about summary refs log tree commit diff
path: root/posix
diff options
context:
space:
mode:
authorZack Weinberg <zackw@panix.com>2018-06-29 16:53:18 +0200
committerFlorian Weimer <fweimer@redhat.com>2018-06-29 16:53:18 +0200
commitb10a0accee709a5efff2fadf0b0bbb79ff0ad759 (patch)
tree27796fe83ec5f82a8f36a36afa169fe6dddf8b27 /posix
parent524d796d5f52913d5d33edede74a5075dbda25ca (diff)
downloadglibc-b10a0accee709a5efff2fadf0b0bbb79ff0ad759.tar.gz
glibc-b10a0accee709a5efff2fadf0b0bbb79ff0ad759.tar.xz
glibc-b10a0accee709a5efff2fadf0b0bbb79ff0ad759.zip
Disallow use of DES encryption functions in new programs.
The functions encrypt, setkey, encrypt_r, setkey_r, cbc_crypt,
ecb_crypt, and des_setparity should not be used in new programs,
because they use the DES block cipher, which is unacceptably weak by
modern standards.  Demote all of them to compatibility symbols, and
remove their prototypes from installed headers.  cbc_crypt, ecb_crypt,
and des_setparity were already compat symbols when glibc was
configured with --disable-obsolete-rpc.

POSIX requires encrypt and setkey to be available when _XOPEN_CRYPT
is defined, so this change also removes the definition of X_OPEN_CRYPT
from <unistd.h>.

The entire "DES Encryption" section is dropped from the manual, as is
the mention of AUTH_DES and FIPS 140-2 in the introduction to
crypt.texi.  The documentation of 'memfrob' cross-referenced the DES
Encryption section, which is replaced by a hyperlink to libgcrypt, and
while I was in there I spruced up the actual documentation of
'memfrob' and 'strfry' a little.  It's still fairly jokey, because
those functions _are_ jokes, but they do also have real use cases, so
people trying to use them for real should have all the information
they need.

DES-based authentication for Sun RPC is also insecure and should be
deprecated or even removed, but maybe that can be left as TI-RPC's
problem.
Diffstat (limited to 'posix')
-rw-r--r--posix/unistd.h16
1 files changed, 3 insertions, 13 deletions
diff --git a/posix/unistd.h b/posix/unistd.h
index 4d149f9945..afb08f5186 100644
--- a/posix/unistd.h
+++ b/posix/unistd.h
@@ -107,9 +107,6 @@ __BEGIN_DECLS
 /* The X/Open Unix extensions are available.  */
 #define _XOPEN_UNIX	1
 
-/* Encryption is present.  */
-#define	_XOPEN_CRYPT	1
-
 /* The enhanced internationalization capabilities according to XPG4.2
    are present.  */
 #define	_XOPEN_ENH_I18N	1
@@ -1118,20 +1115,13 @@ ssize_t copy_file_range (int __infd, __off64_t *__pinoff,
 extern int fdatasync (int __fildes);
 #endif /* Use POSIX199309 */
 
-
-/* XPG4.2 specifies that prototypes for the encryption functions must
-   be defined here.  */
-#ifdef	__USE_XOPEN
+#ifdef __USE_MISC
 /* Encrypt at most 8 characters from KEY using salt to perturb DES.  */
 extern char *crypt (const char *__key, const char *__salt)
      __THROW __nonnull ((1, 2));
+#endif
 
-/* Encrypt data in BLOCK in place if EDFLAG is zero; otherwise decrypt
-   block in place.  */
-extern void encrypt (char *__glibc_block, int __edflag)
-     __THROW __nonnull ((1));
-
-
+#ifdef	__USE_XOPEN
 /* Swab pairs bytes in the first N bytes of the area pointed to by
    FROM and copy the result to TO.  The value of TO must not be in the
    range [FROM - N + 1, FROM - 1].  If N is odd the first byte in FROM