ __sha256_process_bytes (key, key_len, &alt_ctx); -+ -+ /* Finish the digest. */ -+ __sha256_finish_ctx (&alt_ctx, temp_result); -+ -+ /* Create byte sequence P. */ -+ cp = p_bytes = alloca (key_len); -+ for (cnt = key_len; cnt >= 32; cnt -= 32) -+ cp = mempcpy (cp, temp_result, 32); -+ memcpy (cp, temp_result, cnt); -+ -+ /* Start computation of S byte sequence. */ -+ __sha256_init_ctx (&alt_ctx); -+ -+ /* For every character in the password add the entire password. */ -+ for (cnt = 0; cnt < 16 + alt_result[0]; ++cnt) -+ __sha256_process_bytes (salt, salt_len, &alt_ctx); -+ -+ /* Finish the digest. */ -+ __sha256_finish_ctx (&alt_ctx, temp_result); -+ -+ /* Create byte sequence S. */ -+ cp = s_bytes = alloca (salt_len); -+ for (cnt = salt_len; cnt >= 32; cnt -= 32) -+ cp = mempcpy (cp, temp_result, 32); -+ memcpy (cp, temp_result, cnt); -+ -+ /* Repeatedly run the collected hash value through SHA256 to burn -+ CPU cycles. */ -+ for (cnt = 0; cnt < rounds; ++cnt) -+ { -+ /* New context. */ -+ __sha256_init_ctx (&ctx); -+ -+ /* Add key or last result. */ -+ if ((cnt & 1) != 0) -+ __sha256_process_bytes (p_bytes, key_len, &ctx); -+ else -+ __sha256_process_bytes (alt_result, 32, &ctx); -+ -+ /* Add salt for numbers not divisible by 3. */ -+ if (cnt % 3 != 0) -+ __sha256_process_bytes (s_bytes, salt_len, &ctx); -+ -+ /* Add key for numbers not divisible by 7. */ -+ if (cnt % 7 != 0) -+ __sha256_process_bytes (p_bytes, key_len, &ctx); -+ -+ /* Add key or last result. */ -+ if ((cnt & 1) != 0) -+ __sha256_process_bytes (alt_result, 32, &ctx); -+ else -+ __sha256_process_bytes (p_bytes, key_len, &ctx); -+ -+ /* Create intermediate result. */ -+ __sha256_finish_ctx (&ctx, alt_result); -+ } -+ -+ /* Now we can construct the result string. It consists of three -+ parts. */ -+ cp = stpncpy (buffer, sha256_salt_prefix, MAX (0, buflen)); -+ buflen -= sizeof (sha256_salt_prefix) - 1; -+ -+ if (rounds_custom) -+ { -+ int n = snprintf (cp, MAX (0, buflen), "%s%zu$", -+ sha256_rounds_prefix, rounds); -+ cp += n; -+ buflen -= n; -+ } -+ -+ cp = stpncpy (cp, salt, MIN ((size_t) MAX (0, buflen), salt_len)); -+ buflen -= MIN ((size_t) MAX (0, buflen), salt_len); -+ -+ if (buflen > 0) -+ { -+ *cp++ = '$'; -+ --buflen; -+ } -+ -+ B64_FROM_24BIT (alt_result[0], alt_result[10], alt_result[20], 4); -+ B64_FROM_24BIT (alt_result[21], alt_result[1], alt_result[11], 4); -+ B64_FROM_24BIT (alt_result[12], alt_result[22], alt_result[2], 4); -+ B64_FROM_24BIT (alt_result[3], alt_result[13], alt_result[23], 4); -+ B64_FROM_24BIT (alt_result[24], alt_result[4], alt_result[14], 4); -+ B64_FROM_24BIT (alt_result[15], alt_result[25], alt_result[5], 4); -+ B64_FROM_24BIT (alt_result[6], alt_result[16], alt_result[26], 4); -+ B64_FROM_24BIT (alt_result[27], alt_result[7], alt_result[17], 4); -+ B64_FROM_24BIT (alt_result[18], alt_result[28], alt_result[8], 4); -+ B64_FROM_24BIT (alt_result[9], alt_result[19], alt_result[29], 4); -+ B64_FROM_24BIT (0, alt_result[31], alt_result[30], 3); -+ if (buflen <= 0) -+ { -+ __set_errno (ERANGE); -+ buffer = NULL; -+ } -+ else -+ *cp = '\0'; /* Terminate the string. */ -+ -+ /* Clear the buffer for the intermediate result so that people -+ attaching to processes or reading core dumps cannot get any -+ information. We do it in this way to clear correct_words[] -+ inside the SHA256 implementation as well. */ -+ __sha256_init_ctx (&ctx); -+ __sha256_finish_ctx (&ctx, alt_result); -+ memset (&ctx, '\0', sizeof (ctx)); -+ memset (&alt_ctx, '\0', sizeof (alt_ctx)); -+ -+ memset (temp_result, '\0', sizeof (temp_result)); -+ memset (p_bytes, '\0', key_len); -+ memset (s_bytes, '\0', salt_len); -+ if (copied_key != NULL) -+ memset (copied_key, '\0', key_len); -+ if (copied_salt != NULL) -+ memset (copied_salt, '\0', salt_len); -+ -+ return buffer; -+} -+ -+static char *buffer; -+ -+/* This entry point is equivalent to the `crypt' function in Unix -+ libcs. */ -+char * -+__sha256_crypt (const unsigned char *key, const unsigned char *salt) -+{ -+ /* We don't want to have an arbitrary limit in the size of the -+ password. We can compute an upper bound for the size of the -+ result in advance and so we can prepare the buffer we pass to -+ `sha256_crypt_r'. */ -+ static int buflen; -+ int needed = (sizeof (sha256_salt_prefix) - 1 -+ + sizeof (sha256_rounds_prefix) + 9 + 1 -+ + strlen (salt) + 1 + 43 + 1); -+ -+ if (buflen < needed) -+ { -+ char *new_buffer = (char *) realloc (buffer, needed); -+ if (new_buffer == NULL) -+ return NULL; -+ -+ buffer = new_buffer; -+ buflen = needed; -+ } -+ -+ return __sha256_crypt_r ((const char *) key, (const char *) salt, buffer, buflen); -+} -diff --git a/libcrypt/sha256.c b/libcrypt/sha256.c -new file mode 100644 -index 0000000..e652a67 ---- /dev/null -+++ b/libcrypt/sha256.c -@@ -0,0 +1,294 @@ -+/* Functions to compute SHA256 message digest of files or memory blocks. -+ according to the definition of SHA256 in FIPS 180-2. -+ Copyright (C) 2007 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, write to the Free -+ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA -+ 02111-1307 USA. */ -+ -+/* Written by Ulrich Drepper <drepper@redhat.com>, 2007. */ -+ -+#ifdef HAVE_CONFIG_H -+# include <config.h> -+#endif -+ -+#include <endian.h> -+#include <stdlib.h> -+#include <string.h> -+#include <sys/types.h> -+ -+#include "sha256.h" -+ -+#if __BYTE_ORDER == __LITTLE_ENDIAN -+# ifdef _LIBC -+# include <byteswap.h> -+# define SWAP(n) bswap_32 (n) -+# else -+# define SWAP(n) \ -+ (((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24)) -+# endif -+#else -+# define SWAP(n) (n) -+#endif -+ -+ -+/* This array contains the bytes used to pad the buffer to the next -+ 64-byte boundary. (FIPS 180-2:5.1.1) */ -+static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ }; -+ -+ -+/* Constants for SHA256 from FIPS 180-2:4.2.2. */ -+static const uint32_t K[64] = -+ { -+ 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, -+ 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, -+ 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, -+ 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, -+ 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, -+ 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, -+ 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, -+ 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, -+ 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, -+ 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, -+ 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, -+ 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, -+ 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, -+ 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, -+ 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, -+ 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 -+ }; -+ -+ -+/* Process LEN bytes of BUFFER, accumulating context into CTX. -+ It is assumed that LEN % 64 == 0. */ -+static void -+sha256_process_block (const void *buffer, size_t len, struct sha256_ctx *ctx) -+{ -+ const uint32_t *words = buffer; -+ size_t nwords = len / sizeof (uint32_t); -+ uint32_t a = ctx->H[0]; -+ uint32_t b = ctx->H[1]; -+ uint32_t c = ctx->H[2]; -+ uint32_t d = ctx->H[3]; -+ uint32_t e = ctx->H[4]; -+ uint32_t f = ctx->H[5]; -+ uint32_t g = ctx->H[6]; -+ uint32_t h = ctx->H[7]; -+ -+ /* First increment the byte count. FIPS 180-2 specifies the possible -+ length of the file up to 2^64 bits. Here we only compute the -+ number of bytes. Do a double word increment. */ -+ ctx->total[0] += len; -+ if (ctx->total[0] < len) -+ ++ctx->total[1]; -+ -+ /* Process all bytes in the buffer with 64 bytes in each round of -+ the loop. */ -+ while (nwords > 0) -+ { -+ uint32_t W[64]; -+ uint32_t a_save = a; -+ uint32_t b_save = b; -+ uint32_t c_save = c; -+ uint32_t d_save = d; -+ uint32_t e_save = e; -+ uint32_t f_save = f; -+ uint32_t g_save = g; -+ uint32_t h_save = h; -+ -+ /* Operators defined in FIPS 180-2:4.1.2. */ -+#define Ch(x, y, z) ((x & y) ^ (~x & z)) -+#define Maj(x, y, z) ((x & y) ^ (x & z) ^ (y & z)) -+#define S0(x) (CYCLIC (x, 2) ^ CYCLIC (x, 13) ^ CYCLIC (x, 22)) -+#define S1(x) (CYCLIC (x, 6) ^ CYCLIC (x, 11) ^ CYCLIC (x, 25)) -+#define R0(x) (CYCLIC (x, 7) ^ CYCLIC (x, 18) ^ (x >> 3)) -+#define R1(x) (CYCLIC (x, 17) ^ CYCLIC (x, 19) ^ (x >> 10)) -+ -+ /* It is unfortunate that C does not provide an operator for -+ cyclic rotation. Hope the C compiler is smart enough. */ -+#define CYCLIC(w, s) ((w >> s) | (w << (32 - s))) -+ -+ /* Compute the message schedule according to FIPS 180-2:6.2.2 step 2. */ -+ for (unsigned int t = 0; t < 16; ++t) -+ { -+ W[t] = SWAP (*words); -+ ++words; -+ } -+ for (unsigned int t = 16; t < 64; ++t) -+ W[t] = R1 (W[t - 2]) + W[t - 7] + R0 (W[t - 15]) + W[t - 16]; -+ -+ /* The actual computation according to FIPS 180-2:6.2.2 step 3. */ -+ for (unsigned int t = 0; t < 64; ++t) -+ { -+ uint32_t T1 = h + S1 (e) + Ch (e, f, g) + K[t] + W[t]; -+ uint32_t T2 = S0 (a) + Maj (a, b, c); -+ h = g; -+ g = f; -+ f = e; -+ e = d + T1; -+ d = c; -+ c = b; -+ b = a; -+ a = T1 + T2; -+ } -+ -+ /* Add the starting values of the context according to FIPS 180-2:6.2.2 -+ step 4. */ -+ a += a_save; -+ b += b_save; -+ c += c_save; -+ d += d_save; -+ e += e_save; -+ f += f_save; -+ g += g_save; -+ h += h_save; -+ -+ /* Prepare for the next round. */ -+ nwords -= 16; -+ } -+ -+ /* Put checksum in context given as argument. */ -+ ctx->H[0] = a; -+ ctx->H[1] = b; -+ ctx->H[2] = c; -+ ctx->H[3] = d; -+ ctx->H[4] = e; -+ ctx->H[5] = f; -+ ctx->H[6] = g; -+ ctx->H[7] = h; -+} -+ -+ -+/* Initialize structure containing state of computation. -+ (FIPS 180-2:5.3.2) */ -+void -+__sha256_init_ctx (struct sha256_ctx *ctx) -+{ -+ ctx->H[0] = 0x6a09e667; -+ ctx->H[1] = 0xbb67ae85; -+ ctx->H[2] = 0x3c6ef372; -+ ctx->H[3] = 0xa54ff53a; -+ ctx->H[4] = 0x510e527f; -+ ctx->H[5] = 0x9b05688c; -+ ctx->H[6] = 0x1f83d9ab; -+ ctx->H[7] = 0x5be0cd19; -+ -+ ctx->total[0] = ctx->total[1] = 0; -+ ctx->buflen = 0; -+} -+ -+ -+/* Process the remaining bytes in the internal buffer and the usual -+ prolog according to the standard and write the result to RESBUF. -+ -+ IMPORTANT: On some systems it is required that RESBUF is correctly -+ aligned for a 32 bits value. */ -+void * -+__sha256_finish_ctx (struct sha256_ctx *ctx, void *resbuf) -+{ -+ /* Take yet unprocessed bytes into account. */ -+ uint32_t bytes = ctx->buflen; -+ size_t pad; -+ -+ /* Now count remaining bytes. */ -+ ctx->total[0] += bytes; -+ if (ctx->total[0] < bytes) -+ ++ctx->total[1]; -+ -+ pad = bytes >= 56 ? 64 + 56 - bytes : 56 - bytes; -+ memcpy (&ctx->buffer[bytes], fillbuf, pad); -+ -+ /* Put the 64-bit file length in *bits* at the end of the buffer. */ -+ *(uint32_t *) &ctx->buffer[bytes + pad + 4] = SWAP (ctx->total[0] << 3); -+ *(uint32_t *) &ctx->buffer[bytes + pad] = SWAP ((ctx->total[1] << 3) | -+ (ctx->total[0] >> 29)); -+ -+ /* Process last bytes. */ -+ sha256_process_block (ctx->buffer, bytes + pad + 8, ctx); -+ -+ /* Put result from CTX in first 32 bytes following RESBUF. */ -+ for (unsigned int i = 0; i < 8; ++i) -+ ((uint32_t *) resbuf)[i] = SWAP (ctx->H[i]); -+ -+ return resbuf; -+} -+ -+ -+void -+__sha256_process_bytes (const void *buffer, size_t len, struct sha256_ctx *ctx) -+{ -+ /* When we already have some bits in our internal buffer concatenate -+ both inputs first. */ -+ if (ctx->buflen != 0) -+ { -+ size_t left_over = ctx->buflen; -+ size_t add = 128 - left_over > len ? len : 128 - left_over; -+ -+ memcpy (&ctx->buffer[left_over], buffer, add); -+ ctx->buflen += add; -+ -+ if (ctx->buflen > 64) -+ { -+ sha256_process_block (ctx->buffer, ctx->buflen & ~63, ctx); -+ -+ ctx->buflen &= 63; -+ /* The regions in the following copy operation cannot overlap. */ -+ memcpy (ctx->buffer, &ctx->buffer[(left_over + add) & ~63], -+ ctx->buflen); -+ } -+ -+ buffer = (const char *) buffer + add; -+ len -= add; -+ } -+ -+ /* Process available complete blocks. */ -+ if (len >= 64) -+ { -+#if __GNUC__ >= 2 -+# define UNALIGNED_P(p) (((uintptr_t) p) % __alignof__ (uint32_t) != 0) -+#else -+# define UNALIGNED_P(p) (((uintptr_t) p) % sizeof (uint32_t) != 0) -+#endif -+ if (UNALIGNED_P (buffer)) -+ while (len > 64) -+ { -+ sha256_process_block (memcpy (ctx->buffer, buffer, 64), 64, ctx); -+ buffer = (const char *) buffer + 64; -+ len -= 64; -+ } -+ else -+ { -+ sha256_process_block (buffer, len & ~63, ctx); -+ buffer = (const char *) buffer + (len & ~63); -+ len &= 63; -+ } -+ } -+ -+ /* Move remaining bytes into internal buffer. */ -+ if (len > 0) -+ { -+ size_t left_over = ctx->buflen; -+ -+ memcpy (&ctx->buffer[left_over], buffer, len); -+ left_over += len; -+ if (left_over >= 64) -+ { -+ sha256_process_block (ctx->buffer, 64, ctx); -+ left_over -= 64; -+ memcpy (ctx->buffer, &ctx->buffer[64], left_over); -+ } -+ ctx->buflen = left_over; -+ } -+} -diff --git a/libcrypt/sha256.h b/libcrypt/sha256.h -new file mode 100644 -index 0000000..291674f ---- /dev/null -+++ b/libcrypt/sha256.h -@@ -0,0 +1,58 @@ -+/* Declaration of functions and data types used for SHA256 sum computing -+ library functions. -+ Copyright (C) 2007 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, write to the Free -+ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA -+ 02111-1307 USA. */ -+ -+#ifndef _SHA256_H -+#define _SHA256_H 1 -+ -+#include <limits.h> -+#include <stdint.h> -+#include <stdio.h> -+ -+ -+/* Structure to save state of computation between the single steps. */ -+struct sha256_ctx -+{ -+ uint32_t H[8]; -+ -+ uint32_t total[2]; -+ uint32_t buflen; -+ char buffer[128] __attribute__ ((__aligned__ (__alignof__ (uint32_t)))); -+}; -+ -+/* Initialize structure containing state of computation. -+ (FIPS 180-2: 5.3.2) */ -+extern void __sha256_init_ctx (struct sha256_ctx *ctx) attribute_hidden; -+ -+/* Starting with the result of former calls of this function (or the -+ initialization function update the context for the next LEN bytes -+ starting at BUFFER. -+ It is NOT required that LEN is a multiple of 64. */ -+extern void __sha256_process_bytes (const void *buffer, size_t len, -+ struct sha256_ctx *ctx) attribute_hidden; -+ -+/* Process the remaining bytes in the buffer and put result from CTX -+ in first 32 bytes following RESBUF. -+ -+ IMPORTANT: On some systems it is required that RESBUF is correctly -+ aligned for a 32 bits value. */ -+extern void *__sha256_finish_ctx (struct sha256_ctx *ctx, void *resbuf) -+ attribute_hidden; -+ -+#endif /* sha256.h */ --- -1.7.7.3 - diff --git a/main/libc0.9.32/uclibc-epoll_pwait-hack.patch b/main/libc0.9.32/uclibc-epoll_pwait-hack.patch deleted file mode 100644 index 7e28056848..0000000000 --- a/main/libc0.9.32/uclibc-epoll_pwait-hack.patch +++ /dev/null @@ -1,20 +0,0 @@ -diff --git a/libc/sysdeps/linux/common/epoll.c b/libc/sysdeps/linux/common/epoll.c -index 85b0cfd..8fff9e6 100644 ---- a/libc/sysdeps/linux/common/epoll.c -+++ b/libc/sysdeps/linux/common/epoll.c -@@ -67,12 +67,13 @@ extern __typeof(epoll_pwait) __libc_epoll_pwait; - int __libc_epoll_pwait(int epfd, struct epoll_event *events, int maxevents, - int timeout, const sigset_t *set) - { -+ int n = _NSIG / 8; - if (SINGLE_THREAD_P) -- return INLINE_SYSCALL(epoll_pwait, 6, epfd, events, maxevents, timeout, set, _NSIG / 8); -+ return INLINE_SYSCALL(epoll_pwait, 6, epfd, events, maxevents, timeout, set, n); - # ifdef __UCLIBC_HAS_THREADS_NATIVE__ - else { - int oldtype = LIBC_CANCEL_ASYNC (); -- int result = INLINE_SYSCALL(epoll_pwait, 6, epfd, events, maxevents, timeout, set, _NSIG / 8); -+ int result = INLINE_SYSCALL(epoll_pwait, 6, epfd, events, maxevents, timeout, set, n); - LIBC_CANCEL_RESET (oldtype); - return result; - } diff --git a/main/libc0.9.32/uclibc-resolv-cname-fix.diff b/main/libc0.9.32/uclibc-resolv-cname-fix.diff deleted file mode 100644 index cf5e777f7e..0000000000 --- a/main/libc0.9.32/uclibc-resolv-cname-fix.diff +++ /dev/null @@ -1,19 +0,0 @@ -diff --git a/libc/inet/resolv.c b/libc/inet/resolv.c -index 1e394d4..03d68fe 100644 ---- a/libc/inet/resolv.c -+++ b/libc/inet/resolv.c -@@ -3099,11 +3099,9 @@ int res_query(const char *dname, int class, int type, - - free(a.dotted); - -- if (a.atype == type) { /* CNAME */ -- if (i > anslen) -- i = anslen; -- memcpy(answer, packet, i); -- } -+ i = MIN(anslen, i); -+ memcpy(answer, packet, i); -+ - free(packet); - return i; - } diff --git a/main/libc0.9.32/uclibc-ubacktrace-asneeded-fix.patch b/main/libc0.9.32/uclibc-ubacktrace-asneeded-fix.patch deleted file mode 100644 index 8fc06508eb..0000000000 --- a/main/libc0.9.32/uclibc-ubacktrace-asneeded-fix.patch +++ /dev/null @@ -1,22 +0,0 @@ ---- uClibc-0.9.32-rc3.orig/Makefile.in -+++ uClibc-0.9.32-rc3/Makefile.in -@@ -336,7 +336,7 @@ - endif - ifeq ($(UCLIBC_HAS_BACKTRACE),y) - # Add the AS_NEEDED entry for libubacktrace.so -- if [ -f $(top_builddir)lib/libc.so -a -f $(PREFIX)$(RUNTIME_PREFIX)$(MULTILIB_DIR)/$(SHARED_LIBNAME) ] ; then \ -+ if [ -f $(top_builddir)lib/libc.so -a -f $(PREFIX)$(DEVEL_PREFIX)$(MULTILIB_DIR)/libc.so ] ; then \ - echo "GROUP ( $(UBACKTRACE_ASNEEDED) )" >> $(PREFIX)$(DEVEL_PREFIX)$(MULTILIB_DIR)/libc.so; \ - fi - endif ---- uClibc-0.9.32-rc3.orig/Rules.mak -+++ uClibc-0.9.32-rc3/Rules.mak -@@ -118,7 +118,7 @@ - - LIBC := libc - SHARED_LIBNAME := $(LIBC).so.$(ABI_VERSION) --UBACKTRACE_DSO := libubacktrace.so.$(MAJOR_VERSION) -+UBACKTRACE_DSO := libubacktrace.so.$(ABI_VERSION) - ifneq ($(findstring $(TARGET_ARCH) , hppa64 ia64 mips64 powerpc64 s390x sparc64 x86_64 ),) - UCLIBC_LDSO_NAME := ld64-uClibc - ARCH_NATIVE_BIT := 64 |