Instead of silently downgrading any non-MD5 crypt() request to DES, cleanly fail with return NULL and errno = ENOSYS. This allows callers to notice the missing support instead of the unwanted silent fallback to DES. Also add a menuconfig toolchain option to optionally disable the crypt size hack completely. This can be probably made dependant on SMALL_FLASH or a similar feature indicator in a future commit. Ref: https://github.com/openwrt/openwrt/pull/1331 Signed-off-by: Jo-Philipp Wich <jo@mein.io>master
parent
1211832977
commit
ceb625439a
@ -0,0 +1,12 @@ |
||||
# Password crypt stubbing |
||||
|
||||
config MUSL_DISABLE_CRYPT_SIZE_HACK |
||||
bool "Include crypt() support for SHA256, SHA512 and Blowfish ciphers" |
||||
depends on TOOLCHAINOPTS && USE_MUSL && !EXTERNAL_TOOLCHAIN |
||||
default n |
||||
help |
||||
Enable this option to re-include crypt() support for the SHA256, SHA512 and |
||||
Blowfish ciphers. Without this option, attempting to hash a string with a salt |
||||
requesting one of these ciphers will cause the crypt() function to call stub |
||||
implementations which will always fail with errno ENOSYS. Including the ciphers |
||||
will increase the library size by about 14KB after LZMA compression. |
Loading…
Reference in new issue