Hello community,

here is the log from the commit of package libxcrypt for openSUSE:11.4
checked in at Fri Jul 29 18:11:32 CEST 2011.

Patchinfo file has no description
Patchinfo file has no description
Patchinfo file has no description


--------
--- old-versions/11.4/all/libxcrypt/libxcrypt.changes   2010-06-28 
08:50:28.000000000 +0200
+++ 11.4/libxcrypt/libxcrypt.changes    2011-07-20 12:00:55.000000000 +0200
@@ -1,0 +2,7 @@
+Tue Jul 19 15:45:39 UTC 2011 - lnus...@suse.de
+
+- update crypt_blowfish to version 1.2 (bnc#700876, CVE-2011-2483)
+  * due to the signedness bug fix 2a hashes are incompatible with
+    previous versions if the password contains 8bit chracters!
+
+-------------------------------------------------------------------

Package does not exist at destination yet. Using Fallback 
old-versions/11.4/all/libxcrypt
Destination is old-versions/11.4/UPDATES/all/libxcrypt
calling whatdependson for 11.4-i586


New:
----
  crypt_blowfish-1.2.tar.gz
  crypt_blowfish-1.2.tar.gz.sign
  libxcrypt-3.0.4-blowfish-Makefile.in.diff
  libxcrypt-3.0.4-blowfish-noasm.diff
  libxcrypt-3.0.4-blowfish-xcrypt.diff

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ libxcrypt.spec ++++++
--- /var/tmp/diff_new_pack.0Fvkub/_old  2011-07-29 18:11:19.000000000 +0200
+++ /var/tmp/diff_new_pack.0Fvkub/_new  2011-07-29 18:11:19.000000000 +0200
@@ -1,7 +1,7 @@
 #
-# spec file for package libxcrypt (Version 3.0.3)
+# spec file for package libxcrypt
 #
-# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,6 +17,7 @@
 
 # norootforbuild
 
+%define crypt_bf_version 1.2
 
 Name:           libxcrypt
 License:        LGPLv2.1+ ; Public Domain, Freeware
@@ -27,11 +28,19 @@
 Obsoletes:      libxcrypt-64bit
 %endif
 Version:        3.0.3
-Release:        3
+Release:        9.<RELEASE10>
 Summary:        Crypt Library for DES, MD5, Blowfish and others
+Url:            http://www.openwall.com/crypt/
 Source:         libxcrypt-%{version}.tar.bz2
-Source2:        baselibs.conf
+Source1:        %{url}crypt_blowfish-%{crypt_bf_version}.tar.gz
+Source2:        %{url}crypt_blowfish-%{crypt_bf_version}.tar.gz.sign
+Source3:        baselibs.conf
+Patch1:         libxcrypt-3.0.4-blowfish-noasm.diff
+Patch2:         libxcrypt-3.0.4-blowfish-xcrypt.diff
+# just patching Makefile.in to avoid autoreconf
+Patch3:         libxcrypt-3.0.4-blowfish-Makefile.in.diff
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
+Provides:       libxcrypt-crypt_blowfish = 1.2
 
 %description
 Libxcrypt is a replacement for libcrypt, which comes with the GNU C
@@ -62,7 +71,12 @@
 
 
 %prep
-%setup -q
+%setup -q -a1
+%patch1 -p0
+%patch2 -p0
+%patch3 -p0
+cp crypt_blowfish-*/*.{c,h} plugins/blowfish
+mv plugins/blowfish/wrapper.c plugins/blowfish/blowfish-test.c
 
 %build
 ./configure CFLAGS="$RPM_OPT_FLAGS -Wno-cast-align" \
@@ -83,6 +97,9 @@
 rm $RPM_BUILD_ROOT/%{_lib}/xcrypt/lib*.{so,la}
 ln -sf ../../%{_lib}/libxcrypt.so.2 $RPM_BUILD_ROOT%{_libdir}/libxcrypt.so
 /sbin/ldconfig -n $RPM_BUILD_ROOT/%{_lib}/
+#
+ln -s libxcrypt_2a.so.1 $RPM_BUILD_ROOT/%{_lib}/xcrypt/libxcrypt_2y.so.1
+ln -s libxcrypt_2a.so.1 $RPM_BUILD_ROOT/%{_lib}/xcrypt/libxcrypt_2x.so.1
 
 %clean
 rm -rf $RPM_BUILD_ROOT

++++++ libxcrypt-3.0.4-blowfish-Makefile.in.diff ++++++
Index: plugins/blowfish/Makefile.in
===================================================================
--- plugins/blowfish/Makefile.in.orig
+++ plugins/blowfish/Makefile.in
@@ -234,8 +234,8 @@ libxcrypt_2a_la_LDFLAGS = -version-info
 
 plugin_LTLIBRARIES = libxcrypt_2a.la
 libxcrypt_2a_la_SOURCES = crypt_blowfish.c
-blowfish_test_CFLAGS = $(AM_CFLAGS) -DTEST_THREADS=10
-blowfish_test_LDADD = libxcrypt_2a.la -lpthread
+blowfish_test_CFLAGS = $(AM_CFLAGS) -DTEST -DTEST_THREADS=4 -DXCRYPT
+blowfish_test_LDADD = libxcrypt_2a.la -ldl -lpthread
 all: all-am
 
 .SUFFIXES:
++++++ libxcrypt-3.0.4-blowfish-noasm.diff ++++++
Index: crypt_blowfish-1.2/crypt_blowfish.c
===================================================================
--- crypt_blowfish-1.2/crypt_blowfish.c.orig
+++ crypt_blowfish-1.2/crypt_blowfish.c
@@ -54,7 +54,7 @@
 #include "crypt_blowfish.h"
 
 #ifdef __i386__
-#define BF_ASM                         1
+#define BF_ASM                         0
 #define BF_SCALE                       1
 #elif defined(__x86_64__) || defined(__alpha__) || defined(__hppa__)
 #define BF_ASM                         0
++++++ libxcrypt-3.0.4-blowfish-xcrypt.diff ++++++
Index: crypt_blowfish-1.2/crypt_blowfish.c
===================================================================
--- crypt_blowfish-1.2/crypt_blowfish.c.orig
+++ crypt_blowfish-1.2/crypt_blowfish.c
@@ -44,6 +44,7 @@
  */
 
 #include <string.h>
+#include <stdio.h>
 
 #include <errno.h>
 #ifndef __set_errno
@@ -64,6 +65,10 @@
 #define BF_SCALE                       0
 #endif
 
+#include "xcrypt-plugin.h"
+#define _crypt_blowfish_rn __crypt_r
+#include <dlfcn.h>
+
 typedef unsigned int BF_word;
 typedef signed int BF_word_signed;
 
@@ -900,3 +905,23 @@ char *_crypt_gensalt_blowfish_rn(const c
 
        return output;
 }
+
+/* dirty hack */
+static const char* _find_prefix(const char* prefix)
+{
+       Dl_info info;
+       if (dladdr(_find_prefix, &info) && strlen(info.dli_fname) > 8)
+       {
+           const char* sfx = info.dli_fname+strlen(info.dli_fname)-8;
+           if (!strncmp(sfx, "_2y.", 4))
+               prefix = "$2y$";
+           else if (!strncmp(sfx, "_2x.", 4))
+               prefix = "$2x$";
+       }
+       return prefix;
+}
+
+char *__crypt_gensalt_r (unsigned long count, __const char *input, int size, 
char *output, int output_size)
+{
+       return _crypt_gensalt_blowfish_rn(_find_prefix("$2a$"), count, input, 
size, output, output_size);
+}
Index: crypt_blowfish-1.2/wrapper.c
===================================================================
--- crypt_blowfish-1.2/wrapper.c.orig
+++ crypt_blowfish-1.2/wrapper.c
@@ -37,13 +37,19 @@
 #define CRYPT_OUTPUT_SIZE              (7 + 22 + 31 + 1)
 #define CRYPT_GENSALT_OUTPUT_SIZE      (7 + 22 + 1)
 
-#if defined(__GLIBC__) && defined(_LIBC)
 #define __SKIP_GNU
-#endif
+#include "xcrypt.h"
+#include "xcrypt-plugin.h"
 #include "ow-crypt.h"
 
 #include "crypt_blowfish.h"
+#ifndef XCRYPT
 #include "crypt_gensalt.h"
+#else
+#define _crypt_blowfish_rn __crypt_r
+#undef crypt_r
+char *crypt_r(const char *key, const char *setting, void *data);
+#endif
 
 #if defined(__GLIBC__) && defined(_LIBC)
 /* crypt.h from glibc-crypt-2.1 will define struct crypt_data for us */
@@ -197,6 +203,7 @@ char *crypt(const char *key, const char
 #define __crypt_gensalt crypt_gensalt
 #endif
 
+#ifndef XCRYPT
 char *__crypt_gensalt_rn(const char *prefix, unsigned long count,
        const char *input, int size, char *output, int output_size)
 {
@@ -231,6 +238,13 @@ char *__crypt_gensalt_rn(const char *pre
 
        return use(prefix, count, input, size, output, output_size);
 }
+#else
+char *__crypt_gensalt_rn(const char *prefix __attribute__((unused)), unsigned 
long count,
+       const char *input, int size, char *output, int output_size)
+{
+       return __crypt_gensalt_r(count, input, size, output, output_size);
+}
+#endif
 
 char *__crypt_gensalt_ra(const char *prefix, unsigned long count,
        const char *input, int size)
@@ -542,4 +556,21 @@ int main(void)
 
        return 0;
 }
+#endif
+
+#ifdef XCRYPT
+int _crypt_output_magic(const char *setting, char *output, int size)
+{
+       if (size < 3)
+               return -1;
+
+       output[0] = '*';
+       output[1] = '0';
+       output[2] = '\0';
+
+       if (setting[0] == '*' && setting[1] == '0')
+               output[1] = '1';
+
+       return 0;
+}
 #endif
Index: plugins/blowfish/Makefile.am
===================================================================
--- plugins/blowfish/Makefile.am.orig
+++ plugins/blowfish/Makefile.am
@@ -25,5 +25,5 @@ libxcrypt_2a_la_SOURCES = crypt_blowfish
 
 noinst_PROGRAMS = blowfish-test
 
-blowfish_test_CFLAGS = $(AM_CFLAGS) -DTEST_THREADS=10
-blowfish_test_LDADD = libxcrypt_2a.la -lpthread
+blowfish_test_CFLAGS = $(AM_CFLAGS) -DTEST -DTEST_THREADS=4 -DXCRYPT
+blowfish_test_LDADD = libxcrypt_2a.la -ldl -lpthread

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Remember to have fun...

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

Reply via email to