[gentoo-commits] repo/gentoo:master commit in: net-print/cups/files/, net-print/cups/ - gentoo-commits

From:	Lars Wendler <polynomial-c@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-print/cups/files/, net-print/cups/
Date:	Tue, 03 Sep 2019 07:56:37
Message-Id:	`1567497075.5983cc09eade48687c10dd3241c946d899369a43.polynomial-c@gentoo`

1

commit:     5983cc09eade48687c10dd3241c946d899369a43

2

Author:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>

3

AuthorDate: Tue Sep  3 07:51:15 2019 +0000

4

Commit:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>

5

CommitDate: Tue Sep  3 07:51:15 2019 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5983cc09

7

8

net-print/cups: Security cleanup

9

10

Bug: https://bugs.gentoo.org/692300

11

Package-Manager: Portage-2.3.75, Repoman-2.3.17

12

Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org>

13

14

 net-print/cups/Manifest                        |   1 -

15

 net-print/cups/cups-2.2.11.ebuild              | 336 -------------------------

16

 net-print/cups/files/cups-2.3_rc1-no_pam.patch | 164 ------------

17

 3 files changed, 501 deletions(-)

18

19

diff --git a/net-print/cups/Manifest b/net-print/cups/Manifest

20

index b9b923a3fe7..c4d4ef2a259 100644

21

--- a/net-print/cups/Manifest

22

+++ b/net-print/cups/Manifest

23

@@ -1,3 +1,2 @@

24

-DIST cups-2.2.11-source.tar.gz 10405908 BLAKE2B 9b7ee4da9502e42fd1b4a2c57ab709b3127ee8aeb8481a52f37da19fe5578f406260f1551e3fcedcd3a828fbed69267e68fcfd7bfabadf65afce4c3af19b4a1f SHA512 21a6916041b50044d336871f10d1192635458a3d318f19a18ad21d27027dd3839400601019e758424c218225a34aba148ba3a57f0ce3fe14c4df03bd1fde3403

25

 DIST cups-2.2.12-source.tar.gz 10409313 BLAKE2B 126ea81f7108b3b62f5e062ed522898dd48d4e5b4077c834e8fe89012445dd0a903bafa62f593551ed5f1c92cce4fbd22f56834e0615ed65ca4a6ae84dc2ca1c SHA512 b8e7be512938ad388d469d093ad0c882ab42ea1408c27a91340f8424aa0e79e588df3d59795624973b89074a2af650fa9b5b6ed5224138b17e4c6dbbcbf0a2e6

26

 DIST cups-2.3.0-source.tar.gz 8129049 BLAKE2B 738dbc7ee5ddcc9ffee44083cd93d8a0e75f4d3bf0b704dd643dc59db2cc2381dd65f676c0979bc65fee03438d160d9d650ceb93f8c702102eb1449d306a81a3 SHA512 c51f173b5fbae1554a3f4a3786fb3b5566e50d9f775473788ee3553922ac7e02e4785492c87c93fd46f159f50d97cc10ff6feafb3397cd9c1840840f3a9cdfae

27

28

diff --git a/net-print/cups/cups-2.2.11.ebuild b/net-print/cups/cups-2.2.11.ebuild

29

deleted file mode 100644

30

index 1c078ac92c8..00000000000

31

--- a/net-print/cups/cups-2.2.11.ebuild

32

+++ /dev/null

33

@@ -1,336 +0,0 @@

34

-# Copyright 1999-2019 Gentoo Authors

35

-# Distributed under the terms of the GNU General Public License v2

36

-

37

-EAPI=7

38

-

39

-PYTHON_COMPAT=( python2_7 )

40

-

41

-inherit autotools flag-o-matic linux-info xdg multilib-minimal pam python-single-r1 user java-pkg-opt-2 systemd toolchain-funcs

42

-

43

-MY_P="${P/_rc/rc}"

44

-MY_P="${MY_P/_beta/b}"

45

-MY_PV="${PV/_rc/rc}"

46

-MY_PV="${MY_PV/_beta/b}"

47

-

48

-if [[ ${PV} == *9999 ]]; then

49

-	inherit git-r3

50

-	EGIT_REPO_URI="https://github.com/apple/cups.git"

51

-	if [[ ${PV} != 9999 ]]; then

52

-		EGIT_BRANCH=branch-${PV/.9999}

53

-	fi

54

-else

55

-	#SRC_URI="https://github.com/apple/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"

56

-	SRC_URI="https://github.com/apple/cups/releases/download/v${PV}/${P}-source.tar.gz"

57

-	KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~mips ppc ppc64 s390 ~sh sparc x86 ~amd64-fbsd ~x86-fbsd ~m68k-mint"

58

-fi

59

-

60

-DESCRIPTION="The Common Unix Printing System"

61

-HOMEPAGE="https://www.cups.org/"

62

-

63

-LICENSE="GPL-2"

64

-SLOT="0"

65

-IUSE="acl dbus debug java kerberos lprng-compat pam python selinux +ssl static-libs systemd +threads usb X xinetd zeroconf"

66

-

67

-CDEPEND="

68

-	app-text/libpaper

69

-	sys-libs/zlib

70

-	acl? (

71

-		kernel_linux? (

72

-			sys-apps/acl

73

-			sys-apps/attr

74

-		)

75

-	)

76

-	dbus? ( >=sys-apps/dbus-1.6.18-r1[${MULTILIB_USEDEP}] )

77

-	java? ( >=virtual/jre-1.6:* )

78

-	kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )

79

-	!lprng-compat? ( !net-print/lprng )

80

-	pam? ( virtual/pam )

81

-	python? ( ${PYTHON_DEPS} )

82

-	ssl? ( >=net-libs/gnutls-2.12.23-r6:0=[${MULTILIB_USEDEP}] )

83

-	systemd? ( sys-apps/systemd )

84

-	usb? ( virtual/libusb:1 )

85

-	X? ( x11-misc/xdg-utils )

86

-	xinetd? ( sys-apps/xinetd )

87

-	zeroconf? ( >=net-dns/avahi-0.6.31-r2[${MULTILIB_USEDEP}] )

88

-"

89

-

90

-DEPEND="${CDEPEND}"

91

-BDEPEND="

92

-	>=virtual/pkgconfig-0-r1[${MULTILIB_USEDEP}]

93

-"

94

-

95

-RDEPEND="${CDEPEND}

96

-	selinux? ( sec-policy/selinux-cups )

97

-"

98

-

99

-PDEPEND=">=net-print/cups-filters-1.0.43"

100

-

101

-REQUIRED_USE="

102

-	python? ( ${PYTHON_REQUIRED_USE} )

103

-	usb? ( threads )

104

-"

105

-

106

-# upstream includes an interactive test which is a nono for gentoo

107

-RESTRICT="test"

108

-

109

-# systemd-socket.patch from Fedora

110

-PATCHES=(

111

-	"${FILESDIR}/${PN}-2.2.0-dont-compress-manpages.patch"

112

-	"${FILESDIR}/${PN}-2.2.6-fix-install-perms.patch"

113

-	"${FILESDIR}/${PN}-1.4.4-nostrip.patch"

114

-	"${FILESDIR}/${PN}-2.0.2-rename-systemd-service-files.patch"

115

-	"${FILESDIR}/${PN}-2.0.1-xinetd-installation-fix.patch"

116

-)

117

-

118

-MULTILIB_CHOST_TOOLS=(

119

-	/usr/bin/cups-config

120

-)

121

-

122

-pkg_setup() {

123

-	enewgroup lp

124

-	enewuser lp -1 -1 -1 lp

125

-	enewgroup lpadmin 106

126

-

127

-	use python && python-single-r1_pkg_setup

128

-

129

-	if use kernel_linux; then

130

-		linux-info_pkg_setup

131

-		if  ! linux_config_exists; then

132

-			ewarn "Can't check the linux kernel configuration."

133

-			ewarn "You might have some incompatible options enabled."

134

-		else

135

-			# recheck that we don't have usblp to collide with libusb; this should now work in most cases (bug 501122)

136

-			if use usb; then

137

-				if linux_chkconfig_present USB_PRINTER; then

138

-					elog "Your USB printers will be managed via libusb. In case you run into problems, "

139

-					elog "please try disabling USB_PRINTER support in your kernel or blacklisting the"

140

-					elog "usblp kernel module."

141

-					elog "Alternatively, just disable the usb useflag for cups (your printer will still work)."

142

-				fi

143

-			else

144

-				#here we should warn user that he should enable it so he can print

145

-				if ! linux_chkconfig_present USB_PRINTER; then

146

-					ewarn "If you plan to use USB printers you should enable the USB_PRINTER"

147

-					ewarn "support in your kernel."

148

-					ewarn "Please enable it:"

149

-					ewarn "    CONFIG_USB_PRINTER=y"

150

-					ewarn "in /usr/src/linux/.config or"

151

-					ewarn "    Device Drivers --->"

152

-					ewarn "        USB support  --->"

153

-					ewarn "            [*] USB Printer support"

154

-					ewarn "Alternatively, enable the usb useflag for cups and use the libusb code."

155

-				fi

156

-			fi

157

-		fi

158

-	fi

159

-}

160

-

161

-src_prepare() {

162

-	default

163

-

164

-	# Remove ".SILENT" rule for verbose output (bug 524338).

165

-	sed 's#^.SILENT:##g' -i "${S}"/Makedefs.in || die "sed failed"

166

-

167

-	# Fix install-sh, posix sh does not have 'function'.

168

-	sed 's#function gzipcp#gzipcp()#g' -i "${S}/install-sh"

169

-

170

-	AT_M4DIR=config-scripts eaclocal

171

-	eautoconf

172

-

173

-	# custom Makefiles

174

-	multilib_copy_sources

175

-}

176

-

177

-multilib_src_configure() {

178

-	export DSOFLAGS="${LDFLAGS}"

179

-

180

-	einfo LINGUAS=\"${LINGUAS}\"

181

-

182

-	# explicitly specify compiler wrt bug 524340

183

-	#

184

-	# need to override KRB5CONFIG for proper flags

185

-	# https://github.com/apple/cups/issues/4423

186

-	local myeconfargs=(

187

-		CC="$(tc-getCC)"

188

-		CXX="$(tc-getCXX)"

189

-		KRB5CONFIG="${EPREFIX}"/usr/bin/${CHOST}-krb5-config

190

-		--libdir="${EPREFIX}"/usr/$(get_libdir)

191

-		--localstatedir="${EPREFIX}"/var

192

-		--with-exe-file-perm=755

193

-		--with-rundir="${EPREFIX}"/run/cups

194

-		--with-cups-user=lp

195

-		--with-cups-group=lp

196

-		--with-docdir="${EPREFIX}"/usr/share/cups/html

197

-		--with-languages="${LINGUAS}"

198

-		--with-system-groups=lpadmin

199

-		--with-xinetd="${EPREFIX}"/etc/xinetd.d

200

-		$(multilib_native_use_enable acl)

201

-		$(use_enable dbus)

202

-		$(use_enable debug)

203

-		$(use_enable debug debug-guards)

204

-		$(use_enable debug debug-printfs)

205

-		$(multilib_native_use_with java)

206

-		$(use_enable kerberos gssapi)

207

-		$(multilib_native_use_enable pam)

208

-		$(multilib_native_use_with python python "${PYTHON}")

209

-		$(use_enable static-libs static)

210

-		$(use_enable threads)

211

-		$(use_enable ssl gnutls)

212

-		$(use_enable systemd)

213

-		$(multilib_native_use_enable usb libusb)

214

-		$(use_enable zeroconf avahi)

215

-		--disable-dnssd

216

-		--without-perl

217

-		--without-php

218

-		$(multilib_is_native_abi && echo --enable-libpaper || echo --disable-libpaper)

219

-	)

220

-

221

-	if tc-is-static-only; then

222

-		myeconfargs+=(

223

-			--disable-shared

224

-		)

225

-	fi

226

-

227

-	econf "${myeconfargs[@]}"

228

-

229

-	# install in /usr/libexec always, instead of using /usr/lib/cups, as that

230

-	# makes more sense when facing multilib support.

231

-	sed -i -e "s:SERVERBIN.*:SERVERBIN = \"\$\(BUILDROOT\)${EPREFIX}/usr/libexec/cups\":" Makedefs || die

232

-	sed -i -e "s:#define CUPS_SERVERBIN.*:#define CUPS_SERVERBIN \"${EPREFIX}/usr/libexec/cups\":" config.h || die

233

-	sed -i -e "s:cups_serverbin=.*:cups_serverbin=\"${EPREFIX}/usr/libexec/cups\":" cups-config || die

234

-

235

-	# additional path corrections needed for prefix, see bug 597728

236

-	sed \

237

-		-e "s:ICONDIR.*:ICONDIR = ${EPREFIX}/usr/share/icons:" \

238

-		-e "s:INITDIR.*:INITDIR = ${EPREFIX}/etc:" \

239

-		-e "s:DBUSDIR.*:DBUSDIR = ${EPREFIX}/etc/dbus-1:" \

240

-		-e "s:MENUDIR.*:MENUDIR = ${EPREFIX}/usr/share/applications:" \

241

-		-i Makedefs || die

242

-}

243

-

244

-multilib_src_compile() {

245

-	if multilib_is_native_abi; then

246

-		default

247

-	else

248

-		emake libs

249

-	fi

250

-}

251

-

252

-multilib_src_test() {

253

-	multilib_is_native_abi && default

254

-}

255

-

256

-multilib_src_install() {

257

-	if multilib_is_native_abi; then

258

-		emake BUILDROOT="${D}" install

259

-	else

260

-		emake BUILDROOT="${D}" install-libs install-headers

261

-		dobin cups-config

262

-	fi

263

-}

264

-

265

-multilib_src_install_all() {

266

-	dodoc {CHANGES,CREDITS,README}.md

267

-

268

-	# move the default config file to docs

269

-	dodoc "${ED}"/etc/cups/cupsd.conf.default

270

-	rm -f "${ED}"/etc/cups/cupsd.conf.default

271

-

272

-	# clean out cups init scripts

273

-	rm -rf "${ED}"/etc/{init.d/cups,rc*,pam.d/cups}

274

-

275

-	# install our init script

276

-	local neededservices

277

-	use zeroconf && neededservices+=" avahi-daemon"

278

-	use dbus && neededservices+=" dbus"

279

-	[[ -n ${neededservices} ]] && neededservices="need${neededservices}"

280

-	cp "${FILESDIR}"/cupsd.init.d-r3 "${T}"/cupsd || die

281

-	sed -i \

282

-		-e "s/@neededservices@/${neededservices}/" \

283

-		"${T}"/cupsd || die

284

-	doinitd "${T}"/cupsd

285

-

286

-	# install our pam script

287

-	pamd_mimic_system cups auth account

288

-

289

-	if use xinetd ; then

290

-		# correct path

291

-		sed -i \

292

-			-e "s:server = .*:server = /usr/libexec/cups/daemon/cups-lpd:" \

293

-			"${ED}"/etc/xinetd.d/cups-lpd || die

294

-		# it is safer to disable this by default, bug #137130

295

-		grep -w 'disable' "${ED}"/etc/xinetd.d/cups-lpd || \

296

-			{ sed -i -e "s:}:\tdisable = yes\n}:" "${ED}"/etc/xinetd.d/cups-lpd || die ; }

297

-		# write permission for file owner (root), bug #296221

298

-		fperms u+w /etc/xinetd.d/cups-lpd || die "fperms failed"

299

-	else

300

-		# always configure with --with-xinetd= and clean up later,

301

-		# bug #525604

302

-		rm -rf "${ED}"/etc/xinetd.d

303

-	fi

304

-

305

-	keepdir /usr/libexec/cups/driver /usr/share/cups/{model,profiles} \

306

-		/var/log/cups /var/spool/cups/tmp

307

-

308

-	keepdir /etc/cups/{interfaces,ppd,ssl}

309

-

310

-	if ! use X ; then

311

-		rm -r "${ED}"/usr/share/applications || die

312

-	fi

313

-

314

-	# create /etc/cups/client.conf, bug #196967 and #266678

315

-	echo "ServerName ${EPREFIX}/run/cups/cups.sock" >> "${ED}"/etc/cups/client.conf

316

-

317

-	# the following file is now provided by cups-filters:

318

-	rm -r "${ED}"/usr/share/cups/banners || die

319

-

320

-	# the following are created by the init script

321

-	rm -r "${ED}"/var/cache/cups || die

322

-	rm -r "${ED}"/run || die

323

-

324

-	# for the special case of running lprng and cups together, bug 467226

325

-	if use lprng-compat ; then

326

-		rm -fv "${ED}"/usr/bin/{lp*,cancel}

327

-		rm -fv "${ED}"/usr/sbin/lp*

328

-		rm -fv "${ED}"/usr/share/man/man1/{lp*,cancel*}

329

-		rm -fv "${ED}"/usr/share/man/man8/lp*

330

-		ewarn "Not installing lp... binaries, since the lprng-compat useflag is set."

331

-		ewarn "Unless you plan to install an exotic server setup, you most likely"

332

-		ewarn "do not want this. Disable the useflag then and all will be fine."

333

-	fi

334

-}

335

-

336

-pkg_preinst() {

337

-	xdg_pkg_preinst

338

-}

339

-

340

-pkg_postinst() {

341

-	# Update desktop file database and gtk icon cache (bug 370059)

342

-	xdg_pkg_postinst

343

-

344

-	local v

345

-

346

-	for v in ${REPLACING_VERSIONS}; do

347

-		if ! ver_test ${v} -ge 2.2.2-r2 ; then

348

-			echo

349

-			ewarn "The cupsd init script switched to using pidfiles. Shutting down"

350

-			ewarn "cupsd will fail the next time. To fix this, please run once as root"

351

-			ewarn "   killall cupsd ; /etc/init.d/cupsd zap ; /etc/init.d/cupsd start"

352

-			echo

353

-			break

354

-		fi

355

-	done

356

-

357

-	for v in ${REPLACING_VERSIONS}; do

358

-		echo

359

-		elog "For information about installing a printer and general cups setup"

360

-		elog "take a look at: https://wiki.gentoo.org/wiki/Printing"

361

-		echo

362

-		break

363

-	done

364

-}

365

-

366

-pkg_postrm() {

367

-	# Update desktop file database and gtk icon cache (bug 370059)

368

-	xdg_pkg_postrm

369

-}

370

371

diff --git a/net-print/cups/files/cups-2.3_rc1-no_pam.patch b/net-print/cups/files/cups-2.3_rc1-no_pam.patch

372

deleted file mode 100644

373

index 17e69ab7b0a..00000000000

374

--- a/net-print/cups/files/cups-2.3_rc1-no_pam.patch

375

+++ /dev/null

376

@@ -1,164 +0,0 @@

377

-From 3cd7b5e053f8100da1ca8d8daf93976cca3516ef Mon Sep 17 00:00:00 2001

378

-From: Michael R Sweet <michael.r.sweet@×××××.com>

379

-Date: Fri, 23 Feb 2018 13:21:56 -0500

380

-Subject: [PATCH] Fix builds without PAM (Issue #5253)

381

-

382

---- a/scheduler/auth.c

383

-+++ b/scheduler/auth.c

384

-@@ -67,9 +68,6 @@ static int		check_authref(cupsd_client_t *con, const char *right);

385

- static int		compare_locations(cupsd_location_t *a,

386

- 			                  cupsd_location_t *b);

387

- static cupsd_authmask_t	*copy_authmask(cupsd_authmask_t *am, void *data);

388

--#if !HAVE_LIBPAM

389

--static char		*cups_crypt(const char *pw, const char *salt);

390

--#endif /* !HAVE_LIBPAM */

391

- static void		free_authmask(cupsd_authmask_t *am, void *data);

392

- #if HAVE_LIBPAM

393

- static int		pam_func(int, const struct pam_message **,

394

-@@ -690,14 +688,14 @@ cupsdAuthorize(cupsd_client_t *con)	/* I - Client connection */

395

- 	    * client...

396

- 	    */

397

-

398

--	    pass = cups_crypt(password, pw->pw_passwd);

399

-+	    pass = crypt(password, pw->pw_passwd);

400

-

401

- 	    if (!pass || strcmp(pw->pw_passwd, pass))

402

- 	    {

403

- #  ifdef HAVE_SHADOW_H

404

- 	      if (spw)

405

- 	      {

406

--		pass = cups_crypt(password, spw->sp_pwdp);

407

-+		pass = crypt(password, spw->sp_pwdp);

408

-

409

- 		if (pass == NULL || strcmp(spw->sp_pwdp, pass))

410

- 		{

411

-@@ -1991,129 +1989,6 @@ copy_authmask(cupsd_authmask_t *mask,	/* I - Existing auth mask */

412

- }

413

-

414

-

415

--#if !HAVE_LIBPAM

416

--/*

417

-- * 'cups_crypt()' - Encrypt the password using the DES or MD5 algorithms,

418

-- *                  as needed.

419

-- */

420

--

421

--static char *				/* O - Encrypted password */

422

--cups_crypt(const char *pw,		/* I - Password string */

423

--           const char *salt)		/* I - Salt (key) string */

424

--{

425

--  if (!strncmp(salt, "$1$", 3))

426

--  {

427

--   /*

428

--    * Use MD5 passwords without the benefit of PAM; this is for

429

--    * Slackware Linux, and the algorithm was taken from the

430

--    * old shadow-19990827/lib/md5crypt.c source code... :(

431

--    */

432

--

433

--    int			i;		/* Looping var */

434

--    unsigned long	n;		/* Output number */

435

--    int			pwlen;		/* Length of password string */

436

--    const char		*salt_end;	/* End of "salt" data for MD5 */

437

--    char		*ptr;		/* Pointer into result string */

438

--    _cups_md5_state_t	state;		/* Primary MD5 state info */

439

--    _cups_md5_state_t	state2;		/* Secondary MD5 state info */

440

--    unsigned char	digest[16];	/* MD5 digest result */

441

--    static char		result[120];	/* Final password string */

442

--

443

--

444

--   /*

445

--    * Get the salt data between dollar signs, e.g. $1$saltdata$md5.

446

--    * Get a maximum of 8 characters of salt data after $1$...

447

--    */

448

--

449

--    for (salt_end = salt + 3; *salt_end && (salt_end - salt) < 11; salt_end ++)

450

--      if (*salt_end == '$')

451

--        break;

452

--

453

--   /*

454

--    * Compute the MD5 sum we need...

455

--    */

456

--

457

--    pwlen = strlen(pw);

458

--

459

--    _cupsMD5Init(&state);

460

--    _cupsMD5Append(&state, (unsigned char *)pw, pwlen);

461

--    _cupsMD5Append(&state, (unsigned char *)salt, salt_end - salt);

462

--

463

--    _cupsMD5Init(&state2);

464

--    _cupsMD5Append(&state2, (unsigned char *)pw, pwlen);

465

--    _cupsMD5Append(&state2, (unsigned char *)salt + 3, salt_end - salt - 3);

466

--    _cupsMD5Append(&state2, (unsigned char *)pw, pwlen);

467

--    _cupsMD5Finish(&state2, digest);

468

--

469

--    for (i = pwlen; i > 0; i -= 16)

470

--      _cupsMD5Append(&state, digest, i > 16 ? 16 : i);

471

--

472

--    for (i = pwlen; i > 0; i >>= 1)

473

--      _cupsMD5Append(&state, (unsigned char *)((i & 1) ? "" : pw), 1);

474

--

475

--    _cupsMD5Finish(&state, digest);

476

--

477

--    for (i = 0; i < 1000; i ++)

478

--    {

479

--      _cupsMD5Init(&state);

480

--

481

--      if (i & 1)

482

--        _cupsMD5Append(&state, (unsigned char *)pw, pwlen);

483

--      else

484

--        _cupsMD5Append(&state, digest, 16);

485

--

486

--      if (i % 3)

487

--        _cupsMD5Append(&state, (unsigned char *)salt + 3, salt_end - salt - 3);

488

--

489

--      if (i % 7)

490

--        _cupsMD5Append(&state, (unsigned char *)pw, pwlen);

491

--

492

--      if (i & 1)

493

--        _cupsMD5Append(&state, digest, 16);

494

--      else

495

--        _cupsMD5Append(&state, (unsigned char *)pw, pwlen);

496

--

497

--      _cupsMD5Finish(&state, digest);

498

--    }

499

--

500

--   /*

501

--    * Copy the final sum to the result string and return...

502

--    */

503

--

504

--    memcpy(result, salt, (size_t)(salt_end - salt));

505

--    ptr = result + (salt_end - salt);

506

--    *ptr++ = '$';

507

--

508

--    for (i = 0; i < 5; i ++, ptr += 4)

509

--    {

510

--      n = ((((unsigned)digest[i] << 8) | (unsigned)digest[i + 6]) << 8);

511

--

512

--      if (i < 4)

513

--        n |= (unsigned)digest[i + 12];

514

--      else

515

--        n |= (unsigned)digest[5];

516

--

517

--      to64(ptr, n, 4);

518

--    }

519

--

520

--    to64(ptr, (unsigned)digest[11], 2);

521

--    ptr += 2;

522

--    *ptr = '\0';

523

--

524

--    return (result);

525

--  }

526

--  else

527

--  {

528

--   /*

529

--    * Use the standard crypt() function...

530

--    */

531

--

532

--    return (crypt(pw, salt));

533

--  }

534

--}

535

--#endif /* !HAVE_LIBPAM */

536

--

537

--

538

- /*

539

-  * 'free_authmask()' - Free function for auth masks.

540

-  */

1	commit: 5983cc09eade48687c10dd3241c946d899369a43
2	Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
3	AuthorDate: Tue Sep 3 07:51:15 2019 +0000
4	Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
5	CommitDate: Tue Sep 3 07:51:15 2019 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5983cc09
7
8	net-print/cups: Security cleanup
9
10	Bug: https://bugs.gentoo.org/692300
11	Package-Manager: Portage-2.3.75, Repoman-2.3.17
12	Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org>
13
14	net-print/cups/Manifest \| 1 -
15	net-print/cups/cups-2.2.11.ebuild \| 336 -------------------------
16	net-print/cups/files/cups-2.3_rc1-no_pam.patch \| 164 ------------
17	3 files changed, 501 deletions(-)
18
19	diff --git a/net-print/cups/Manifest b/net-print/cups/Manifest
20	index b9b923a3fe7..c4d4ef2a259 100644
21	--- a/net-print/cups/Manifest
22	+++ b/net-print/cups/Manifest
23	@@ -1,3 +1,2 @@
24	-DIST cups-2.2.11-source.tar.gz 10405908 BLAKE2B 9b7ee4da9502e42fd1b4a2c57ab709b3127ee8aeb8481a52f37da19fe5578f406260f1551e3fcedcd3a828fbed69267e68fcfd7bfabadf65afce4c3af19b4a1f SHA512 21a6916041b50044d336871f10d1192635458a3d318f19a18ad21d27027dd3839400601019e758424c218225a34aba148ba3a57f0ce3fe14c4df03bd1fde3403
25	DIST cups-2.2.12-source.tar.gz 10409313 BLAKE2B 126ea81f7108b3b62f5e062ed522898dd48d4e5b4077c834e8fe89012445dd0a903bafa62f593551ed5f1c92cce4fbd22f56834e0615ed65ca4a6ae84dc2ca1c SHA512 b8e7be512938ad388d469d093ad0c882ab42ea1408c27a91340f8424aa0e79e588df3d59795624973b89074a2af650fa9b5b6ed5224138b17e4c6dbbcbf0a2e6
26	DIST cups-2.3.0-source.tar.gz 8129049 BLAKE2B 738dbc7ee5ddcc9ffee44083cd93d8a0e75f4d3bf0b704dd643dc59db2cc2381dd65f676c0979bc65fee03438d160d9d650ceb93f8c702102eb1449d306a81a3 SHA512 c51f173b5fbae1554a3f4a3786fb3b5566e50d9f775473788ee3553922ac7e02e4785492c87c93fd46f159f50d97cc10ff6feafb3397cd9c1840840f3a9cdfae
27
28	diff --git a/net-print/cups/cups-2.2.11.ebuild b/net-print/cups/cups-2.2.11.ebuild
29	deleted file mode 100644
30	index 1c078ac92c8..00000000000
31	--- a/net-print/cups/cups-2.2.11.ebuild
32	+++ /dev/null
33	@@ -1,336 +0,0 @@
34	-# Copyright 1999-2019 Gentoo Authors
35	-# Distributed under the terms of the GNU General Public License v2
36	-
37	-EAPI=7
38	-
39	-PYTHON_COMPAT=( python2_7 )
40	-
41	-inherit autotools flag-o-matic linux-info xdg multilib-minimal pam python-single-r1 user java-pkg-opt-2 systemd toolchain-funcs
42	-
43	-MY_P="${P/_rc/rc}"
44	-MY_P="${MY_P/_beta/b}"
45	-MY_PV="${PV/_rc/rc}"
46	-MY_PV="${MY_PV/_beta/b}"
47	-
48	-if [[ ${PV} == *9999 ]]; then
49	- inherit git-r3
50	- EGIT_REPO_URI="https://github.com/apple/cups.git"
51	- if [[ ${PV} != 9999 ]]; then
52	- EGIT_BRANCH=branch-${PV/.9999}
53	- fi
54	-else
55	- #SRC_URI="https://github.com/apple/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
56	- SRC_URI="https://github.com/apple/cups/releases/download/v${PV}/${P}-source.tar.gz"
57	- KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~mips ppc ppc64 s390 ~sh sparc x86 ~amd64-fbsd ~x86-fbsd ~m68k-mint"
58	-fi
59	-
60	-DESCRIPTION="The Common Unix Printing System"
61	-HOMEPAGE="https://www.cups.org/"
62	-
63	-LICENSE="GPL-2"
64	-SLOT="0"
65	-IUSE="acl dbus debug java kerberos lprng-compat pam python selinux +ssl static-libs systemd +threads usb X xinetd zeroconf"
66	-
67	-CDEPEND="
68	- app-text/libpaper
69	- sys-libs/zlib
70	- acl? (
71	- kernel_linux? (
72	- sys-apps/acl
73	- sys-apps/attr
74	- )
75	- )
76	- dbus? ( >=sys-apps/dbus-1.6.18-r1[${MULTILIB_USEDEP}] )
77	- java? ( >=virtual/jre-1.6:* )
78	- kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
79	- !lprng-compat? ( !net-print/lprng )
80	- pam? ( virtual/pam )
81	- python? ( ${PYTHON_DEPS} )
82	- ssl? ( >=net-libs/gnutls-2.12.23-r6:0=[${MULTILIB_USEDEP}] )
83	- systemd? ( sys-apps/systemd )
84	- usb? ( virtual/libusb:1 )
85	- X? ( x11-misc/xdg-utils )
86	- xinetd? ( sys-apps/xinetd )
87	- zeroconf? ( >=net-dns/avahi-0.6.31-r2[${MULTILIB_USEDEP}] )
88	-"
89	-
90	-DEPEND="${CDEPEND}"
91	-BDEPEND="
92	- >=virtual/pkgconfig-0-r1[${MULTILIB_USEDEP}]
93	-"
94	-
95	-RDEPEND="${CDEPEND}
96	- selinux? ( sec-policy/selinux-cups )
97	-"
98	-
99	-PDEPEND=">=net-print/cups-filters-1.0.43"
100	-
101	-REQUIRED_USE="
102	- python? ( ${PYTHON_REQUIRED_USE} )
103	- usb? ( threads )
104	-"
105	-
106	-# upstream includes an interactive test which is a nono for gentoo
107	-RESTRICT="test"
108	-
109	-# systemd-socket.patch from Fedora
110	-PATCHES=(
111	- "${FILESDIR}/${PN}-2.2.0-dont-compress-manpages.patch"
112	- "${FILESDIR}/${PN}-2.2.6-fix-install-perms.patch"
113	- "${FILESDIR}/${PN}-1.4.4-nostrip.patch"
114	- "${FILESDIR}/${PN}-2.0.2-rename-systemd-service-files.patch"
115	- "${FILESDIR}/${PN}-2.0.1-xinetd-installation-fix.patch"
116	-)
117	-
118	-MULTILIB_CHOST_TOOLS=(
119	- /usr/bin/cups-config
120	-)
121	-
122	-pkg_setup() {
123	- enewgroup lp
124	- enewuser lp -1 -1 -1 lp
125	- enewgroup lpadmin 106
126	-
127	- use python && python-single-r1_pkg_setup
128	-
129	- if use kernel_linux; then
130	- linux-info_pkg_setup
131	- if ! linux_config_exists; then
132	- ewarn "Can't check the linux kernel configuration."
133	- ewarn "You might have some incompatible options enabled."
134	- else
135	- # recheck that we don't have usblp to collide with libusb; this should now work in most cases (bug 501122)
136	- if use usb; then
137	- if linux_chkconfig_present USB_PRINTER; then
138	- elog "Your USB printers will be managed via libusb. In case you run into problems, "
139	- elog "please try disabling USB_PRINTER support in your kernel or blacklisting the"
140	- elog "usblp kernel module."
141	- elog "Alternatively, just disable the usb useflag for cups (your printer will still work)."
142	- fi
143	- else
144	- #here we should warn user that he should enable it so he can print
145	- if ! linux_chkconfig_present USB_PRINTER; then
146	- ewarn "If you plan to use USB printers you should enable the USB_PRINTER"
147	- ewarn "support in your kernel."
148	- ewarn "Please enable it:"
149	- ewarn " CONFIG_USB_PRINTER=y"
150	- ewarn "in /usr/src/linux/.config or"
151	- ewarn " Device Drivers --->"
152	- ewarn " USB support --->"
153	- ewarn " [*] USB Printer support"
154	- ewarn "Alternatively, enable the usb useflag for cups and use the libusb code."
155	- fi
156	- fi
157	- fi
158	- fi
159	-}
160	-
161	-src_prepare() {
162	- default
163	-
164	- # Remove ".SILENT" rule for verbose output (bug 524338).
165	- sed 's#^.SILENT:##g' -i "${S}"/Makedefs.in \|\| die "sed failed"
166	-
167	- # Fix install-sh, posix sh does not have 'function'.
168	- sed 's#function gzipcp#gzipcp()#g' -i "${S}/install-sh"
169	-
170	- AT_M4DIR=config-scripts eaclocal
171	- eautoconf
172	-
173	- # custom Makefiles
174	- multilib_copy_sources
175	-}
176	-
177	-multilib_src_configure() {
178	- export DSOFLAGS="${LDFLAGS}"
179	-
180	- einfo LINGUAS=\"${LINGUAS}\"
181	-
182	- # explicitly specify compiler wrt bug 524340
183	- #
184	- # need to override KRB5CONFIG for proper flags
185	- # https://github.com/apple/cups/issues/4423
186	- local myeconfargs=(
187	- CC="$(tc-getCC)"
188	- CXX="$(tc-getCXX)"
189	- KRB5CONFIG="${EPREFIX}"/usr/bin/${CHOST}-krb5-config
190	- --libdir="${EPREFIX}"/usr/$(get_libdir)
191	- --localstatedir="${EPREFIX}"/var
192	- --with-exe-file-perm=755
193	- --with-rundir="${EPREFIX}"/run/cups
194	- --with-cups-user=lp
195	- --with-cups-group=lp
196	- --with-docdir="${EPREFIX}"/usr/share/cups/html
197	- --with-languages="${LINGUAS}"
198	- --with-system-groups=lpadmin
199	- --with-xinetd="${EPREFIX}"/etc/xinetd.d
200	- $(multilib_native_use_enable acl)
201	- $(use_enable dbus)
202	- $(use_enable debug)
203	- $(use_enable debug debug-guards)
204	- $(use_enable debug debug-printfs)
205	- $(multilib_native_use_with java)
206	- $(use_enable kerberos gssapi)
207	- $(multilib_native_use_enable pam)
208	- $(multilib_native_use_with python python "${PYTHON}")
209	- $(use_enable static-libs static)
210	- $(use_enable threads)
211	- $(use_enable ssl gnutls)
212	- $(use_enable systemd)
213	- $(multilib_native_use_enable usb libusb)
214	- $(use_enable zeroconf avahi)
215	- --disable-dnssd
216	- --without-perl
217	- --without-php
218	- $(multilib_is_native_abi && echo --enable-libpaper \|\| echo --disable-libpaper)
219	- )
220	-
221	- if tc-is-static-only; then
222	- myeconfargs+=(
223	- --disable-shared
224	- )
225	- fi
226	-
227	- econf "${myeconfargs[@]}"
228	-
229	- # install in /usr/libexec always, instead of using /usr/lib/cups, as that
230	- # makes more sense when facing multilib support.
231	- sed -i -e "s:SERVERBIN.*:SERVERBIN = \"\$\(BUILDROOT\)${EPREFIX}/usr/libexec/cups\":" Makedefs \|\| die
232	- sed -i -e "s:#define CUPS_SERVERBIN.*:#define CUPS_SERVERBIN \"${EPREFIX}/usr/libexec/cups\":" config.h \|\| die
233	- sed -i -e "s:cups_serverbin=.*:cups_serverbin=\"${EPREFIX}/usr/libexec/cups\":" cups-config \|\| die
234	-
235	- # additional path corrections needed for prefix, see bug 597728
236	- sed \
237	- -e "s:ICONDIR.*:ICONDIR = ${EPREFIX}/usr/share/icons:" \
238	- -e "s:INITDIR.*:INITDIR = ${EPREFIX}/etc:" \
239	- -e "s:DBUSDIR.*:DBUSDIR = ${EPREFIX}/etc/dbus-1:" \
240	- -e "s:MENUDIR.*:MENUDIR = ${EPREFIX}/usr/share/applications:" \
241	- -i Makedefs \|\| die
242	-}
243	-
244	-multilib_src_compile() {
245	- if multilib_is_native_abi; then
246	- default
247	- else
248	- emake libs
249	- fi
250	-}
251	-
252	-multilib_src_test() {
253	- multilib_is_native_abi && default
254	-}
255	-
256	-multilib_src_install() {
257	- if multilib_is_native_abi; then
258	- emake BUILDROOT="${D}" install
259	- else
260	- emake BUILDROOT="${D}" install-libs install-headers
261	- dobin cups-config
262	- fi
263	-}
264	-
265	-multilib_src_install_all() {
266	- dodoc {CHANGES,CREDITS,README}.md
267	-
268	- # move the default config file to docs
269	- dodoc "${ED}"/etc/cups/cupsd.conf.default
270	- rm -f "${ED}"/etc/cups/cupsd.conf.default
271	-
272	- # clean out cups init scripts
273	- rm -rf "${ED}"/etc/{init.d/cups,rc*,pam.d/cups}
274	-
275	- # install our init script
276	- local neededservices
277	- use zeroconf && neededservices+=" avahi-daemon"
278	- use dbus && neededservices+=" dbus"
279	- [[ -n ${neededservices} ]] && neededservices="need${neededservices}"
280	- cp "${FILESDIR}"/cupsd.init.d-r3 "${T}"/cupsd \|\| die
281	- sed -i \
282	- -e "s/@neededservices@/${neededservices}/" \
283	- "${T}"/cupsd \|\| die
284	- doinitd "${T}"/cupsd
285	-
286	- # install our pam script
287	- pamd_mimic_system cups auth account
288	-
289	- if use xinetd ; then
290	- # correct path
291	- sed -i \
292	- -e "s:server = .*:server = /usr/libexec/cups/daemon/cups-lpd:" \
293	- "${ED}"/etc/xinetd.d/cups-lpd \|\| die
294	- # it is safer to disable this by default, bug #137130
295	- grep -w 'disable' "${ED}"/etc/xinetd.d/cups-lpd \|\| \
296	- { sed -i -e "s:}:\tdisable = yes\n}:" "${ED}"/etc/xinetd.d/cups-lpd \|\| die ; }
297	- # write permission for file owner (root), bug #296221
298	- fperms u+w /etc/xinetd.d/cups-lpd \|\| die "fperms failed"
299	- else
300	- # always configure with --with-xinetd= and clean up later,
301	- # bug #525604
302	- rm -rf "${ED}"/etc/xinetd.d
303	- fi
304	-
305	- keepdir /usr/libexec/cups/driver /usr/share/cups/{model,profiles} \
306	- /var/log/cups /var/spool/cups/tmp
307	-
308	- keepdir /etc/cups/{interfaces,ppd,ssl}
309	-
310	- if ! use X ; then
311	- rm -r "${ED}"/usr/share/applications \|\| die
312	- fi
313	-
314	- # create /etc/cups/client.conf, bug #196967 and #266678
315	- echo "ServerName ${EPREFIX}/run/cups/cups.sock" >> "${ED}"/etc/cups/client.conf
316	-
317	- # the following file is now provided by cups-filters:
318	- rm -r "${ED}"/usr/share/cups/banners \|\| die
319	-
320	- # the following are created by the init script
321	- rm -r "${ED}"/var/cache/cups \|\| die
322	- rm -r "${ED}"/run \|\| die
323	-
324	- # for the special case of running lprng and cups together, bug 467226
325	- if use lprng-compat ; then
326	- rm -fv "${ED}"/usr/bin/{lp*,cancel}
327	- rm -fv "${ED}"/usr/sbin/lp*
328	- rm -fv "${ED}"/usr/share/man/man1/{lp,cancel}
329	- rm -fv "${ED}"/usr/share/man/man8/lp*
330	- ewarn "Not installing lp... binaries, since the lprng-compat useflag is set."
331	- ewarn "Unless you plan to install an exotic server setup, you most likely"
332	- ewarn "do not want this. Disable the useflag then and all will be fine."
333	- fi
334	-}
335	-
336	-pkg_preinst() {
337	- xdg_pkg_preinst
338	-}
339	-
340	-pkg_postinst() {
341	- # Update desktop file database and gtk icon cache (bug 370059)
342	- xdg_pkg_postinst
343	-
344	- local v
345	-
346	- for v in ${REPLACING_VERSIONS}; do
347	- if ! ver_test ${v} -ge 2.2.2-r2 ; then
348	- echo
349	- ewarn "The cupsd init script switched to using pidfiles. Shutting down"
350	- ewarn "cupsd will fail the next time. To fix this, please run once as root"
351	- ewarn " killall cupsd ; /etc/init.d/cupsd zap ; /etc/init.d/cupsd start"
352	- echo
353	- break
354	- fi
355	- done
356	-
357	- for v in ${REPLACING_VERSIONS}; do
358	- echo
359	- elog "For information about installing a printer and general cups setup"
360	- elog "take a look at: https://wiki.gentoo.org/wiki/Printing"
361	- echo
362	- break
363	- done
364	-}
365	-
366	-pkg_postrm() {
367	- # Update desktop file database and gtk icon cache (bug 370059)
368	- xdg_pkg_postrm
369	-}
370
371	diff --git a/net-print/cups/files/cups-2.3_rc1-no_pam.patch b/net-print/cups/files/cups-2.3_rc1-no_pam.patch
372	deleted file mode 100644
373	index 17e69ab7b0a..00000000000
374	--- a/net-print/cups/files/cups-2.3_rc1-no_pam.patch
375	+++ /dev/null
376	@@ -1,164 +0,0 @@
377	-From 3cd7b5e053f8100da1ca8d8daf93976cca3516ef Mon Sep 17 00:00:00 2001
378	-From: Michael R Sweet <michael.r.sweet@×××××.com>
379	-Date: Fri, 23 Feb 2018 13:21:56 -0500
380	-Subject: [PATCH] Fix builds without PAM (Issue #5253)
381	-
382	---- a/scheduler/auth.c
383	-+++ b/scheduler/auth.c
384	-@@ -67,9 +68,6 @@ static int check_authref(cupsd_client_t con, const char right);
385	- static int compare_locations(cupsd_location_t *a,
386	- cupsd_location_t *b);
387	- static cupsd_authmask_t copy_authmask(cupsd_authmask_t am, void *data);
388	--#if !HAVE_LIBPAM
389	--static char cups_crypt(const char pw, const char *salt);
390	--#endif /* !HAVE_LIBPAM */
391	- static void free_authmask(cupsd_authmask_t am, void data);
392	- #if HAVE_LIBPAM
393	- static int pam_func(int, const struct pam_message **,
394	-@@ -690,14 +688,14 @@ cupsdAuthorize(cupsd_client_t con) / I - Client connection */
395	- * client...
396	- */
397	-
398	-- pass = cups_crypt(password, pw->pw_passwd);
399	-+ pass = crypt(password, pw->pw_passwd);
400	-
401	- if (!pass \|\| strcmp(pw->pw_passwd, pass))
402	- {
403	- # ifdef HAVE_SHADOW_H
404	- if (spw)
405	- {
406	-- pass = cups_crypt(password, spw->sp_pwdp);
407	-+ pass = crypt(password, spw->sp_pwdp);
408	-
409	- if (pass == NULL \|\| strcmp(spw->sp_pwdp, pass))
410	- {
411	-@@ -1991,129 +1989,6 @@ copy_authmask(cupsd_authmask_t mask, / I - Existing auth mask */
412	- }
413	-
414	-
415	--#if !HAVE_LIBPAM
416	--/*
417	-- * 'cups_crypt()' - Encrypt the password using the DES or MD5 algorithms,
418	-- * as needed.
419	-- */
420	--
421	--static char * /* O - Encrypted password */
422	--cups_crypt(const char pw, / I - Password string */
423	-- const char salt) / I - Salt (key) string */
424	--{
425	-- if (!strncmp(salt, "$1$", 3))
426	-- {
427	-- /*
428	-- * Use MD5 passwords without the benefit of PAM; this is for
429	-- * Slackware Linux, and the algorithm was taken from the
430	-- * old shadow-19990827/lib/md5crypt.c source code... :(
431	-- */
432	--
433	-- int i; /* Looping var */
434	-- unsigned long n; /* Output number */
435	-- int pwlen; /* Length of password string */
436	-- const char salt_end; / End of "salt" data for MD5 */
437	-- char ptr; / Pointer into result string */
438	-- _cups_md5_state_t state; /* Primary MD5 state info */
439	-- _cups_md5_state_t state2; /* Secondary MD5 state info */
440	-- unsigned char digest[16]; /* MD5 digest result */
441	-- static char result[120]; /* Final password string */
442	--
443	--
444	-- /*
445	-- * Get the salt data between dollar signs, e.g. $1$saltdata$md5.
446	-- * Get a maximum of 8 characters of salt data after $1$...
447	-- */
448	--
449	-- for (salt_end = salt + 3; *salt_end && (salt_end - salt) < 11; salt_end ++)
450	-- if (*salt_end == '$')
451	-- break;
452	--
453	-- /*
454	-- * Compute the MD5 sum we need...
455	-- */
456	--
457	-- pwlen = strlen(pw);
458	--
459	-- _cupsMD5Init(&state);
460	-- _cupsMD5Append(&state, (unsigned char *)pw, pwlen);
461	-- _cupsMD5Append(&state, (unsigned char *)salt, salt_end - salt);
462	--
463	-- _cupsMD5Init(&state2);
464	-- _cupsMD5Append(&state2, (unsigned char *)pw, pwlen);
465	-- _cupsMD5Append(&state2, (unsigned char *)salt + 3, salt_end - salt - 3);
466	-- _cupsMD5Append(&state2, (unsigned char *)pw, pwlen);
467	-- _cupsMD5Finish(&state2, digest);
468	--
469	-- for (i = pwlen; i > 0; i -= 16)
470	-- _cupsMD5Append(&state, digest, i > 16 ? 16 : i);
471	--
472	-- for (i = pwlen; i > 0; i >>= 1)
473	-- _cupsMD5Append(&state, (unsigned char *)((i & 1) ? "" : pw), 1);
474	--
475	-- _cupsMD5Finish(&state, digest);
476	--
477	-- for (i = 0; i < 1000; i ++)
478	-- {
479	-- _cupsMD5Init(&state);
480	--
481	-- if (i & 1)
482	-- _cupsMD5Append(&state, (unsigned char *)pw, pwlen);
483	-- else
484	-- _cupsMD5Append(&state, digest, 16);
485	--
486	-- if (i % 3)
487	-- _cupsMD5Append(&state, (unsigned char *)salt + 3, salt_end - salt - 3);
488	--
489	-- if (i % 7)
490	-- _cupsMD5Append(&state, (unsigned char *)pw, pwlen);
491	--
492	-- if (i & 1)
493	-- _cupsMD5Append(&state, digest, 16);
494	-- else
495	-- _cupsMD5Append(&state, (unsigned char *)pw, pwlen);
496	--
497	-- _cupsMD5Finish(&state, digest);
498	-- }
499	--
500	-- /*
501	-- * Copy the final sum to the result string and return...
502	-- */
503	--
504	-- memcpy(result, salt, (size_t)(salt_end - salt));
505	-- ptr = result + (salt_end - salt);
506	-- *ptr++ = '$';
507	--
508	-- for (i = 0; i < 5; i ++, ptr += 4)
509	-- {
510	-- n = ((((unsigned)digest[i] << 8) \| (unsigned)digest[i + 6]) << 8);
511	--
512	-- if (i < 4)
513	-- n \|= (unsigned)digest[i + 12];
514	-- else
515	-- n \|= (unsigned)digest[5];
516	--
517	-- to64(ptr, n, 4);
518	-- }
519	--
520	-- to64(ptr, (unsigned)digest[11], 2);
521	-- ptr += 2;
522	-- *ptr = '\0';
523	--
524	-- return (result);
525	-- }
526	-- else
527	-- {
528	-- /*
529	-- * Use the standard crypt() function...
530	-- */
531	--
532	-- return (crypt(pw, salt));
533	-- }
534	--}
535	--#endif /* !HAVE_LIBPAM */
536	--
537	--
538	- /*
539	- * 'free_authmask()' - Free function for auth masks.
540	- */

Gentoo Archives: gentoo-commits