From patchwork Tue Nov 21 14:54:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florian Weimer X-Patchwork-Id: 80481 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 5A6DB3858428 for ; Tue, 21 Nov 2023 14:54:49 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTPS id 635313858D33 for ; Tue, 21 Nov 2023 14:54:36 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 635313858D33 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 635313858D33 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1700578477; cv=none; b=gkt0lxeb6ThV/wkLx0RCCMtI/uXHKrXx8xcxs9eJZkREYu/Vu2ElCSJ4w3J4m+ztdYjXIZgdGyCcbuBBiEdXz/oz6IK4t92IinVcGLal+DNSPpEemXtOJrRiFnVNeSTICXn88Wxh3h3G5MnRvUBBANPHZTrc50INKpAQ4jW0NfQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1700578477; c=relaxed/simple; bh=RqwTGla8fcQvCsWJr6bDvUH0rXs+/0Gx9npgiJ5IxHg=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=qmW/4EA1Bii0xnWe344ZVDIye9BVTRDyn35vhqFN448OTcl6+1Pf158JKtAvESDALcG7vIGoeplXycdiMhIPabA4I43kOOjTWFm8cSL9DfCZnURKQO/6aUitJJjdtei32/ue8QtoFGzemwg6yU2GwM2TBHAby3fPklCB9WwYriM= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1700578476; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type; bh=gSHZW0ipWrHamrrB0u4zMNlo+lGPNuC8RwV5MgnKr0E=; b=dpBHA1qOqcQJX7zMxcWIaM6GqtVLTB2kDJsxfWeHjdKv7kODjw3aTxIL2qKrzQx55W6Pfn tZfcWtVdRiGmntultcns/wdF3fYqBRPCqeLaC3LY3aDdPftRa0rtGgJ18nm6nz2OFksLek 3ryXc4dFyfWIwzrZ6xujU6M/Sib6IxI= Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-561-Tdyv9aPmMUObnGGwvnzXmg-1; Tue, 21 Nov 2023 09:54:34 -0500 X-MC-Unique: Tdyv9aPmMUObnGGwvnzXmg-1 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 04E091C0725A; Tue, 21 Nov 2023 14:54:34 +0000 (UTC) Received: from oldenburg.str.redhat.com (unknown [10.2.16.13]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5EEA6492BE0; Tue, 21 Nov 2023 14:54:33 +0000 (UTC) From: Florian Weimer To: libc-alpha@sourceware.org Cc: Adhemerval Zanella Subject: [PATCH] posix: Revert the removal of the crypt prototype from Date: Tue, 21 Nov 2023 15:54:31 +0100 Message-ID: <87zfz7gnrs.fsf@oldenburg.str.redhat.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.3 (gnu/linux) MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.9 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com X-Spam-Status: No, score=-10.9 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org Many applications still rely on this prototype. Rebuilds without this prototype result in an implicit function declaration, which can introduce security vulnerabilities due to 32-bit pointer truncation. --- NEWS | 5 ++++- posix/unistd.h | 13 +++++++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) base-commit: c52c2c32db15aba8bbe1a0b4d3235f97d9c1a525 diff --git a/NEWS b/NEWS index 139cfef1b0..8c1c149f91 100644 --- a/NEWS +++ b/NEWS @@ -52,7 +52,10 @@ Deprecated and removed features, and other changes affecting compatibility: * libcrypt has been removed from the GNU C Library. The configure options "--enable-crypt" and "--enable-nss-crypt" are no longer available. , libcrypt.a, and libcrypt.so.1 will not be - installed, and will not declare the crypt function. + installed. For now continues to declare the crypt + function by default, to avoid introducing vulnerabilities into + existing applications due to a missing prototype. This declaration + is deprecated and may be removed in a future glibc release. The replacement for libcrypt is libxcrypt, maintained separately from GNU libc, but available under compatible licensing terms, and providing diff --git a/posix/unistd.h b/posix/unistd.h index 1f9cd8cbf0..5b91ad4aaa 100644 --- a/posix/unistd.h +++ b/posix/unistd.h @@ -1150,6 +1150,19 @@ ssize_t copy_file_range (int __infd, __off64_t *__pinoff, extern int fdatasync (int __fildes); #endif /* Use POSIX199309 */ +#ifdef __USE_MISC +/* One-way hash PHRASE, returning a string suitable for storage in the + user database. SALT selects the one-way function to use, and + ensures that no two users' hashes are the same, even if they use + the same passphrase. The return value points to static storage + which will be overwritten by the next call to crypt. + + This declaration is deprecated; applications should include + instead. */ +extern char *crypt (const char *__key, const char *__salt) + __THROW __nonnull ((1, 2)); +#endif + #ifdef __USE_XOPEN /* Swab pairs bytes in the first N bytes of the area pointed to by FROM and copy the result to TO. The value of TO must not be in the