glibc: Update to 2.27
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
parent
4609ee24cd
commit
24e9b8ad8d
|
@ -4,8 +4,8 @@
|
|||
###############################################################################
|
||||
|
||||
name = glibc
|
||||
version = 2.26
|
||||
release = 3
|
||||
version = 2.27
|
||||
release = 1
|
||||
|
||||
maintainer = Michael Tremer <michael.tremer@ipfire.org>
|
||||
groups = System/Base
|
||||
|
@ -34,6 +34,7 @@ build
|
|||
autoconf
|
||||
automake
|
||||
binutils >= 2.27
|
||||
bison
|
||||
gcc >= 4.9
|
||||
gettext
|
||||
kernel-headers >= %{OPTIMIZED_KERNEL}
|
||||
|
|
|
@ -1,541 +0,0 @@
|
|||
Submitted By: Robert Connolly <robert at linuxfromscratch dot org> (ashes)
|
||||
Date: 2006-01-01
|
||||
Initial Package Version: 2.3.6
|
||||
Upstream Status: Not submitted
|
||||
Origin: http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/crypt/arc4random.c
|
||||
Description: This patch adds the arc4random() and arc4randomII() functions
|
||||
to Glibc, and hooks so mktemp(3) can use arc4randomII().
|
||||
|
||||
Also see:
|
||||
http://www.linuxfromscratch.org/hlfs/
|
||||
http://www.linuxfromscratch.org/hints/downloads/files/entropy.txt
|
||||
|
||||
diff -Naur glibc-2.3.6.orig/manual/arc4random.3 glibc-2.3.6/manual/arc4random.3
|
||||
--- glibc-2.3.6.orig/manual/arc4random.3 1970-01-01 00:00:00.000000000 +0000
|
||||
+++ glibc-2.3.6/manual/arc4random.3 2006-01-01 07:48:48.000000000 +0000
|
||||
@@ -0,0 +1,74 @@
|
||||
+.TH ARC4RANDOM 3 "February 11, 2005"
|
||||
+.SH NAME
|
||||
+arc4random - arc4 random number generator
|
||||
+.SH SYNOPSIS
|
||||
+.nf
|
||||
+.B #include <stdlib.h>
|
||||
+.sp
|
||||
+.I u_int32_t
|
||||
+.B arc4random(void);
|
||||
+.sp
|
||||
+.I u_int32_t
|
||||
+.B arc4randomII(void);
|
||||
+.fi
|
||||
+.SH DESCRIPTION
|
||||
+The \fBarc4random()\fP function generates a pseudo-random number using the
|
||||
+ARC4 cipher key stream generator. ARCFOUR uses 8*8 8 bit S-Boxes, and can
|
||||
+be in about (2**1700) states.
|
||||
+
|
||||
+The \fBarc4random()\fP function is seeded automatically from /dev/urandom,
|
||||
+or from sysctl \fBurandom\fP if /dev/urandom is not accessible (chroot), or from
|
||||
+sysctl random.uuid if sysctl \fBurandom\fP is not accessible. \fBgettimeofday(2)\fP
|
||||
+is always included when initializing the state of \fBarc4random()\fP, this makes
|
||||
+it impossible to generate the same random sequence twice. \fBarc4random()\fP
|
||||
+is intended to be safe to use with encryption software to provide entropy.
|
||||
+
|
||||
+The \fBarc4randomII()\fP function is identical to \fBarc4random()\fP except
|
||||
+that \fBarc4randomII()\fP is seeded automatically from /dev/erandom, and
|
||||
+sysctl erandom. \fBarc4randomII()\fP is NOT intended for cryptography, but is
|
||||
+ideal for \fBmktemp(3)\fP, and other functions with a short lifespan.
|
||||
+\fBarc4randomII()\fP and erandom do not consume any kernel entropy.
|
||||
+
|
||||
+Sysctl urandom, and erandom require a modified kernel. See:
|
||||
+http://www.linuxfromscratch.org/hlfs/
|
||||
+
|
||||
+.SH EXAMPLES
|
||||
+.TP
|
||||
+Return a random number between 0 and 100.
|
||||
+.sp
|
||||
+arc4random() % 100;
|
||||
+.TP
|
||||
+Return any random number.
|
||||
+.sp
|
||||
+arc4random();
|
||||
+.TP
|
||||
+.nf
|
||||
+Sample program; this will display a number between 0 and 65536.
|
||||
+
|
||||
+#include <stdlib.h>
|
||||
+#include <stdio.h>
|
||||
+
|
||||
+int main(void) {
|
||||
+ int random_number;
|
||||
+ random_number = arc4random() % 65536;
|
||||
+ printf("%d\n", random_number);
|
||||
+ return 0;
|
||||
+}
|
||||
+.fi
|
||||
+.SH "SEE ALSO"
|
||||
+.BR random (3),
|
||||
+.BR gettimeofday (2),
|
||||
+.BR mktemp (3)
|
||||
+
|
||||
+.SH HISTORY
|
||||
+An algorithm called RC4 was designed by RSA Data Security, Inc. It was
|
||||
+considered a trade secret, but not trademarked. Because it was a trade
|
||||
+secret, it obviously could not be patented. A clone of this was posted
|
||||
+anonymously to USENET and confirmed to be equivalent by several sources
|
||||
+who had access to the original cipher. Because of the trade secret situation,
|
||||
+RSA Data Security, Inc. can do nothing about the release of the
|
||||
+ARC4 algorithm. Since RC4 used to be a trade secret, the cipher is now
|
||||
+referred to as ARC4 (Another RC4).
|
||||
+
|
||||
+These functions first appeared in OpenBSD 2.1.
|
||||
+
|
||||
diff -Naur glibc-2.3.6.orig/stdlib/Makefile glibc-2.3.6/stdlib/Makefile
|
||||
--- glibc-2.3.6.orig/stdlib/Makefile 2005-02-16 11:23:58.000000000 +0000
|
||||
+++ glibc-2.3.6/stdlib/Makefile 2006-01-01 07:48:48.000000000 +0000
|
||||
@@ -27,7 +27,7 @@
|
||||
|
||||
routines := \
|
||||
atof atoi atol atoll \
|
||||
- abort \
|
||||
+ abort arc4random arc4randomII \
|
||||
bsearch qsort msort \
|
||||
getenv putenv setenv secure-getenv \
|
||||
exit on_exit atexit cxa_atexit cxa_finalize old_atexit \
|
||||
diff -Naur glibc-2.3.6.orig/stdlib/Versions glibc-2.3.6/stdlib/Versions
|
||||
--- glibc-2.3.6.orig/stdlib/Versions 2004-05-03 21:25:53.000000000 +0000
|
||||
+++ glibc-2.3.6/stdlib/Versions 2006-01-01 07:50:28.000000000 +0000
|
||||
@@ -11,6 +11,8 @@
|
||||
|
||||
# a*
|
||||
a64l; abort; abs; atexit; atof; atoi; atol; atoll;
|
||||
+ arc4random_stir; arc4random_addrandom; arc4random;
|
||||
+ arc4random_stirII; arc4random_addrandomII; arc4randomII;
|
||||
|
||||
# b*
|
||||
bsearch;
|
||||
diff -Naur glibc-2.3.6.orig/stdlib/arc4random.c glibc-2.3.6/stdlib/arc4random.c
|
||||
--- glibc-2.3.6.orig/stdlib/arc4random.c 1970-01-01 00:00:00.000000000 +0000
|
||||
+++ glibc-2.3.6/stdlib/arc4random.c 2006-01-01 07:48:48.000000000 +0000
|
||||
@@ -0,0 +1,205 @@
|
||||
+/*
|
||||
+ * Arc4 random number generator for OpenBSD.
|
||||
+ * Copyright 1996 David Mazieres <dm@lcs.mit.edu>.
|
||||
+ *
|
||||
+ * Modification and redistribution in source and binary forms is
|
||||
+ * permitted provided that due credit is given to the author and the
|
||||
+ * OpenBSD project by leaving this copyright notice intact.
|
||||
+ */
|
||||
+
|
||||
+/*
|
||||
+ * This code is derived from section 17.1 of Applied Cryptography,
|
||||
+ * second edition, which describes a stream cipher allegedly
|
||||
+ * compatible with RSA Labs "RC4" cipher (the actual description of
|
||||
+ * which is a trade secret). The same algorithm is used as a stream
|
||||
+ * cipher called "arcfour" in Tatu Ylonen's ssh package.
|
||||
+ *
|
||||
+ * Here the stream cipher has been modified always to include the time
|
||||
+ * when initializing the state. That makes it impossible to
|
||||
+ * regenerate the same random sequence twice, so this can't be used
|
||||
+ * for encryption, but will generate good random numbers.
|
||||
+ *
|
||||
+ * RC4 is a registered trademark of RSA Laboratories.
|
||||
+ */
|
||||
+
|
||||
+/*
|
||||
+ * Modified by Robert Connolly from OpenBSD lib/libc/crypt/arc4random.c v1.11.
|
||||
+ * This is arc4random(3) using urandom.
|
||||
+ */
|
||||
+
|
||||
+#include <fcntl.h>
|
||||
+#include <stdlib.h>
|
||||
+#include <unistd.h>
|
||||
+#include <sys/types.h>
|
||||
+#include <sys/param.h>
|
||||
+#include <sys/time.h>
|
||||
+#include <sys/sysctl.h>
|
||||
+
|
||||
+#ifdef __GNUC__
|
||||
+#define inline __inline
|
||||
+#else /* !__GNUC__ */
|
||||
+#define inline
|
||||
+#endif /* !__GNUC__ */
|
||||
+
|
||||
+struct arc4_stream {
|
||||
+ u_int8_t i;
|
||||
+ u_int8_t j;
|
||||
+ u_int8_t s[256];
|
||||
+};
|
||||
+
|
||||
+static int rs_initialized;
|
||||
+static struct arc4_stream rs;
|
||||
+static pid_t arc4_stir_pid;
|
||||
+
|
||||
+static inline u_int8_t arc4_getbyte(struct arc4_stream *);
|
||||
+
|
||||
+static inline void
|
||||
+arc4_init(struct arc4_stream *as)
|
||||
+{
|
||||
+ int n;
|
||||
+
|
||||
+ for (n = 0; n < 256; n++)
|
||||
+ as->s[n] = n;
|
||||
+ as->i = 0;
|
||||
+ as->j = 0;
|
||||
+}
|
||||
+
|
||||
+static inline void
|
||||
+arc4_addrandom(struct arc4_stream *as, u_char *dat, int datlen)
|
||||
+{
|
||||
+ int n;
|
||||
+ u_int8_t si;
|
||||
+
|
||||
+ as->i--;
|
||||
+ for (n = 0; n < 256; n++) {
|
||||
+ as->i = (as->i + 1);
|
||||
+ si = as->s[as->i];
|
||||
+ as->j = (as->j + si + dat[n % datlen]);
|
||||
+ as->s[as->i] = as->s[as->j];
|
||||
+ as->s[as->j] = si;
|
||||
+ }
|
||||
+ as->j = as->i;
|
||||
+}
|
||||
+
|
||||
+static void
|
||||
+arc4_stir(struct arc4_stream *as)
|
||||
+{
|
||||
+ int n, fd;
|
||||
+ struct {
|
||||
+ struct timeval tv;
|
||||
+ u_int rnd[(128 - sizeof(struct timeval)) / sizeof(u_int)];
|
||||
+ } rdat;
|
||||
+
|
||||
+ gettimeofday(&rdat.tv, NULL);
|
||||
+
|
||||
+ /* /dev/urandom is a multithread interface, sysctl is not. */
|
||||
+ /* Try to use /dev/urandom before sysctl. */
|
||||
+ fd = open("/dev/urandom", O_RDONLY);
|
||||
+ if (fd != -1) {
|
||||
+ read(fd, rdat.rnd, sizeof(rdat.rnd));
|
||||
+ close(fd);
|
||||
+ }
|
||||
+
|
||||
+#if defined(SYSCTL_URANDOM)
|
||||
+ else {
|
||||
+ /* /dev/urandom failed? Maybe we're in a chroot. */
|
||||
+ int mib[]={CTL_KERN, KERN_RANDOM, RANDOM_URANDOM};
|
||||
+ u_int i;
|
||||
+ size_t len;
|
||||
+
|
||||
+ for (i = 0; i < sizeof(rdat.rnd) / sizeof(u_int); i ++) {
|
||||
+ len = sizeof(u_int);
|
||||
+ if (sysctl(mib, 3, &rdat.rnd[i], &len, NULL, 0) == -1)
|
||||
+ break;
|
||||
+ }
|
||||
+ if (i < sizeof(rdat.rnd) / 4) {
|
||||
+ /* Sysctl urandom failed? Maybe we're running a vanilla kernel. */
|
||||
+ mib[2] = RANDOM_UUID;
|
||||
+ for (i = 0; i < sizeof(rdat.rnd) / sizeof(u_int); i ++) {
|
||||
+ len = sizeof(u_int);
|
||||
+ if (sysctl(mib, 3, &rdat.rnd[i], &len, NULL, 0) == -1)
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
+ arc4_stir_pid = getpid();
|
||||
+ /*
|
||||
+ * Time to give up. If no entropy could be found then we will just
|
||||
+ * use gettimeofday.
|
||||
+ */
|
||||
+ arc4_addrandom(as, (void *)&rdat, sizeof(rdat));
|
||||
+
|
||||
+ /*
|
||||
+ * Discard early keystream, as per recommendations in:
|
||||
+ * http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps
|
||||
+ * We discard 256 words. A long word is 4 bytes.
|
||||
+ */
|
||||
+ for (n = 0; n < 256 * 4; n ++)
|
||||
+ arc4_getbyte(as);
|
||||
+}
|
||||
+
|
||||
+static inline u_int8_t
|
||||
+arc4_getbyte(struct arc4_stream *as)
|
||||
+{
|
||||
+ u_int8_t si, sj;
|
||||
+
|
||||
+ as->i = (as->i + 1);
|
||||
+ si = as->s[as->i];
|
||||
+ as->j = (as->j + si);
|
||||
+ sj = as->s[as->j];
|
||||
+ as->s[as->i] = sj;
|
||||
+ as->s[as->j] = si;
|
||||
+ return (as->s[(si + sj) & 0xff]);
|
||||
+}
|
||||
+
|
||||
+static inline u_int32_t
|
||||
+arc4_getword(struct arc4_stream *as)
|
||||
+{
|
||||
+ u_int32_t val;
|
||||
+ val = arc4_getbyte(as) << 24;
|
||||
+ val |= arc4_getbyte(as) << 16;
|
||||
+ val |= arc4_getbyte(as) << 8;
|
||||
+ val |= arc4_getbyte(as);
|
||||
+ return val;
|
||||
+}
|
||||
+
|
||||
+void
|
||||
+arc4random_stir(void)
|
||||
+{
|
||||
+ if (!rs_initialized) {
|
||||
+ arc4_init(&rs);
|
||||
+ rs_initialized = 1;
|
||||
+ }
|
||||
+ arc4_stir(&rs);
|
||||
+}
|
||||
+
|
||||
+void
|
||||
+arc4random_addrandom(u_char *dat, int datlen)
|
||||
+{
|
||||
+ if (!rs_initialized)
|
||||
+ arc4random_stir();
|
||||
+ arc4_addrandom(&rs, dat, datlen);
|
||||
+}
|
||||
+
|
||||
+u_int32_t
|
||||
+arc4random(void)
|
||||
+{
|
||||
+ if (!rs_initialized || arc4_stir_pid != getpid())
|
||||
+ arc4random_stir();
|
||||
+ return arc4_getword(&rs);
|
||||
+}
|
||||
+
|
||||
+#if 0
|
||||
+/*-------- Test code --------*/
|
||||
+#include <stdlib.h>
|
||||
+#include <stdio.h>
|
||||
+
|
||||
+int main(void) {
|
||||
+ int random_number;
|
||||
+ random_number = arc4random() % 65536;
|
||||
+ printf("A random number between 0 and 65536 is %d\n", random_number);
|
||||
+ return 0;
|
||||
+}
|
||||
+#endif
|
||||
diff -Naur glibc-2.3.6.orig/stdlib/arc4randomII.c glibc-2.3.6/stdlib/arc4randomII.c
|
||||
--- glibc-2.3.6.orig/stdlib/arc4randomII.c 1970-01-01 00:00:00.000000000 +0000
|
||||
+++ glibc-2.3.6/stdlib/arc4randomII.c 2006-01-01 07:48:48.000000000 +0000
|
||||
@@ -0,0 +1,196 @@
|
||||
+/*
|
||||
+ * Arc4 random number generator for OpenBSD.
|
||||
+ * Copyright 1996 David Mazieres <dm@lcs.mit.edu>.
|
||||
+ *
|
||||
+ * Modification and redistribution in source and binary forms is
|
||||
+ * permitted provided that due credit is given to the author and the
|
||||
+ * OpenBSD project by leaving this copyright notice intact.
|
||||
+ */
|
||||
+
|
||||
+/*
|
||||
+ * This code is derived from section 17.1 of Applied Cryptography,
|
||||
+ * second edition, which describes a stream cipher allegedly
|
||||
+ * compatible with RSA Labs "RC4" cipher (the actual description of
|
||||
+ * which is a trade secret). The same algorithm is used as a stream
|
||||
+ * cipher called "arcfour" in Tatu Ylonen's ssh package.
|
||||
+ *
|
||||
+ * Here the stream cipher has been modified always to include the time
|
||||
+ * when initializing the state. That makes it impossible to
|
||||
+ * regenerate the same random sequence twice, so this can't be used
|
||||
+ * for encryption, but will generate good random numbers.
|
||||
+ *
|
||||
+ * RC4 is a registered trademark of RSA Laboratories.
|
||||
+ */
|
||||
+
|
||||
+/*
|
||||
+ * Modified by Robert Connolly from OpenBSD lib/libc/crypt/arc4random.c v1.11.
|
||||
+ * This is arc4randomII(3) using erandom.
|
||||
+ */
|
||||
+
|
||||
+#include <fcntl.h>
|
||||
+#include <stdlib.h>
|
||||
+#include <unistd.h>
|
||||
+#include <sys/types.h>
|
||||
+#include <sys/param.h>
|
||||
+#include <sys/time.h>
|
||||
+#include <sys/sysctl.h>
|
||||
+
|
||||
+#ifdef __GNUC__
|
||||
+#define inline __inline
|
||||
+#else /* !__GNUC__ */
|
||||
+#define inline
|
||||
+#endif /* !__GNUC__ */
|
||||
+
|
||||
+struct arc4_streamII {
|
||||
+ u_int8_t i;
|
||||
+ u_int8_t j;
|
||||
+ u_int8_t s[256];
|
||||
+};
|
||||
+
|
||||
+static int rs_initializedII;
|
||||
+static struct arc4_streamII rs;
|
||||
+static pid_t arc4_stir_pidII;
|
||||
+
|
||||
+static inline u_int8_t arc4_getbyteII(struct arc4_streamII *);
|
||||
+
|
||||
+static inline void
|
||||
+arc4_initII(struct arc4_streamII *as)
|
||||
+{
|
||||
+ int n;
|
||||
+
|
||||
+ for (n = 0; n < 256; n++)
|
||||
+ as->s[n] = n;
|
||||
+ as->i = 0;
|
||||
+ as->j = 0;
|
||||
+}
|
||||
+
|
||||
+static inline void
|
||||
+arc4_addrandomII(struct arc4_streamII *as, u_char *dat, int datlen)
|
||||
+{
|
||||
+ int n;
|
||||
+ u_int8_t si;
|
||||
+
|
||||
+ as->i--;
|
||||
+ for (n = 0; n < 256; n++) {
|
||||
+ as->i = (as->i + 1);
|
||||
+ si = as->s[as->i];
|
||||
+ as->j = (as->j + si + dat[n % datlen]);
|
||||
+ as->s[as->i] = as->s[as->j];
|
||||
+ as->s[as->j] = si;
|
||||
+ }
|
||||
+ as->j = as->i;
|
||||
+}
|
||||
+
|
||||
+static void
|
||||
+arc4_stirII(struct arc4_streamII *as)
|
||||
+{
|
||||
+ int n, fd;
|
||||
+ struct {
|
||||
+ struct timeval tv;
|
||||
+ u_int rnd[(128 - sizeof(struct timeval)) / sizeof(u_int)];
|
||||
+ } rdat;
|
||||
+
|
||||
+ gettimeofday(&rdat.tv, NULL);
|
||||
+
|
||||
+ /* /dev/urandom is a multithread interface, sysctl is not. */
|
||||
+ /* Try to use /dev/urandom before sysctl. */
|
||||
+ fd = open("/dev/erandom", O_RDONLY);
|
||||
+ if (fd != -1) {
|
||||
+ read(fd, rdat.rnd, sizeof(rdat.rnd));
|
||||
+ close(fd);
|
||||
+ }
|
||||
+
|
||||
+#if defined(SYSCTL_ERANDOM)
|
||||
+ else {
|
||||
+ /* /dev/urandom failed? Maybe we're in a chroot. */
|
||||
+ int mib[]={CTL_KERN, KERN_RANDOM, RANDOM_ERANDOM};
|
||||
+ u_int i;
|
||||
+ size_t len;
|
||||
+
|
||||
+ for (i = 0; i < sizeof(rdat.rnd) / sizeof(u_int); i++) {
|
||||
+ len = sizeof(u_int);
|
||||
+ if (sysctl(mib, 3, &rdat.rnd[i], &len, NULL, 0) == -1)
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
+ arc4_stir_pidII = getpid();
|
||||
+ /*
|
||||
+ * Time to give up. If no entropy could be found then we will just
|
||||
+ * use gettimeofday.
|
||||
+ */
|
||||
+ arc4_addrandomII(as, (void *)&rdat, sizeof(rdat));
|
||||
+
|
||||
+ /*
|
||||
+ * Discard early keystream, as per recommendations in:
|
||||
+ * http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps
|
||||
+ * We discard 256 words. A long word is 4 bytes.
|
||||
+ */
|
||||
+ for (n = 0; n < 256 * 4; n ++)
|
||||
+ arc4_getbyteII(as);
|
||||
+}
|
||||
+
|
||||
+static inline u_int8_t
|
||||
+arc4_getbyteII(struct arc4_streamII *as)
|
||||
+{
|
||||
+ u_int8_t si, sj;
|
||||
+
|
||||
+ as->i = (as->i + 1);
|
||||
+ si = as->s[as->i];
|
||||
+ as->j = (as->j + si);
|
||||
+ sj = as->s[as->j];
|
||||
+ as->s[as->i] = sj;
|
||||
+ as->s[as->j] = si;
|
||||
+ return (as->s[(si + sj) & 0xff]);
|
||||
+}
|
||||
+
|
||||
+static inline u_int32_t
|
||||
+arc4_getwordII(struct arc4_streamII *as)
|
||||
+{
|
||||
+ u_int32_t val;
|
||||
+ val = arc4_getbyteII(as) << 24;
|
||||
+ val |= arc4_getbyteII(as) << 16;
|
||||
+ val |= arc4_getbyteII(as) << 8;
|
||||
+ val |= arc4_getbyteII(as);
|
||||
+ return val;
|
||||
+}
|
||||
+
|
||||
+void
|
||||
+arc4random_stirII(void)
|
||||
+{
|
||||
+ if (!rs_initializedII) {
|
||||
+ arc4_initII(&rs);
|
||||
+ rs_initializedII = 1;
|
||||
+ }
|
||||
+ arc4_stirII(&rs);
|
||||
+}
|
||||
+
|
||||
+void
|
||||
+arc4random_addrandomII(u_char *dat, int datlen)
|
||||
+{
|
||||
+ if (!rs_initializedII)
|
||||
+ arc4random_stirII();
|
||||
+ arc4_addrandomII(&rs, dat, datlen);
|
||||
+}
|
||||
+
|
||||
+u_int32_t
|
||||
+arc4randomII(void)
|
||||
+{
|
||||
+ if (!rs_initializedII || arc4_stir_pidII != getpid())
|
||||
+ arc4random_stirII();
|
||||
+ return arc4_getwordII(&rs);
|
||||
+}
|
||||
+
|
||||
+#if 0
|
||||
+/*-------- Test code --------*/
|
||||
+#include <stdlib.h>
|
||||
+#include <stdio.h>
|
||||
+
|
||||
+int main(void) {
|
||||
+ int random_number;
|
||||
+ random_number = arc4randomII() % 65536;
|
||||
+ printf("A random number between 0 and 65536 is %d\n", random_number);
|
||||
+ return 0;
|
||||
+}
|
||||
+#endif
|
||||
diff -Naur glibc-2.3.6.orig/stdlib/stdlib.h glibc-2.3.6/stdlib/stdlib.h
|
||||
--- glibc-2.3.6.orig/stdlib/stdlib.h 2005-07-18 01:15:30.000000000 +0000
|
||||
+++ glibc-2.3.6/stdlib/stdlib.h 2006-01-01 07:48:48.000000000 +0000
|
||||
@@ -572,6 +572,15 @@
|
||||
extern int lcong48_r (unsigned short int __param[7],
|
||||
struct drand48_data *__buffer)
|
||||
__THROW __nonnull ((1, 2));
|
||||
+
|
||||
+#define LIBC_HAS_ARC4RANDOM
|
||||
+u_int32_t arc4random(void);
|
||||
+void arc4random_stir(void);
|
||||
+void arc4random_addrandom(unsigned char *, int);
|
||||
+u_int32_t arc4randomII(void);
|
||||
+void arc4random_stirII(void);
|
||||
+void arc4random_addrandomII(unsigned char *, int);
|
||||
+
|
||||
# endif /* Use misc. */
|
||||
#endif /* Use SVID or X/Open. */
|
|
@ -1,40 +0,0 @@
|
|||
Submitted By: Robert Connolly <robert at linuxfromscratch dot org> (ashes)
|
||||
Date: 2006-10-11
|
||||
Initial Package Version: 2.5
|
||||
Upstream Status: Not submitted - PaX specific. Will not be accepted upstream.
|
||||
Origin: http://www.gtlib.cc.gatech.edu/pub/gentoo/gentoo-x86-portage/sys-libs/ \
|
||||
glibc/files/2.3.3/glibc-2.3.3_pre20040117-pt_pax.diff
|
||||
Description: This is needed for Pax. http://pax.grsecurity.net/
|
||||
Also see:
|
||||
http://www.linuxfromscratch.org/hlfs/
|
||||
|
||||
diff -Naur glibc-2.5.orig/elf/elf.h glibc-2.5/elf/elf.h
|
||||
--- glibc-2.5.orig/elf/elf.h 2006-07-10 21:54:02.000000000 +0000
|
||||
+++ glibc-2.5/elf/elf.h 2006-10-11 21:30:02.000000000 +0000
|
||||
@@ -569,6 +569,7 @@
|
||||
#define PT_GNU_EH_FRAME 0x6474e550 /* GCC .eh_frame_hdr segment */
|
||||
#define PT_GNU_STACK 0x6474e551 /* Indicates stack executability */
|
||||
#define PT_GNU_RELRO 0x6474e552 /* Read-only after relocation */
|
||||
+#define PT_PAX_FLAGS 0x65041580 /* Indicates PaX flag markings */
|
||||
#define PT_LOSUNW 0x6ffffffa
|
||||
#define PT_SUNWBSS 0x6ffffffa /* Sun Specific segment */
|
||||
#define PT_SUNWSTACK 0x6ffffffb /* Stack segment */
|
||||
@@ -582,6 +583,18 @@
|
||||
#define PF_X (1 << 0) /* Segment is executable */
|
||||
#define PF_W (1 << 1) /* Segment is writable */
|
||||
#define PF_R (1 << 2) /* Segment is readable */
|
||||
+#define PF_PAGEEXEC (1 << 4) /* Enable PAGEEXEC */
|
||||
+#define PF_NOPAGEEXEC (1 << 5) /* Disable PAGEEXEC */
|
||||
+#define PF_SEGMEXEC (1 << 6) /* Enable SEGMEXEC */
|
||||
+#define PF_NOSEGMEXEC (1 << 7) /* Disable SEGMEXEC */
|
||||
+#define PF_MPROTECT (1 << 8) /* Enable MPROTECT */
|
||||
+#define PF_NOMPROTECT (1 << 9) /* Disable MPROTECT */
|
||||
+#define PF_RANDEXEC (1 << 10) /* Enable RANDEXEC */
|
||||
+#define PF_NORANDEXEC (1 << 11) /* Disable RANDEXEC */
|
||||
+#define PF_EMUTRAMP (1 << 12) /* Enable EMUTRAMP */
|
||||
+#define PF_NOEMUTRAMP (1 << 13) /* Disable EMUTRAMP */
|
||||
+#define PF_RANDMMAP (1 << 14) /* Enable RANDMMAP */
|
||||
+#define PF_NORANDMMAP (1 << 15) /* Disable RANDMMAP */
|
||||
#define PF_MASKOS 0x0ff00000 /* OS-specific */
|
||||
#define PF_MASKPROC 0xf0000000 /* Processor-specific */
|
||||
|
|
@ -1,42 +0,0 @@
|
|||
2012-11-11 Magnus Granberg <zorry@gentoo.org>
|
||||
|
||||
#442712
|
||||
* Makeconfig (+link): Set to +link-pie.
|
||||
(+link-static-before-libc): Change $(static-start-installed-name) to
|
||||
S$(static-start-installed-name).
|
||||
(+prector): Set to +prectorS.
|
||||
(+postctor): Set to +postctorS.
|
||||
|
||||
--- libc/Makeconfig
|
||||
+++ libc/Makeconfig
|
||||
@@ -447,11 +447,12 @@
|
||||
$(common-objpfx)libc% $(+postinit),$^) \
|
||||
$(link-extra-libs) $(link-libc) $(+postctorS) $(+postinit)
|
||||
endif
|
||||
++link = $(+link-pie)
|
||||
# Command for statically linking programs with the C library.
|
||||
ifndef +link-static
|
||||
+link-static-before-libc = $(CC) -nostdlib -nostartfiles -static -o $@ \
|
||||
$(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \
|
||||
- $(addprefix $(csu-objpfx),$(static-start-installed-name)) \
|
||||
+ $(addprefix $(csu-objpfx),S$(static-start-installed-name)) \
|
||||
$(+preinit) $(+prectorT) \
|
||||
$(filter-out $(addprefix $(csu-objpfx),start.o \
|
||||
$(start-installed-name))\
|
||||
@@ -549,11 +550,10 @@
|
||||
ifeq ($(elf),yes)
|
||||
+preinit = $(addprefix $(csu-objpfx),crti.o)
|
||||
+postinit = $(addprefix $(csu-objpfx),crtn.o)
|
||||
-+prector = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbegin.o`
|
||||
-+postctor = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtend.o`
|
||||
-# Variants of the two previous definitions for linking PIE programs.
|
||||
+prectorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbeginS.o`
|
||||
+postctorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtendS.o`
|
||||
++prector = $(+prectorS)
|
||||
++postctor = $(+postctorS)
|
||||
# Variants of the two previous definitions for statically linking programs.
|
||||
+prectorT = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbeginT.o`
|
||||
+postctorT = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtend.o`
|
||||
+interp = $(addprefix $(elf-objpfx),interp.os)
|
||||
endif
|
||||
csu-objpfx = $(common-objpfx)csu/
|
|
@ -1,20 +0,0 @@
|
|||
diff -Nrup a/elf/dl-load.c b/elf/dl-load.c
|
||||
--- a/elf/dl-load.c 2012-06-06 13:07:41.727524312 -0600
|
||||
+++ b/elf/dl-load.c 2012-06-06 13:11:19.308681002 -0600
|
||||
@@ -2093,10 +2093,14 @@ _dl_map_object (struct link_map *loader,
|
||||
soname = ((const char *) D_PTR (l, l_info[DT_STRTAB])
|
||||
+ l->l_info[DT_SONAME]->d_un.d_val);
|
||||
if (strcmp (name, soname) != 0)
|
||||
- continue;
|
||||
+#ifdef __arm__
|
||||
+ if (strcmp (name, "ld-linux.so.3")
|
||||
+ || strcmp (soname, "ld-linux-armhf.so.3"))
|
||||
+#endif
|
||||
+ continue;
|
||||
|
||||
/* We have a match on a new name -- cache it. */
|
||||
- add_name_to_object (l, soname);
|
||||
+ add_name_to_object (l, name);
|
||||
l->l_soname_added = 1;
|
||||
}
|
||||
|
|
@ -1,67 +0,0 @@
|
|||
diff --git a/sysdeps/x86_64/multiarch/memcpy-ssse3-back.S b/sysdeps/x86_64/multiarch/memcpy-ssse3-back.S
|
||||
index b4890f4..4b717d9 100644
|
||||
--- a/sysdeps/x86_64/multiarch/memcpy-ssse3-back.S
|
||||
+++ b/sysdeps/x86_64/multiarch/memcpy-ssse3-back.S
|
||||
@@ -48,8 +48,10 @@
|
||||
.section .text.ssse3,"ax",@progbits
|
||||
#if !defined USE_AS_MEMPCPY && !defined USE_AS_MEMMOVE
|
||||
ENTRY (MEMPCPY_CHK)
|
||||
+#ifdef _FORTIFY_SOURCE
|
||||
cmpq %rdx, %rcx
|
||||
jb HIDDEN_JUMPTARGET (__chk_fail)
|
||||
+#endif
|
||||
END (MEMPCPY_CHK)
|
||||
|
||||
ENTRY (MEMPCPY)
|
||||
@@ -61,8 +63,10 @@ END (MEMPCPY)
|
||||
|
||||
#if !defined USE_AS_BCOPY
|
||||
ENTRY (MEMCPY_CHK)
|
||||
+#ifdef _FORTIFY_SOURCE
|
||||
cmpq %rdx, %rcx
|
||||
jb HIDDEN_JUMPTARGET (__chk_fail)
|
||||
+#endif
|
||||
END (MEMCPY_CHK)
|
||||
#endif
|
||||
|
||||
diff --git a/sysdeps/x86_64/multiarch/memcpy-ssse3.S b/sysdeps/x86_64/multiarch/memcpy-ssse3.S
|
||||
index 1ca88c0..a2f140b 100644
|
||||
--- a/sysdeps/x86_64/multiarch/memcpy-ssse3.S
|
||||
+++ b/sysdeps/x86_64/multiarch/memcpy-ssse3.S
|
||||
@@ -48,8 +48,10 @@
|
||||
.section .text.ssse3,"ax",@progbits
|
||||
#if !defined USE_AS_MEMPCPY && !defined USE_AS_MEMMOVE
|
||||
ENTRY (MEMPCPY_CHK)
|
||||
+#ifdef _FORTIFY_SOURCE
|
||||
cmpq %rdx, %rcx
|
||||
jb HIDDEN_JUMPTARGET (__chk_fail)
|
||||
+#endif
|
||||
END (MEMPCPY_CHK)
|
||||
|
||||
ENTRY (MEMPCPY)
|
||||
@@ -61,8 +63,10 @@ END (MEMPCPY)
|
||||
|
||||
#if !defined USE_AS_BCOPY
|
||||
ENTRY (MEMCPY_CHK)
|
||||
+#ifdef _FORTIFY_SOURCE
|
||||
cmpq %rdx, %rcx
|
||||
jb HIDDEN_JUMPTARGET (__chk_fail)
|
||||
+#endif
|
||||
END (MEMCPY_CHK)
|
||||
#endif
|
||||
|
||||
diff --git a/sysdeps/x86_64/multiarch/memset-avx512-no-vzeroupper.S b/sysdeps/x86_64/multiarch/memset-avx512-no-vzeroupper.S
|
||||
index 9687df0..2d0abee 100644
|
||||
--- a/sysdeps/x86_64/multiarch/memset-avx512-no-vzeroupper.S
|
||||
+++ b/sysdeps/x86_64/multiarch/memset-avx512-no-vzeroupper.S
|
||||
@@ -29,8 +29,10 @@
|
||||
.section .text.avx512,"ax",@progbits
|
||||
#if defined PIC
|
||||
ENTRY (MEMSET_CHK)
|
||||
+#ifdef _FORTIFY_SOURCE
|
||||
cmpq %rdx, %rcx
|
||||
jb HIDDEN_JUMPTARGET (__chk_fail)
|
||||
+#endif
|
||||
END (MEMSET_CHK)
|
||||
#endif
|
||||
|
|
@ -1,79 +0,0 @@
|
|||
#
|
||||
# Upstream discussions:
|
||||
# https://sourceware.org/ml/libc-alpha/2014-02/msg00580.html
|
||||
#
|
||||
# Based on the following commit:
|
||||
#
|
||||
# From 16552c01a66633c9e412984d9d92616bd4e5303c Mon Sep 17 00:00:00 2001
|
||||
# From: Andreas Schwab <schwab@redhat.com>
|
||||
# Date: Fri, 11 Jun 2010 11:04:11 +0200
|
||||
# Subject: [PATCH] Properly set __libc_multiple_libcs
|
||||
#
|
||||
# * elf/rtld.c (_dl_starting_up): Always define.
|
||||
# (dl_main): Always set _dl_starting_up.
|
||||
# * elf/dl-support.c (_dl_starting_up): Always define.
|
||||
# * elf/dl-init.c (_dl_init): Always clear _dl_starting_up.
|
||||
#
|
||||
# ---
|
||||
# ChangeLog | 7 +++++++
|
||||
# elf/dl-init.c | 4 ----
|
||||
# elf/dl-support.c | 2 --
|
||||
# elf/rtld.c | 4 ----
|
||||
# 4 files changed, 7 insertions(+), 10 deletions(-)
|
||||
#
|
||||
diff -urN glibc-2.20-205-ga39208b/elf/dl-init.c glibc-2.20-205-ga39208b.mod/elf/dl-init.c
|
||||
--- glibc-2.20-205-ga39208b/elf/dl-init.c 2014-11-21 16:08:32.744913590 -0500
|
||||
+++ glibc-2.20-205-ga39208b.mod/elf/dl-init.c 2014-11-21 16:09:42.485708197 -0500
|
||||
@@ -119,8 +119,6 @@
|
||||
while (i-- > 0)
|
||||
call_init (main_map->l_initfini[i], argc, argv, env);
|
||||
|
||||
-#ifndef HAVE_INLINED_SYSCALLS
|
||||
/* Finished starting up. */
|
||||
_dl_starting_up = 0;
|
||||
-#endif
|
||||
}
|
||||
diff -urN glibc-2.20-205-ga39208b/elf/dl-support.c glibc-2.20-205-ga39208b.mod/elf/dl-support.c
|
||||
--- glibc-2.20-205-ga39208b/elf/dl-support.c 2014-11-19 14:35:03.000000000 -0500
|
||||
+++ glibc-2.20-205-ga39208b.mod/elf/dl-support.c 2014-11-21 16:09:54.829671843 -0500
|
||||
@@ -118,10 +118,8 @@
|
||||
.r_nlist = 1,
|
||||
};
|
||||
|
||||
-#ifndef HAVE_INLINED_SYSCALLS
|
||||
/* Nonzero during startup. */
|
||||
int _dl_starting_up = 1;
|
||||
-#endif
|
||||
|
||||
/* Random data provided by the kernel. */
|
||||
void *_dl_random;
|
||||
diff -urN glibc-2.20-205-ga39208b/elf/rtld.c glibc-2.20-205-ga39208b.mod/elf/rtld.c
|
||||
--- glibc-2.20-205-ga39208b/elf/rtld.c 2014-11-21 16:08:32.745913587 -0500
|
||||
+++ glibc-2.20-205-ga39208b.mod/elf/rtld.c 2014-11-21 16:09:05.614816785 -0500
|
||||
@@ -107,7 +107,6 @@
|
||||
struct audit_list *next;
|
||||
} *audit_list;
|
||||
|
||||
-#ifndef HAVE_INLINED_SYSCALLS
|
||||
/* Set nonzero during loading and initialization of executable and
|
||||
libraries, cleared before the executable's entry point runs. This
|
||||
must not be initialized to nonzero, because the unused dynamic
|
||||
@@ -117,7 +116,6 @@
|
||||
never be called. */
|
||||
int _dl_starting_up = 0;
|
||||
rtld_hidden_def (_dl_starting_up)
|
||||
-#endif
|
||||
|
||||
/* This is the structure which defines all variables global to ld.so
|
||||
(except those which cannot be added for some reason). */
|
||||
@@ -776,10 +774,8 @@
|
||||
/* Process the environment variable which control the behaviour. */
|
||||
process_envvars (&mode);
|
||||
|
||||
-#ifndef HAVE_INLINED_SYSCALLS
|
||||
/* Set up a flag which tells we are just starting. */
|
||||
_dl_starting_up = 1;
|
||||
-#endif
|
||||
|
||||
if (*user_entry == (ElfW(Addr)) ENTRY_POINT)
|
||||
{
|
|
@ -1,11 +0,0 @@
|
|||
diff -Nrup a/localedata/Makefile b/localedata/Makefile
|
||||
--- a/localedata/Makefile 2012-06-05 07:42:49.000000000 -0600
|
||||
+++ b/localedata/Makefile 2012-06-07 12:15:21.776318827 -0600
|
||||
@@ -211,6 +211,7 @@ $(INSTALL-SUPPORTED-LOCALES): install-lo
|
||||
echo -n '...'; \
|
||||
input=`echo $$locale | sed 's/\([^.]*\)[^@]*\(.*\)/\1\2/'`; \
|
||||
$(LOCALEDEF) --alias-file=../intl/locale.alias \
|
||||
+ --no-archive \
|
||||
-i locales/$$input -c -f charmaps/$$charset \
|
||||
$(addprefix --prefix=,$(install_root)) $$locale; \
|
||||
echo ' done'; \
|
|
@ -1,51 +0,0 @@
|
|||
This is a part of commit glibc-2.3.3-1492-ga891c7b,
|
||||
needed for fedora/build-locale-archive.c only.
|
||||
|
||||
diff -Nrup a/ChangeLog.17 b/ChangeLog.17
|
||||
--- a/ChangeLog.17 2012-06-05 07:42:49.000000000 -0600
|
||||
+++ b/ChangeLog.17 2012-06-07 12:15:21.564319619 -0600
|
||||
@@ -11818,6 +11829,10 @@ d2009-10-30 Ulrich Drepper <drepper@re
|
||||
[BZ #4368]
|
||||
* stdlib/stdlib.h: Remove obsolete part of comment for realpath.
|
||||
|
||||
+2007-04-16 Jakub Jelinek <jakub@redhat.com>
|
||||
+
|
||||
+ * locale/programs/locarchive.c (add_alias, insert_name): Remove static.
|
||||
+
|
||||
2007-04-16 Ulrich Drepper <drepper@redhat.com>
|
||||
|
||||
[BZ #4364]
|
||||
diff -Nrup a/locale/programs/locarchive.c b/locale/programs/locarchive.c
|
||||
--- a/locale/programs/locarchive.c 2012-06-05 07:42:49.000000000 -0600
|
||||
+++ b/locale/programs/locarchive.c 2012-06-07 12:15:21.585319540 -0600
|
||||
@@ -252,9 +252,9 @@ oldlocrecentcmp (const void *a, const vo
|
||||
/* forward decls for below */
|
||||
static uint32_t add_locale (struct locarhandle *ah, const char *name,
|
||||
locale_data_t data, bool replace);
|
||||
-static void add_alias (struct locarhandle *ah, const char *alias,
|
||||
- bool replace, const char *oldname,
|
||||
- uint32_t *locrec_offset_p);
|
||||
+void add_alias (struct locarhandle *ah, const char *alias,
|
||||
+ bool replace, const char *oldname,
|
||||
+ uint32_t *locrec_offset_p);
|
||||
|
||||
|
||||
static bool
|
||||
@@ -635,7 +635,7 @@ close_archive (struct locarhandle *ah)
|
||||
#include "../../intl/explodename.c"
|
||||
#include "../../intl/l10nflist.c"
|
||||
|
||||
-static struct namehashent *
|
||||
+struct namehashent *
|
||||
insert_name (struct locarhandle *ah,
|
||||
const char *name, size_t name_len, bool replace)
|
||||
{
|
||||
@@ -693,7 +693,7 @@ insert_name (struct locarhandle *ah,
|
||||
return &namehashtab[idx];
|
||||
}
|
||||
|
||||
-static void
|
||||
+void
|
||||
add_alias (struct locarhandle *ah, const char *alias, bool replace,
|
||||
const char *oldname, uint32_t *locrec_offset_p)
|
||||
{
|
|
@ -1,12 +0,0 @@
|
|||
diff -Nrup a/nscd/nscd.conf b/nscd/nscd.conf
|
||||
--- a/nscd/nscd.conf 2012-06-05 07:42:49.000000000 -0600
|
||||
+++ b/nscd/nscd.conf 2012-06-07 12:15:21.818318670 -0600
|
||||
@@ -33,7 +33,7 @@
|
||||
# logfile /var/log/nscd.log
|
||||
# threads 4
|
||||
# max-threads 32
|
||||
-# server-user nobody
|
||||
+ server-user nscd
|
||||
# stat-user somebody
|
||||
debug-level 0
|
||||
# reload-count 5
|
|
@ -1,29 +0,0 @@
|
|||
--- a/nscd/nscd.service
|
||||
+++ b/nscd/nscd.service
|
||||
@@ -2,6 +2,7 @@
|
||||
|
||||
[Unit]
|
||||
Description=Name Service Cache Daemon
|
||||
+After=syslog.target
|
||||
|
||||
[Service]
|
||||
Type=forking
|
||||
@@ -17,3 +18,4 @@
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
+Also=nscd.socket
|
||||
diff --git a/nscd/nscd.socket b/nscd/nscd.socket
|
||||
new file mode 100644
|
||||
index 0000000..7e512d5
|
||||
--- /dev/null
|
||||
+++ b/nscd/nscd.socket
|
||||
@@ -0,0 +1,8 @@
|
||||
+[Unit]
|
||||
+Description=Name Service Cache Daemon Socket
|
||||
+
|
||||
+[Socket]
|
||||
+ListenDatagram=/var/run/nscd/socket
|
||||
+
|
||||
+[Install]
|
||||
+WantedBy=sockets.target
|
Loading…
Reference in New Issue