[gentoo-commits] repo/gentoo:master commit in: net-nds/openldap/files/, net-nds/openldap/ - gentoo-commits

From:	Matt Thode <prometheanfire@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-nds/openldap/files/, net-nds/openldap/
Date:	Fri, 23 Jun 2017 16:14:53
Message-Id:	`1498234473.5edbe19fbef9511ab5de32a435209c6ec0b53bf4.prometheanfire@gentoo`

1

commit:     5edbe19fbef9511ab5de32a435209c6ec0b53bf4

2

Author:     Matthew Thode <prometheanfire <AT> gentoo <DOT> org>

3

AuthorDate: Fri Jun 23 16:07:38 2017 +0000

4

Commit:     Matt Thode <prometheanfire <AT> gentoo <DOT> org>

5

CommitDate: Fri Jun 23 16:14:33 2017 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5edbe19f

7

8

net-nds/openldap: fix gnutls support in openldap-2.4.45 bug 622460

9

10

Package-Manager: Portage-2.3.6, Repoman-2.3.2

11

12

 ...enldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch | 109 +++++++++++++++++++++

13

 net-nds/openldap/openldap-2.4.45.ebuild            |   2 +-

14

 2 files changed, 110 insertions(+), 1 deletion(-)

15

16

diff --git a/net-nds/openldap/files/openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch b/net-nds/openldap/files/openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch

17

new file mode 100644

18

index 00000000000..0859d53caef

19

--- /dev/null

20

+++ b/net-nds/openldap/files/openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch

21

@@ -0,0 +1,109 @@

22

+If GnuTLS is used, the lmpasswd module for USE=samba does not compile.

23

+Forward-port an old Debian patch that upstream never applied.

24

+

25

+Signed-off-by: Robin H. Johnson <robbat2@g.o>

26

+Signed-off-by: Steffen Hau <steffen@×××××××.de>

27

+X-Gentoo-Bug: http://bugs.gentoo.org/show_bug.cgi?id=233633

28

+X-Upstream-Bug: http://www.openldap.org/its/index.cgi/Software%20Enhancements?id=4997

29

+X-Debian-Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=245341

30

+

31

+--- openldap-2.4.17.orig/libraries/liblutil/passwd.c	2009-07-27 18:59:19.635995474 -0700

32

++++ openldap-2.4.17/libraries/liblutil/passwd.c	2009-07-27 19:01:13.588069010 -0700

33

+@@ -51,6 +51,26 @@ typedef unsigned char des_data_block[8];

34

+ typedef PK11Context *des_context[1];

35

+ #define DES_ENCRYPT CKA_ENCRYPT

36

+

37

++#elif defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)

38

++#	include <gcrypt.h>

39

++static int gcrypt_init = 0;

40

++

41

++typedef const void* des_key;

42

++typedef unsigned char DES_cblock[8];

43

++typedef des_cblock des_data_block;

44

++typedef int DES_key_schedule; /* unused */

45

++typedef DES_key_schedule des_context; /* unused */

46

++#define des_failed(encrypted) 0

47

++#define des_finish(key, schedule) 

48

++

49

++#define DES_set_key_unchecked( key, key_sched ) \

50

++  gcry_cipher_setkey( hd, key, 8 )

51

++

52

++#define DES_ecb_encrypt( input, output, key_sched, enc ) \

53

++  gcry_cipher_encrypt( hd, *output, 8, *input, 8 )

54

++

55

++#define DES_set_odd_parity( key ) do {} while(0)

56

++

57

+ #endif

58

+

59

+ #endif /* SLAPD_LMHASH */

60

+@@ -651,7 +671,7 @@ static int chk_md5(

61

+

62

+ #ifdef SLAPD_LMHASH

63

+

64

+-#if defined(HAVE_OPENSSL)

65

++#if defined(HAVE_OPENSSL) || defined(HAVE_GNUTLS_GNUTLS_H)

66

+

67

+ /*

68

+  * abstract away setting the parity.

69

+@@ -841,6 +861,19 @@ static int chk_lanman(

70

+ 	des_data_block StdText = "KGS!@#$%";

71

+ 	des_data_block PasswordHash1, PasswordHash2;

72

+ 	char PasswordHash[33], storedPasswordHash[33];

73

++

74

++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)

75

++	gcry_cipher_hd_t hd;

76

++

77

++	if ( !gcrypt_init ) {

78

++	  gcry_check_version( GCRYPT_VERSION );

79

++	  gcrypt_init = 1;

80

++	}

81

++

82

++	schedule = schedule; /* unused - avoid warning */

83

++

84

++	gcry_cipher_open( &hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0 );

85

++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */

86

+

87

+ 	for( i=0; i<cred->bv_len; i++) {

88

+ 		if(cred->bv_val[i] == '\0') {

89

+@@ -883,6 +916,10 @@ static int chk_lanman(

90

+ 	strncpy( storedPasswordHash, passwd->bv_val, 32 );

91

+ 	storedPasswordHash[32] = '\0';

92

+ 	ldap_pvt_str2lower( storedPasswordHash );

93

++

94

++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)

95

++	gcry_cipher_close( hd );

96

++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */

97

+

98

+ 	return memcmp( PasswordHash, storedPasswordHash, 32) ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;

99

+ }

100

+@@ -1138,6 +1175,19 @@ static int hash_lanman(

101

+ 	des_data_block PasswordHash1, PasswordHash2;

102

+ 	char PasswordHash[33];

103

+

104

++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)

105

++	gcry_cipher_hd_t hd;

106

++

107

++	if ( !gcrypt_init ) {

108

++	  gcry_check_version( GCRYPT_VERSION );

109

++	  gcrypt_init = 1;

110

++	}

111

++

112

++	schedule = schedule; /* unused - avoid warning */

113

++

114

++	gcry_cipher_open( &hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0 );

115

++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */

116

++

117

+ 	for( i=0; i<passwd->bv_len; i++) {

118

+ 		if(passwd->bv_val[i] == '\0') {

119

+ 			return LUTIL_PASSWD_ERR;	/* NUL character in password */

120

+@@ -1168,6 +1218,10 @@ static int hash_lanman(

121

+

122

+ 	hash->bv_val = PasswordHash;

123

+ 	hash->bv_len = 32;

124

++

125

++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)

126

++	gcry_cipher_close( hd );

127

++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */

128

+

129

+ 	return pw_string( scheme, hash );

130

+ }

131

132

diff --git a/net-nds/openldap/openldap-2.4.45.ebuild b/net-nds/openldap/openldap-2.4.45.ebuild

133

index 23c66c3db53..b2493271ba4 100644

134

--- a/net-nds/openldap/openldap-2.4.45.ebuild

135

+++ b/net-nds/openldap/openldap-2.4.45.ebuild

136

@@ -330,7 +330,7 @@ src_prepare() {

137

 	epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch

138

139

 	# bug #233633

140

-	epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch

141

+	epatch "${FILESDIR}"/${PN}-2.4.45-fix-lmpasswd-gnutls-symbols.patch

142

143

 	# bug #281495

144

 	epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch

1	commit: 5edbe19fbef9511ab5de32a435209c6ec0b53bf4
2	Author: Matthew Thode <prometheanfire <AT> gentoo <DOT> org>
3	AuthorDate: Fri Jun 23 16:07:38 2017 +0000
4	Commit: Matt Thode <prometheanfire <AT> gentoo <DOT> org>
5	CommitDate: Fri Jun 23 16:14:33 2017 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5edbe19f
7
8	net-nds/openldap: fix gnutls support in openldap-2.4.45 bug 622460
9
10	Package-Manager: Portage-2.3.6, Repoman-2.3.2
11
12	...enldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch \| 109 +++++++++++++++++++++
13	net-nds/openldap/openldap-2.4.45.ebuild \| 2 +-
14	2 files changed, 110 insertions(+), 1 deletion(-)
15
16	diff --git a/net-nds/openldap/files/openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch b/net-nds/openldap/files/openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch
17	new file mode 100644
18	index 00000000000..0859d53caef
19	--- /dev/null
20	+++ b/net-nds/openldap/files/openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch
21	@@ -0,0 +1,109 @@
22	+If GnuTLS is used, the lmpasswd module for USE=samba does not compile.
23	+Forward-port an old Debian patch that upstream never applied.
24	+
25	+Signed-off-by: Robin H. Johnson <robbat2@g.o>
26	+Signed-off-by: Steffen Hau <steffen@×××××××.de>
27	+X-Gentoo-Bug: http://bugs.gentoo.org/show_bug.cgi?id=233633
28	+X-Upstream-Bug: http://www.openldap.org/its/index.cgi/Software%20Enhancements?id=4997
29	+X-Debian-Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=245341
30	+
31	+--- openldap-2.4.17.orig/libraries/liblutil/passwd.c 2009-07-27 18:59:19.635995474 -0700
32	++++ openldap-2.4.17/libraries/liblutil/passwd.c 2009-07-27 19:01:13.588069010 -0700
33	+@@ -51,6 +51,26 @@ typedef unsigned char des_data_block[8];
34	+ typedef PK11Context *des_context[1];
35	+ #define DES_ENCRYPT CKA_ENCRYPT
36	+
37	++#elif defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
38	++# include <gcrypt.h>
39	++static int gcrypt_init = 0;
40	++
41	++typedef const void* des_key;
42	++typedef unsigned char DES_cblock[8];
43	++typedef des_cblock des_data_block;
44	++typedef int DES_key_schedule; /* unused */
45	++typedef DES_key_schedule des_context; /* unused */
46	++#define des_failed(encrypted) 0
47	++#define des_finish(key, schedule)
48	++
49	++#define DES_set_key_unchecked( key, key_sched ) \
50	++ gcry_cipher_setkey( hd, key, 8 )
51	++
52	++#define DES_ecb_encrypt( input, output, key_sched, enc ) \
53	++ gcry_cipher_encrypt( hd, output, 8, input, 8 )
54	++
55	++#define DES_set_odd_parity( key ) do {} while(0)
56	++
57	+ #endif
58	+
59	+ #endif /* SLAPD_LMHASH */
60	+@@ -651,7 +671,7 @@ static int chk_md5(
61	+
62	+ #ifdef SLAPD_LMHASH
63	+
64	+-#if defined(HAVE_OPENSSL)
65	++#if defined(HAVE_OPENSSL) \|\| defined(HAVE_GNUTLS_GNUTLS_H)
66	+
67	+ /*
68	+ * abstract away setting the parity.
69	+@@ -841,6 +861,19 @@ static int chk_lanman(
70	+ des_data_block StdText = "KGS!@#$%";
71	+ des_data_block PasswordHash1, PasswordHash2;
72	+ char PasswordHash[33], storedPasswordHash[33];
73	++
74	++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
75	++ gcry_cipher_hd_t hd;
76	++
77	++ if ( !gcrypt_init ) {
78	++ gcry_check_version( GCRYPT_VERSION );
79	++ gcrypt_init = 1;
80	++ }
81	++
82	++ schedule = schedule; /* unused - avoid warning */
83	++
84	++ gcry_cipher_open( &hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0 );
85	++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
86	+
87	+ for( i=0; i<cred->bv_len; i++) {
88	+ if(cred->bv_val[i] == '\0') {
89	+@@ -883,6 +916,10 @@ static int chk_lanman(
90	+ strncpy( storedPasswordHash, passwd->bv_val, 32 );
91	+ storedPasswordHash[32] = '\0';
92	+ ldap_pvt_str2lower( storedPasswordHash );
93	++
94	++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
95	++ gcry_cipher_close( hd );
96	++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
97	+
98	+ return memcmp( PasswordHash, storedPasswordHash, 32) ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;
99	+ }
100	+@@ -1138,6 +1175,19 @@ static int hash_lanman(
101	+ des_data_block PasswordHash1, PasswordHash2;
102	+ char PasswordHash[33];
103	+
104	++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
105	++ gcry_cipher_hd_t hd;
106	++
107	++ if ( !gcrypt_init ) {
108	++ gcry_check_version( GCRYPT_VERSION );
109	++ gcrypt_init = 1;
110	++ }
111	++
112	++ schedule = schedule; /* unused - avoid warning */
113	++
114	++ gcry_cipher_open( &hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0 );
115	++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
116	++
117	+ for( i=0; i<passwd->bv_len; i++) {
118	+ if(passwd->bv_val[i] == '\0') {
119	+ return LUTIL_PASSWD_ERR; /* NUL character in password */
120	+@@ -1168,6 +1218,10 @@ static int hash_lanman(
121	+
122	+ hash->bv_val = PasswordHash;
123	+ hash->bv_len = 32;
124	++
125	++#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
126	++ gcry_cipher_close( hd );
127	++#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
128	+
129	+ return pw_string( scheme, hash );
130	+ }
131
132	diff --git a/net-nds/openldap/openldap-2.4.45.ebuild b/net-nds/openldap/openldap-2.4.45.ebuild
133	index 23c66c3db53..b2493271ba4 100644
134	--- a/net-nds/openldap/openldap-2.4.45.ebuild
135	+++ b/net-nds/openldap/openldap-2.4.45.ebuild
136	@@ -330,7 +330,7 @@ src_prepare() {
137	epatch "${FILESDIR}"/${PN}-2.4.11-libldap_r.patch
138
139	# bug #233633
140	- epatch "${FILESDIR}"/${PN}-2.4.17-fix-lmpasswd-gnutls-symbols.patch
141	+ epatch "${FILESDIR}"/${PN}-2.4.45-fix-lmpasswd-gnutls-symbols.patch
142
143	# bug #281495
144	epatch "${FILESDIR}"/${PN}-2.4.28-gnutls-gcrypt.patch

Gentoo Archives: gentoo-commits