rpms/libxcrypt
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Add a README-POSIX file with information about the stub functions

Browse Source
This commit is contained in:
Björn Esser 2019-01-30 11:50:40 +01:00
parent acd21d69e8
commit 2e320182af
No known key found for this signature in database
GPG Key ID: F52E98007594C21D
1 changed files with 38 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
libxcrypt.spec
View File

@ -127,7 +127,7 @@ fi \
Name: libxcrypt Name: libxcrypt
Version: 4.4.3 Version: 4.4.3
Release: 3%{?dist} Release: 4%{?dist}
Summary: Extended crypt library for descrypt, md5crypt, bcrypt, and others Summary: Extended crypt library for descrypt, md5crypt, bcrypt, and others
# For explicit license breakdown, see the # For explicit license breakdown, see the
@ -272,6 +272,24 @@ by the %{name}-compat package.
%endif %endif
EOF EOF
%endif %endif
%if %{with enosys_stubs}
%{__cat} << EOF >> README-POSIX
This version of the libcrypt.so.1 library has entirely removed
the functionality of the encrypt, encrypt_r, setkey, setkey_r,
and fcrypt functions, while keeping fully binary compatibility
with existing (third-party) applications possibly still using
those funtions. If such an application attemps to call one of
these functions, the corresponding function will indicate that
it is not supported by the system in a POSIX-compliant way.
For security reasons, the encrypt and encrypt_r functions will
also overwrite their data-block argument with random bits.
All existing binary executables linked against glibc's libcrypt
should work unmodified with the provided version of the
libcrypt.so.1 library in place.
EOF
%endif
%{__mkdir_p} %{_vpath_builddir}{,-compat} %{__mkdir_p} %{_vpath_builddir}{,-compat}
@ -331,6 +349,12 @@ if [ -f README%{distname} ]; then
README%{distname} README%{distname}
fi fi
# Install README-POSIX file, if existing, to shared %%_pkgdocdir.
if [ -f README-POSIX ]; then
%{__install} -Dpm 0644 -t %{buildroot}%{_pkgdocdir} \
README-POSIX
fi
%check %check
%if %{with compat_pkg} %if %{with compat_pkg}
@ -371,7 +395,13 @@ done
%files %files
%doc %dir %{_pkgdocdir} %doc %dir %{_pkgdocdir}
%doc %{_pkgdocdir}/NEWS %doc %{_pkgdocdir}/NEWS
%doc %{_pkgdocdir}/README* %doc %{_pkgdocdir}/README
%if %{with new_api}
%doc %{_pkgdocdir}/README%{distname}
%endif
%if %{with enosys_stubs} && %{without compat_pkg}
%doc %{_pkgdocdir}/README-POSIX
%endif
%doc %{_pkgdocdir}/THANKS %doc %{_pkgdocdir}/THANKS
%license AUTHORS COPYING.LIB LICENSING %license AUTHORS COPYING.LIB LICENSING
/%{_lib}/.libcrypt.so.{%{soc},%{sov}}.hmac /%{_lib}/.libcrypt.so.{%{soc},%{sov}}.hmac
@ -381,6 +411,9 @@ done
%if %{with compat_pkg} %if %{with compat_pkg}
%files compat %files compat
%if %{with enosys_stubs}
%doc %{_pkgdocdir}/README-POSIX
%endif
/%{_lib}/.libcrypt.so.{%{csoc},%{csov}}.hmac /%{_lib}/.libcrypt.so.{%{csoc},%{csov}}.hmac
/%{_lib}/libcrypt.so.{%{csoc},%{csov}} /%{_lib}/libcrypt.so.{%{csoc},%{csov}}
%endif %endif
@ -404,6 +437,9 @@ done
%changelog %changelog
* Wed Jan 30 2019 Björn Esser <besser82@fedoraproject.org> - 4.4.3-4
- Add a README-POSIX file with information about the stub functions
* Wed Jan 30 2019 Björn Esser <besser82@fedoraproject.org> - 4.4.3-3 * Wed Jan 30 2019 Björn Esser <besser82@fedoraproject.org> - 4.4.3-3
- Replace unsafe functions in libxcrypt-compat with stubs (#1670735) - Replace unsafe functions in libxcrypt-compat with stubs (#1670735)