Patch: Blowfish and SHA support for crypt

Ed W lists at wildgooses.com
Mon Oct 31 23:40:10 UTC 2011


On 24/10/2011 12:37, Rich Felker wrote:
> On Mon, Oct 24, 2011 at 01:00:05PM +0200, Bernhard Reutner-Fischer wrote:
>> As to the sha256 implementation, it uses nested functions and as such
>> will fail to build for (ancient) c89/c90 only bootstrap compilers, so
>> please note this fact in the help-text of the config entry.
>> PS: please don't forget a Signed-off-by line when you resend.
> Much worse, it will fail for any actual C compiler (as opposed to "GNU
> C" compilers) as well as on any system with non-executable stack.

That kind of alarms me a bit then because I'm building this on a gentoo
hardened machine which *should* have a recent grsec kernel and most of
the hardening knobs enabled for gcc.  I'm actually slightly unsure what
*is* enabled given I think some of the gcc features are dialed back
under a uclibc environment (on gentoo gcc specs), but I certainly suffer
pain due to clamav segfaulting when it tries to do clever things

I am far too ignorant to dispute this further, but this code is "doing
something" and not obviously failing under this environment? Any thoughts?

> Please fix by replacing the code with valid C. "Nested functions" are
> not valid C and can trivially be replaced by putting your local
> variables in a struct context and passing a pointer to it to the
> function that would have been a nested function.

That doesn't seem like an unreasonable request. However, I'm snowed
under with a bunch of deadlines that are going to keep me from playing
with this for some weeks or more. Would someone else be kind enough to
help knock this code into shape?

Also up for grabs at the same time seems to be that if re-entrant
md5/des functions were available then we could add re-entrant crypt
wrappers since the sha/blowfish code comes with those for free? Are
these useful to anyone..?

Thanks for your feedback

Ed W


More information about the uClibc mailing list