about summary refs log tree commit diff
path: root/src/crypt
Commit message (Collapse)AuthorAgeFilesLines
* reduce spurious inclusion of libc.hRich Felker2018-09-121-1/+0
| | | | | | | | | | | | | | | | | | | | | libc.h was intended to be a header for access to global libc state and related interfaces, but ended up included all over the place because it was the way to get the weak_alias macro. most of the inclusions removed here are places where weak_alias was needed. a few were recently introduced for hidden. some go all the way back to when libc.h defined CANCELPT_BEGIN and _END, and all (wrongly implemented) cancellation points had to include it. remaining spurious users are mostly callers of the LOCK/UNLOCK macros and files that use the LFS64 macro to define the awful *64 aliases. in a few places, new inclusion of libc.h is added because several internal headers no longer implicitly include libc.h. declarations for __lockfile and __unlockfile are moved from libc.h to stdio_impl.h so that the latter does not need libc.h. putting them in libc.h made no sense at all, since the macros in stdio_impl.h are needed to use them correctly anyway.
* apply hidden visibility to various remaining internal interfacesRich Felker2018-09-121-3/+3
|
* overhaul internally-public declarations using wrapper headersRich Felker2018-09-122-10/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | commits leading up to this one have moved the vast majority of libc-internal interface declarations to appropriate internal headers, allowing them to be type-checked and setting the stage to limit their visibility. the ones that have not yet been moved are mostly namespace-protected aliases for standard/public interfaces, which exist to facilitate implementing plain C functions in terms of POSIX functionality, or C or POSIX functionality in terms of extensions that are not standardized. some don't quite fit this description, but are "internally public" interfacs between subsystems of libc. rather than create a number of newly-named headers to declare these functions, and having to add explicit include directives for them to every source file where they're needed, I have introduced a method of wrapping the corresponding public headers. parallel to the public headers in $(srcdir)/include, we now have wrappers in $(srcdir)/src/include that come earlier in the include path order. they include the public header they're wrapping, then add declarations for namespace-protected versions of the same interfaces and any "internally public" interfaces for the subsystem they correspond to. along these lines, the wrapper for features.h is now responsible for the definition of the hidden, weak, and weak_alias macros. this means source files will no longer need to include any special headers to access these features. over time, it is my expectation that the scope of what is "internally public" will expand, reducing the number of source files which need to include *_impl.h and related headers down to those which are actually implementing the corresponding subsystems, not just using them.
* add crypt_des header for declarations shared with encrypt functionRich Felker2018-09-123-12/+16
|
* in crypt-sha*, reject excessive rounds as error rather than clampingRich Felker2016-02-162-2/+2
| | | | | | | | | the reference implementation clamps rounds to [1000,999999999]. we further limited rounds to at most 9999999 as a defense against extreme run times, but wrongly clamped instead of treating out-of-bounds values as an error, thereby producing implementation-specific hash results. fixing this should not break anything since values of rounds this high are not useful anyway.
* add legacy functions setkey() and encrypt()Timo Teräs2014-02-052-6/+66
|
* comment potentially-confusing use of struct crypt_data typeRich Felker2013-04-202-1/+10
|
* make some arrays constrofl0r2013-02-023-3/+3
| | | | this way they'll go into .rodata, decreasing memory pressure.
* in crypt_des change unnecessary union keybuf into unsigned char[]Szabolcs Nagy2013-01-131-11/+8
| | | | | | original FreeSec code accessed keybuf as uint32* and uint8* as well (incorrectly), this got fixed with an union, but then it seems the uint32* access is no longer needed so the code can be simplified
* crypt: fix the prototype of md5_sum, sha256_sum and sha512_sumSzabolcs Nagy2013-01-133-3/+3
| | | | | | the internal sha2 hash sum functions had incorrect array size in the prototype for the message digest argument, fixed by using pointer so it is not misleading
* add crypt_md5 password hashRich Felker2012-09-152-2/+285
| | | | contributed by nsz
* revert low rounds-count limits in crypt hashesRich Felker2012-09-154-4/+4
| | | | | | | | | | | | | | | it was determined in discussion that these kind of limits are not sufficient to protect single-threaded servers against denial of service attacks from maliciously large round counts. the time scales simply vary too much; many users will want login passwords with rounds counts on a scale that gives decisecond latency, while highly loaded webservers will need millisecond latency or shorter. still some limit is left in place; the idea is not to protect against attacks, but to avoid the runtime of a single call to crypt being, for all practical purposes, infinite, so that configuration errors can be caught and fixed without bringing down whole systems. these limits are very high, on the order of minute-long runtimes for modest systems.
* cleanup src/linux and src/misc trees, etc.Rich Felker2012-09-076-0/+2553
previously, it was pretty much random which one of these trees a given function appeared in. they have now been organized into: src/linux: non-POSIX linux syscalls (possibly shard with other nixen) src/legacy: various obsolete/legacy functions, mostly wrappers src/misc: still mostly uncategorized; some misc POSIX, some nonstd src/crypt: crypt hash functions further cleanup will be done later.