mirror of
https://sourceware.org/git/glibc.git
synced 2024-11-27 03:33:33 +08:00
posix: Revert the removal of the crypt prototype from <unistd.h>
Many applications still rely on this prototype. Rebuilds without this prototype result in an implicit function declaration, which can introduce security vulnerabilities due to 32-bit pointer truncation.
This commit is contained in:
parent
780c339202
commit
5d7f1bce7d
5
NEWS
5
NEWS
@ -52,7 +52,10 @@ Deprecated and removed features, and other changes affecting compatibility:
|
||||
* libcrypt has been removed from the GNU C Library. The configure
|
||||
options "--enable-crypt" and "--enable-nss-crypt" are no longer
|
||||
available. <crypt.h>, libcrypt.a, and libcrypt.so.1 will not be
|
||||
installed, and <unistd.h> will not declare the crypt function.
|
||||
installed. For now <unistd.h> continues to declare the crypt
|
||||
function by default, to avoid introducing vulnerabilities into
|
||||
existing applications due to a missing prototype. This declaration
|
||||
is deprecated and may be removed in a future glibc release.
|
||||
|
||||
The replacement for libcrypt is libxcrypt, maintained separately from
|
||||
GNU libc, but available under compatible licensing terms, and providing
|
||||
|
@ -1150,6 +1150,19 @@ ssize_t copy_file_range (int __infd, __off64_t *__pinoff,
|
||||
extern int fdatasync (int __fildes);
|
||||
#endif /* Use POSIX199309 */
|
||||
|
||||
#ifdef __USE_MISC
|
||||
/* One-way hash PHRASE, returning a string suitable for storage in the
|
||||
user database. SALT selects the one-way function to use, and
|
||||
ensures that no two users' hashes are the same, even if they use
|
||||
the same passphrase. The return value points to static storage
|
||||
which will be overwritten by the next call to crypt.
|
||||
|
||||
This declaration is deprecated; applications should include
|
||||
<crypt.h> instead. */
|
||||
extern char *crypt (const char *__key, const char *__salt)
|
||||
__THROW __nonnull ((1, 2));
|
||||
#endif
|
||||
|
||||
#ifdef __USE_XOPEN
|
||||
/* Swab pairs bytes in the first N bytes of the area pointed to by
|
||||
FROM and copy the result to TO. The value of TO must not be in the
|
||||
|
Loading…
Reference in New Issue
Block a user