diff options
| author | Zack Weinberg <zackw@panix.com> | 2018-06-29 16:53:18 +0200 |
|---|---|---|
| committer | Florian Weimer <fweimer@redhat.com> | 2018-06-29 16:53:18 +0200 |
| commit | b10a0accee709a5efff2fadf0b0bbb79ff0ad759 (patch) | |
| tree | 27796fe83ec5f82a8f36a36afa169fe6dddf8b27 /crypt/crypt_util.c | |
| parent | 524d796d5f52913d5d33edede74a5075dbda25ca (diff) | |
Disallow use of DES encryption functions in new programs.
The functions encrypt, setkey, encrypt_r, setkey_r, cbc_crypt,
ecb_crypt, and des_setparity should not be used in new programs,
because they use the DES block cipher, which is unacceptably weak by
modern standards. Demote all of them to compatibility symbols, and
remove their prototypes from installed headers. cbc_crypt, ecb_crypt,
and des_setparity were already compat symbols when glibc was
configured with --disable-obsolete-rpc.
POSIX requires encrypt and setkey to be available when _XOPEN_CRYPT
is defined, so this change also removes the definition of X_OPEN_CRYPT
from <unistd.h>.
The entire "DES Encryption" section is dropped from the manual, as is
the mention of AUTH_DES and FIPS 140-2 in the introduction to
crypt.texi. The documentation of 'memfrob' cross-referenced the DES
Encryption section, which is replaced by a hyperlink to libgcrypt, and
while I was in there I spruced up the actual documentation of
'memfrob' and 'strfry' a little. It's still fairly jokey, because
those functions _are_ jokes, but they do also have real use cases, so
people trying to use them for real should have all the information
they need.
DES-based authentication for Sun RPC is also insecure and should be
deprecated or even removed, but maybe that can be left as TI-RPC's
problem.
Diffstat (limited to 'crypt/crypt_util.c')
| -rw-r--r-- | crypt/crypt_util.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/crypt/crypt_util.c b/crypt/crypt_util.c index 4958918770..fbfc783751 100644 --- a/crypt/crypt_util.c +++ b/crypt/crypt_util.c @@ -34,6 +34,7 @@ #endif #include "crypt-private.h" +#include <shlib-compat.h> /* Prototypes for local functions. */ #ifndef __GNU_LIBRARY__ @@ -150,6 +151,7 @@ static const int sbox[8][4][16]= { } }; +#if SHLIB_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28) /* * This is the initial * permutation matrix @@ -160,6 +162,7 @@ static const int initial_perm[64] = { 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3, 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7 }; +#endif /* * This is the final @@ -785,6 +788,7 @@ _ufc_output_conversion_r (ufc_long v1, ufc_long v2, const char *salt, __data->crypt_3_buf[13] = 0; } +#if SHLIB_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28) /* * UNIX encrypt function. Takes a bitvector @@ -885,12 +889,14 @@ __encrypt_r (char *__block, int __edflag, } } weak_alias (__encrypt_r, encrypt_r) +compat_symbol (libcrypt, encrypt_r, encrypt_r, GLIBC_2_0); void encrypt (char *__block, int __edflag) { __encrypt_r(__block, __edflag, &_ufc_foobar); } +compat_symbol (libcrypt, encrypt, encrypt, GLIBC_2_0); /* @@ -915,12 +921,15 @@ __setkey_r (const char *__key, struct crypt_data * __restrict __data) _ufc_mk_keytab_r((char *) ktab, __data); } weak_alias (__setkey_r, setkey_r) +compat_symbol (libcrypt, setkey_r, setkey_r, GLIBC_2_0); void setkey (const char *__key) { __setkey_r(__key, &_ufc_foobar); } +compat_symbol (libcrypt, setkey, setkey, GLIBC_2_0); +#endif /* SHLIB_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28) */ void __b64_from_24bit (char **cp, int *buflen, |