#1469 closed defect (fixed)
nginx won't build under libxcrypt due to missing 'current_salt' in 'crypt_data' struct
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | nginx-core | Version: | 1.13.x |
| Keywords: | Cc: | ||
| uname -a: | Linux 4.15.0-0.rc8.git0.1.fc28.x86_64 #1 SMP Mon Jan 15 17:04:36 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux | ||
| nginx -V: |
nginx version: nginx/1.13.8
built by gcc 7.2.1 20180104 (Red Hat 7.2.1-6) (GCC) |
||
Description
PROBLEM
In Fedora 28, the crypt library has been switched from glibc to libxcrypt.
In this system, nginx fails to build with following errors:
src/os/unix/ngx_user.c:36:7: error: 'struct crypt_data' has no member named 'current_salt' cd.current_salt[0] = ~salt[0];
Also, this issue seems to be reproducable in Fedora's build system:
https://koji.fedoraproject.org/koji/taskinfo?taskID=24331452
SOLUTION
The following patch fixes this issue:
RELATED ISSUES
I think this ticket is related to this problem:
Change History (8)
comment:1 by , 6 years ago
comment:4 by , 6 years ago
An alternative to removing a work around is this patch:
diff --git a/src/os/unix/ngx_user.c b/src/os/unix/ngx_user.c
--- a/src/os/unix/ngx_user.c
+++ b/src/os/unix/ngx_user.c
@@ -21,7 +21,7 @@ ngx_libc_crypt(ngx_pool_t *pool, u_char
struct crypt_data cd;
cd.initialized = 0;
-#ifdef __GLIBC__
+#if defined(__GLIBC__) && !defined(CRYPT_DATA_INTERNAL_SIZE)
/* work around the glibc bug */
cd.current_salt[0] = ~salt[0];
#endif
comment:5 by , 6 years ago
I don't think it worth the effort. Removing this workaround should be a better option, given that no platforms affected are known.
# HG changeset patch
# User Maxim Dounin <mdounin@mdounin.ru>
# Date 1527007852 -10800
# Tue May 22 19:50:52 2018 +0300
# Node ID 97f8e45acaf6f2d96844c2d770f8851c1b515c0a
# Parent 66aa2c1e82e63a65831d062d3e7a94bca0090b7e
Removed glibc crypt_r() bug workaround (ticket #1469).
The bug in question was fixed in glibc 2.3.2 and is no longer expected
to manifest itself on real servers. On the other hand, the workaround
causes compilation problems on various systems. Previously, we've
already fixed the code to compile with musl libc (fd6fd02f6a4d), and
now it is broken on Fedora 28 where glibc's crypt library was replaced
by libxcrypt. So the workaround was removed.
diff --git a/src/os/unix/ngx_user.c b/src/os/unix/ngx_user.c
--- a/src/os/unix/ngx_user.c
+++ b/src/os/unix/ngx_user.c
@@ -21,10 +21,6 @@ ngx_libc_crypt(ngx_pool_t *pool, u_char
struct crypt_data cd;
cd.initialized = 0;
-#ifdef __GLIBC__
- /* work around the glibc bug */
- cd.current_salt[0] = ~salt[0];
-#endif
value = crypt_r((char *) key, (char *) salt, &cd);
comment:7 by , 6 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
The glibc bug in question seems to be fixed in this change, available in glibc 2.3.2+:
2002-10-29 Daniel Jacobowitz <drow@mvista.com> * crypt/crypt_util.c (__init_des_r): Initialize current_salt and current_saltbits.I don't think that there are any live systems with the bug still present (according to distrowatch, CentOS 5.11, EOLed last year, includes glibc 2.5, and even CentOS 3.9 uses glibc 2.3.2, so the last CentOS version with the affected glibc is CentOS 2.0 released at 2004-05-24; the last Debian version with the affected glibc seems to be Debian 3.0 woody released at 2002-07-19), so it might make sense to simply remove the workaround.