summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorjmc <jmc@pkgsrc.org>2003-09-21 08:02:21 +0000
committerjmc <jmc@pkgsrc.org>2003-09-21 08:02:21 +0000
commit79d0da89fec680d99dae461cabd5b74ac33c2637 (patch)
tree81898ce33d09230d4d8dc0f40f9ad24ccadf2fb1 /security
parentc6a58314f0b5f8a9cb1e8a57538c75df10c8da58 (diff)
downloadpkgsrc-79d0da89fec680d99dae461cabd5b74ac33c2637.tar.gz
Add some patches so if using openssl >= 0.9.7 the new des API is used
Diffstat (limited to 'security')
-rw-r--r--security/isakmpd/distinfo4
-rw-r--r--security/isakmpd/patches/patch-ah24
-rw-r--r--security/isakmpd/patches/patch-ai92
3 files changed, 119 insertions, 1 deletions
diff --git a/security/isakmpd/distinfo b/security/isakmpd/distinfo
index c6c4dbdb21f..28bc18a145e 100644
--- a/security/isakmpd/distinfo
+++ b/security/isakmpd/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.12 2003/02/08 17:06:26 dmcmahill Exp $
+$NetBSD: distinfo,v 1.13 2003/09/21 08:02:21 jmc Exp $
SHA1 (isakmpd-20021118.tar.gz) = 806ed2f922ccc31c9bf9d4eeec90bddc34995565
Size (isakmpd-20021118.tar.gz) = 348169 bytes
@@ -8,3 +8,5 @@ SHA1 (patch-ad) = 8c477b99fd3d82ccb52b01374450295cc25244c0
SHA1 (patch-ae) = 5b7488fb50f2b3970c05e7dcfcf9979a05cb5719
SHA1 (patch-af) = 5ef6311e2b065ee0ac61bdbd48f38d76291d68dc
SHA1 (patch-ag) = f0af67b96e2f72333e79486495ce6abf1b31b9c1
+SHA1 (patch-ah) = 69f7b24995d243ac052c6b80f20945ff3346190f
+SHA1 (patch-ai) = 67b85a7c52582f07ff0bacb40054361835189081
diff --git a/security/isakmpd/patches/patch-ah b/security/isakmpd/patches/patch-ah
new file mode 100644
index 00000000000..cd5110043be
--- /dev/null
+++ b/security/isakmpd/patches/patch-ah
@@ -0,0 +1,24 @@
+$NetBSD: patch-ah,v 1.1 2003/09/21 08:02:23 jmc Exp $
+
+--- crypto.h.orig 2003-09-21 02:42:10.000000000 +0000
++++ crypto.h 2003-09-21 02:44:47.000000000 +0000
+@@ -49,6 +49,7 @@
+
+ #else
+
++#include <openssl/opensslv.h>
+ #include <des.h>
+ #ifdef USE_BLOWFISH
+ #include <blf.h>
+@@ -106,7 +107,11 @@
+ u_int8_t iv2[MAXBLK];
+ u_int8_t *riv, *liv;
+ union {
++#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
++ DES_key_schedule desks[3];
++#else
+ des_key_schedule desks[3];
++#endif
+ #ifdef USE_BLOWFISH
+ blf_ctx blfks;
+ #endif
diff --git a/security/isakmpd/patches/patch-ai b/security/isakmpd/patches/patch-ai
new file mode 100644
index 00000000000..178923b2ac2
--- /dev/null
+++ b/security/isakmpd/patches/patch-ai
@@ -0,0 +1,92 @@
+$NetBSD: patch-ai,v 1.1 2003/09/21 08:02:24 jmc Exp $
+
+--- crypto.c.orig 2003-09-21 02:46:15.000000000 +0000
++++ crypto.c 2003-09-21 02:54:49.000000000 +0000
+@@ -99,8 +99,13 @@
+ des1_init (struct keystate *ks, u_int8_t *key, u_int16_t len)
+ {
+ /* des_set_key returns -1 for parity problems, and -2 for weak keys */
++#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
++ DES_set_odd_parity (DC key);
++ switch (DES_set_key (DC key, &ks->ks_des[0]))
++#else
+ des_set_odd_parity (DC key);
+ switch (des_set_key (DC key, ks->ks_des[0]))
++#endif
+ {
+ case -2:
+ return EWEAKKEY;
+@@ -112,19 +117,37 @@
+ void
+ des1_encrypt (struct keystate *ks, u_int8_t *d, u_int16_t len)
+ {
++#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
++ DES_cbc_encrypt (DC d, DC d, len, &ks->ks_des[0], DC ks->riv, DES_ENCRYPT);
++#else
+ des_cbc_encrypt (DC d, DC d, len, ks->ks_des[0], DC ks->riv, DES_ENCRYPT);
++#endif
+ }
+
+ void
+ des1_decrypt (struct keystate *ks, u_int8_t *d, u_int16_t len)
+ {
++#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
++ DES_cbc_encrypt (DC d, DC d, len, &ks->ks_des[0], DC ks->riv, DES_DECRYPT);
++#else
+ des_cbc_encrypt (DC d, DC d, len, ks->ks_des[0], DC ks->riv, DES_DECRYPT);
++#endif
+ }
+
+ #ifdef USE_TRIPLEDES
+ enum cryptoerr
+ des3_init (struct keystate *ks, u_int8_t *key, u_int16_t len)
+ {
++#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
++ DES_set_odd_parity (DC key);
++ DES_set_odd_parity (DC (key + 8));
++ DES_set_odd_parity (DC (key + 16));
++
++ /* As of the draft Tripe-DES does not check for weak keys */
++ DES_set_key (DC key, &ks->ks_des[0]);
++ DES_set_key (DC (key + 8), &ks->ks_des[1]);
++ DES_set_key (DC (key + 16), &ks->ks_des[2]);
++#else
+ des_set_odd_parity (DC key);
+ des_set_odd_parity (DC (key + 8));
+ des_set_odd_parity (DC (key + 16));
+@@ -133,6 +156,7 @@
+ des_set_key (DC key, ks->ks_des[0]);
+ des_set_key (DC (key + 8), ks->ks_des[1]);
+ des_set_key (DC (key + 16), ks->ks_des[2]);
++#endif
+
+ return EOKAY;
+ }
+@@ -143,8 +167,13 @@
+ u_int8_t iv[MAXBLK];
+
+ memcpy (iv, ks->riv, ks->xf->blocksize);
++#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
++ DES_ede3_cbc_encrypt (DC data, DC data, len, &ks->ks_des[0], &ks->ks_des[1],
++ &ks->ks_des[2], DC iv, DES_ENCRYPT);
++#else
+ des_ede3_cbc_encrypt (DC data, DC data, len, ks->ks_des[0], ks->ks_des[1],
+ ks->ks_des[2], DC iv, DES_ENCRYPT);
++#endif
+ }
+
+ void
+@@ -153,8 +182,13 @@
+ u_int8_t iv[MAXBLK];
+
+ memcpy (iv, ks->riv, ks->xf->blocksize);
++#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
++ DES_ede3_cbc_encrypt (DC data, DC data, len, &ks->ks_des[0], &ks->ks_des[1],
++ &ks->ks_des[2], DC iv, DES_DECRYPT);
++#else
+ des_ede3_cbc_encrypt (DC data, DC data, len, ks->ks_des[0], ks->ks_des[1],
+ ks->ks_des[2], DC iv, DES_DECRYPT);
++#endif
+ }
+ #undef DC
+ #endif /* USE_TRIPLEDES */