glibc: Package libxcrypt and compat-libxcrypt

libcrypt in glibc is deprecated and has been replaced by libxcrypt which
offers a new ABI. The new ABI is package in libxcrypt and the old one in
compat-libxcrypt which should be dropped soon.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/compat-libxcrypt/compat-libxcrypt.nm b/compat-libxcrypt/compat-libxcrypt.nm
new file mode 100644 (file)
index 0000000..de696a2
--- /dev/null
+++ b/compat-libxcrypt/compat-libxcrypt.nm
@@ -0,0 +1,52 @@
+###############################################################################
+# IPFire.org    - An Open Source Firewall Solution                            #
+# Copyright (C) - IPFire Development Team <info@ipfire.org>                   #
+###############################################################################
+
+name       = compat-libxcrypt
+version    = 4.4.33
+release    = 1
+thisapp    = libxcrypt-%{version}
+
+groups     = System/Libraries
+url        = https://github.com/besser82/libxcrypt/
+license    = LGPLv2.1
+summary    = Extended crypt library for descrypt, md5crypt, bcrypt, and others
+
+description
+       This package provides a version of libxcrypt which is compatible with
+       the old glibc interface.
+end
+
+source_dl  = https://github.com/besser82/libxcrypt/releases/download/v%{version}/
+sources    = %{thisapp}.tar.xz
+
+build
+       requires
+               perl
+       end
+
+       configure_options += \
+               --disable-static \
+               --enable-hashes=strong,glibc \
+               --enable-obsolete-api=glibc \
+               --disable-failure-tokens
+
+       test
+               LD_LIBRARY_PATH="%{DIR_APP}/.libs" make check
+       end
+
+       install
+               mkdir -pv %{BUILDROOT}%{libdir}
+               install -v -m 755 .libs/libcrypt.so.1.1.0 %{BUILDROOT}%{libdir}/libcrypt.so.1.1.0
+               ln -svf libcrypt.so.1.1.0 %{BUILDROOT}%{libdir}/libcrypt.so.1
+       end
+end
+
+packages
+       package %{name}
+
+       package %{name}-debuginfo
+               template DEBUGINFO
+       end
+end

diff --git a/compat-libxcrypt/patches/libxcrypt-4.4.33-hashes.patch b/compat-libxcrypt/patches/libxcrypt-4.4.33-hashes.patch
new file mode 100644 (file)
index 0000000..42f5d67
--- /dev/null
+++ b/compat-libxcrypt/patches/libxcrypt-4.4.33-hashes.patch
@@ -0,0 +1,14 @@
+diff --git a/build-aux/scripts/expand-selected-hashes b/build-aux/scripts/expand-selected-hashes
+index 10d0bcc..2558c42 100644
+--- a/build-aux/scripts/expand-selected-hashes
++++ b/build-aux/scripts/expand-selected-hashes
+@@ -50,9 +50,6 @@ sub expand_selected {
+                 push @errors, "'$w' is not a hash or group name\n";
+             }
+         }
+-        if (scalar(%enabled) == 0) {
+-            push @errors, "no hashes are enabled\n";
+-        }
+         die join q{}, @errors if @errors;
+         return keys %enabled;
+     }

diff --git a/glibc/glibc.nm b/glibc/glibc.nm
index ea59a895d53ae4e09efaa5060c084879b18251b6..07dada011279ce5cc6e5be6ecc49ac2b94f786f6 100644 (file)
--- a/glibc/glibc.nm
+++ b/glibc/glibc.nm
@@ -5,7 +5,7 @@
 
 name       = glibc
 version    = 2.36
-release    = 1
+release    = 2
 
 maintainer = Michael Tremer <michael.tremer@ipfire.org>
 groups     = System/Base
@@ -87,6 +87,7 @@ build
                --enable-add-ons \
                --enable-kernel=%{OPTIMIZED_KERNEL} \
                --disable-werror \
+               --disable-crypt \
                --enable-stack-protector=strong \
                --enable-bind-now \
                --enable-obsolete-rpc \

diff --git a/libxcrypt/libxcrypt.nm b/libxcrypt/libxcrypt.nm
new file mode 100644 (file)
index 0000000..71f4dd4
--- /dev/null
+++ b/libxcrypt/libxcrypt.nm
@@ -0,0 +1,58 @@
+###############################################################################
+# IPFire.org    - An Open Source Firewall Solution                            #
+# Copyright (C) - IPFire Development Team <info@ipfire.org>                   #
+###############################################################################
+
+name       = libxcrypt
+version    = 4.4.33
+release    = 1
+
+groups     = System/Libraries
+url        = https://github.com/besser82/libxcrypt/
+license    = LGPLv2.1
+summary    = Extended crypt library for descrypt, md5crypt, bcrypt, and others
+
+description
+       libxcrypt is a modern library for one-way hashing of passwords.
+       It supports a wide variety of both modern and historical hashing methods:
+       yescrypt, gost-yescrypt, scrypt, bcrypt, sha512crypt, sha256crypt,
+       md5crypt, SunMD5, sha1crypt, NT, bsdicrypt, bigcrypt, and descrypt.
+       It provides the traditional Unix crypt and crypt_r interfaces, as well
+       as a set of extended interfaces pioneered by Openwall Linux, crypt_rn,
+       crypt_ra, crypt_gensalt, crypt_gensalt_rn, and crypt_gensalt_ra.
+
+       libxcrypt is intended to be used by login(1), passwd(1), and other
+       similar programs; that is, to hash a small number of passwords during
+       an interactive authentication dialogue with a human.
+end
+
+source_dl  = https://github.com/besser82/libxcrypt/releases/download/v%{version}/
+sources    = %{thisapp}.tar.xz
+
+build
+       requires
+               perl
+       end
+
+       configure_options += \
+               --disable-static \
+               --enable-hashes=strong,glibc \
+               --disable-obsolete-api \
+               --disable-failure-tokens
+
+       test
+               LD_LIBRARY_PATH="%{DIR_APP}/.libs" make check
+       end
+end
+
+packages
+       package %{name}
+
+       package %{name}-devel
+               template DEVEL
+       end
+
+       package %{name}-debuginfo
+               template DEBUGINFO
+       end
+end

diff --git a/libxcrypt/patches/libxcrypt-4.4.33-hashes.patch b/libxcrypt/patches/libxcrypt-4.4.33-hashes.patch
new file mode 100644 (file)
index 0000000..42f5d67
--- /dev/null
+++ b/libxcrypt/patches/libxcrypt-4.4.33-hashes.patch
@@ -0,0 +1,14 @@
+diff --git a/build-aux/scripts/expand-selected-hashes b/build-aux/scripts/expand-selected-hashes
+index 10d0bcc..2558c42 100644
+--- a/build-aux/scripts/expand-selected-hashes
++++ b/build-aux/scripts/expand-selected-hashes
+@@ -50,9 +50,6 @@ sub expand_selected {
+                 push @errors, "'$w' is not a hash or group name\n";
+             }
+         }
+-        if (scalar(%enabled) == 0) {
+-            push @errors, "no hashes are enabled\n";
+-        }
+         die join q{}, @errors if @errors;
+         return keys %enabled;
+     }