I am uploading a NMU to DELAYED/10 in order to fix this.diff -Nru libscrypt-1.21/Makefile libscrypt-1.22/Makefile
--- libscrypt-1.21/Makefile 2015-07-09 10:59:57.0 +
+++ libscrypt-1.22/Makefile 2021-12-11 06:19:10.0 +
@@ -5,27 +5,28 @@
INSTALL_DATA ?= install
CC?=gcc
-CFLAGS?=-O2 -Wall -g -D_FORTIFY_SOURCE=2 -fstack-protector -fPIC
-LDFLAGS?=-Wl,-z,now -Wl,-z,relro -Wl,-soname,libscrypt.so.0
-Wl,--version-script=libscrypt.version
-CFLAGS_EXTRA?=-Wl,-rpath=.
+CFLAGS?=$(CFLAGS_EXTRA) -D_FORTIFY_SOURCE=2 -fPIC
+LDFLAGS?=$(LDFLAGS_EXTRA) -Wl,-soname,libscrypt.so.0
-Wl,--version-script=libscrypt.version
+CFLAGS_EXTRA?=-Wl,-rpath=. -O2 -Wall -g -fstack-protector
+LDFLAGS_EXTRA?=-Wl,-z,relro
all: reference
OBJS= crypto_scrypt-nosse.o sha256.o crypto-mcf.o b64.o
crypto-scrypt-saltgen.o crypto_scrypt-check.o crypto_scrypt-hash.o slowequals.o
libscrypt.so.0: $(OBJS)
- $(CC) $(LDFLAGS) -shared -o libscrypt.so.0 $(OBJS) -lm -lc
+ $(CC) $(LDFLAGS) -shared -o libscrypt.so.0 $(OBJS) -lm -lc
ar rcs libscrypt.a $(OBJS)
reference: libscrypt.so.0 main.o crypto_scrypt-hexconvert.o
ln -s -f libscrypt.so.0 libscrypt.so
- $(CC) -Wall -o reference main.o b64.o crypto_scrypt-hexconvert.o
$(CFLAGS_EXTRA) -L. -lscrypt
+ $(CC) -o reference main.o b64.o crypto_scrypt-hexconvert.o $(CFLAGS)
$(LDFLAGS_EXTRA) -L. -lscrypt
clean:
rm -f *.o reference libscrypt.so* libscrypt.a endian.h
check: all
- ./reference
+ LD_LIBRARY_PATH=. ./reference
devtest:
splint crypto_scrypt-hexconvert.c
diff -Nru libscrypt-1.21/README.md libscrypt-1.22/README.md
--- libscrypt-1.21/README.md2015-07-09 10:59:57.0 +
+++ libscrypt-1.22/README.md2021-12-11 06:19:10.0 +
@@ -62,6 +62,8 @@
SCRYPT_* constants are probably a little high for something like a Raspberry
pi. Using '1' as SCRYPT_p is acceptable from a security and performance
standpoint if needed.
Experiments were performed with using memset() to zero out passwords as they
were checked. This often caused issues with calling applications where the
password based have been passed as a const*. We highly recommend implementing
your own zeroing function the moment this library is called.
+There is apparently an issue when used on Samsung (and perhaps Android in
general) devices. See [this
issue](https://github.com/technion/libscrypt/issues/39) for more information.
+
Notes on Code Development
diff -Nru libscrypt-1.21/crypto-mcf.c libscrypt-1.22/crypto-mcf.c
--- libscrypt-1.21/crypto-mcf.c 2015-07-09 10:59:57.0 +
+++ libscrypt-1.22/crypto-mcf.c 2021-12-11 06:19:10.0 +
@@ -1,14 +1,6 @@
#include
-#include
#include
#include
-#include
-#include
-#include
-
-#ifndef S_SPLINT_S /* Including this here triggers a known bug in splint */
-#include
-#endif
#include "libscrypt.h"
@@ -70,4 +62,4 @@
return 0;
return 1;
-}
+}
diff -Nru libscrypt-1.21/crypto-scrypt-saltgen.c
libscrypt-1.22/crypto-scrypt-saltgen.c
--- libscrypt-1.21/crypto-scrypt-saltgen.c 2015-07-09 10:59:57.0
+
+++ libscrypt-1.22/crypto-scrypt-saltgen.c 2021-12-11 06:19:10.0
+
@@ -4,6 +4,10 @@
#include
#include
+/* Disable on Windows, there is no /dev/urandom.
+ Link-time error is better than runtime error. */
+#ifndef _WIN32
+
#ifndef S_SPLINT_S /* Including this here triggers a known bug in splint */
#include
#endif
@@ -46,3 +50,5 @@
return 0;
}
+
+#endif
diff -Nru libscrypt-1.21/debian/changelog libscrypt-1.22/debian/changelog
--- libscrypt-1.21/debian/changelog 2023-07-13 12:40:40.0 +
+++ libscrypt-1.22/debian/changelog 2024-05-28 19:45:33.0 +
@@ -1,3 +1,11 @@
+libscrypt (1.22-0.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * d/watch: Scan via GitHub API (Closes: #1061571).
+ * New upstream release (Closes: #1061570).
+
+ -- Bastian Germann Tue, 28 May 2024 21:45:33 +0200
+
libscrypt (1.21-3.1) unstable; urgency=medium
* Non-maintainer upload.
diff -Nru libscrypt-1.21/debian/patches/fix-makefile
libscrypt-1.22/debian/patches/fix-makefile
--- libscrypt-1.21/debian/patches/fix-makefile 2023-07-13 12:39:24.0
+
+++ libscrypt-1.22/debian/patches/fix-makefile 1970-01-01 00:00:00.0
+
@@ -1,21 +0,0 @@
-Description: Fix makefile flag handling
-Author: Tristan Seligmann
-Origin: vendor
-Forwarded: no
-This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
-Index: libscrypt/Makefile
-===
libscrypt.orig/Makefile2014-12-14 02:38:36.667099740 +0200
-+++ libscrypt/Makefile 2014-12-14 05:53:34.488194255 +0200
-@@ -5,8 +5,8 @@
- INSTALL_DATA ?= install
-
- CC?=gcc
--CFLAGS?=-O2 -Wall -g -D_FORTIFY_SOURCE=2 -fstack-protector -fPIC
--LDFLAGS?=-Wl,-z,now -Wl,-z,relro