import argon2-20190702-6.el10

2 months ago · 43f5186ace
commit 43f5186ace
6 changed files with 304 additions and 0 deletions
--- a/.argon2.metadata
+++ b/.argon2.metadata
@ -0,0 +1 @@
 967dc39116510fbba2c13e924883651929af5e95  SOURCES/phc-winner-argon2-20190702-62358ba.tar.gz
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
 SOURCES/phc-winner-argon2-20190702-62358ba.tar.gz
--- a/SOURCES/README.md
+++ b/SOURCES/README.md
@ -0,0 +1,3 @@
 # argon2
 The password-hashing tools
--- a/SOURCES/argon2-Use-explicit_bzero-on-recent-glibc-versions.patch
+++ b/SOURCES/argon2-Use-explicit_bzero-on-recent-glibc-versions.patch
@ -0,0 +1,51 @@
 From fea3943adadf6527d1e839a2953e9591896e628d Mon Sep 17 00:00:00 2001
 From: "Maciej S. Szmigiero" <mail@maciej.szmigiero.name>
 Date: Tue, 5 Mar 2019 14:30:22 +0100
 Subject: [PATCH] Use explicit_bzero() on recent glibc versions
 glibc 2.25+ has explicit_bzero(), so we can use it to securely wipe memory
 instead of hacking our own memset-based replacement, just like we already
 do on OpenBSD.
 ---
 src/core.c | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)
 diff --git a/src/core.c b/src/core.c
 index 8781852..8361175 100644
 --- a/src/core.c
 +++ b/src/core.c
@@ -25,6 +25,9 @@
 #endif
 #define VC_GE_2005(version) (version >= 1400)
 +/* for explicit_bzero() on glibc */
 +#define _DEFAULT_SOURCE
 +
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -120,12 +123,20 @@ void free_memory(const argon2_context *context, uint8_t *memory,
     }
 }
 +#if defined(__OpenBSD__)
 +#define HAVE_EXPLICIT_BZERO 1
 +#elif defined(__GLIBC__) && defined(__GLIBC_PREREQ)
 +#if __GLIBC_PREREQ(2,25)
 +#define HAVE_EXPLICIT_BZERO 1
 +#endif
 +#endif
 +
 void NOT_OPTIMIZED secure_wipe_memory(void *v, size_t n) {
 #if defined(_MSC_VER) && VC_GE_2005(_MSC_VER)
     SecureZeroMemory(v, n);
 #elif defined memset_s
     memset_s(v, n, 0, n);
 -#elif defined(__OpenBSD__)
 +#elif defined(HAVE_EXPLICIT_BZERO)
     explicit_bzero(v, n);
 #else
     static void *(*const volatile memset_sec)(void *, int, size_t) = &memset;
 -- 
 2.20.1
--- a/SOURCES/argon2-Wait-for-already-running-threads-if-a-thread-creatio.patch
+++ b/SOURCES/argon2-Wait-for-already-running-threads-if-a-thread-creatio.patch
@ -0,0 +1,42 @@
 From cfa4385e728116989ad88b4be7c23b4868422778 Mon Sep 17 00:00:00 2001
 From: Milan Broz <gmazyland@gmail.com>
 Date: Mon, 11 Mar 2019 21:21:57 +0100
 Subject: [PATCH] Wait for already running threads if a thread creation
 failed.
 On memory-constrained systems (like cgroups limited processes)
 thread creation often fails.
 The code needs to wait for already running threads on error path;
 otherwise these threads can access deallocated memory
 (and cause a segfault or another crash).
 ---
 src/core.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)
 diff --git a/src/core.c b/src/core.c
 index 8361175..65f0537 100644
 --- a/src/core.c
 +++ b/src/core.c
@@ -310,7 +310,7 @@ static int fill_memory_blocks_mt(argon2_instance_t *instance) {
     for (r = 0; r < instance->passes; ++r) {
         for (s = 0; s < ARGON2_SYNC_POINTS; ++s) {
 -            uint32_t l;
 +            uint32_t l, ll;
             /* 2. Calling threads */
             for (l = 0; l < instance->lanes; ++l) {
@@ -335,6 +335,9 @@ static int fill_memory_blocks_mt(argon2_instance_t *instance) {
                        sizeof(argon2_position_t));
                 if (argon2_thread_create(&thread[l], &fill_segment_thr,
                                          (void *)&thr_data[l])) {
 +                    /* Wait for already running threads */
 +                    for (ll = 0; ll < l; ++ll)
 +                        argon2_thread_join(thread[ll]);
                     rc = ARGON2_THREAD_FAIL;
                     goto fail;
                 }
 -- 
 2.20.1
--- a/SPECS/argon2.spec
+++ b/SPECS/argon2.spec
@ -0,0 +1,206 @@
 # remirepo/fedora spec file for argon2
 #
 # Copyright (c) 2017-2018 Remi Collet
 # License: CC-BY-SA
 # http://creativecommons.org/licenses/by-sa/4.0/
 #
 # Please, preserve the changelog entries
 #
 %global libname      libargon2
 %global gh_commit    62358ba2123abd17fccf2a108a301d4b52c01a7c
 %global gh_short     %(c=%{gh_commit}; echo ${c:0:7})
 %global gh_owner     P-H-C
 %global gh_project   phc-winner-argon2
 %global soname       1
 %global upstream_version 20190702
 #global upstream_prever  RC1
 Name:    argon2
 Version: %{upstream_version}%{?upstream_prever:~%{upstream_prever}}
 Release: 6%{?dist}
 Summary: The password-hashing tools
 License: CC0-1.0 OR Apache-2.0
 URL:     https://github.com/%{gh_owner}/%{gh_project}
 Source0: https://github.com/%{gh_owner}/%{gh_project}/archive/%{gh_commit}/%{gh_project}-%{upstream_version}%{?upstream_prever}-%{gh_short}.tar.gz
 BuildRequires: gcc
 BuildRequires: make
 Requires: %{libname}%{?_isa} = %{version}-%{release}
 %description
 Argon2 is a password-hashing function that summarizes the state of the art
 in the design of memory-hard functions and can be used to hash passwords
 for credential storage, key derivation, or other applications.
 It has a simple design aimed at the highest memory filling rate and
 effective use of multiple computing units, while still providing defense
 against tradeoff attacks (by exploiting the cache and memory organization
 of the recent processors).
 Argon2 has three variants: Argon2i, Argon2d, and Argon2id.
 * Argon2d is faster and uses data-depending memory access, which makes it
  highly resistant against GPU cracking attacks and suitable for applications
  with no threats from side-channel timing attacks (eg. cryptocurrencies). 
 * Argon2i instead uses data-independent memory access, which is preferred for
  password hashing and password-based key derivation, but it is slower as it
  makes more passes over the memory to protect from tradeoff attacks.
 * Argon2id is a hybrid of Argon2i and Argon2d, using a combination of
  data-depending and data-independent memory accesses, which gives some of
  Argon2i's resistance to side-channel cache timing attacks and much of
  Argon2d's resistance to GPU cracking attacks.
 %package -n %{libname}
 Summary:  The password-hashing library
 %description -n %{libname}
 Argon2 is a password-hashing function that summarizes the state of the art
 in the design of memory-hard functions and can be used to hash passwords
 for credential storage, key derivation, or other applications.
 %package -n %{libname}-devel
 Summary:  Development files for %{libname}
 Requires: %{libname}%{?_isa} = %{version}-%{release}
 %description -n %{libname}-devel
 The %{libname}-devel package contains libraries and header files for
 developing applications that use %{libname}.
 %prep
 %setup -qn %{gh_project}-%{gh_commit}
 if ! grep -q 'ABI_VERSION = %{soname}' Makefile; then
  : soname have changed
  grep soname Makefile
  exit 1
 fi
 # Fix pkgconfig file
 sed -e 's:lib/@HOST_MULTIARCH@:%{_lib}:;s/@UPSTREAM_VER@/%{version}/' -i %{libname}.pc.in
 %build
 # Honours default RPM build options and library path, do not use -march=native
 sed -e '/^CFLAGS/s:^CFLAGS:LDFLAGS=%{build_ldflags}\nCFLAGS:' \
    -e 's:-O3 -Wall:%{optflags}:' \
    -e '/^LIBRARY_REL/s:lib:%{_lib}:' \
    -e 's:-march=\$(OPTTARGET) :${CFLAGS} :' \
    -e 's:CFLAGS += -march=\$(OPTTARGET)::' \
    -i Makefile
 # parallel build is not supported
 make -j1 PREFIX=%{_prefix}
 %install
 make install DESTDIR=%{buildroot} PREFIX=%{_prefix} LIBRARY_REL=%{_lib}
 # Drop static library
 rm %{buildroot}%{_libdir}/%{libname}.a
 # pkgconfig file
 install -Dpm 644 %{libname}.pc %{buildroot}%{_libdir}/pkgconfig/%{libname}.pc
 # Fix perms
 chmod -x %{buildroot}%{_includedir}/%{name}.h
 chmod +x %{buildroot}%{_libdir}/%{libname}.so.%{soname}
 %check
 make test
 %files
 %{_bindir}/%{name}
 %files -n %{libname}
 %{!?_licensedir:%global license %%doc}
 %license LICENSE
 %{_libdir}/%{libname}.so.%{soname}
 %files -n %{libname}-devel
 %doc *md
 %{_includedir}/%{name}.h
 %{_libdir}/%{libname}.so
 %{_libdir}/pkgconfig/%{libname}.pc
 %changelog
 * Sun Dec 22 2024 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 20190702-6
 - Rebuilt for MSVSphere 10
 * Wed Jul 17 2024 Fedora Release Engineering <releng@fedoraproject.org> - 20190702-6
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
 * Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 20190702-5
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
 * Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 20190702-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
 * Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 20190702-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
 * Wed Jan 18 2023 Fedora Release Engineering <releng@fedoraproject.org> - 20190702-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
 * Tue Aug  2 2022 Tom Callaway <spot@fedoraproject.org> - 20190702-1
 - update to 20190702
 * Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 20171227-10
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
 * Mon Mar 28 2022 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 20171227-9
 - Fix build with package notes (rhbz#2066558)
 * Wed Jan 19 2022 Fedora Release Engineering <releng@fedoraproject.org> - 20171227-8
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
 * Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 20171227-7
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
 * Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 20171227-6
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
 * Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 20171227-5
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
 * Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 20171227-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
 * Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 20171227-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
 * Mon Mar 18 2019 Milan Broz <gmazyland@gmail.com> - 20171227-2
 - Rebuilt to remove old library.
 * Mon Mar 18 2019 Milan Broz <gmazyland@gmail.com> - 20171227-1
 - Update to version 20171227 (soname increase).
 - Temporarily keep libargon2.so.0.
 - Fix a crash if running under memory pressure.
 * Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 20161029-7
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
 * Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 20161029-6
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
 * Thu Feb 15 2018 Remi Collet <remi@remirepo.net> - 20161029-5
 - honours all build flags #1558128
 * Thu Feb 15 2018 Remi Collet <remi@remirepo.net> - 20161029-4
 - drop ldconfig scriptlets
 * Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 20161029-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
 * Thu Nov 16 2017 Milan Broz <gmazyland@gmail.com> - 20161029-2
 - Do not use -march=native in build, use system flags (rh #1512845).
 * Wed Oct 18 2017 Remi Collet <remi@remirepo.net> - 20161029-1
 - initial package
		`@ -0,0 +1 @@`
							`967dc39116510fbba2c13e924883651929af5e95 SOURCES/phc-winner-argon2-20190702-62358ba.tar.gz`
		`@ -0,0 +1 @@`
							`SOURCES/phc-winner-argon2-20190702-62358ba.tar.gz`