xcrypt 0.1.0

data/ext/libxcrypt/build-aux/scripts/check-perlcritic-config

@@ -0,0 +1,76 @@
+#! /usr/bin/perl
+# Written by Zack Weinberg <zackw at panix.com> in 2021.
+# To the extent possible under law, Zack Weinberg has waived all
+# copyright and related or neighboring rights to this work.
+#
+# See https://creativecommons.org/publicdomain/zero/1.0/ for further
+# details.
+
+# Compare the set of available Perl::Critic policies with the set of
+# policies mentioned in .perlcriticrc.  Fail the build if there are
+# available policies that are not mentioned, or mentioned policies
+# that are not available.  This ensures that we always have the
+# expected set of policies available when running perlcritic, and
+# that we have thought about whether each one _should_ be enabled.
+# ("Mentioned" does not mean "enabled".  [-APolicy::WeDontWantToUse]
+# counts as mentioning the policy for purpose of this script.)
+
+# Ideally this would be a perlcritic policy itself, so it would get
+# run on any invocation of perlcritic, not just on 'make distcheck'.
+
+use v5.14;    # implicit use strict, use feature ':5.14'
+use warnings FATAL => 'all';
+use utf8;
+use open qw(:std :utf8);
+no  if $] >= 5.022, warnings => 'experimental::re_strict';
+use if $] >= 5.022, re       => 'strict';
+
+use Perl::Critic              ();
+use Perl::Critic::UserProfile ();
+
+sub all_policies {
+    return
+        map { ("$_" => 1) }
+        Perl::Critic->new(-profile => q(), -severity => 1)->policies();
+}
+
+sub mentioned_policies {
+    return
+        map { (s/^Perl::Critic::Policy:://r => 1) }
+        Perl::Critic::UserProfile->new()->listed_policies();
+}
+
+sub compare_mentioned_to_all {
+    my %all       = all_policies();
+    my %mentioned = mentioned_policies();
+
+    my @unmentioned;
+    for my $p (keys %all) {
+        push @unmentioned, $p unless exists $mentioned{$p};
+    }
+
+    my @uninstalled;
+    for my $p (keys %mentioned) {
+        push @uninstalled, $p unless exists $all{$p};
+    }
+
+    my $fail = 0;
+    if (@unmentioned) {
+        print {*STDERR}
+            "*** Unmentioned policies:\n\t",
+            join("\n\t", sort @unmentioned),
+            "\n\n";
+        $fail = 1;
+    }
+    if (@uninstalled) {
+        print {*STDERR}
+            "*** Uninstalled policies:\n\t",
+            join("\n\t", sort @uninstalled),
+            "\n\n";
+        $fail = 1;
+    }
+
+    return $fail;
+}
+
+exit compare_mentioned_to_all();

data/ext/libxcrypt/build-aux/scripts/compute-symver-floor

@@ -0,0 +1,116 @@
+#! /usr/bin/perl
+# Written by Zack Weinberg <zackw at panix.com> in 2017 and 2020.
+# To the extent possible under law, Zack Weinberg has waived all
+# copyright and related or neighboring rights to this work.
+#
+# See https://creativecommons.org/publicdomain/zero/1.0/ for further
+# details.
+
+# Process libcrypt.minver and determine the minumum symbol version to
+# use for compatibility symbols.  Called from configure.ac.
+
+use v5.14;    # implicit use strict, use feature ':5.14'
+use warnings FATAL => 'all';
+use utf8;
+use open qw(:std :utf8);
+no  if $] >= 5.022, warnings => 'experimental::re_strict';
+use if $] >= 5.022, re       => 'strict';
+
+use FindBin ();
+use lib ${FindBin::Bin};
+use BuildCommon qw(
+    ensure_C_locale
+    sh_split
+    popen
+    subprocess_error
+    which
+);
+
+sub preprocessor_check {
+    my ($expr) = @_;
+
+    state @CC;
+    state @CFLAGS;
+    if (!@CC) {
+        @CC = which($ENV{CC} // 'cc');
+        die "C compiler not available\n" unless @CC;
+
+        @CFLAGS = sh_split($ENV{CFLAGS} // q{});
+
+        # Remove empty elements, particularly leading ones which
+        # cause issues with popen below.
+        @CFLAGS = grep { $_ } @CFLAGS;
+
+        # We call ensure_C_locale here, not from the main section,
+        # because this sub might not get called at all, in which
+        # case it would be unnecessary work.
+        ensure_C_locale();
+    }
+
+    # FIXME: We assume the compiler understands "-fsyntax-only -xc -"
+    # to mean "read standard input, interpret as C, check for errors,
+    # produce no output."  This is true for all commonly used C
+    # compilers on operating systems where this feature is necessary.
+    print {*STDERR} "${FindBin::Bin}: testing $expr\n";
+
+    my $ccpipe = popen('|-', @CC, @CFLAGS, '-fsyntax-only', '-xc', '-');
+    print {$ccpipe} <<"EOF";
+#include <limits.h>
+#if !($expr)
+#error nope
+#endif
+int avoid_empty_translation_unit;
+EOF
+    if (close $ccpipe) {
+        return 1;    # compilation successful
+    } elsif ($! == 0 && ($? & 0x7F) == 0) {
+        return 0;    # compilation failed
+    } else {
+        subprocess_error(@CC);
+    }
+}
+
+sub parse_minver_file {
+    my ($minver_file, $system, $cpu) = @_;
+    $system = lc $system;
+    $cpu    = lc $cpu;
+
+    local $_;
+    open my $fh, '<', $minver_file
+        or die "$minver_file: $!\n";
+    while (<$fh>) {
+        next if /^#/;
+        chomp;
+        s/\s+$//;
+        next if $_ eq q{};
+
+        my ($vers, $vsys, $vcpu, $ppck) = split q{ }, $_, 4;
+        $vsys = lc $vsys;
+        $vcpu = lc $vcpu;
+
+        return $vers
+            if $system =~ /\A$vsys/
+            && $cpu =~ /\A$vcpu/
+            && (!defined $ppck || preprocessor_check($ppck));
+    }
+    print {*STDERR} "$0: no match for ${cpu}-${system}\n";
+    return 'ERROR';
+}
+
+#
+# Main
+#
+if (scalar(@ARGV) != 3) {
+    print {*STDERR} "usage: $0 libcrypt.minver host-os host-cpu\n";
+    print {*STDERR} "Environment variables \$CC and \$CFLAGS are honored.\n";
+    exit 2;
+}
+
+exit 0 if eval {
+    print parse_minver_file(@ARGV), "\n";
+    close STDOUT or die "write error: $!\n";
+    1;
+};
+
+print {*STDERR} "${FindBin::Script}: $@";
+exit 1;

data/ext/libxcrypt/build-aux/scripts/expand-selected-hashes

@@ -0,0 +1,80 @@
+#! /usr/bin/perl
+# Written by Zack Weinberg <zackw at panix.com> in 2018 and 2020.
+# To the extent possible under law, Zack Weinberg has waived all
+# copyright and related or neighboring rights to this work.
+#
+# See https://creativecommons.org/publicdomain/zero/1.0/ for further
+# details.
+
+# Using the information in lib/hashes.conf, validate a list of
+# selected hashes and hash groups that was supplied as the argument of
+# the --enable-hashes option to the configure script, expand all
+# the groups, and remove duplicates.
+#
+# Caution: if you change the format of lib/hashes.conf you will
+# probably need to modify gen-crypt-hashes-h as well as this script.
+
+use v5.14;    # implicit use strict, use feature ':5.14'
+use warnings FATAL => 'all';
+use utf8;
+use open qw(:std :utf8);
+no  if $] >= 5.022, warnings => 'experimental::re_strict';
+use if $] >= 5.022, re       => 'strict';
+
+use FindBin ();
+use lib $FindBin::Bin;
+use BuildCommon qw(
+    parse_hashes_conf
+);
+
+sub expand_selected {
+    my ($hconf, $selected) = @_;
+
+    if ($selected eq 'all') {
+        return keys %{$hconf->hashes};
+    } else {
+        my %enabled;
+        my @errors;
+        my $hashes = $hconf->hashes;
+        my $groups = $hconf->groups;
+        for my $w (split /,/, $selected) {
+            if ($w eq 'all') {
+                push @errors, "'all' must be used alone\n";
+            } elsif (exists $hashes->{$w}) {
+                $enabled{$w} = 1;
+            } elsif (exists $groups->{$w}) {
+                for my $h (@{$groups->{$w}}) {
+                    $enabled{$h->name} = 1;
+                }
+            } else {
+                push @errors, "'$w' is not a hash or group name\n";
+            }
+        }
+        if (scalar(%enabled) == 0) {
+            push @errors, "no hashes are enabled\n";
+        }
+        die join q{}, @errors if @errors;
+        return keys %enabled;
+    }
+}
+
+#
+# Main
+#
+if (scalar(@ARGV) != 2) {
+    print {*STDERR}
+        "usage: ${FindBin::Script} hashes.conf names,of,selected,hashes\n";
+    exit 1;
+}
+exit 0 if eval {
+    my ($hashes_conf, $hashes_selected) = @ARGV;
+    my $hconf   = parse_hashes_conf($hashes_conf);
+    my @enabled = expand_selected($hconf, $hashes_selected);
+
+    print ',', (join ',', sort @enabled), ",\n";
+    close STDOUT or die "write error: $!\n";
+    1;
+};
+
+print {*STDERR} "${FindBin::Script}: $@";
+exit 1;

data/ext/libxcrypt/build-aux/scripts/gen-crypt-h

@@ -0,0 +1,131 @@
+#! /usr/bin/perl
+# Written by Zack Weinberg <zackw at panix.com> in 2017.
+# To the extent possible under law, Zack Weinberg has waived all
+# copyright and related or neighboring rights to this work.
+#
+# See https://creativecommons.org/publicdomain/zero/1.0/ for further
+# details.
+
+# Generate (x)crypt.h from (x)crypt.h.in.
+
+use v5.14;    # implicit use strict, use feature ':5.14'
+use warnings FATAL => 'all';
+use utf8;
+use open qw(:std :utf8);
+no  if $] >= 5.022, warnings => 'experimental::re_strict';
+use if $] >= 5.022, re       => 'strict';
+
+use FindBin ();
+use lib $FindBin::Bin;
+use BuildCommon qw(
+    enabled_set
+    parse_hashes_conf
+);
+
+# Substitutions we know about are accumulated in this hash.
+my %substs;
+
+sub process_config_h {
+    my ($config_h) = @_;
+    open my $fh, '<', $config_h
+        or die "$config_h: $!\n";
+
+    my $have_sys_cdefs_h               = 0;
+    my $have_sys_cdefs_begin_end_decls = 0;
+    my $have_sys_cdefs_throw           = 0;
+    local $_;
+    while (<$fh>) {
+        chomp;
+
+        if ($_ eq '#define HAVE_SYS_CDEFS_H 1') {
+            $have_sys_cdefs_h = 1;
+        } elsif ($_ eq '#define HAVE_SYS_CDEFS_BEGIN_END_DECLS 1') {
+            $have_sys_cdefs_begin_end_decls = 1;
+        } elsif ($_ eq '#define HAVE_SYS_CDEFS_THROW 1') {
+            $have_sys_cdefs_throw = 1;
+        } elsif (/^#define PACKAGE_VERSION "((\d+)\.(\d+)\.\d+)"$/) {
+            $substs{XCRYPT_VERSION_STR}   = $1;
+            $substs{XCRYPT_VERSION_MAJOR} = $2;
+            $substs{XCRYPT_VERSION_MINOR} = $3;
+        }
+    }
+
+    die "$config_h: error: inconsistent <sys/cdefs.h> settings\n"
+        if !$have_sys_cdefs_h
+        && ($have_sys_cdefs_begin_end_decls || $have_sys_cdefs_throw);
+
+    my $s = q{};
+    my $e = q{};
+    $s .= "#include <sys/cdefs.h>\n" if $have_sys_cdefs_h;
+    $s .= "#define __THROW /* nothing */\n" unless $have_sys_cdefs_throw;
+    $s .= "\n";
+    if ($have_sys_cdefs_begin_end_decls) {
+        $s .= '__BEGIN_DECLS';
+        $e .= '__END_DECLS';
+    } else {
+        $s .= "#ifdef __cplusplus\nextern \"C\" {\n#endif";
+        $e .= "#ifdef __cplusplus\n} /* extern \"C\" */\n#endif";
+    }
+    $substs{BEGIN_DECLS} = $s;
+    $substs{END_DECLS}   = $e;
+    return;
+}
+
+sub process_hashes_conf {
+    my ($hashes_conf, $hashes_enabled) = @_;
+    my %enabled = enabled_set($hashes_enabled);
+    my $hconf   = parse_hashes_conf($hashes_conf);
+
+    my $default_prefix_enabled = 0;
+    for my $e (@{$hconf->default_candidates}) {
+        if ($enabled{$e->name}) {
+            $default_prefix_enabled = 1;
+            last;
+        }
+    }
+    $substs{DEFAULT_PREFIX_ENABLED} = $default_prefix_enabled;
+    return;
+}
+
+sub substitute {
+    my ($infile) = @_;
+    open my $fh, '<', $infile
+        or die "$infile: $!\n";
+    my $error = 0;
+    local $_;
+    my $subst1 = sub {
+        my $rep = $substs{$_[0]};
+        return $rep if defined $rep;
+
+        print {*STDERR} "$infile:$.: error: no substitution for $_[0]\n";
+        $error = 1;
+        return "!$_[0]!";
+    };
+    while (<$fh>) {
+        s/@([A-Z0-9_]+)@/&$subst1($1)/eg;
+        print;
+    }
+    exit 1 if $error;
+    return;
+}
+
+#
+# Main
+#
+if (scalar(@ARGV) != 2 && scalar(@ARGV) != 4) {
+    print {*STDERR} 'usage: '
+        . ${FindBin::Script}
+        . ' template config.h [hashes.conf ,hashes,enabled,]' . "\n";
+    exit 1;
+}
+exit 0 if eval {
+    my $infile = shift @ARGV;
+    process_config_h(shift @ARGV);
+    process_hashes_conf(@ARGV) if @ARGV;
+    substitute($infile);
+    close STDOUT or die "write error: $!\n";
+    1;
+};
+
+print {*STDERR} "${FindBin::Script}: $@";
+exit 1;

data/ext/libxcrypt/build-aux/scripts/gen-crypt-hashes-h

@@ -0,0 +1,141 @@
+#! /usr/bin/perl
+# Written by Zack Weinberg <zackw at panix.com> in 2018 and 2020.
+# To the extent possible under law, Zack Weinberg has waived all
+# copyright and related or neighboring rights to this work.
+#
+# See https://creativecommons.org/publicdomain/zero/1.0/ for further
+# details.
+
+# Generate crypt-hashes.h from lib/hashes.conf and configure settings.
+# Also responsible for checking lib/hashes.conf for errors.
+#
+# Caution: if you change the format of lib/hashes.conf you will
+# probably need to modify expand-selected-hashes as well as this script.
+
+use v5.14;    # implicit use strict, use feature ':5.14'
+use warnings FATAL => 'all';
+use utf8;
+use open qw(:std :utf8);
+no  if $] >= 5.022, warnings => 'experimental::re_strict';
+use if $] >= 5.022, re       => 'strict';
+
+use File::Spec::Functions qw(splitpath);
+use FindBin ();
+use lib $FindBin::Bin;
+use BuildCommon qw(
+    enabled_set
+    parse_hashes_conf
+);
+
+sub output {
+    my ($basehc, $hashes_enabled, $hconf) = @_;
+    my %enabled = enabled_set($hashes_enabled);
+    my @enabled_hashes;
+
+    print <<"EOT";
+/* Generated by ${FindBin::Script} from $basehc.  DO NOT EDIT.  */
+
+#ifndef _CRYPT_HASHES_H
+#define _CRYPT_HASHES_H 1
+
+EOT
+    for my $e (sort { $a->name cmp $b->name } values %{$hconf->hashes}) {
+        my $name = $e->name;
+        my $ena  = $enabled{$name} // 0;
+        printf "#define INCLUDE_%-*s %d\n", $hconf->max_namelen, $name, $ena;
+        push @enabled_hashes, $e if $ena;
+    }
+
+    print <<'EOT';
+
+/* Internal symbol renames for static linkage, see crypt-port.h.  */
+EOT
+    for my $e (@enabled_hashes) {
+        my $name_rn = $e->name . '_rn';
+        printf "#define crypt_%-*s _crypt_crypt_%s\n",
+            $hconf->max_namelen + 5, $name_rn, $name_rn;
+        printf "#define gensalt_%-*s _crypt_gensalt_%s\n",
+            $hconf->max_namelen + 3, $name_rn, $name_rn;
+    }
+
+    print <<'EOT';
+
+/* Prototypes for hash algorithm entry points.  */
+EOT
+    for my $e (@enabled_hashes) {
+        my $name = $e->name;
+        print <<"EOT";
+extern void crypt_${name}_rn (const char *, size_t, const char *,
+                size_t, uint8_t *, size_t, void *, size_t);
+extern void gensalt_${name}_rn (unsigned long,
+                const uint8_t *, size_t, uint8_t *, size_t);
+
+EOT
+    }
+
+    print <<'EOT';
+#define HASH_ALGORITHM_TABLE_ENTRIES \
+EOT
+    # Entries in this table can be in any order _except_ that the hash
+    # whose prefix is the empty string, if it's enabled, must be last.
+    # The simplest way to accomplish this is to sort the prefixes in
+    # descending order of length (and then alphabetically as a
+    # tiebreaker).
+    my @table_hashes = sort {
+        -(length($a->prefix) <=> length($b->prefix))
+            || $a->prefix cmp $b->prefix
+    } @enabled_hashes;
+
+    for my $e (@table_hashes) {
+        my $name_rn     = $e->name . '_rn,';
+        my $q_prefix    = '"' . $e->prefix . '",';
+        my $str_nrbytes = $e->nrbytes . ',';
+        printf "  { %-*s %d, crypt_%-*s gensalt_%-*s %-*s %s}, \\\n",
+            $hconf->max_prefixlen + 3,  $q_prefix, length($e->prefix),
+            $hconf->max_namelen + 4,    $name_rn,
+            $hconf->max_namelen + 4,    $name_rn,
+            $hconf->max_nrbyteslen + 1, $str_nrbytes, $e->is_strong;
+    }
+    print "  { 0, 0, 0, 0, 0, 0 }\n";
+
+    # The default_candidates array is in decreasing order of strength;
+    # select the first one that's enabled, if any.
+    my $default_prefix;
+    for my $e (@{$hconf->default_candidates}) {
+        if ($enabled{$e->name}) {
+            $default_prefix = $e->prefix;
+            last;
+        }
+    }
+    print <<"EOT" if defined $default_prefix;
+
+#define HASH_ALGORITHM_DEFAULT "$default_prefix"
+EOT
+    print <<'EOT';
+
+#endif /* crypt-hashes.h */
+EOT
+
+    close STDOUT or die "write error: $!\n";
+    return;
+}
+
+#
+# Main
+#
+if (scalar(@ARGV) != 2) {
+    print {*STDERR} "usage: ${FindBin::Script}"
+        . "hashes.conf ,names,of,enabled,hashes,\n";
+    exit 1;
+}
+exit 0 if eval {
+    my ($hashes_conf, $hashes_enabled) = @ARGV;
+    my (undef, undef, $basehc) = splitpath($hashes_conf);
+
+    my $hconf = parse_hashes_conf($hashes_conf);
+    output($basehc, $hashes_enabled, $hconf);
+    1;
+};
+
+print {*STDERR} "${FindBin::Script}: $@";
+exit 1;

data/ext/libxcrypt/build-aux/scripts/gen-crypt-symbol-vers-h

@@ -0,0 +1,150 @@
+#! /usr/bin/perl
+# Written by Zack Weinberg <zackw at panix.com> in 2017 and 2021.
+# To the extent possible under law, Zack Weinberg has waived all
+# copyright and related or neighboring rights to this work.
+#
+# See https://creativecommons.org/publicdomain/zero/1.0/ for further
+# details.
+
+# Generate macros that control the symbol versions of the public
+# library API, from a .map.in file.
+#
+# See libcrypt.map.in for an explanation of the format of .map.in
+# files.  See crypt-port.h for an explanation of how to use the macros
+# generated by this program.
+#
+# Note: we currently don't support compatibility symbols that need
+# a different definition from the default version.
+
+use v5.14;    # implicit use strict, use feature ':5.14'
+use warnings FATAL => 'all';
+use utf8;
+use open qw(:std :utf8);
+no  if $] >= 5.022, warnings => 'experimental::re_strict';
+use if $] >= 5.022, re       => 'strict';
+
+use FindBin ();
+use lib $FindBin::Bin;
+use BuildCommon qw(
+    parse_version_map_in
+);
+
+sub output {
+    my ($apply_symvers, $symvers) = @_;
+    my $basemap = $symvers->basemap;
+    print "/* Generated from $basemap by ${FindBin::Script}.  "
+        . "DO NOT EDIT.  */\n";
+
+    print <<'EOT';
+
+#ifndef _CRYPT_SYMBOL_VERS_H
+#define _CRYPT_SYMBOL_VERS_H 1
+
+/* For each public symbol <sym>, INCLUDE_<sym> is true if it
+   has any versions above the backward compatibility minimum.
+   Compatibility-only symbols are not included in the static
+   library, or in the shared library when configured with
+   --disable-obsolete-api.  */
+#if defined PIC && ENABLE_OBSOLETE_API
+
+EOT
+
+    for my $sym (@{$symvers->symbols}) {
+        printf "#define INCLUDE_%-*s %d\n",
+            $symvers->max_symlen, $sym->name, $sym->included;
+    }
+    print "\n#else\n\n";
+    for my $sym (@{$symvers->symbols}) {
+        printf "#define INCLUDE_%-*s %d\n",
+            $symvers->max_symlen, $sym->name,
+            $sym->included && !$sym->compat_only;
+    }
+
+    if ($apply_symvers =~ m/no/) {
+        print <<'EOT';
+
+#endif
+
+/* We are building this library with no symbol versioning
+   enabled, so let's define all macros for SYMVER_ to do
+   nothing. */
+EOT
+        for my $sym (@{$symvers->symbols}) {
+            my $name = $sym->name;
+            print "#define SYMVER_$name symver_nop()\n";
+        }
+        print <<'EOT';
+#endif
+EOT
+        close STDOUT or die "write error: $!\n";
+        return;
+    }
+
+    print <<'EOT';
+
+#endif
+
+/* When the public symbols are being given versions, they must be
+   defined under a different, private name first.  */
+#ifdef PIC
+EOT
+
+    for my $sym (@{$symvers->symbols}) {
+        if ($sym->included) {
+            printf "#define %-*s _crypt_%s\n",
+                $symvers->max_symlen, $sym->name, $sym->name;
+        }
+    }
+
+    print <<'EOT';
+#endif
+
+/* For each public symbol <sym> that is included, define its
+   highest version as the default, and aliases at each
+   compatibility version. */
+EOT
+
+    for my $sym (@{$symvers->symbols}) {
+        my $name = $sym->name;
+        if (!$sym->included) {
+            print "#define SYMVER_$name symver_nop()\n";
+            next;
+        }
+
+        my $seq = 0;
+        for my $v (@{$sym->versions}) {
+            if ($seq == 0) {
+                print "#define SYMVER_$name \\\n";
+                if ($sym->compat_only) {
+                    print "  symver_compat0 (\"$name\", $name, $v)";
+                } else {
+                    print "  symver_default (\"$name\", $name, $v)";
+                }
+            } else {
+                print "; \\\n"
+                    . "  symver_compat ($seq, \"$name\", $name, $name, $v)";
+            }
+            $seq++;
+        }
+        print "\n";
+    }
+
+    print <<'EOT';
+
+#endif /* crypt-symbol-vers.h */
+EOT
+
+    close STDOUT or die "write error: $!\n";
+    return;
+}
+
+#
+# Main
+#
+exit 0 if eval {
+    output($ARGV[0], parse_version_map_in(@ARGV[1 .. 4]));
+    1;
+};
+
+print {*STDERR} "${FindBin::Script}: $@";
+exit 1;