import argon2-20171227-7.el9

.argon2.metadata

@@ -0,0 +1 @@
+13bc02284b3ac92a3a1f7ab6a98baad25708ccc7  SOURCES/phc-winner-argon2-20171227-670229c.tar.gz

.gitignore

@@ -0,0 +1 @@
+SOURCES/phc-winner-argon2-20171227-670229c.tar.gz

SOURCES/argon2-Use-explicit_bzero-on-recent-glibc-versions.patch

@@ -0,0 +1,51 @@
+From fea3943adadf6527d1e839a2953e9591896e628d Mon Sep 17 00:00:00 2001
+From: "Maciej S. Szmigiero" <mail@maciej.szmigiero.name>
+Date: Tue, 5 Mar 2019 14:30:22 +0100
+Subject: [PATCH] Use explicit_bzero() on recent glibc versions
+
+glibc 2.25+ has explicit_bzero(), so we can use it to securely wipe memory
+instead of hacking our own memset-based replacement, just like we already
+do on OpenBSD.
+---
+ src/core.c | 13 ++++++++++++-
+ 1 file changed, 12 insertions(+), 1 deletion(-)
+
+diff --git a/src/core.c b/src/core.c
+index 8781852..8361175 100644
+--- a/src/core.c
++++ b/src/core.c
+@@ -25,6 +25,9 @@
+ #endif
+ #define VC_GE_2005(version) (version >= 1400)
+ 
++/* for explicit_bzero() on glibc */
++#define _DEFAULT_SOURCE
++
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
+@@ -120,12 +123,20 @@ void free_memory(const argon2_context *context, uint8_t *memory,
+     }
+ }
+ 
++#if defined(__OpenBSD__)
++#define HAVE_EXPLICIT_BZERO 1
++#elif defined(__GLIBC__) && defined(__GLIBC_PREREQ)
++#if __GLIBC_PREREQ(2,25)
++#define HAVE_EXPLICIT_BZERO 1
++#endif
++#endif
++
+ void NOT_OPTIMIZED secure_wipe_memory(void *v, size_t n) {
+ #if defined(_MSC_VER) && VC_GE_2005(_MSC_VER)
+     SecureZeroMemory(v, n);
+ #elif defined memset_s
+     memset_s(v, n, 0, n);
+-#elif defined(__OpenBSD__)
++#elif defined(HAVE_EXPLICIT_BZERO)
+     explicit_bzero(v, n);
+ #else
+     static void *(*const volatile memset_sec)(void *, int, size_t) = &memset;
+-- 
+2.20.1
+

SOURCES/argon2-Wait-for-already-running-threads-if-a-thread-creatio.patch

@@ -0,0 +1,42 @@
+From cfa4385e728116989ad88b4be7c23b4868422778 Mon Sep 17 00:00:00 2001
+From: Milan Broz <gmazyland@gmail.com>
+Date: Mon, 11 Mar 2019 21:21:57 +0100
+Subject: [PATCH] Wait for already running threads if a thread creation
+ failed.
+
+On memory-constrained systems (like cgroups limited processes)
+thread creation often fails.
+
+The code needs to wait for already running threads on error path;
+otherwise these threads can access deallocated memory
+(and cause a segfault or another crash).
+---
+ src/core.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/core.c b/src/core.c
+index 8361175..65f0537 100644
+--- a/src/core.c
++++ b/src/core.c
+@@ -310,7 +310,7 @@ static int fill_memory_blocks_mt(argon2_instance_t *instance) {
+ 
+     for (r = 0; r < instance->passes; ++r) {
+         for (s = 0; s < ARGON2_SYNC_POINTS; ++s) {
+-            uint32_t l;
++            uint32_t l, ll;
+ 
+             /* 2. Calling threads */
+             for (l = 0; l < instance->lanes; ++l) {
+@@ -335,6 +335,9 @@ static int fill_memory_blocks_mt(argon2_instance_t *instance) {
+                        sizeof(argon2_position_t));
+                 if (argon2_thread_create(&thread[l], &fill_segment_thr,
+                                          (void *)&thr_data[l])) {
++                    /* Wait for already running threads */
++                    for (ll = 0; ll < l; ++ll)
++                        argon2_thread_join(thread[ll]);
+                     rc = ARGON2_THREAD_FAIL;
+                     goto fail;
+                 }
+-- 
+2.20.1
+

SPECS/argon2.spec

@@ -0,0 +1,183 @@
+# remirepo/fedora spec file for argon2
+#
+# Copyright (c) 2017-2018 Remi Collet
+# License: CC-BY-SA
+# http://creativecommons.org/licenses/by-sa/4.0/
+#
+# Please, preserve the changelog entries
+#
+%global libname      libargon2
+%global gh_commit    670229c849b9fe882583688b74eb7dfdc846f9f6
+%global gh_short     %(c=%{gh_commit}; echo ${c:0:7})
+%global gh_owner     P-H-C
+%global gh_project   phc-winner-argon2
+%global soname       1
+
+%global upstream_version 20171227
+#global upstream_prever  RC1
+
+Name:    argon2
+Version: %{upstream_version}%{?upstream_prever:~%{upstream_prever}}
+Release: 7%{?dist}
+Summary: The password-hashing tools
+
+License: Public Domain or ASL 2.0
+URL:     https://github.com/%{gh_owner}/%{gh_project}
+Source0: https://github.com/%{gh_owner}/%{gh_project}/archive/%{gh_commit}/%{gh_project}-%{upstream_version}%{?upstream_prever}-%{gh_short}.tar.gz
+Patch0:  argon2-Use-explicit_bzero-on-recent-glibc-versions.patch
+Patch1:  argon2-Wait-for-already-running-threads-if-a-thread-creatio.patch
+
+BuildRequires: gcc
+BuildRequires: make
+Requires: %{libname}%{?_isa} = %{version}-%{release}
+
+
+%description
+Argon2 is a password-hashing function that summarizes the state of the art
+in the design of memory-hard functions and can be used to hash passwords
+for credential storage, key derivation, or other applications.
+
+It has a simple design aimed at the highest memory filling rate and
+effective use of multiple computing units, while still providing defense
+against tradeoff attacks (by exploiting the cache and memory organization
+of the recent processors).
+
+Argon2 has three variants: Argon2i, Argon2d, and Argon2id.
+
+* Argon2d is faster and uses data-depending memory access, which makes it
+  highly resistant against GPU cracking attacks and suitable for applications
+  with no threats from side-channel timing attacks (eg. cryptocurrencies). 
+* Argon2i instead uses data-independent memory access, which is preferred for
+  password hashing and password-based key derivation, but it is slower as it
+  makes more passes over the memory to protect from tradeoff attacks.
+* Argon2id is a hybrid of Argon2i and Argon2d, using a combination of
+  data-depending and data-independent memory accesses, which gives some of
+  Argon2i's resistance to side-channel cache timing attacks and much of
+  Argon2d's resistance to GPU cracking attacks.
+
+
+%package -n %{libname}
+Summary:  The password-hashing library
+
+%description -n %{libname}
+Argon2 is a password-hashing function that summarizes the state of the art
+in the design of memory-hard functions and can be used to hash passwords
+for credential storage, key derivation, or other applications.
+
+
+%package -n %{libname}-devel
+Summary:  Development files for %{libname}
+Requires: %{libname}%{?_isa} = %{version}-%{release}
+
+%description -n %{libname}-devel
+The %{libname}-devel package contains libraries and header files for
+developing applications that use %{libname}.
+
+
+%prep
+%setup -qn %{gh_project}-%{gh_commit}
+%patch0 -p1
+%patch1 -p1
+
+if ! grep -q 'ABI_VERSION = %{soname}' Makefile; then
+  : soname have changed
+  grep soname Makefile
+  exit 1
+fi
+
+# Fix pkgconfig file
+sed -e 's:lib/@HOST_MULTIARCH@:%{_lib}:;s/@UPSTREAM_VER@/%{version}/' -i %{libname}.pc
+
+# Honours default RPM build options and library path, do not use -march=native
+sed -e '/^CFLAGS/s:^CFLAGS:LDFLAGS=%{build_ldflags}\nCFLAGS:' \
+    -e 's:-O3 -Wall:%{optflags}:' \
+    -e '/^LIBRARY_REL/s:lib:%{_lib}:' \
+    -e 's:-march=\$(OPTTARGET) :${CFLAGS} :' \
+    -e 's:CFLAGS += -march=\$(OPTTARGET)::' \
+    -i Makefile
+
+%build
+# parallel build is not supported
+make -j1
+
+
+%install
+make install DESTDIR=%{buildroot}
+
+# Drop static library
+rm %{buildroot}%{_libdir}/%{libname}.a
+
+# pkgconfig file
+install -Dpm 644 %{libname}.pc %{buildroot}%{_libdir}/pkgconfig/%{libname}.pc
+
+# Fix perms
+chmod -x %{buildroot}%{_includedir}/%{name}.h
+
+
+%check
+make test
+
+
+%files
+%{_bindir}/%{name}
+
+%files -n %{libname}
+%{!?_licensedir:%global license %%doc}
+%license LICENSE
+%{_libdir}/%{libname}.so.%{soname}
+
+
+%files -n %{libname}-devel
+%doc *md
+%{_includedir}/%{name}.h
+%{_libdir}/%{libname}.so
+%{_libdir}/pkgconfig/%{libname}.pc
+
+
+%changelog
+* Tue Jul 25 2023 Arkady L. Shane <ashejn@msvsphere.ru> - 20171227-7
+- Rebuilt for MSVSphere 9.2
+
+* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 20171227-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 20171227-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 20171227-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 20171227-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 20171227-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Mon Mar 18 2019 Milan Broz <gmazyland@gmail.com> - 20171227-2
+- Rebuilt to remove old library.
+
+* Mon Mar 18 2019 Milan Broz <gmazyland@gmail.com> - 20171227-1
+- Update to version 20171227 (soname increase).
+- Temporarily keep libargon2.so.0.
+- Fix a crash if running under memory pressure.
+
+* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 20161029-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 20161029-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Thu Feb 15 2018 Remi Collet <remi@remirepo.net> - 20161029-5
+- honours all build flags #1558128
+
+* Thu Feb 15 2018 Remi Collet <remi@remirepo.net> - 20161029-4
+- drop ldconfig scriptlets
+
+* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 20161029-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Thu Nov 16 2017 Milan Broz <gmazyland@gmail.com> - 20161029-2
+- Do not use -march=native in build, use system flags (rh #1512845).
+
+* Wed Oct 18 2017 Remi Collet <remi@remirepo.net> - 20161029-1
+- initial package