Make testsuite fail on error again

Update patch0 with more upstream fixes
2018-07-13 12:37:38 +02:00 · 2018-07-13 12:37:38 +02:00 · f81f022b3e
commit f81f022b3e
parent 33a506a957
2 changed files with 266 additions and 40 deletions
--- a/libxcrypt-4.0.1_to_develop.patch
+++ b/libxcrypt-4.0.1_to_develop.patch
@ -1,7 +1,7 @@
 From 0bf9b35bb04b9f35a43e2ff6493d6a5ecc3c9db1 Mon Sep 17 00:00:00 2001
 From: Thorsten Kukuk <kukuk@thkukuk.de>
 Date: Tue, 22 May 2018 11:42:07 +0200
-Subject: [PATCH 01/38] Fix spelling of SUSE
+Subject: [PATCH 01/41] Fix spelling of SUSE
 ---
 Makefile.am     | 4 ++--
@ -61,7 +61,7 @@ index 2de7d1b..18aac79 100644
 From 089d679b81a3c4e821f5f9cfaacb33e67370eeed Mon Sep 17 00:00:00 2001
 From: "Dmitry V. Levin" <ldv@altlinux.org>
 Date: Fri, 22 Jun 2018 00:07:54 +0000
-Subject: [PATCH 02/38] Lower the minimum required automake version
+Subject: [PATCH 02/41] Lower the minimum required automake version
 The minimum required automake version was raised from 1.7 to 1.15 by
 commit a6c11d6cd89ac391dfb81bc2b7eb2b9fb31d7da6.  This new requirement
@ -88,7 +88,7 @@ index 90fe733..491dfae 100644
 From fab17cc338b3e18cb74ebed8da3a876e485e3c95 Mon Sep 17 00:00:00 2001
 From: "Dmitry V. Levin" <ldv@altlinux.org>
 Date: Fri, 22 Jun 2018 00:07:54 +0000
-Subject: [PATCH 03/38] gen-vers.awk: fix typo in comment
+Subject: [PATCH 03/41] gen-vers.awk: fix typo in comment
 ---
 gen-vers.awk | 2 +-
@ -111,7 +111,7 @@ index 602195a..4870d05 100644
 From b1d83b002039a561233ce55986d9205e76138a14 Mon Sep 17 00:00:00 2001
 From: "Dmitry V. Levin" <ldv@altlinux.org>
 Date: Wed, 27 Jun 2018 14:58:49 +0000
-Subject: [PATCH 04/38] Fix build with USE_SWAPCONTEXT turned off
+Subject: [PATCH 04/41] Fix build with USE_SWAPCONTEXT turned off
 Due to regression introduced by commit v4.0.0~100, the project no longer
 builds when USE_SWAPCONTEXT is not available or explicitly turned off.
@ -138,7 +138,7 @@ index d7f0ffc..2aa9491 100644
 From 942d51bbe41f6f84138916c2b180b5b669d65b27 Mon Sep 17 00:00:00 2001
 From: "Dmitry V. Levin" <ldv@altlinux.org>
 Date: Fri, 29 Jun 2018 11:07:48 +0000
-Subject: [PATCH 05/38] Include crypt-port.h in two remaining source files
+Subject: [PATCH 05/41] Include crypt-port.h in two remaining source files
 crypt-port.h must be the first header file included by each source file,
 this guarantees that config.h is included before any system header.
@ -175,7 +175,7 @@ index 27313f0..5e4f118 100644
 From e9b661ffd4d58788f61c46ad1e8e29380b43f464 Mon Sep 17 00:00:00 2001
 From: "Dmitry V. Levin" <ldv@altlinux.org>
 Date: Fri, 29 Jun 2018 11:07:48 +0000
-Subject: [PATCH 06/38] Use ARRAY_SIZE instead of open-coding it in every use
+Subject: [PATCH 06/41] Use ARRAY_SIZE instead of open-coding it in every use
 case
 Introduce ARRAY_SIZE macro, use it in all cases like
@ -441,7 +441,7 @@ index dfe194c..4b3a0e1 100644
 From 10483284a8fbefde59e71700089a28e3f18cbe5b Mon Sep 17 00:00:00 2001
 From: "Dmitry V. Levin" <ldv@altlinux.org>
 Date: Fri, 22 Jun 2018 00:07:54 +0000
-Subject: [PATCH 07/38] Extend --enable-weak-hashes configure option
+Subject: [PATCH 07/41] Extend --enable-weak-hashes configure option
 Extend --enable-weak-hashes configure option to accept optional "glibc"
 parameter.  When specified, it enables only those of weak hashes that
@ -767,7 +767,7 @@ index 4b3a0e1..39a5435 100644
 From 84134e4d8e773fa6e27df1de2088f001e8042ef2 Mon Sep 17 00:00:00 2001
 From: "Dmitry V. Levin" <ldv@altlinux.org>
 Date: Tue, 26 Jun 2018 22:45:01 +0000
-Subject: [PATCH 08/38] crypt_gensalt_rn: fix the number of automatically
+Subject: [PATCH 08/41] crypt_gensalt_rn: fix the number of automatically
 obtained random bytes
 Commit v4.0.0~94 extended crypt_gensalt_ra to obtained random bytes
@ -967,7 +967,7 @@ index 39a5435..f4d0629 100644
 From 2973606ece4ebc17ffea4882b090eec68555f0b0 Mon Sep 17 00:00:00 2001
 From: "Dmitry V. Levin" <ldv@altlinux.org>
 Date: Wed, 27 Jun 2018 17:59:36 +0000
-Subject: [PATCH 09/38] crypt_gensalt_rn: fix the leak of obtained random bytes
+Subject: [PATCH 09/41] crypt_gensalt_rn: fix the leak of obtained random bytes
 Erase the memory containing automatically obtained random bytes
 to avoid leak of sensitive data after return from the function.
@ -1011,7 +1011,7 @@ index 26f3537..12d50fd 100644
 From 19ac122ea84b370e421a8cb5a174a64577f6fa4e Mon Sep 17 00:00:00 2001
 From: "Dmitry V. Levin" <ldv@altlinux.org>
 Date: Fri, 29 Jun 2018 02:59:42 +0000
-Subject: [PATCH 10/38] test-gensalt: extend checks of expected output
+Subject: [PATCH 10/41] test-gensalt: extend checks of expected output
 In addition to checks for expected output length,
 check expected output strings for deterministic methods.
@ -1150,7 +1150,7 @@ index f4d0629..2705671 100644
 From 75dd1518c70d11093117e5c575cc2d7c121415f9 Mon Sep 17 00:00:00 2001
 From: "Dmitry V. Levin" <ldv@altlinux.org>
 Date: Sat, 30 Jun 2018 12:26:41 +0000
-Subject: [PATCH 11/38] crypt_sha1_rn: fix memory leak
+Subject: [PATCH 11/41] crypt_sha1_rn: fix memory leak
 Reported-by: Vitaly Chikunov <vt@altlinux.org>
 ---
@ -1174,7 +1174,7 @@ index ac4f04a..e8427d5 100644
 From 86f386578f997a1039df42e26ff3f766ed09454b Mon Sep 17 00:00:00 2001
 From: "Dmitry V. Levin" <ldv@altlinux.org>
 Date: Sat, 30 Jun 2018 12:26:41 +0000
-Subject: [PATCH 12/38] gensalt_sha1_rn: fix read of random bytes out of bounds
+Subject: [PATCH 12/41] gensalt_sha1_rn: fix read of random bytes out of bounds
 Reported-by: Vitaly Chikunov <vt@altlinux.org>
 ---
@ -1199,7 +1199,7 @@ index e8427d5..b55d233 100644
 From fd45d0e95045b49a80a87bfa184fc9be90336779 Mon Sep 17 00:00:00 2001
 From: "Dmitry V. Levin" <ldv@altlinux.org>
 Date: Fri, 29 Jun 2018 13:22:51 +0000
-Subject: [PATCH 13/38] .travis.yml: reduce flakyness
+Subject: [PATCH 13/41] .travis.yml: reduce flakyness
 Reduce false positives by wrapping network-related operations
 into a loop.
@ -1243,7 +1243,7 @@ index c812e22..7e892b2 100644
 From 1a51a81abc609c1a48edb2f4c0887e892e9e968f Mon Sep 17 00:00:00 2001
 From: Zack Weinberg <zackw@panix.com>
 Date: Wed, 4 Jul 2018 15:07:31 -0400
-Subject: [PATCH 14/38] Check in alg-des-tables.c, don't run gen-des-tables at
+Subject: [PATCH 14/41] Check in alg-des-tables.c, don't run gen-des-tables at
 build time.
 This eliminates a whole bunch of dodgy logic from
@ -5403,7 +5403,7 @@ index ac6043a..0000000
 From ed4be6afa7b34fe0d827cc3f7f9608de0d9325cd Mon Sep 17 00:00:00 2001
 From: Zack Weinberg <zackw@panix.com>
 Date: Wed, 4 Jul 2018 21:42:36 -0400
-Subject: [PATCH 15/38] Make it possible to disable individual hashes at
+Subject: [PATCH 15/41] Make it possible to disable individual hashes at
 configure time.
 The table of supported hash algorithms now lives in hashes.lst.
@ -7364,7 +7364,7 @@ index 2705671..b81fcf0 100644
 From 15b30b6d7da6d5470de65f9a2a4d676f82423ceb Mon Sep 17 00:00:00 2001
 From: Zack Weinberg <zackw@panix.com>
 Date: Wed, 4 Jul 2018 22:31:02 -0400
-Subject: [PATCH 16/38] .travis.yml: Use --enable-hashes instead of
+Subject: [PATCH 16/41] .travis.yml: Use --enable-hashes instead of
 --enable-weak-hashes.
 ---
@ -7473,7 +7473,7 @@ index 7e892b2..ffca408 100644
 From a33d95ea613256c46f0b05fa2345080d47193c9e Mon Sep 17 00:00:00 2001
 From: "Dmitry V. Levin" <ldv@altlinux.org>
 Date: Wed, 4 Jul 2018 15:59:40 +0000
-Subject: [PATCH 17/38] .travis.yml: add --enable-hashes=glibc to the test
+Subject: [PATCH 17/41] .travis.yml: add --enable-hashes=glibc to the test
 matrix
 ---
@ -7519,7 +7519,7 @@ index ffca408..b8a7ecf 100644
 From a7f9df50cecec46bb8176382faa685ce35ca72be Mon Sep 17 00:00:00 2001
 From: Zack Weinberg <zackw@panix.com>
 Date: Thu, 5 Jul 2018 15:20:05 -0400
-Subject: [PATCH 18/38] Make salt validation pickier.
+Subject: [PATCH 18/41] Make salt validation pickier.
 This started out as a patch to fold together test-crypt-badsalt.c and
 test-crypt-nonnull.c (which were almost the same program) and extend
@ -8904,7 +8904,7 @@ index b81fcf0..5b9d64c 100644
 From 58ac83090e107aa628a5be252931a2b8b0f286cf Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= <besser82@fedoraproject.org>
 Date: Sun, 8 Jul 2018 23:59:53 +0200
-Subject: [PATCH 19/38] Fix Werror=stringop-truncation
+Subject: [PATCH 19/41] Fix Werror=stringop-truncation
 ---
 test-gensalt.c | 5 ++---
@ -8930,7 +8930,7 @@ index 5b9d64c..c08627e 100644
 From 98043c5be0ed8a09dfd49ad04b179c017ac78677 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= <besser82@fedoraproject.org>
 Date: Mon, 9 Jul 2018 00:49:19 +0200
-Subject: [PATCH 20/38] Fix DNF config for DNF v3.x
+Subject: [PATCH 20/41] Fix DNF config for DNF v3.x
 ---
 .travis.dnf.conf.rawhide_latest | 4 ++--
@ -8952,7 +8952,7 @@ index ee4370a..52b55b0 100644
 From c14b7ae156e4dfb21c4c2506eb6d44e98eaa6f29 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= <besser82@fedoraproject.org>
 Date: Mon, 9 Jul 2018 11:42:05 +0200
-Subject: [PATCH 21/38] Extend badsalt tests and fix invalid pass
+Subject: [PATCH 21/41] Extend badsalt tests and fix invalid pass
 ---
 test-badsalt.c | 53 +++++++++++++++++++++++++++++++++++++----------------
@ -9065,7 +9065,7 @@ index 41d164a..6d57b14 100644
 From 820e5b242e648347e9c9e4110e75842b3d6531e5 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= <besser82@fedoraproject.org>
 Date: Mon, 9 Jul 2018 15:25:54 +0200
-Subject: [PATCH 22/38] Add test for short output buffers
+Subject: [PATCH 22/41] Add test for short output buffers
 ---
 Makefile.am         |  3 ++-
@ -9176,7 +9176,7 @@ index 0000000..7ab9d11
 From 9197a77826124683e39ef123f5e57058e358e225 Mon Sep 17 00:00:00 2001
 From: Zack Weinberg <zackw@panix.com>
 Date: Tue, 10 Jul 2018 12:06:10 -0400
-Subject: [PATCH 23/38] Replace crypt-sunmd5.c with BSD-licensed cleanroom
+Subject: [PATCH 23/41] Replace crypt-sunmd5.c with BSD-licensed cleanroom
 reimplementation.
 This eliminates all CDDL-licensed code from the library, as requested
@ -9852,7 +9852,7 @@ index c08627e..f8d95c3 100644
 From 4067bee9f5b24d5323af232ef25f3b6dc4950f5a Mon Sep 17 00:00:00 2001
 From: Zack Weinberg <zackw@panix.com>
 Date: Tue, 10 Jul 2018 20:32:11 -0400
-Subject: [PATCH 24/38] Make crypt_gensalt for $sha1 deterministic.
+Subject: [PATCH 24/41] Make crypt_gensalt for $sha1 deterministic.
 All of the randomness is now drawn from the 'rbytes' argument, rather
 than taking some of it from direct calls to get_random_bytes.  This
@ -10063,7 +10063,7 @@ index f8d95c3..98923e5 100644
 From 9bed27f2bd0495361e892a0740bcdf237f560b98 Mon Sep 17 00:00:00 2001
 From: Zack Weinberg <zackw@panix.com>
 Date: Tue, 10 Jul 2018 21:36:11 -0400
-Subject: [PATCH 25/38] Don't use malloc in crypt-pbkdf1-sha1.c.
+Subject: [PATCH 25/41] Don't use malloc in crypt-pbkdf1-sha1.c.
 There's no need to copy the salt when we can just use %.*s in two
 places.
@ -10155,7 +10155,7 @@ index eeb57d5..75ca300 100644
 From c20f9f161c0aa362e0ed8bc8ee387badd8acbc38 Mon Sep 17 00:00:00 2001
 From: Zack Weinberg <zackw@panix.com>
 Date: Tue, 10 Jul 2018 21:44:02 -0400
-Subject: [PATCH 26/38] Fix incorrect output-size computation in crypt_sha1_rn.
+Subject: [PATCH 26/41] Fix incorrect output-size computation in crypt_sha1_rn.
 It was testing for enough space for the raw SHA1 digest, not the
 digest after base64 expansion.
@ -10195,7 +10195,7 @@ index cbf390e..c96b72d 100644
 From 8639108dea0b847282e1de2bae6c7aef8f778b99 Mon Sep 17 00:00:00 2001
 From: Zack Weinberg <zackw@panix.com>
 Date: Tue, 10 Jul 2018 21:49:14 -0400
-Subject: [PATCH 27/38] Make XCRYPT_SECURE_MEMSET() syntactically a normal
+Subject: [PATCH 27/41] Make XCRYPT_SECURE_MEMSET() syntactically a normal
 expression.
 All of the alternative definitions of XCRYPT_SECURE_MEMSET expanded to
@ -10456,7 +10456,7 @@ index 5647250..5053525 100644
 From 15d1e3bf3d259ea262f3d34e8c225a3abfabaa09 Mon Sep 17 00:00:00 2001
 From: Zack Weinberg <zackw@panix.com>
 Date: Wed, 11 Jul 2018 17:15:46 -0400
-Subject: [PATCH 28/38] Add more tests based on gaps in line coverage.
+Subject: [PATCH 28/41] Add more tests based on gaps in line coverage.
 We were not adequately testing invalid-argument error paths within
 crypt_gensalt, and we were also not adequately testing a variety of
@ -11237,7 +11237,7 @@ index 98923e5..6713387 100644
 From 4f71018701bf54fb9891cc94d8d268f46ed82e62 Mon Sep 17 00:00:00 2001
 From: Zack Weinberg <zackw@panix.com>
 Date: Wed, 11 Jul 2018 21:53:54 -0400
-Subject: [PATCH 29/38] Fix test-badsetting when not all hashes are enabled.
+Subject: [PATCH 29/41] Fix test-badsetting when not all hashes are enabled.
 It turns out I was wrong to think that we could safely leave the
 subtests for excluded hashes enabled, because you get a slightly
@ -11374,7 +11374,7 @@ index ae2337b..d6abe71 100644
 From b9064279d0d73e7d1f0ce3de3d52c31ed7a8ca2e Mon Sep 17 00:00:00 2001
 From: Zack Weinberg <zackw@panix.com>
 Date: Thu, 12 Jul 2018 12:21:44 -0400
-Subject: [PATCH 30/38] crypt.5: Add docs for SHA1, MD5/Sun, NTHASH.
+Subject: [PATCH 30/41] crypt.5: Add docs for SHA1, MD5/Sun, NTHASH.
 Also tighten up the wording in a couple other places and fix a bug
 that was making the .hash macro not do what it was supposed to for
@ -11568,7 +11568,7 @@ index f79dd3d..5db9c92 100644
 From 77461c03422ce1f5829b0180e68c4bdbf914956c Mon Sep 17 00:00:00 2001
 From: Zack Weinberg <zackw@panix.com>
 Date: Thu, 12 Jul 2018 12:23:59 -0400
-Subject: [PATCH 31/38] Add two more test programs to .gitignore.
+Subject: [PATCH 31/41] Add two more test programs to .gitignore.
 ---
 .gitignore | 2 ++
@ -11598,7 +11598,7 @@ index bb7f15c..16488f3 100644
 From 9f728b79718a8e8b371f48b75592beed638f9c2b Mon Sep 17 00:00:00 2001
 From: Zack Weinberg <zackw@panix.com>
 Date: Thu, 12 Jul 2018 12:24:46 -0400
-Subject: [PATCH 32/38] test-badsetting.c: correct "Written by" year.
+Subject: [PATCH 32/41] test-badsetting.c: correct "Written by" year.
 ---
 test-badsetting.c | 2 +-
@ -11620,7 +11620,7 @@ index d6abe71..665e830 100644
 From b3ee64bf08082367ea2116ea1fb2007e1a2896cd Mon Sep 17 00:00:00 2001
 From: Zack Weinberg <zackw@panix.com>
 Date: Thu, 12 Jul 2018 12:25:12 -0400
-Subject: [PATCH 33/38] Add tests for get_random_bytes.
+Subject: [PATCH 33/41] Add tests for get_random_bytes.
 It turns out not to be *that* hard to exercise the fallback logic in
 get_random_bytes, thanks to GNU ld's --wrap feature.  There is also
@ -12269,7 +12269,7 @@ index 0000000..16df6d0
 From 59680ceac13f85a1506fca87255ea47304a8e493 Mon Sep 17 00:00:00 2001
 From: "Dmitry V. Levin" <ldv@altlinux.org>
 Date: Tue, 26 Jun 2018 22:45:01 +0000
-Subject: [PATCH 34/38] crypt.h: introduce CRYPT_GENSALT_IMPLEMENTS_* feature
+Subject: [PATCH 34/41] crypt.h: introduce CRYPT_GENSALT_IMPLEMENTS_* feature
 test macros
 Define CRYPT_GENSALT_IMPLEMENTS_DEFAULT_PREFIX and
@ -12343,7 +12343,7 @@ index 8759011..ebfff28 100644
 From d077e0bf39c7b4e3443c35ac8abd6eae4489aecd Mon Sep 17 00:00:00 2001
 From: "Dmitry V. Levin" <ldv@altlinux.org>
 Date: Mon, 9 Jul 2018 17:35:38 +0000
-Subject: [PATCH 35/38] Install libcrypt.pc symlink along with libxcrypt.pc
+Subject: [PATCH 35/41] Install libcrypt.pc symlink along with libxcrypt.pc
 As the library name differs from the project name, avoid potential
 confusion libcrypt.pc vs libxcrypt.pc by installing libcrypt.pc symlink
@ -12376,7 +12376,7 @@ index f99f842..945f283 100644
 From 4f22827c619c2196898b32de44bd45ca627de545 Mon Sep 17 00:00:00 2001
 From: "Dmitry V. Levin" <ldv@altlinux.org>
 Date: Fri, 22 Jun 2018 00:07:54 +0000
-Subject: [PATCH 36/38] Extend --enable-obsolete-api configure option
+Subject: [PATCH 36/41] Extend --enable-obsolete-api configure option
 Make vendor specific parts of compatibility ABI that are enabled by
 --enable-obsolete-api option configurable.  This allows vendors to
@ -12607,7 +12607,7 @@ index 18aac79..0989990 100644
 From 022c86e681d2497ac02d88ac265d3c7c2d8b4ac5 Mon Sep 17 00:00:00 2001
 From: "Dmitry V. Levin" <ldv@altlinux.org>
 Date: Tue, 10 Jul 2018 15:38:15 +0000
-Subject: [PATCH 37/38] .travis.yml: add --enable-obsolete-api=glibc to the
+Subject: [PATCH 37/41] .travis.yml: add --enable-obsolete-api=glibc to the
 test matrix
 ---
@ -12653,7 +12653,7 @@ index 31c50fa..db45ded 100644
 From 430212bcae4b9f31ed12bc52706b313da723c5cb Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= <besser82@fedoraproject.org>
 Date: Fri, 13 Jul 2018 12:21:32 +0200
-Subject: [PATCH 38/38] test-short-outbuf.c: Fix to build on 32 bit arches
+Subject: [PATCH 38/41] test-short-outbuf.c: Fix to build on 32 bit arches
 ---
 test-short-outbuf.c | 8 ++++----
@ -12685,3 +12685,225 @@ index 7ab9d11..d928daa 100644
       free (j);
       free (*outbuf);
 From 383b8b86fc9ab960c60d99ad3c82a93404879c57 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= <besser82@fedoraproject.org>
 Date: Fri, 13 Jul 2018 13:31:07 +0200
 Subject: [PATCH 39/41] crypt-sunmd5.c: Fix possible overflow on 32 bit arches
 ---
 crypt-sunmd5.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/crypt-sunmd5.c b/crypt-sunmd5.c
 index c294797..c72aff5 100644
 --- a/crypt-sunmd5.c
 +++ b/crypt-sunmd5.c
@@ -299,7 +299,7 @@ gensalt_sunmd5_rn (unsigned long count,
      bits of entropy are smuggled into the salt via the round number).  */
   if (count < 32768)
     count = 32768;
 -  else if (count + 65536 > SUNMD5_MAX_ROUNDS)
 +  else if (count > SUNMD5_MAX_ROUNDS - 65536)
     count = SUNMD5_MAX_ROUNDS - 65536;
   count += ((unsigned int)rbytes[0]) << 8;
 From f08ac26609d5bceb867f76b78979b1c21ff04206 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= <besser82@fedoraproject.org>
 Date: Fri, 13 Jul 2018 15:50:34 +0200
 Subject: [PATCH 40/41] crypt-pbkdf1-sha1.c: gensalt should have indentical
 output on big endian arches
 ---
 crypt-pbkdf1-sha1.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)
 diff --git a/crypt-pbkdf1-sha1.c b/crypt-pbkdf1-sha1.c
 index cf22f67..38ade74 100644
 --- a/crypt-pbkdf1-sha1.c
 +++ b/crypt-pbkdf1-sha1.c
@@ -30,6 +30,7 @@
 #include "crypt-port.h"
 #include "crypt-private.h"
 #include "alg-hmac-sha1.h"
 +#include "byteorder.h"
 #include <errno.h>
 #include <stdio.h>
@@ -227,8 +228,8 @@ gensalt_sha1_rn (unsigned long count,
    * dictionary attack by not using the same iteration count for
    * every entry.
    */
 -  uint32_t rounds, random;
 -  memcpy (&random, rbytes, 4);
 +  uint32_t rounds, random = le32_to_cpu (rbytes);
 +
   if (count == 0)
     count = CRYPT_SHA1_ITERATIONS;
   if (count > UINT32_MAX)
 From 8fb52d98e2750cd5302a375727b703b925896f33 Mon Sep 17 00:00:00 2001
 From: Zack Weinberg <zackw@panix.com>
 Date: Fri, 13 Jul 2018 11:45:06 -0400
 Subject: [PATCH 41/41] Fix several test failures on x86-64 with -m32.
 - more fixes for crypt-sunmd5.c when 'unsigned long' and 'unsigned
   int' are the same
 - test-getrandom-fallbacks needs to interpose open64 as well as open
 - test-short-outbuf.c can use %zu instead of %lu to avoid casting
 - glibc for x86-64/-m32 uses the same symbol versions as glibc/i386
 also, libcrypt.minver is now in alphabetical order by host_cpu pattern
 within each block of architectures with the same minimum symbol version.
 ---
 Makefile.am                |  2 +-
 crypt-sunmd5.c             |  6 +++---
 libcrypt.minver            | 27 ++++++++++++++-------------
 test-gensalt.c             |  2 +-
 test-getrandom-fallbacks.c | 13 +++++++++++++
 test-short-outbuf.c        |  8 ++++----
 6 files changed, 36 insertions(+), 22 deletions(-)
 diff --git a/Makefile.am b/Makefile.am
 index be8b585..8605ce7 100644
 --- a/Makefile.am
 +++ b/Makefile.am
@@ -204,7 +204,7 @@ test_getrandom_fallbacks_LDADD = randombytes.lo
 if HAVE_LD_WRAP
 test_getrandom_fallbacks_LDFLAGS = \
   -Wl,--wrap,getentropy -Wl,--wrap,getrandom -Wl,--wrap,syscall \
 -  -Wl,--wrap,open -Wl,--wrap,read -Wl,--wrap,close
 +  -Wl,--wrap,open -Wl,--wrap,open64 -Wl,--wrap,read -Wl,--wrap,close
 endif
 # Every object file depends on crypt-symbol-vers.h and crypt-hashes.h,
 diff --git a/crypt-sunmd5.c b/crypt-sunmd5.c
 index c72aff5..0c67a67 100644
 --- a/crypt-sunmd5.c
 +++ b/crypt-sunmd5.c
@@ -43,7 +43,7 @@
 #define SUNMD5_SALT_LEN         8
 #define SUNMD5_MAX_SETTING_LEN  32 /* $md5,rounds=4294963199$12345678$ */
 #define SUNMD5_BARE_OUTPUT_LEN  22 /* not counting the setting or the NUL */
 -#define SUNMD5_MAX_ROUNDS       (0xFFFFFFFF - 4096)
 +#define SUNMD5_MAX_ROUNDS       (0xFFFFFFFFul - 4096)
 /* At each round of the algorithm, this string (including the trailing
    NUL) may or may not be included in the input to MD5, depending on a
@@ -302,8 +302,8 @@ gensalt_sunmd5_rn (unsigned long count,
   else if (count > SUNMD5_MAX_ROUNDS - 65536)
     count = SUNMD5_MAX_ROUNDS - 65536;
 -  count += ((unsigned int)rbytes[0]) << 8;
 -  count += ((unsigned int)rbytes[1]) << 0;
 +  count += ((unsigned long)rbytes[0]) << 8;
 +  count += ((unsigned long)rbytes[1]) << 0;
   assert (count != 0);
 diff --git a/libcrypt.minver b/libcrypt.minver
 index 256a40a..e1896bb 100644
 --- a/libcrypt.minver
 +++ b/libcrypt.minver
@@ -31,23 +31,24 @@
 riscv64.*	GLIBC_2.27
 nios2.*		GLIBC_2.21
 microblaze.*	GLIBC_2.18
 -powerpc64le.*	GLIBC_2.17
 aarch64.*	GLIBC_2.17
 +powerpc64le.*	GLIBC_2.17
 x86_64.*	GLIBC_2.16	/* x32 */ __x86_64__ && ULONG_MAX == UINT_MAX
 -tilepro.*	GLIBC_2.12
 tilegx.*	GLIBC_2.12
 -m68k.*		GLIBC_2.4	/* coldfire */ defined __mcoldfire__
 +tilepro.*	GLIBC_2.12
 arm.*		GLIBC_2.4
 +m68k.*		GLIBC_2.4	/* coldfire */ defined __mcoldfire__
 powerpc64.*	GLIBC_2.3
 -x86_64.*	GLIBC_2.2.5
 +x86_64.*	GLIBC_2.2.5     /* 64 */ defined __x86_64__
 s390x.*		GLIBC_2.2
 -sparc.*		GLIBC_2.0
 -sh.*		GLIBC_2.0
 -s390.*		GLIBC_2.0
 -powerpc.*	GLIBC_2.0
 -mips.*		GLIBC_2.0
 -m68k.*		GLIBC_2.0
 -ia64.*		GLIBC_2.0
 -i[3-9]86.*	GLIBC_2.0
 -hppa.*		GLIBC_2.0
 alpha.*		GLIBC_2.0
 +hppa.*		GLIBC_2.0
 +i[3-9]86.*	GLIBC_2.0
 +ia64.*		GLIBC_2.0
 +m68k.*		GLIBC_2.0
 +mips.*		GLIBC_2.0
 +powerpc.*	GLIBC_2.0
 +s390.*		GLIBC_2.0
 +sh.*		GLIBC_2.0
 +sparc.*		GLIBC_2.0
 +x86_64.*        GLIBC_2.0       /* 32 */
 diff --git a/test-gensalt.c b/test-gensalt.c
 index 6713387..bbdfedb 100644
 --- a/test-gensalt.c
 +++ b/test-gensalt.c
@@ -179,7 +179,7 @@ static const struct testcase testcases[] =
   // SHA1/PBKDF always emits a round count, but we need to test its
   // behavior on very large inputs.  (This number is the largest
   // supported round count.)
 -  { "$md5", sunmd5_expected_output_r,  32, 0, 4294963199 },
 +  { "$md5", sunmd5_expected_output_r,  32, 0, 4294963199ul },
 #endif
 #if INCLUDE_sha1
   { "$sha1", sha1_expected_output,     26, 34, 0 },
 diff --git a/test-getrandom-fallbacks.c b/test-getrandom-fallbacks.c
 index 8cbab5f..3e7a96a 100644
 --- a/test-getrandom-fallbacks.c
 +++ b/test-getrandom-fallbacks.c
@@ -170,6 +170,19 @@ __wrap_open (const char *path, int flags, mode_t mode)
   return ret;
 }
 +extern int __wrap_open64 (const char *, int, mode_t);
 +extern int __real_open64 (const char *, int, mode_t);
 +int
 +__wrap_open64 (const char *path, int flags, mode_t mode)
 +{
 +  int ret = __real_open64 (path, flags, mode);
 +  if (ret == -1)
 +    return ret;
 +  if (!strcmp (path, "/dev/urandom"))
 +    urandom_fd = ret;
 +  return ret;
 +}
 +
 extern int __wrap_close (int);
 extern int __real_close (int);
 int
 diff --git a/test-short-outbuf.c b/test-short-outbuf.c
 index d928daa..f3f33a0 100644
 --- a/test-short-outbuf.c
 +++ b/test-short-outbuf.c
@@ -44,8 +44,8 @@ main (void)
           ok = false;
         }
 -      printf ("Test %u.0: %s, expected: \"%-2s\", got: \"%-2s\"\n",
 -              (unsigned int)(i + 1), result, testcases[i].exp_rn, *outbuf);
 +      printf ("Test %zu.0: %s, expected: \"%-2s\", got: \"%-2s\"\n",
 +              i + 1, result, testcases[i].exp_rn, *outbuf);
       crypt_ra ("@@", "@@", (void **) outbuf, (int *) j);
@@ -59,8 +59,8 @@ main (void)
           ok = false;
         }
 -      printf ("Test %u.1: %s, expected: \"%-2s\", got: \"%-2s\"\n",
 -              (unsigned int)(i + 1), result, testcases[i].exp_ra, *outbuf);
 +      printf ("Test %zu.1: %s, expected: \"%-2s\", got: \"%-2s\"\n",
 +              i + 1, result, testcases[i].exp_ra, *outbuf);
       free (j);
       free (*outbuf);
--- a/libxcrypt.spec
+++ b/libxcrypt.spec
@ -19,7 +19,7 @@
 Name:           libxcrypt
 Version:        4.0.1
-Release:        5%{?dist}
+Release:        6%{?dist}
 Summary:        Extended crypt library for DES, MD5, Blowfish and others
 # For explicit license breakdown, see the
@ -141,7 +141,7 @@ is highly discouraged.
    echo "-----BEGIN TESTLOG-----";
    %{__cat} test-suite.log;
    echo "-----END TESTLOG-----";
-#    exit $rc;
+    exit $rc;
  }
@ -177,6 +177,10 @@ is highly discouraged.
 %changelog
 * Fri Jul 13 2018 Björn Esser <besser82@fedoraproject.org> - 4.0.1-6
 - Make testsuite fail on error again
 - Update patch0 with more upstream fixes
 * Fri Jul 13 2018 Björn Esser <besser82@fedoraproject.org> - 4.0.1-5
 - Add patch to update to recent development branch
 - Re-enable SUNMD5 support as it is BSD licensed now