diff options
author | nia <nia@pkgsrc.org> | 2019-08-29 11:09:10 +0000 |
---|---|---|
committer | nia <nia@pkgsrc.org> | 2019-08-29 11:09:10 +0000 |
commit | 7e424f9d764c56c6d8aafa7fa4ffc49e392d7679 (patch) | |
tree | 12c5297bd551883cfaa2f3090d7a851d5235c84a | |
parent | 22bc293a601005fbc31c5f514514cbb322f08206 (diff) | |
download | pkgsrc-7e424f9d764c56c6d8aafa7fa4ffc49e392d7679.tar.gz |
dmg2img: Update to 1.6.7.
pkgsrc changes:
- OpenSSL 1.1 support.
Upstream changes:
dmg2img-1.6.7:
09 February 2017 Peter Wu
Fixed buffer underrun
Avoid truncating .img file when run to list partition
dmg2img-1.6.6:
06 February 2017 Peter Wu
Fixed a crash on invalid block signature
-rw-r--r-- | sysutils/dmg2img/Makefile | 5 | ||||
-rw-r--r-- | sysutils/dmg2img/distinfo | 11 | ||||
-rw-r--r-- | sysutils/dmg2img/patches/patch-vfdecrypt.c | 215 |
3 files changed, 223 insertions, 8 deletions
diff --git a/sysutils/dmg2img/Makefile b/sysutils/dmg2img/Makefile index e4ca3073de8..9492194cc18 100644 --- a/sysutils/dmg2img/Makefile +++ b/sysutils/dmg2img/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.8 2016/03/07 20:17:33 nros Exp $ +# $NetBSD: Makefile,v 1.9 2019/08/29 11:09:10 nia Exp $ -DISTNAME= dmg2img-1.6.5 +DISTNAME= dmg2img-1.6.7 CATEGORIES= sysutils MASTER_SITES+= http://vu1tur.eu.org/tools/ @@ -12,5 +12,4 @@ LICENSE= gnu-gpl-v2 .include "../../archivers/bzip2/buildlink3.mk" .include "../../devel/zlib/buildlink3.mk" .include "../../security/openssl/buildlink3.mk" - .include "../../mk/bsd.pkg.mk" diff --git a/sysutils/dmg2img/distinfo b/sysutils/dmg2img/distinfo index 9cab71a0ca6..934eeaaab50 100644 --- a/sysutils/dmg2img/distinfo +++ b/sysutils/dmg2img/distinfo @@ -1,7 +1,8 @@ -$NetBSD: distinfo,v 1.4 2016/03/07 20:17:33 nros Exp $ +$NetBSD: distinfo,v 1.5 2019/08/29 11:09:10 nia Exp $ -SHA1 (dmg2img-1.6.5.tar.gz) = 87db4a19badfde40d007a76092454b0942df2bf4 -RMD160 (dmg2img-1.6.5.tar.gz) = 437048d16e5887c79008f2023256dccd176b3192 -SHA512 (dmg2img-1.6.5.tar.gz) = 31528a23986848a8ab319768a8254db6b0035324cbac8328ef865b98ab2cddfd606da19a27202c4ef53cdc5dda75aca489859f82115a5dde6fe9b1f20cd6bd46 -Size (dmg2img-1.6.5.tar.gz) = 23442 bytes +SHA1 (dmg2img-1.6.7.tar.gz) = 15dc1bc352c524fb54259c0787551927bb03088f +RMD160 (dmg2img-1.6.7.tar.gz) = 4b3dfa6b02f39cbe1020605e3c32c06936df6852 +SHA512 (dmg2img-1.6.7.tar.gz) = 4c42841c5cdbf868b6038648a6c83e78d4b7f2010f7065d7b3f4c2c04d13af9489716c1dfa867aff5f3c3b3eef96dc3fc0610eff13fec139265f37f468e339e6 +Size (dmg2img-1.6.7.tar.gz) = 23238 bytes SHA1 (patch-aa) = 25f3a28092435b15f0086050bac6e5f9c485bd2f +SHA1 (patch-vfdecrypt.c) = 109180aadf93c6bc3963b1699f59b0cbaaa4e315 diff --git a/sysutils/dmg2img/patches/patch-vfdecrypt.c b/sysutils/dmg2img/patches/patch-vfdecrypt.c new file mode 100644 index 00000000000..477a6d80a58 --- /dev/null +++ b/sysutils/dmg2img/patches/patch-vfdecrypt.c @@ -0,0 +1,215 @@ +$NetBSD: patch-vfdecrypt.c,v 1.1 2019/08/29 11:09:10 nia Exp $ + +OpenSSL 1.1 compatibility. + +Allocate contexts from the heap on all OpenSSL versions, this is needed +since OpenSSL 1.1.0. No attempt is done at addressing issues like global +variables and fixing potential memleaks on error paths. + +Compile-tested only with OpenSSL 1.1.0e (Arch Linux) and OpenSSL 1.0.2g +(Ubuntu 16.04), I have no test file. + +Fixes https://github.com/Lekensteyn/dmg2img/issues/4 + +--- vfdecrypt.c.orig 2010-03-24 17:52:45.000000000 +0000 ++++ vfdecrypt.c +@@ -183,7 +183,7 @@ void adjust_v2_header_byteorder(cencrypt + pwhdr->encrypted_keyblob_size = htonl(pwhdr->encrypted_keyblob_size); + } + +-HMAC_CTX hmacsha1_ctx; ++HMAC_CTX *hmacsha1_ctx; + AES_KEY aes_decrypt_key; + int CHUNK_SIZE=4096; // default + +@@ -196,9 +196,9 @@ void compute_iv(uint32_t chunk_no, uint8 + unsigned int mdLen; + + chunk_no = OSSwapHostToBigInt32(chunk_no); +- HMAC_Init_ex(&hmacsha1_ctx, NULL, 0, NULL, NULL); +- HMAC_Update(&hmacsha1_ctx, (void *) &chunk_no, sizeof(uint32_t)); +- HMAC_Final(&hmacsha1_ctx, mdResult, &mdLen); ++ HMAC_Init_ex(hmacsha1_ctx, NULL, 0, NULL, NULL); ++ HMAC_Update(hmacsha1_ctx, (void *) &chunk_no, sizeof(uint32_t)); ++ HMAC_Final(hmacsha1_ctx, mdResult, &mdLen); + memcpy(iv, mdResult, CIPHER_BLOCKSIZE); + } + +@@ -212,52 +212,75 @@ void decrypt_chunk(uint8_t *ctext, uint8 + /* DES3-EDE unwrap operation loosely based on to RFC 2630, section 12.6 + * wrapped_key has to be 40 bytes in length. */ + int apple_des3_ede_unwrap_key(uint8_t *wrapped_key, int wrapped_key_len, uint8_t *decryptKey, uint8_t *unwrapped_key) { +- EVP_CIPHER_CTX ctx; ++ EVP_CIPHER_CTX *ctx; + uint8_t *TEMP1, *TEMP2, *CEKICV; + uint8_t IV[8] = { 0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05 }; + int outlen, tmplen, i; + +- EVP_CIPHER_CTX_init(&ctx); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ ctx = EVP_CIPHER_CTX_new(); ++#else ++ ctx = malloc(sizeof(*ctx)); ++#endif ++ if (!ctx) { ++ fprintf(stderr, "Out of memory: EVP_CIPHER_CTX!\n"); ++ return(-1); ++ } ++ ++ EVP_CIPHER_CTX_init(ctx); + /* result of the decryption operation shouldn't be bigger than ciphertext */ + TEMP1 = malloc(wrapped_key_len); + TEMP2 = malloc(wrapped_key_len); + CEKICV = malloc(wrapped_key_len); + /* uses PKCS#7 padding for symmetric key operations by default */ +- EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, decryptKey, IV); ++ EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, decryptKey, IV); + +- if(!EVP_DecryptUpdate(&ctx, TEMP1, &outlen, wrapped_key, wrapped_key_len)) { ++ if(!EVP_DecryptUpdate(ctx, TEMP1, &outlen, wrapped_key, wrapped_key_len)) { + fprintf(stderr, "internal error (1) during key unwrap operation!\n"); + return(-1); + } +- if(!EVP_DecryptFinal_ex(&ctx, TEMP1 + outlen, &tmplen)) { ++ if(!EVP_DecryptFinal_ex(ctx, TEMP1 + outlen, &tmplen)) { + fprintf(stderr, "internal error (2) during key unwrap operation!\n"); + return(-1); + } + outlen += tmplen; +- EVP_CIPHER_CTX_cleanup(&ctx); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ EVP_CIPHER_CTX_reset(ctx); ++#else ++ EVP_CIPHER_CTX_cleanup(ctx); ++#endif + + /* reverse order of TEMP3 */ + for(i = 0; i < outlen; i++) TEMP2[i] = TEMP1[outlen - i - 1]; + +- EVP_CIPHER_CTX_init(&ctx); ++ EVP_CIPHER_CTX_init(ctx); + /* uses PKCS#7 padding for symmetric key operations by default */ +- EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, decryptKey, TEMP2); +- if(!EVP_DecryptUpdate(&ctx, CEKICV, &outlen, TEMP2+8, outlen-8)) { ++ EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, decryptKey, TEMP2); ++ if(!EVP_DecryptUpdate(ctx, CEKICV, &outlen, TEMP2+8, outlen-8)) { + fprintf(stderr, "internal error (3) during key unwrap operation!\n"); + return(-1); + } +- if(!EVP_DecryptFinal_ex(&ctx, CEKICV + outlen, &tmplen)) { ++ if(!EVP_DecryptFinal_ex(ctx, CEKICV + outlen, &tmplen)) { + fprintf(stderr, "internal error (4) during key unwrap operation!\n"); + return(-1); + } + + outlen += tmplen; +- EVP_CIPHER_CTX_cleanup(&ctx); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ EVP_CIPHER_CTX_reset(ctx); ++#else ++ EVP_CIPHER_CTX_cleanup(ctx); ++#endif + + memcpy(unwrapped_key, CEKICV+4, outlen-4); + free(TEMP1); + free(TEMP2); + free(CEKICV); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ EVP_CIPHER_CTX_free(ctx); ++#else ++ free(ctx); ++#endif + return(0); + } + +@@ -279,31 +302,46 @@ int unwrap_v1_header(char *passphrase, c + int unwrap_v2_header(char *passphrase, cencrypted_v2_pwheader *header, uint8_t *aes_key, uint8_t *hmacsha1_key) { + /* derived key is a 3DES-EDE key */ + uint8_t derived_key[192/8]; +- EVP_CIPHER_CTX ctx; ++ EVP_CIPHER_CTX *ctx; + uint8_t *TEMP1; + int outlen, tmplen; + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ ctx = EVP_CIPHER_CTX_new(); ++#else ++ ctx = malloc(sizeof(*ctx)); ++#endif ++ if (!ctx) { ++ fprintf(stderr, "Out of memory: EVP_CIPHER_CTX!\n"); ++ return(-1); ++ } ++ + PKCS5_PBKDF2_HMAC_SHA1(passphrase, strlen(passphrase), (unsigned char*)header->kdf_salt, 20, + PBKDF2_ITERATION_COUNT, sizeof(derived_key), derived_key); + + print_hex(derived_key, 192/8); + +- EVP_CIPHER_CTX_init(&ctx); ++ EVP_CIPHER_CTX_init(ctx); + /* result of the decryption operation shouldn't be bigger than ciphertext */ + TEMP1 = malloc(header->encrypted_keyblob_size); + /* uses PKCS#7 padding for symmetric key operations by default */ +- EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, derived_key, header->blob_enc_iv); ++ EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, derived_key, header->blob_enc_iv); + +- if(!EVP_DecryptUpdate(&ctx, TEMP1, &outlen, header->encrypted_keyblob, header->encrypted_keyblob_size)) { ++ if(!EVP_DecryptUpdate(ctx, TEMP1, &outlen, header->encrypted_keyblob, header->encrypted_keyblob_size)) { + fprintf(stderr, "internal error (1) during key unwrap operation!\n"); + return(-1); + } +- if(!EVP_DecryptFinal_ex(&ctx, TEMP1 + outlen, &tmplen)) { ++ if(!EVP_DecryptFinal_ex(ctx, TEMP1 + outlen, &tmplen)) { + fprintf(stderr, "internal error (2) during key unwrap operation!\n"); + return(-1); + } + outlen += tmplen; +- EVP_CIPHER_CTX_cleanup(&ctx); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ EVP_CIPHER_CTX_free(ctx); ++#else ++ EVP_CIPHER_CTX_cleanup(ctx); ++ free(ctx); ++#endif + memcpy(aes_key, TEMP1, 16); + memcpy(hmacsha1_key, TEMP1, 20); + +@@ -445,9 +483,22 @@ int main(int argc, char *argv[]) { + if(!kflag) unwrap_v2_header(passphrase, &v2header, aes_key, hmacsha1_key); + CHUNK_SIZE = v2header.blocksize; + } +- +- HMAC_CTX_init(&hmacsha1_ctx); +- HMAC_Init_ex(&hmacsha1_ctx, hmacsha1_key, sizeof(hmacsha1_key), EVP_sha1(), NULL); ++ ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ hmacsha1_ctx = HMAC_CTX_new(); ++#else ++ hmacsha1_ctx = malloc(sizeof(*hmacsha1_ctx)); ++#endif ++ if (!hmacsha1_ctx) { ++ fprintf(stderr, "Out of memory: HMAC CTX!\n"); ++ exit(1); ++ } ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ HMAC_CTX_reset(hmacsha1_ctx); ++#else ++ HMAC_CTX_init(hmacsha1_ctx); ++#endif ++ HMAC_Init_ex(hmacsha1_ctx, hmacsha1_key, sizeof(hmacsha1_key), EVP_sha1(), NULL); + AES_set_decrypt_key(aes_key, CIPHER_KEY_LENGTH * 8, &aes_decrypt_key); + + if (verbose >= 1) { +@@ -472,5 +523,11 @@ int main(int argc, char *argv[]) { + } + + if (verbose) fprintf(stderr, "%"PRIX32" chunks written\n", chunk_no); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ HMAC_CTX_free(hmacsha1_ctx); ++#else ++ HMAC_CTX_cleanup(hmacsha1_ctx); ++ free(hmacsha1_ctx); ++#endif + return(0); + } |