diff options
author | Matthew Thode <prometheanfire@gentoo.org> | 2017-06-23 11:07:38 -0500 |
---|---|---|
committer | Matthew Thode <prometheanfire@gentoo.org> | 2017-06-23 11:14:33 -0500 |
commit | 5edbe19fbef9511ab5de32a435209c6ec0b53bf4 (patch) | |
tree | ad5e2448b1a7b008fcb15c2ba3918cf48157e4b0 /net-nds/openldap | |
parent | media-sound/spotify: 1.0.57 bup (thanks to alexbakker) (diff) | |
download | gentoo-5edbe19fbef9511ab5de32a435209c6ec0b53bf4.tar.gz gentoo-5edbe19fbef9511ab5de32a435209c6ec0b53bf4.tar.bz2 gentoo-5edbe19fbef9511ab5de32a435209c6ec0b53bf4.zip |
net-nds/openldap: fix gnutls support in openldap-2.4.45 bug 622460
Package-Manager: Portage-2.3.6, Repoman-2.3.2
Diffstat (limited to 'net-nds/openldap')
-rw-r--r-- | net-nds/openldap/files/openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch | 109 | ||||
-rw-r--r-- | net-nds/openldap/openldap-2.4.45.ebuild | 2 |
2 files changed, 110 insertions, 1 deletions
diff --git a/net-nds/openldap/files/openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch b/net-nds/openldap/files/openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch new file mode 100644 index 000000000000..0859d53caef9 --- /dev/null +++ b/net-nds/openldap/files/openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch @@ -0,0 +1,109 @@ +If GnuTLS is used, the lmpasswd module for USE=samba does not compile. +Forward-port an old Debian patch that upstream never applied. + +Signed-off-by: Robin H. Johnson <robbat2@gentoo.org> +Signed-off-by: Steffen Hau <steffen@hauihau.de> +X-Gentoo-Bug: http://bugs.gentoo.org/show_bug.cgi?id=233633 +X-Upstream-Bug: http://www.openldap.org/its/index.cgi/Software%20Enhancements?id=4997 +X-Debian-Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=245341 + +--- openldap-2.4.17.orig/libraries/liblutil/passwd.c 2009-07-27 18:59:19.635995474 -0700 ++++ openldap-2.4.17/libraries/liblutil/passwd.c 2009-07-27 19:01:13.588069010 -0700 +@@ -51,6 +51,26 @@ typedef unsigned char des_data_block[8]; + typedef PK11Context *des_context[1]; + #define DES_ENCRYPT CKA_ENCRYPT + ++#elif defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT) ++# include <gcrypt.h> ++static int gcrypt_init = 0; ++ ++typedef const void* des_key; ++typedef unsigned char DES_cblock[8]; ++typedef des_cblock des_data_block; ++typedef int DES_key_schedule; /* unused */ ++typedef DES_key_schedule des_context; /* unused */ ++#define des_failed(encrypted) 0 ++#define des_finish(key, schedule) ++ ++#define DES_set_key_unchecked( key, key_sched ) \ ++ gcry_cipher_setkey( hd, key, 8 ) ++ ++#define DES_ecb_encrypt( input, output, key_sched, enc ) \ ++ gcry_cipher_encrypt( hd, *output, 8, *input, 8 ) ++ ++#define DES_set_odd_parity( key ) do {} while(0) ++ + #endif + + #endif /* SLAPD_LMHASH */ +@@ -651,7 +671,7 @@ static int chk_md5( + + #ifdef SLAPD_LMHASH + +-#if defined(HAVE_OPENSSL) ++#if defined(HAVE_OPENSSL) || defined(HAVE_GNUTLS_GNUTLS_H) + + /* + * abstract away setting the parity. +@@ -841,6 +861,19 @@ static int chk_lanman( + des_data_block StdText = "KGS!@#$%"; + des_data_block PasswordHash1, PasswordHash2; + char PasswordHash[33], storedPasswordHash[33]; ++ ++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT) ++ gcry_cipher_hd_t hd; ++ ++ if ( !gcrypt_init ) { ++ gcry_check_version( GCRYPT_VERSION ); ++ gcrypt_init = 1; ++ } ++ ++ schedule = schedule; /* unused - avoid warning */ ++ ++ gcry_cipher_open( &hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0 ); ++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */ + + for( i=0; i<cred->bv_len; i++) { + if(cred->bv_val[i] == '\0') { +@@ -883,6 +916,10 @@ static int chk_lanman( + strncpy( storedPasswordHash, passwd->bv_val, 32 ); + storedPasswordHash[32] = '\0'; + ldap_pvt_str2lower( storedPasswordHash ); ++ ++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT) ++ gcry_cipher_close( hd ); ++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */ + + return memcmp( PasswordHash, storedPasswordHash, 32) ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; + } +@@ -1138,6 +1175,19 @@ static int hash_lanman( + des_data_block PasswordHash1, PasswordHash2; + char PasswordHash[33]; + ++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT) ++ gcry_cipher_hd_t hd; ++ ++ if ( !gcrypt_init ) { ++ gcry_check_version( GCRYPT_VERSION ); ++ gcrypt_init = 1; ++ } ++ ++ schedule = schedule; /* unused - avoid warning */ ++ ++ gcry_cipher_open( &hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0 ); ++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */ ++ + for( i=0; i<passwd->bv_len; i++) { + if(passwd->bv_val[i] == '\0') { + return LUTIL_PASSWD_ERR; /* NUL character in password */ +@@ -1168,6 +1218,10 @@ static int hash_lanman( + + hash->bv_val = PasswordHash; + hash->bv_len = 32; ++ ++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT) ++ gcry_cipher_close( hd ); ++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */ + + return pw_string( scheme, hash ); + } diff --git a/net-nds/openldap/openldap-2.4.45.ebuild b/net-nds/openldap/openldap-2.4.45.ebuild index 23c66c3db530..b2493271ba45 100644 --- a/net-nds/openldap/openldap-2.4.45.ebuild +++ b/net-nds/openldap/openldap-2.4.45.ebuild @@ -330,7 +330,7 @@ src_prepare() { epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch # bug #233633 - epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch + epatch "${FILESDIR}"/${PN}-2.4.45-fix-lmpasswd-gnutls-symbols.patch # bug #281495 epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch |