musl: improve crypt() size hack

Instead of silently downgrading any non-MD5 crypt() request to DES,
cleanly fail with return NULL and errno = ENOSYS. This allows callers
to notice the missing support instead of the unwanted silent fallback
to DES.

Also add a menuconfig toolchain option to optionally disable the crypt
size hack completely. This can be probably made dependant on SMALL_FLASH
or a similar feature indicator in a future commit.

Ref: https://github.com/openwrt/openwrt/pull/1331
Signed-off-by: Jo-Philipp Wich <jo@mein.io>

1 files changed, 12 insertions, 0 deletions

diff --git a/toolchain/musl/Config.in b/toolchain/musl/Config.in
new file mode 100644
index 0000000000..7e83b6fa53
--- /dev/null
+++ b/toolchain/musl/Config.in
@@ -0,0 +1,12 @@
+# Password crypt stubbing
+
+config MUSL_DISABLE_CRYPT_SIZE_HACK
+	bool "Include crypt() support for SHA256, SHA512 and Blowfish ciphers"
+	depends on TOOLCHAINOPTS && USE_MUSL && !EXTERNAL_TOOLCHAIN
+	default n
+	help
+	  Enable this option to re-include crypt() support for the SHA256, SHA512 and
+	  Blowfish ciphers. Without this option, attempting to hash a string with a salt
+	  requesting one of these ciphers will cause the crypt() function to call stub
+	  implementations which will always fail with errno ENOSYS. Including the ciphers
+	  will increase the library size by about 14KB after LZMA compression.