1 |
commit: 5edbe19fbef9511ab5de32a435209c6ec0b53bf4 |
2 |
Author: Matthew Thode <prometheanfire <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri Jun 23 16:07:38 2017 +0000 |
4 |
Commit: Matt Thode <prometheanfire <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri Jun 23 16:14:33 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5edbe19f |
7 |
|
8 |
net-nds/openldap: fix gnutls support in openldap-2.4.45 bug 622460 |
9 |
|
10 |
Package-Manager: Portage-2.3.6, Repoman-2.3.2 |
11 |
|
12 |
...enldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch | 109 +++++++++++++++++++++ |
13 |
net-nds/openldap/openldap-2.4.45.ebuild | 2 +- |
14 |
2 files changed, 110 insertions(+), 1 deletion(-) |
15 |
|
16 |
diff --git a/net-nds/openldap/files/openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch b/net-nds/openldap/files/openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch |
17 |
new file mode 100644 |
18 |
index 00000000000..0859d53caef |
19 |
--- /dev/null |
20 |
+++ b/net-nds/openldap/files/openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch |
21 |
@@ -0,0 +1,109 @@ |
22 |
+If GnuTLS is used, the lmpasswd module for USE=samba does not compile. |
23 |
+Forward-port an old Debian patch that upstream never applied. |
24 |
+ |
25 |
+Signed-off-by: Robin H. Johnson <robbat2@g.o> |
26 |
+Signed-off-by: Steffen Hau <steffen@×××××××.de> |
27 |
+X-Gentoo-Bug: http://bugs.gentoo.org/show_bug.cgi?id=233633 |
28 |
+X-Upstream-Bug: http://www.openldap.org/its/index.cgi/Software%20Enhancements?id=4997 |
29 |
+X-Debian-Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=245341 |
30 |
+ |
31 |
+--- openldap-2.4.17.orig/libraries/liblutil/passwd.c 2009-07-27 18:59:19.635995474 -0700 |
32 |
++++ openldap-2.4.17/libraries/liblutil/passwd.c 2009-07-27 19:01:13.588069010 -0700 |
33 |
+@@ -51,6 +51,26 @@ typedef unsigned char des_data_block[8]; |
34 |
+ typedef PK11Context *des_context[1]; |
35 |
+ #define DES_ENCRYPT CKA_ENCRYPT |
36 |
+ |
37 |
++#elif defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT) |
38 |
++# include <gcrypt.h> |
39 |
++static int gcrypt_init = 0; |
40 |
++ |
41 |
++typedef const void* des_key; |
42 |
++typedef unsigned char DES_cblock[8]; |
43 |
++typedef des_cblock des_data_block; |
44 |
++typedef int DES_key_schedule; /* unused */ |
45 |
++typedef DES_key_schedule des_context; /* unused */ |
46 |
++#define des_failed(encrypted) 0 |
47 |
++#define des_finish(key, schedule) |
48 |
++ |
49 |
++#define DES_set_key_unchecked( key, key_sched ) \ |
50 |
++ gcry_cipher_setkey( hd, key, 8 ) |
51 |
++ |
52 |
++#define DES_ecb_encrypt( input, output, key_sched, enc ) \ |
53 |
++ gcry_cipher_encrypt( hd, *output, 8, *input, 8 ) |
54 |
++ |
55 |
++#define DES_set_odd_parity( key ) do {} while(0) |
56 |
++ |
57 |
+ #endif |
58 |
+ |
59 |
+ #endif /* SLAPD_LMHASH */ |
60 |
+@@ -651,7 +671,7 @@ static int chk_md5( |
61 |
+ |
62 |
+ #ifdef SLAPD_LMHASH |
63 |
+ |
64 |
+-#if defined(HAVE_OPENSSL) |
65 |
++#if defined(HAVE_OPENSSL) || defined(HAVE_GNUTLS_GNUTLS_H) |
66 |
+ |
67 |
+ /* |
68 |
+ * abstract away setting the parity. |
69 |
+@@ -841,6 +861,19 @@ static int chk_lanman( |
70 |
+ des_data_block StdText = "KGS!@#$%"; |
71 |
+ des_data_block PasswordHash1, PasswordHash2; |
72 |
+ char PasswordHash[33], storedPasswordHash[33]; |
73 |
++ |
74 |
++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT) |
75 |
++ gcry_cipher_hd_t hd; |
76 |
++ |
77 |
++ if ( !gcrypt_init ) { |
78 |
++ gcry_check_version( GCRYPT_VERSION ); |
79 |
++ gcrypt_init = 1; |
80 |
++ } |
81 |
++ |
82 |
++ schedule = schedule; /* unused - avoid warning */ |
83 |
++ |
84 |
++ gcry_cipher_open( &hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0 ); |
85 |
++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */ |
86 |
+ |
87 |
+ for( i=0; i<cred->bv_len; i++) { |
88 |
+ if(cred->bv_val[i] == '\0') { |
89 |
+@@ -883,6 +916,10 @@ static int chk_lanman( |
90 |
+ strncpy( storedPasswordHash, passwd->bv_val, 32 ); |
91 |
+ storedPasswordHash[32] = '\0'; |
92 |
+ ldap_pvt_str2lower( storedPasswordHash ); |
93 |
++ |
94 |
++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT) |
95 |
++ gcry_cipher_close( hd ); |
96 |
++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */ |
97 |
+ |
98 |
+ return memcmp( PasswordHash, storedPasswordHash, 32) ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK; |
99 |
+ } |
100 |
+@@ -1138,6 +1175,19 @@ static int hash_lanman( |
101 |
+ des_data_block PasswordHash1, PasswordHash2; |
102 |
+ char PasswordHash[33]; |
103 |
+ |
104 |
++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT) |
105 |
++ gcry_cipher_hd_t hd; |
106 |
++ |
107 |
++ if ( !gcrypt_init ) { |
108 |
++ gcry_check_version( GCRYPT_VERSION ); |
109 |
++ gcrypt_init = 1; |
110 |
++ } |
111 |
++ |
112 |
++ schedule = schedule; /* unused - avoid warning */ |
113 |
++ |
114 |
++ gcry_cipher_open( &hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0 ); |
115 |
++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */ |
116 |
++ |
117 |
+ for( i=0; i<passwd->bv_len; i++) { |
118 |
+ if(passwd->bv_val[i] == '\0') { |
119 |
+ return LUTIL_PASSWD_ERR; /* NUL character in password */ |
120 |
+@@ -1168,6 +1218,10 @@ static int hash_lanman( |
121 |
+ |
122 |
+ hash->bv_val = PasswordHash; |
123 |
+ hash->bv_len = 32; |
124 |
++ |
125 |
++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT) |
126 |
++ gcry_cipher_close( hd ); |
127 |
++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */ |
128 |
+ |
129 |
+ return pw_string( scheme, hash ); |
130 |
+ } |
131 |
|
132 |
diff --git a/net-nds/openldap/openldap-2.4.45.ebuild b/net-nds/openldap/openldap-2.4.45.ebuild |
133 |
index 23c66c3db53..b2493271ba4 100644 |
134 |
--- a/net-nds/openldap/openldap-2.4.45.ebuild |
135 |
+++ b/net-nds/openldap/openldap-2.4.45.ebuild |
136 |
@@ -330,7 +330,7 @@ src_prepare() { |
137 |
epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch |
138 |
|
139 |
# bug #233633 |
140 |
- epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch |
141 |
+ epatch "${FILESDIR}"/${PN}-2.4.45-fix-lmpasswd-gnutls-symbols.patch |
142 |
|
143 |
# bug #281495 |
144 |
epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch |