mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-09 18:45:54 +02:00
692c22519d
- v2 version is to extend from 4.4.25 to 4.4.26
- Update from 4.4.23 to 4.4.26
- Update of rootfile not required
- Changelog
Version 4.4.26
* Fix compilation on systems with GCC >= 10, that do not support
declarations with __attribute__((symver)).
Version 4.4.25
* Add support for Python 3.11 in the configure script.
* Stricter checking of invalid salt characters (issue #135).
Hashed passphrases are always entirely printable ASCII, and do
not contain any whitespace or the characters ':', ';', '*', '!',
or '\'. (These characters are used as delimiters and special
markers in the passwd(5) and shadow(5) files.)
Version 4.4.24
* Add hash group for Debian in lib/hashes.conf.
Debian has switched to use the yescrypt hashing algorithm as
the default for new user passwords, so we should add a group
for this distribution.
* Overhaul the badsalt test.
Test patterns are now mostly generated rather than manually coded
into a big table. Not reading past the end of the “setting” part
of the string is tested more thoroughly (this would have caught the
sunmd5 $$ bug if it had been available at the time).
Test logs are tidier.
* Add ‘test-programs’ utility target to Makefile.
It is sometimes useful to compile all the test programs but not run
them. Add a Makefile target that does this.
* Fix incorrect bcrypt-related ifdeffage in test/badsalt.c.
The four variants of bcrypt are independently configurable, but the
badsalt tests for them were all being toggled by INCLUDE_bcrypt,
which is only the macro for the $2b$ variant.
* Fix bigcrypt-related test cases in test/badsalt.c.
The test spec was only correct when both or neither of bigcrypt and
descrypt were enabled.
* Detect ASan in configure and disable incompatible tests.
ASan’s “interceptors” for crypt and crypt_r have a semantic conflict
with libxcrypt, requiring a few tests to be disabled for builds with
-fsanitize-address. See commentary in test/crypt-badargs.c for an
explanation of the conflict, and the commentary in
build-aux/zw_detect_asan.m4 for why a configure test is required.
* Fix several issues found by Covscan in the testsuite. These include:
- CWE-170: String not null terminated (STRING_NULL)
- CWE-188: Reliance on integer endianness (INCOMPATIBLE_CAST)
- CWE-190: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
- CWE-569: Wrong sizeof argument (SIZEOF_MISMATCH)
- CWE-573: Missing varargs init or cleanup (VARARGS)
- CWE-687: Argument cannot be negative (NEGATIVE_RETURNS)
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
93 lines
3.4 KiB
Plaintext
93 lines
3.4 KiB
Plaintext
###############################################################################
|
|
# #
|
|
# IPFire.org - A linux based firewall #
|
|
# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> #
|
|
# #
|
|
# This program is free software: you can redistribute it and/or modify #
|
|
# it under the terms of the GNU General Public License as published by #
|
|
# the Free Software Foundation, either version 3 of the License, or #
|
|
# (at your option) any later version. #
|
|
# #
|
|
# This program is distributed in the hope that it will be useful, #
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
|
|
# GNU General Public License for more details. #
|
|
# #
|
|
# You should have received a copy of the GNU General Public License #
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>. #
|
|
# #
|
|
###############################################################################
|
|
|
|
###############################################################################
|
|
# Definitions
|
|
###############################################################################
|
|
|
|
include Config
|
|
|
|
VER = 4.4.26
|
|
|
|
THISAPP = libxcrypt-$(VER)
|
|
DL_FILE = $(THISAPP).tar.xz
|
|
DL_FROM = $(URL_IPFIRE)
|
|
DIR_APP = $(DIR_SRC)/$(THISAPP)
|
|
|
|
ifeq "$(TOOLCHAIN)" "1"
|
|
TARGET = $(DIR_INFO)/$(THISAPP)-tools
|
|
EXTRACONFIG = --host=$(CROSSTARGET) \
|
|
--target=$(CROSSTARGET)
|
|
else
|
|
TARGET = $(DIR_INFO)/$(THISAPP)
|
|
endif
|
|
|
|
###############################################################################
|
|
# Top-level Rules
|
|
###############################################################################
|
|
|
|
objects = $(DL_FILE)
|
|
|
|
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
|
|
|
|
$(DL_FILE)_MD5 = 34954869627f62f9992808b6cff0d0a9
|
|
|
|
install : $(TARGET)
|
|
|
|
check : $(patsubst %,$(DIR_CHK)/%,$(objects))
|
|
|
|
download :$(patsubst %,$(DIR_DL)/%,$(objects))
|
|
|
|
md5 : $(subst %,%_MD5,$(objects))
|
|
|
|
###############################################################################
|
|
# Downloading, checking, md5sum
|
|
###############################################################################
|
|
|
|
$(patsubst %,$(DIR_CHK)/%,$(objects)) :
|
|
@$(CHECK)
|
|
|
|
$(patsubst %,$(DIR_DL)/%,$(objects)) :
|
|
@$(LOAD)
|
|
|
|
$(subst %,%_MD5,$(objects)) :
|
|
@$(MD5)
|
|
|
|
###############################################################################
|
|
# Installation Details
|
|
###############################################################################
|
|
|
|
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
|
|
@$(PREBUILD)
|
|
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
|
|
cd $(DIR_APP) && autoreconf -vfi
|
|
cd $(DIR_APP) && \
|
|
./configure \
|
|
$(EXTRACONFIG) \
|
|
--prefix=$(PREFIX) \
|
|
--disable-static \
|
|
--enable-hashes=strong,glibc \
|
|
--enable-obsolete-api \
|
|
--disable-failure-tokens
|
|
cd $(DIR_APP) && make $(MAKETUNING)
|
|
cd $(DIR_APP) && make install
|
|
@rm -rf $(DIR_APP)
|
|
@$(POSTBUILD)
|