* [PATCH] New configure option --disable-libcrypt.
@ 2018-04-16 1:36 Zack Weinberg
2018-04-16 15:11 ` Florian Weimer
0 siblings, 1 reply; 6+ messages in thread
From: Zack Weinberg @ 2018-04-16 1:36 UTC (permalink / raw)
To: libc-alpha; +Cc: carlos, fweimer, nmav
Some Linux distributions are experimenting with a new, separately
maintained and hopefully more agile implementation of the crypt(3)
APIs. To facilitate this, add a configure option which disables
glibc's embedded libcrypt. When this option is given, libcrypt.*
and crypt.h will not be built nor installed; the prototypes for
crypt and encrypt will not appear in unistd.h; the prototype for
setkey will not appear in stdlib.h; the feature test macro
_XOPEN_CRYPT will be undefined; and sysconf(_SC_XOPEN_CRYPT) will
return -1.
(There is an argument for defining _XOPEN_CRYPT to -1 instead. The
POSIX spec says that undefined means the same thing as defined to -1,
but the Linux sysconf(3) manpage differs, so it's a question of who
believed what. I went with undefined on the theory that people might
be testing it with #ifdef instead of #if >= 0.)
The bulk of the patch is just various places that need to take note of
libcrypt possibly not getting built. The _interesting_ part is the
treatment of stdlib.h and unistd.h. The declarations that need to
appear conditionally are moved to bits headers, each of which has two
variants, one which declares them and one which doesn't. In the
source tree, neither of them has the name by which the parent header
includes it; very early in the build we select the appropriate one and
copy it to the expected name. I would really appreciate a second pair
of eyes on the changes to Makerules, which are fragile to the point
that they don't work if they appear later in the file! (Because
$(before-compile) is order-sensitive.)
* configure.ac: Add new command-line option --disable-libcrypt.
Force --disable-nss-crypt when --disable-libcrypt is given, with a
warning if it was explicitly enabled.
* configure, config.make.in: Regenerate.
* Makeconfig: Only include 'crypt' in all-subdirs and rpath-dirs
when $(build-libcrypt) is yes.
* Makerules: Add rules to build bits/stdlib-crypt.h and
bits/unistd-crypt.h depending on the value of $(build-libcrypt),
in the before-compile phase.
* posix/Makefile (headers): Add bits/unistd-crypt.h.
* stdlib/Makefile (headers): Add bits/stdlib-crypt.h.
* posix/unistd.h: Move declarations of _XOPEN_CRYPT, crypt, and
encrypt to ...
* posix/bits/unistd-crypt-yes.h: ...this new file.
* posix/bits/unistd-crypt-no.h: New file, which doesn't declare
anything.
* stdlib/stdlib.h: Move declaration of setkey to...
* posix/bits/stdlib-crypt-yes.h: ...this new file.
* posix/bits/stdlib-crypt-no.h: New file, which doesn't declare
anything.
* conform/data/stdlib.h-data: Only expect setkey when HAVE_CRYPT
is 1.
* conform/data/unistd.h-data: Only expect _XOPEN_CRYPT, crypt, and
encrypt when HAVE_CRYPT is 1. When _XOPEN_CRYPT is expected, it
should be a macro with value 1.
* conform/conformtest.pl: Add new command line option
--have-crypt. When preprocessing control files, define HAVE_CRYPT
to 1 when --have-crypt was given, 0 otherwise.
* conform/Makefile: Pass --have-crypt to conformtest.pl when
$(build-libcrypt) is yes.
Only include libcrypt.a in linknamespace-libs-xsi and
linknamespace-libs-XPG4 when $(build-libcrypt) is yes.
* elf/Makefile (CFLAGS-tst-linkall-static.c): Only define
USE_CRYPT to 1 when $(build-libcrypt) is yes.
(tst-linkall-static): Only link with libcrypt.a when
$(build-libcrypt) is yes.
(localplt-built-dso): Only include libcrypt.so when
$(build-libcrypt) is yes.
* elf/tst-linkall-static.c: Only include crypt.h when USE_CRYPT is
true.
---
Makeconfig | 9 ++++++--
Makerules | 19 ++++++++++++++++
config.make.in | 1 +
configure | 32 +++++++++++++++++++++++++-
configure.ac | 11 +++++++++
conform/Makefile | 19 +++++++++++-----
conform/conformtest.pl | 8 +++++--
conform/data/stdlib.h-data | 2 +-
conform/data/unistd.h-data | 8 ++++---
elf/Makefile | 27 +++++++++++++++-------
elf/tst-linkall-static.c | 2 ++
posix/Makefile | 2 +-
posix/bits/unistd-crypt-no.h | 29 ++++++++++++++++++++++++
posix/bits/unistd-crypt-yes.h | 41 ++++++++++++++++++++++++++++++++++
posix/unistd.h | 18 +++------------
stdlib/Makefile | 5 +++--
stdlib/bits/stdlib-crypt-no.h | 29 ++++++++++++++++++++++++
stdlib/bits/stdlib-crypt-yes.h | 33 +++++++++++++++++++++++++++
stdlib/stdlib.h | 9 +++-----
19 files changed, 258 insertions(+), 46 deletions(-)
create mode 100644 posix/bits/unistd-crypt-no.h
create mode 100644 posix/bits/unistd-crypt-yes.h
create mode 100644 stdlib/bits/stdlib-crypt-no.h
create mode 100644 stdlib/bits/stdlib-crypt-yes.h
diff --git a/Makeconfig b/Makeconfig
index 1afe86475c..7ead0f3fc3 100644
--- a/Makeconfig
+++ b/Makeconfig
@@ -566,7 +566,7 @@ link-libc-printers-tests = $(link-libc-rpath) \
$(link-libc-tests-after-rpath-link)
# This is how to find at build-time things that will be installed there.
-rpath-dirs = math elf dlfcn nss nis rt resolv crypt mathvec support
+rpath-dirs = math elf dlfcn nss nis rt resolv mathvec support
rpath-link = \
$(common-objdir):$(subst $(empty) ,:,$(patsubst ../$(subdir),.,$(rpath-dirs:%=$(common-objpfx)%)))
else # build-static
@@ -1205,9 +1205,14 @@ all-subdirs = csu assert ctype locale intl catgets math setjmp signal \
stdlib stdio-common libio malloc string wcsmbs time dirent \
grp pwd posix io termios resource misc socket sysvipc gmon \
gnulib iconv iconvdata wctype manual shadow gshadow po argp \
- crypt localedata timezone rt conform debug mathvec support \
+ localedata timezone rt conform debug mathvec support \
dlfcn elf
+ifeq ($(build-libcrypt),yes)
+all-subdirs += crypt
+rpath-dirs += crypt
+endif
+
ifndef avoid-generated
# sysd-sorted itself will contain rules making the sysd-sorted target
# depend on Depend files. But if you just added a Depend file to an
diff --git a/Makerules b/Makerules
index b2c2724fcb..9faa025a8d 100644
--- a/Makerules
+++ b/Makerules
@@ -115,6 +115,25 @@ $(common-objpfx)ldbl-compat-choose.h: $(common-objpfx)versions.stmp
endif # avoid-generated
endif # $(build-shared) = yes
+# unistd.h and stdlib.h may or may not declare functions from libcrypt,
+# depending on configure options. The gen-as-const-headers process may
+# attempt to read these headers.
+$(common-objpfx)bits/stdlib-crypt.h: \
+ $(..)stdlib/bits/stdlib-crypt-$(build-libcrypt).h \
+ $(common-objpfx)config.make
+ cp $< $@T
+ mv -f $@T $@
+common-generated += $(common-objpfx)bits/stdlib-crypt.h
+before-compile += $(common-objpfx)bits/stdlib-crypt.h
+
+$(common-objpfx)bits/unistd-crypt.h: \
+ $(..)posix/bits/unistd-crypt-$(build-libcrypt).h \
+ $(common-objpfx)config.make
+ cp $< $@T
+ mv -f $@T $@
+common-generated += $(common-objpfx)bits/unistd-crypt.h
+before-compile += $(common-objpfx)bits/unistd-crypt.h
+
ifndef avoid-generated
ifneq (,$(CXX))
# If C++ headers <cstdlib> or <cmath> are used, GCC 6 will include
diff --git a/config.make.in b/config.make.in
index 9e5e24b2c6..3efefccfdb 100644
--- a/config.make.in
+++ b/config.make.in
@@ -96,6 +96,7 @@ cross-compiling = @cross_compiling@
force-install = @force_install@
link-obsolete-rpc = @link_obsolete_rpc@
build-obsolete-nsl = @build_obsolete_nsl@
+build-libcrypt = @build_libcrypt@
build-nscd = @build_nscd@
use-nscd = @use_nscd@
build-hardcoded-path-in-tests= @hardcoded_path_in_tests@
diff --git a/configure b/configure
index 7a8bd3f817..5adbeba70a 100755
--- a/configure
+++ b/configure
@@ -676,6 +676,7 @@ build_obsolete_nsl
link_obsolete_rpc
libc_cv_static_nss_crypt
libc_cv_nss_crypt
+build_libcrypt
experimental_malloc
enable_werror
all_warnings
@@ -730,6 +731,7 @@ infodir
docdir
oldincludedir
includedir
+runstatedir
localstatedir
sharedstatedir
sysconfdir
@@ -779,6 +781,7 @@ enable_all_warnings
enable_werror
enable_multi_arch
enable_experimental_malloc
+enable_libcrypt
enable_nss_crypt
enable_obsolete_rpc
enable_obsolete_nsl
@@ -840,6 +843,7 @@ datadir='${datarootdir}'
sysconfdir='${prefix}/etc'
sharedstatedir='${prefix}/com'
localstatedir='${prefix}/var'
+runstatedir='${localstatedir}/run'
includedir='${prefix}/include'
oldincludedir='/usr/include'
docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
@@ -1092,6 +1096,15 @@ do
| -silent | --silent | --silen | --sile | --sil)
silent=yes ;;
+ -runstatedir | --runstatedir | --runstatedi | --runstated \
+ | --runstate | --runstat | --runsta | --runst | --runs \
+ | --run | --ru | --r)
+ ac_prev=runstatedir ;;
+ -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
+ | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
+ | --run=* | --ru=* | --r=*)
+ runstatedir=$ac_optarg ;;
+
-sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
ac_prev=sbindir ;;
-sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
@@ -1229,7 +1242,7 @@ fi
for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
datadir sysconfdir sharedstatedir localstatedir includedir \
oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
- libdir localedir mandir
+ libdir localedir mandir runstatedir
do
eval ac_val=\$$ac_var
# Remove trailing slashes.
@@ -1382,6 +1395,7 @@ Fine tuning of the installation directories:
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
--sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
+ --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run]
--libdir=DIR object code libraries [EPREFIX/lib]
--includedir=DIR C header files [PREFIX/include]
--oldincludedir=DIR C header files for non-gcc [/usr/include]
@@ -1448,6 +1462,8 @@ Optional Features:
architectures
--disable-experimental-malloc
disable experimental malloc features
+ --disable-libcrypt do not build nor install the password hashing
+ library, libcrypt
--enable-nss-crypt enable libcrypt to use nss
--enable-obsolete-rpc build and install the obsolete RPC code for
link-time usage
@@ -3505,6 +3521,15 @@ fi
+# Check whether --enable-libcrypt was given.
+if test "${enable_libcrypt+set}" = set; then :
+ enableval=$enable_libcrypt; build_libcrypt=$enableval
+else
+ build_libcrypt=yes
+fi
+
+
+
# Check whether --enable-nss-crypt was given.
if test "${enable_nss_crypt+set}" = set; then :
enableval=$enable_nss_crypt; nss_crypt=$enableval
@@ -3512,6 +3537,11 @@ else
nss_crypt=no
fi
+if test x$build_libcrypt = xno && test x$nss_crypt = xyes; then
+ { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: --enable-nss-crypt has no effect when libcrypt is disabled" >&5
+$as_echo "$as_me: WARNING: --enable-nss-crypt has no effect when libcrypt is disabled" >&2;}
+ nss_crypt=no
+fi
if test x$nss_crypt = xyes; then
nss_includes=-I$(nss-config --includedir 2>/dev/null)
if test $? -ne 0; then
diff --git a/configure.ac b/configure.ac
index ca1282a6b3..d66d97dad3 100644
--- a/configure.ac
+++ b/configure.ac
@@ -302,11 +302,22 @@ AC_ARG_ENABLE([experimental-malloc],
[experimental_malloc=yes])
AC_SUBST(experimental_malloc)
+AC_ARG_ENABLE([libcrypt],
+ AC_HELP_STRING([--disable-libcrypt],
+ [do not build nor install the password hashing library, libcrypt]),
+ [build_libcrypt=$enableval],
+ [build_libcrypt=yes])
+AC_SUBST(build_libcrypt)
+
AC_ARG_ENABLE([nss-crypt],
AC_HELP_STRING([--enable-nss-crypt],
[enable libcrypt to use nss]),
[nss_crypt=$enableval],
[nss_crypt=no])
+if test x$build_libcrypt = xno && test x$nss_crypt = xyes; then
+ AC_MSG_WARN([--enable-nss-crypt has no effect when libcrypt is disabled])
+ nss_crypt=no
+fi
if test x$nss_crypt = xyes; then
nss_includes=-I$(nss-config --includedir 2>/dev/null)
if test $? -ne 0; then
diff --git a/conform/Makefile b/conform/Makefile
index 864fdeca21..693ae38e6a 100644
--- a/conform/Makefile
+++ b/conform/Makefile
@@ -171,6 +171,11 @@ conformtest-cross =
else
conformtest-cross = --cross
endif
+ifeq ($(build-libcrypt),yes)
+conformtest-have-crypt = --have-crypt
+else
+conformtest-have-crypt =
+endif
$(conformtest-header-tests): $(objpfx)%/conform.out: \
conformtest.pl $(conformtest-headers-data)
(set -e; std_hdr=$*; std=$${std_hdr%%/*}; hdr=$${std_hdr#*/}; \
@@ -178,7 +183,7 @@ $(conformtest-header-tests): $(objpfx)%/conform.out: \
$(PERL) -I. conformtest.pl --tmpdir=$(@D)/scratch --cc='$(CC)' \
--flags='$(conformtest-cc-flags)' --standard=$$std \
--headers=$$hdr $(conformtest-xfail) $(conformtest-cross) \
- > $@); \
+ $(conformtest-have-crypt) > $@); \
$(evaluate-test)
$(linknamespace-symlists-tests): $(objpfx)symlist-%: list-header-symbols.pl
@@ -193,13 +198,11 @@ linknamespace-libs-thr = $(linknamespace-libs-isoc) \
$(common-objpfx)rt/librt.a $(static-thread-library)
linknamespace-libs-posix = $(linknamespace-libs-thr) \
$(common-objpfx)dlfcn/libdl.a
-linknamespace-libs-xsi = $(linknamespace-libs-posix) \
- $(common-objpfx)crypt/libcrypt.a
+linknamespace-libs-xsi = $(linknamespace-libs-posix)
linknamespace-libs-ISO = $(linknamespace-libs-isoc)
linknamespace-libs-ISO99 = $(linknamespace-libs-isoc)
linknamespace-libs-ISO11 = $(linknamespace-libs-isoc)
-linknamespace-libs-XPG4 = $(linknamespace-libs-isoc) \
- $(common-objpfx)crypt/libcrypt.a
+linknamespace-libs-XPG4 = $(linknamespace-libs-isoc)
linknamespace-libs-XPG42 = $(linknamespace-libs-XPG4)
linknamespace-libs-POSIX = $(linknamespace-libs-thr)
linknamespace-libs-UNIX98 = $(linknamespace-libs-xsi)
@@ -209,6 +212,12 @@ linknamespace-libs-XOPEN2K8 = $(linknamespace-libs-xsi)
linknamespace-libs = $(foreach std,$(conformtest-standards),\
$(linknamespace-libs-$(std)))
+ifeq ($(build-libcrypt),yes)
+linknamespace-libs-xsi += $(common-objpfx)crypt/libcrypt.a
+linknamespace-libs-XPG4 += $(common-objpfx)crypt/libcrypt.a
+endif
+
+
$(linknamespace-symlist-stdlibs-tests): $(objpfx)symlist-stdlibs-%: \
$(linknamespace-libs)
LC_ALL=C $(READELF) -W -s $(linknamespace-libs-$*) > $@; \
diff --git a/conform/conformtest.pl b/conform/conformtest.pl
index cb500f0e76..0d09b62489 100644
--- a/conform/conformtest.pl
+++ b/conform/conformtest.pl
@@ -9,9 +9,11 @@ $CC = "gcc";
$tmpdir = "/tmp";
$cross = "";
$xfail_str = "";
+$have_crypt = 0;
GetOptions ('headers=s' => \@headers, 'standard=s' => \$standard,
'flags=s' => \$flags, 'cc=s' => \$CC, 'tmpdir=s' => \$tmpdir,
- 'cross' => \$cross, 'xfail=s' => \$xfail_str);
+ 'cross' => \$cross, 'xfail=s' => \$xfail_str,
+ 'have-crypt' => \$have_crypt);
@headers = split(/,/,join(',',@headers));
# List of the headers we are testing.
@@ -328,7 +330,9 @@ while ($#headers >= 0) {
printf ("Testing <$h>\n");
printf ("----------" . "-" x length ($h) . "\n");
- open (CONTROL, "$CC -E -D$standard -std=c99 -x c data/$h-data |");
+ open (CONTROL,
+ "$CC -E -x c -std=c99 -D$standard -DHAVE_CRYPT=$have_crypt " .
+ "data/$h-data |");
control: while (<CONTROL>) {
chop;
next control if (/^#/);
diff --git a/conform/data/stdlib.h-data b/conform/data/stdlib.h-data
index d8fcccc2fb..4a0fdfd213 100644
--- a/conform/data/stdlib.h-data
+++ b/conform/data/stdlib.h-data
@@ -149,7 +149,7 @@ function {unsigned short int*} seed48 (unsigned short int[3])
#if !defined ISO && !defined ISO99 && !defined ISO11 && !defined POSIX && !defined XPG4 && !defined XPG42 && !defined UNIX98
function int setenv (const char*, const char*, int)
#endif
-#if !defined ISO && !defined ISO99 && !defined ISO11 && !defined POSIX && !defined POSIX2008
+#if HAVE_CRYPT && !defined ISO && !defined ISO99 && !defined ISO11 && !defined POSIX && !defined POSIX2008
function void setkey (const char*)
#endif
#if !defined ISO && !defined ISO99 && !defined ISO11 && !defined XPG4 && !defined POSIX && !defined POSIX2008
diff --git a/conform/data/unistd.h-data b/conform/data/unistd.h-data
index ddf4f25132..3ea9f0c49f 100644
--- a/conform/data/unistd.h-data
+++ b/conform/data/unistd.h-data
@@ -86,7 +86,9 @@ optional-constant _POSIX2_FORT_DEV
optional-constant _POSIX2_FORT_RUN
optional-constant _POSIX2_SW_DEV
# if !defined POSIX && !defined POSIX2008
-optional-constant _XOPEN_CRYPT
+# if HAVE_CRYPT
+macro-int-constant _XOPEN_CRYPT {int} == 1
+# endif
optional-constant _XOPEN_ENH_I18N
optional-constant _XOPEN_LEGACY
optional-constant _XOPEN_REALTIME
@@ -437,7 +439,7 @@ function int chroot (const char*)
function int chown (const char*, uid_t, gid_t)
function int close (int)
function size_t confstr (int, char*, size_t)
-#if !defined POSIX && !defined POSIX2008
+#if HAVE_CRYPT && !defined POSIX && !defined POSIX2008
function {char*} crypt (const char*, const char*)
#endif
#if defined XPG4 || defined XPG42 || defined UNIX98
@@ -449,7 +451,7 @@ allow cuserid
#endif
function int dup (int)
function int dup2 (int, int)
-#if !defined POSIX && !defined POSIX2008
+#if HAVE_CRYPT && !defined POSIX && !defined POSIX2008
function void encrypt (char[64], int)
#endif
function int execl (const char*, const char*, ...)
diff --git a/elf/Makefile b/elf/Makefile
index e658928305..aa8434c875 100644
--- a/elf/Makefile
+++ b/elf/Makefile
@@ -385,14 +385,21 @@ $(objpfx)tst-_dl_addr_inside_object: $(objpfx)dl-addr-obj.os
CFLAGS-tst-_dl_addr_inside_object.c += $(PIE-ccflag)
endif
-# By default tst-linkall-static should try to use crypt routines to test
-# static libcrypt use.
+# We can only test static libcrypt use if libcrypt has been built,
+# and either NSS crypto is not in use, or static NSS libraries are
+# available.
+ifeq ($(build-libcrypt),no)
+CFLAGS-tst-linkall-static.c += -DUSE_CRYPT=0
+else
+ifeq ($(nss-crypt),no)
+CFLAGS-tst-linkall-static.c += -DUSE_CRYPT=1
+else
+ifeq ($(static-nss-crypt),no)
+CFLAGS-tst-linkall-static.c += -DUSE_CRYPT=0
+else
CFLAGS-tst-linkall-static.c += -DUSE_CRYPT=1
-# However, if we are using NSS crypto and we don't have a static
-# library, then we exclude the use of crypt functions in the test.
-# We similarly exclude libcrypt.a from the static link (see below).
-ifeq (yesno,$(nss-crypt)$(static-nss-crypt))
-CFLAGS-tst-linkall-static.c += -UUSE_CRYPT -DUSE_CRYPT=0
+endif
+endif
endif
include ../Rules
@@ -1113,7 +1120,6 @@ localplt-built-dso := $(addprefix $(common-objpfx),\
rt/librt.so \
dlfcn/libdl.so \
resolv/libresolv.so \
- crypt/libcrypt.so \
)
ifeq ($(build-mathvec),yes)
localplt-built-dso += $(addprefix $(common-objpfx), mathvec/libmvec.so)
@@ -1121,6 +1127,9 @@ endif
ifeq ($(have-thread-library),yes)
localplt-built-dso += $(filter-out %_nonshared.a, $(shared-thread-library))
endif
+ifeq ($(build-libcrypt),yes)
+localplt-built-dso += $(addprefix $(common-objpfx), crypt/libcrypt.so)
+endif
vpath localplt.data $(+sysdep_dirs)
@@ -1395,6 +1404,7 @@ $(objpfx)tst-linkall-static: \
$(common-objpfx)resolv/libanl.a \
$(static-thread-library)
+ifeq ($(build-libcrypt),yes)
# If we are using NSS crypto and we have the ability to link statically
# then we include libcrypt.a, otherwise we leave out libcrypt.a and
# link as much as we can into the tst-linkall-static test. This assumes
@@ -1410,6 +1420,7 @@ ifeq (no,$(nss-crypt))
$(objpfx)tst-linkall-static: \
$(common-objpfx)crypt/libcrypt.a
endif
+endif
# The application depends on the DSO, and the DSO loads the plugin.
# The plugin also depends on the DSO. This creates the circular
diff --git a/elf/tst-linkall-static.c b/elf/tst-linkall-static.c
index e8df38f74e..0ffae7c723 100644
--- a/elf/tst-linkall-static.c
+++ b/elf/tst-linkall-static.c
@@ -18,7 +18,9 @@
#include <math.h>
#include <pthread.h>
+#if USE_CRYPT
#include <crypt.h>
+#endif
#include <resolv.h>
#include <dlfcn.h>
#include <utmp.h>
diff --git a/posix/Makefile b/posix/Makefile
index 51dcf129ec..c43ca1cb49 100644
--- a/posix/Makefile
+++ b/posix/Makefile
@@ -31,7 +31,7 @@ headers := sys/utsname.h sys/times.h sys/wait.h sys/types.h unistd.h \
bits/local_lim.h tar.h bits/utsname.h bits/confname.h \
bits/waitflags.h bits/waitstatus.h sys/unistd.h sched.h \
bits/sched.h bits/cpu-set.h re_comp.h wait.h bits/environments.h \
- cpio.h spawn.h bits/unistd.h
+ cpio.h spawn.h bits/unistd.h bits/unistd-crypt.h
routines := \
uname \
diff --git a/posix/bits/unistd-crypt-no.h b/posix/bits/unistd-crypt-no.h
new file mode 100644
index 0000000000..d4bbd7a10e
--- /dev/null
+++ b/posix/bits/unistd-crypt-no.h
@@ -0,0 +1,29 @@
+/* X/Open Encryption Option Group -- unistd.h declarations.
+ Copyright (C) 2018 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#ifndef _BITS_UNISTD_CRYPT_H
+#define _BITS_UNISTD_CRYPT_H 1
+
+#ifndef _UNISTD_H
+# error "Never include <bits/unistd-crypt.h> directly; use <unistd.h> instead."
+#endif
+
+/* In this configuration, the functions crypt, encrypt, and setkey are
+ not available. */
+
+#endif
diff --git a/posix/bits/unistd-crypt-yes.h b/posix/bits/unistd-crypt-yes.h
new file mode 100644
index 0000000000..32f8633fef
--- /dev/null
+++ b/posix/bits/unistd-crypt-yes.h
@@ -0,0 +1,41 @@
+/* X/Open Encryption Option Group -- unistd.h declarations.
+ Copyright (C) 2018 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#ifndef _BITS_UNISTD_CRYPT_H
+#define _BITS_UNISTD_CRYPT_H 1
+
+#ifndef _UNISTD_H
+# error "Never include <bits/unistd-crypt.h> directly; use <unistd.h> instead."
+#endif
+
+/* In this configuration, the functions crypt, encrypt, and setkey are
+ available. */
+#define _XOPEN_CRYPT 1
+
+#ifdef __USE_XOPEN
+/* Encrypt at most 8 characters from KEY using salt to perturb DES. */
+extern char *crypt (const char *__key, const char *__salt)
+ __THROW __nonnull ((1, 2));
+
+/* Encrypt data in BLOCK in place if EDFLAG is zero; otherwise decrypt
+ block in place. */
+extern void encrypt (char *__glibc_block, int __edflag)
+ __THROW __nonnull ((1));
+#endif
+
+#endif
diff --git a/posix/unistd.h b/posix/unistd.h
index 4d149f9945..d9ac9d4c51 100644
--- a/posix/unistd.h
+++ b/posix/unistd.h
@@ -107,9 +107,6 @@ __BEGIN_DECLS
/* The X/Open Unix extensions are available. */
#define _XOPEN_UNIX 1
-/* Encryption is present. */
-#define _XOPEN_CRYPT 1
-
/* The enhanced internationalization capabilities according to XPG4.2
are present. */
#define _XOPEN_ENH_I18N 1
@@ -1118,20 +1115,11 @@ ssize_t copy_file_range (int __infd, __off64_t *__pinoff,
extern int fdatasync (int __fildes);
#endif /* Use POSIX199309 */
+/* The X/Open Encryption Option Group may or may not be supported in
+ this release of the GNU C Library. */
+#include <bits/unistd-crypt.h>
-/* XPG4.2 specifies that prototypes for the encryption functions must
- be defined here. */
#ifdef __USE_XOPEN
-/* Encrypt at most 8 characters from KEY using salt to perturb DES. */
-extern char *crypt (const char *__key, const char *__salt)
- __THROW __nonnull ((1, 2));
-
-/* Encrypt data in BLOCK in place if EDFLAG is zero; otherwise decrypt
- block in place. */
-extern void encrypt (char *__glibc_block, int __edflag)
- __THROW __nonnull ((1));
-
-
/* Swab pairs bytes in the first N bytes of the area pointed to by
FROM and copy the result to TO. The value of TO must not be in the
range [FROM - N + 1, FROM - 1]. If N is odd the first byte in FROM
diff --git a/stdlib/Makefile b/stdlib/Makefile
index af1643c0c4..ceca710d1f 100644
--- a/stdlib/Makefile
+++ b/stdlib/Makefile
@@ -22,7 +22,8 @@ subdir := stdlib
include ../Makeconfig
-headers := stdlib.h bits/stdlib.h bits/stdlib-ldbl.h bits/stdlib-float.h \
+headers := stdlib.h bits/stdlib.h \
+ bits/stdlib-crypt.h bits/stdlib-ldbl.h bits/stdlib-float.h \
monetary.h bits/monetary-ldbl.h \
inttypes.h stdint.h bits/wordsize.h \
errno.h sys/errno.h bits/errno.h bits/types/error_t.h \
@@ -133,7 +134,7 @@ aux += fpioconst mp_clz_tab
tests-extras += tst-putenvmod
extra-test-objs += tst-putenvmod.os
-generated += isomac isomac.out tst-putenvmod.so
+generated += isomac isomac.out tst-putenvmod.so bits/stdlib-crypt.h
CFLAGS-bsearch.c += $(uses-callbacks)
CFLAGS-msort.c += $(uses-callbacks)
diff --git a/stdlib/bits/stdlib-crypt-no.h b/stdlib/bits/stdlib-crypt-no.h
new file mode 100644
index 0000000000..ed0fa5b031
--- /dev/null
+++ b/stdlib/bits/stdlib-crypt-no.h
@@ -0,0 +1,29 @@
+/* X/Open Encryption Option Group -- stdlib.h declarations.
+ Copyright (C) 2018 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#ifndef _BITS_STDLIB_CRYPT_H
+#define _BITS_STDLIB_CRYPT_H 1
+
+#ifndef _STDLIB_H
+# error "Never include <bits/stdlib-crypt.h> directly; use <stdlib.h> instead."
+#endif
+
+/* In this configuration, the functions crypt, encrypt, and setkey are
+ not available. */
+
+#endif
diff --git a/stdlib/bits/stdlib-crypt-yes.h b/stdlib/bits/stdlib-crypt-yes.h
new file mode 100644
index 0000000000..f61ade57c4
--- /dev/null
+++ b/stdlib/bits/stdlib-crypt-yes.h
@@ -0,0 +1,33 @@
+/* X/Open Encryption Option Group -- stdlib.h declarations.
+ Copyright (C) 2018 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#ifndef _BITS_STDLIB_CRYPT_H
+#define _BITS_STDLIB_CRYPT_H 1
+
+#ifndef _STDLIB_H
+# error "Never include <bits/stdlib-crypt.h> directly; use <stdlib.h> instead."
+#endif
+
+/* In this configuration, the functions crypt, encrypt, and setkey are
+ available. */
+#ifdef __USE_XOPEN
+/* Setup DES tables according to KEY. */
+extern void setkey (const char *__key) __THROW __nonnull ((1));
+#endif
+
+#endif
diff --git a/stdlib/stdlib.h b/stdlib/stdlib.h
index 6b1ead31e0..8a4398ca59 100644
--- a/stdlib/stdlib.h
+++ b/stdlib/stdlib.h
@@ -957,12 +957,9 @@ extern int getsubopt (char **__restrict __optionp,
__THROW __nonnull ((1, 2, 3)) __wur;
#endif
-
-#ifdef __USE_XOPEN
-/* Setup DES tables according KEY. */
-extern void setkey (const char *__key) __THROW __nonnull ((1));
-#endif
-
+/* The X/Open Encryption Option Group may or may not be supported in
+ this release of the GNU C Library. */
+#include <bits/stdlib-crypt.h>
/* X/Open pseudo terminal handling. */
--
2.17.0
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] New configure option --disable-libcrypt.
2018-04-16 1:36 [PATCH] New configure option --disable-libcrypt Zack Weinberg
@ 2018-04-16 15:11 ` Florian Weimer
2018-04-16 15:56 ` Zack Weinberg
0 siblings, 1 reply; 6+ messages in thread
From: Florian Weimer @ 2018-04-16 15:11 UTC (permalink / raw)
To: Zack Weinberg, libc-alpha; +Cc: carlos, nmav
On 04/16/2018 03:36 AM, Zack Weinberg wrote:
> diff --git a/elf/tst-linkall-static.c b/elf/tst-linkall-static.c
> index e8df38f74e..0ffae7c723 100644
> --- a/elf/tst-linkall-static.c
> +++ b/elf/tst-linkall-static.c
> @@ -18,7 +18,9 @@
>
> #include <math.h>
> #include <pthread.h>
> +#if USE_CRYPT
> #include <crypt.h>
> +#endif
The #include should be indented.
> diff --git a/posix/unistd.h b/posix/unistd.h
> index 4d149f9945..d9ac9d4c51 100644
> --- a/posix/unistd.h
> +++ b/posix/unistd.h
> @@ -107,9 +107,6 @@ __BEGIN_DECLS
> /* The X/Open Unix extensions are available. */
> #define _XOPEN_UNIX 1
>
> -/* Encryption is present. */
> -#define _XOPEN_CRYPT 1
> -
> /* The enhanced internationalization capabilities according to XPG4.2
> are present. */
> #define _XOPEN_ENH_I18N 1
> @@ -1118,20 +1115,11 @@ ssize_t copy_file_range (int __infd, __off64_t *__pinoff,
> extern int fdatasync (int __fildes);
> #endif /* Use POSIX199309 */
>
> +/* The X/Open Encryption Option Group may or may not be supported in
> + this release of the GNU C Library. */
> +#include <bits/unistd-crypt.h>
Based on the Fedora experience, I wonder if it's not best to keep
support _XOPEN_CRYPT unconditionally. GCC still supports implicit
function definitions by default and coerces the implied int return type
to a pointer value. This means that we drop the prototype from
<unistd.h>, a program like
#include <stdio.h>
#include <unistd.h>
int
main (int argc, char **argv)
{
return puts(crypt(argv[1], argv[2]));
}
still builds and links successfully, but crashes at run time on 64-bit
architectures.
From a developer perspective, it would avoid a bit of hassle if we just
said that if a distribution builds with --disable-libcrypt, it still
needs to supply a compatible libcrypt with a definition of crypt and a
default symbol version.
With encrypt and setkey, the situation is less pronounced because these
functions are obsolete, and we can produce link errors if developers use
them.
Thanks,
Florian
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] New configure option --disable-libcrypt.
2018-04-16 15:11 ` Florian Weimer
@ 2018-04-16 15:56 ` Zack Weinberg
2018-04-16 18:41 ` Zack Weinberg
2018-04-17 10:21 ` Florian Weimer
0 siblings, 2 replies; 6+ messages in thread
From: Zack Weinberg @ 2018-04-16 15:56 UTC (permalink / raw)
To: Florian Weimer
Cc: GNU C Library, Carlos O'Donell, Nikos Mavrogiannopoulos
On Mon, Apr 16, 2018 at 11:10 AM, Florian Weimer <fweimer@redhat.com> wrote:
> On 04/16/2018 03:36 AM, Zack Weinberg wrote:
>>
>> diff --git a/elf/tst-linkall-static.c b/elf/tst-linkall-static.c
>> index e8df38f74e..0ffae7c723 100644
>> --- a/elf/tst-linkall-static.c
>> +++ b/elf/tst-linkall-static.c
>> @@ -18,7 +18,9 @@
>> #include <math.h>
>> #include <pthread.h>
>> +#if USE_CRYPT
>> #include <crypt.h>
>> +#endif
>
> The #include should be indented.
Will fix.
>> +/* The X/Open Encryption Option Group may or may not be supported in
>> + this release of the GNU C Library. */
>> +#include <bits/unistd-crypt.h>
>
> Based on the Fedora experience, I wonder if it's not best to keep support
> _XOPEN_CRYPT unconditionally. GCC still supports implicit function
> definitions by default and coerces the implied int return type to a pointer
> value.
...
> From a developer perspective, it would avoid a bit of hassle if we just said
> that if a distribution builds with --disable-libcrypt, it still needs to
> supply a compatible libcrypt with a definition of crypt and a default symbol
> version.
>
> With encrypt and setkey, the situation is less pronounced because these
> functions are obsolete, and we can produce link errors if developers use
> them.
Let me see if I understand what you have in mind: In
--disable-libcrypt mode, we would preserve _XOPEN_CRYPT, with value 1,
and the prototype for crypt in unistd.h. We would also preserve the
prototypes for encrypt and setkey, but maybe with
__attribute__((deprecated)). We just wouldn't provide crypt.h or
libcrypt. It's not a conformance violation for us to continue
defining _XOPEN_CRYPT as 1 because, as long as you get libcrypt from
_somewhere_, it will work at runtime. Is that right?
I like this plan because it means the patch doesn't have to touch Makerules :)
zw
p.s. Maybe someone with the ability to file Austin Group defect
reports or interpretation requests or whatever they're called should
request the formal deprecation of encrypt and setkey?
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] New configure option --disable-libcrypt.
2018-04-16 15:56 ` Zack Weinberg
@ 2018-04-16 18:41 ` Zack Weinberg
2018-04-17 10:21 ` Florian Weimer
1 sibling, 0 replies; 6+ messages in thread
From: Zack Weinberg @ 2018-04-16 18:41 UTC (permalink / raw)
To: Florian Weimer
Cc: GNU C Library, Carlos O'Donell, Nikos Mavrogiannopoulos
On Mon, Apr 16, 2018 at 11:56 AM, Zack Weinberg <zackw@panix.com> wrote:
>
> p.s. Maybe someone with the ability to file Austin Group defect
> reports or interpretation requests or whatever they're called should
> request the formal deprecation of encrypt and setkey?
Turns out I have that ability! http://austingroupbugs.net/view.php?id=1192
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] New configure option --disable-libcrypt.
2018-04-16 15:56 ` Zack Weinberg
2018-04-16 18:41 ` Zack Weinberg
@ 2018-04-17 10:21 ` Florian Weimer
2018-04-18 13:43 ` Zack Weinberg
1 sibling, 1 reply; 6+ messages in thread
From: Florian Weimer @ 2018-04-17 10:21 UTC (permalink / raw)
To: Zack Weinberg; +Cc: GNU C Library, Carlos O'Donell, Nikos Mavrogiannopoulos
On 04/16/2018 05:56 PM, Zack Weinberg wrote:
> Let me see if I understand what you have in mind: In
> --disable-libcrypt mode, we would preserve _XOPEN_CRYPT, with value 1,
> and the prototype for crypt in unistd.h.
My main proposal is preserving the prototype for crypt, under
_GNU_SOURCE if necessary (without defining _XOPEN_CRYPT).
I just don't see value in the friction caused by dropping the definition.
> We would also preserve the
> prototypes for encrypt and setkey, but maybe with
> __attribute__((deprecated)).
I'm less concerned about these two functions. We can do there whatever
we think is best from a standard compliance perspective, I think. There
simply aren't enough users to make a difference, I think. This is very
different for the crypt function.
> We just wouldn't provide crypt.h or libcrypt.
Exactly.
> It's not a conformance violation for us to continue
> defining _XOPEN_CRYPT as 1 because, as long as you get libcrypt from
> _somewhere_, it will work at runtime. Is that right?
Right.
It could still be a conformance violation for setkey/encrypt because
current libxcrypt (at least the version in Fedora) does not provide the
functions anymore for linking:
$ eu-readelf --symbols=.dynsym /lib64/libcrypt.so.1 | grep encrypt
38: 000000000000b330 20 FUNC GLOBAL DEFAULT 12
encrypt_r@GLIBC_2.2.5
52: 000000000000b360 16 FUNC GLOBAL DEFAULT 12
encrypt@GLIBC_2.2.5
Thanks,
Florian
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] New configure option --disable-libcrypt.
2018-04-17 10:21 ` Florian Weimer
@ 2018-04-18 13:43 ` Zack Weinberg
0 siblings, 0 replies; 6+ messages in thread
From: Zack Weinberg @ 2018-04-18 13:43 UTC (permalink / raw)
To: Florian Weimer
Cc: GNU C Library, Carlos O'Donell, Nikos Mavrogiannopoulos
On Tue, Apr 17, 2018 at 6:21 AM, Florian Weimer <fweimer@redhat.com> wrote:
> On 04/16/2018 05:56 PM, Zack Weinberg wrote:
>
>> Let me see if I understand what you have in mind: In
>> --disable-libcrypt mode, we would preserve _XOPEN_CRYPT, with value 1,
>> and the prototype for crypt in unistd.h.
>
> My main proposal is preserving the prototype for crypt, under _GNU_SOURCE if
> necessary (without defining _XOPEN_CRYPT).
>
> I just don't see value in the friction caused by dropping the definition.
Makes sense.
> It could still be a conformance violation for setkey/encrypt because current
> libxcrypt (at least the version in Fedora) does not provide the functions
> anymore for linking:
>
> $ eu-readelf --symbols=.dynsym /lib64/libcrypt.so.1 | grep encrypt
> 38: 000000000000b330 20 FUNC GLOBAL DEFAULT 12
> encrypt_r@GLIBC_2.2.5
> 52: 000000000000b360 16 FUNC GLOBAL DEFAULT 12
> encrypt@GLIBC_2.2.5
Yeah, I did that on purpose; the total insecurity of single DES
outweighs standard compliance in this case, I think. And, as you say,
there probably aren't very many users.
I'll send a revised patch shortly.
zw
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2018-04-18 13:43 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-04-16 1:36 [PATCH] New configure option --disable-libcrypt Zack Weinberg
2018-04-16 15:11 ` Florian Weimer
2018-04-16 15:56 ` Zack Weinberg
2018-04-16 18:41 ` Zack Weinberg
2018-04-17 10:21 ` Florian Weimer
2018-04-18 13:43 ` Zack Weinberg
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).