1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
|
# remirepo/fedora spec file for argon2
#
# Copyright (c) 2017-2019 Remi Collet
# License: CC-BY-SA
# http://creativecommons.org/licenses/by-sa/4.0/
#
# Please, preserve the changelog entries
#
%global libname libargon2
%global gh_commit 1c4fc41f81f358283755eea88d4ecd05e43b7fd3
%global gh_short %(c=%{gh_commit}; echo ${c:0:7})
%global gh_owner P-H-C
%global gh_project phc-winner-argon2
%global soname 0
%global upstream_version 20161029
#global upstream_prever RC1
Name: argon2
Version: %{upstream_version}%{?upstream_prever:~%{upstream_prever}}
Release: 7%{?dist}
Summary: The password-hashing tools
License: Public Domain or ASL 2.0
URL: https://github.com/%{gh_owner}/%{gh_project}
Source0: https://github.com/%{gh_owner}/%{gh_project}/archive/%{gh_commit}/%{gh_project}-%{upstream_version}%{?upstream_prever}-%{gh_short}.tar.gz
Patch0: argon2-Wait-for-already-running-threads-if-a-thread-creatio.patch
BuildRequires: gcc
Requires: %{libname}%{?_isa} = %{version}-%{release}
%description
Argon2 is a password-hashing function that summarizes the state of the art
in the design of memory-hard functions and can be used to hash passwords
for credential storage, key derivation, or other applications.
It has a simple design aimed at the highest memory filling rate and
effective use of multiple computing units, while still providing defense
against tradeoff attacks (by exploiting the cache and memory organization
of the recent processors).
Argon2 has three variants: Argon2i, Argon2d, and Argon2id.
* Argon2d is faster and uses data-depending memory access, which makes it
highly resistant against GPU cracking attacks and suitable for applications
with no threats from side-channel timing attacks (eg. cryptocurrencies).
* Argon2i instead uses data-independent memory access, which is preferred for
password hashing and password-based key derivation, but it is slower as it
makes more passes over the memory to protect from tradeoff attacks.
* Argon2id is a hybrid of Argon2i and Argon2d, using a combination of
data-depending and data-independent memory accesses, which gives some of
Argon2i's resistance to side-channel cache timing attacks and much of
Argon2d's resistance to GPU cracking attacks.
%package -n %{libname}
Summary: The password-hashing library
%description -n %{libname}
Argon2 is a password-hashing function that summarizes the state of the art
in the design of memory-hard functions and can be used to hash passwords
for credential storage, key derivation, or other applications.
%package -n %{libname}-devel
Summary: Development files for %{libname}
Requires: %{libname}%{?_isa} = %{version}-%{release}
%description -n %{libname}-devel
The %{libname}-devel package contains libraries and header files for
developing applications that use %{libname}.
%prep
%setup -qn %{gh_project}-%{gh_commit}
%patch0 -p1
if ! grep -q 'soname,%{libname}.so.%{soname}' Makefile; then
: soname have changed
grep soname Makefile
exit 1
fi
# Fix pkgconfig file
sed -e 's:lib/@HOST_MULTIARCH@:%{_lib}:;s/@UPSTREAM_VER@/%{version}/' -i %{libname}.pc
# Honours default RPM build options and library path, do not use -march=native
sed %{?build_ldflags:-e '/^CFLAGS/s:^CFLAGS:LDFLAGS=%{build_ldflags}\nCFLAGS:'} \
-e 's:-O3 -Wall:%{optflags}:' \
-e '/^LIBRARY_REL/s:lib:%{_lib}:' \
-e 's:-march=\$(OPTTARGET) :${CFLAGS} :' \
-e 's:CFLAGS += -march=\$(OPTTARGET)::' \
-i Makefile
%build
# parallel build is not supported
make -j1
%install
make install DESTDIR=%{buildroot}
# Drop static library
rm %{buildroot}%{_libdir}/%{libname}.a
# Create link to soname, see Makefile for value
mv %{buildroot}%{_libdir}/%{libname}.so %{buildroot}%{_libdir}/%{libname}.so.%{soname}
ln -s %{libname}.so.%{soname} %{buildroot}%{_libdir}/%{libname}.so
# pkgconfig file
install -Dpm 644 %{libname}.pc %{buildroot}%{_libdir}/pkgconfig/%{libname}.pc
# Fix perms
chmod -x %{buildroot}%{_includedir}/%{name}.h
%check
make test
%if 0%{?fedora} < 28 && 0%{?rhel} < 8
%post -n %{libname} -p /sbin/ldconfig
%postun -n %{libname} -p /sbin/ldconfig
%endif
%files
%{_bindir}/%{name}
%files -n %{libname}
%{!?_licensedir:%global license %%doc}
%license LICENSE
%{_libdir}/%{libname}.so.%{soname}
%files -n %{libname}-devel
%doc *md
%{_includedir}/%{name}.h
%{_libdir}/%{libname}.so
%{_libdir}/pkgconfig/%{libname}.pc
%changelog
* Wed Apr 3 2019 Remi Collet <remi@remirepo.net> - 20161029-7
- Fix a crash if running under memory pressure (rh #1688752).
* Thu Feb 15 2018 Remi Collet <remi@remirepo.net> - 20161029-5
- honours all build flags #1558128
* Thu Nov 16 2017 Milan Broz <gmazyland@gmail.com> - 20161029-2
- Do not use -march=native in build, use system flags (rh #1512845).
* Wed Oct 18 2017 Remi Collet <remi@remirepo.net> - 20161029-1
- initial package
|