Remove real functionality from encrypt, encrypt_r, setkey, setkey_r, and fcrypt from the libxcrypt.so.1 compatibility library and let those functions set "errno" to "ENOSYS" when invoked. == Owner == * Name: [[User:besser82 | Björn Esser]] <besser82@xxxxxxxxxxxxxxxxx> == Detailed Description == In [[Changes/FullyRemoveDeprecatedAndUnsafeFunctionsFromLibcrypt | the system-wide change: "Fully remove deprecated and unsafe functions from libcrypt"]] we propose to remove the named functions from the system default so-version of the crypt library, which is a pre-requirement for this change. It basically is a follow-up announcing to remove the real functionality from those functions in the POSIX-compatibility version of the crypt library as well, and replace them with fully POSIX-compilant stubs, that properly indicate those functions are not supported. This change was basically filed, because it may require additional documentation apart from the system-wide change, that is a pre-requirement for this one. == Benefit to Fedora == Third-party applications, which still use / require these unsafe functions cannot use them anymore, which is the key benefit of this change for our users. == Scope == * Proposal owners: Implement the needed changes in the libxcrypt-compat package. * Other developers: N/A (not a System Wide Change) * Release engineering: N/A, as this is a follow-up of an already evaluated system-wide change. * Trademark approval: N/A (not needed for this Change) == Upgrade/compatibility impact == N/A (not a System Wide Change) == How To Test == N/A (not a System Wide Change) == User Experience == No impact, as nothing in the distribution uses those functions. Third-party applications that are distributed in pre-compiled / binary form only, may have a reduced set of features. Since POSIX explicitly states those functions shall set "errno" to "ENOSYS", if the functionality is not available nor implemented, third-party application that start to malfunction are broken by design. == Dependencies == N/A (not a System Wide Change) == Contingency Plan == Revert the change and rebuild libxcrypt. == Documentation == The version of the libcrypt.so.1 library included with Fedora 30 for POSIX-compatibility has entirely removed the functionality of the encrypt, encrypt_r, setkey, setkey_r, and fcrypt functions, while keeping fully binary compatibility with existing (third-party) applications possibly still using those funtions. If such an application attemps to call one of these functions, the corresponding function will indicate that it is not supported by the system in a POSIX-compliant way. All existing binary executables linked against glibc's libcrypt should work unmodified with this version of the libcrypt.so.1 library supplied by the libxcrypt-compat package. == Release Notes == See the paragraph about documentation above. -- Ben Cotton Fedora Program Manager TZ=America/Indiana/Indianapolis _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx