diff options
| author | jmc <jmc> | 2003-09-21 08:02:21 +0000 |
|---|---|---|
| committer | jmc <jmc> | 2003-09-21 08:02:21 +0000 |
| commit | 71afba04c79db4fa664919d5e42a823beeb08808 (patch) | |
| tree | 81898ce33d09230d4d8dc0f40f9ad24ccadf2fb1 /security | |
| parent | 2e51674f9bf2785eb4f211ad38651eb6948fc09d (diff) | |
| download | pkgsrc-71afba04c79db4fa664919d5e42a823beeb08808.tar.gz | |
Add some patches so if using openssl >= 0.9.7 the new des API is used
Diffstat (limited to 'security')
| -rw-r--r-- | security/isakmpd/distinfo | 4 | ||||
| -rw-r--r-- | security/isakmpd/patches/patch-ah | 24 | ||||
| -rw-r--r-- | security/isakmpd/patches/patch-ai | 92 |
3 files changed, 119 insertions, 1 deletions
diff --git a/security/isakmpd/distinfo b/security/isakmpd/distinfo index c6c4dbdb21f..28bc18a145e 100644 --- a/security/isakmpd/distinfo +++ b/security/isakmpd/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.12 2003/02/08 17:06:26 dmcmahill Exp $ +$NetBSD: distinfo,v 1.13 2003/09/21 08:02:21 jmc Exp $ SHA1 (isakmpd-20021118.tar.gz) = 806ed2f922ccc31c9bf9d4eeec90bddc34995565 Size (isakmpd-20021118.tar.gz) = 348169 bytes @@ -8,3 +8,5 @@ SHA1 (patch-ad) = 8c477b99fd3d82ccb52b01374450295cc25244c0 SHA1 (patch-ae) = 5b7488fb50f2b3970c05e7dcfcf9979a05cb5719 SHA1 (patch-af) = 5ef6311e2b065ee0ac61bdbd48f38d76291d68dc SHA1 (patch-ag) = f0af67b96e2f72333e79486495ce6abf1b31b9c1 +SHA1 (patch-ah) = 69f7b24995d243ac052c6b80f20945ff3346190f +SHA1 (patch-ai) = 67b85a7c52582f07ff0bacb40054361835189081 diff --git a/security/isakmpd/patches/patch-ah b/security/isakmpd/patches/patch-ah new file mode 100644 index 00000000000..cd5110043be --- /dev/null +++ b/security/isakmpd/patches/patch-ah @@ -0,0 +1,24 @@ +$NetBSD: patch-ah,v 1.1 2003/09/21 08:02:23 jmc Exp $ + +--- crypto.h.orig 2003-09-21 02:42:10.000000000 +0000 ++++ crypto.h 2003-09-21 02:44:47.000000000 +0000 +@@ -49,6 +49,7 @@ + + #else + ++#include <openssl/opensslv.h> + #include <des.h> + #ifdef USE_BLOWFISH + #include <blf.h> +@@ -106,7 +107,11 @@ + u_int8_t iv2[MAXBLK]; + u_int8_t *riv, *liv; + union { ++#if OPENSSL_VERSION_NUMBER >= 0x0090702fL ++ DES_key_schedule desks[3]; ++#else + des_key_schedule desks[3]; ++#endif + #ifdef USE_BLOWFISH + blf_ctx blfks; + #endif diff --git a/security/isakmpd/patches/patch-ai b/security/isakmpd/patches/patch-ai new file mode 100644 index 00000000000..178923b2ac2 --- /dev/null +++ b/security/isakmpd/patches/patch-ai @@ -0,0 +1,92 @@ +$NetBSD: patch-ai,v 1.1 2003/09/21 08:02:24 jmc Exp $ + +--- crypto.c.orig 2003-09-21 02:46:15.000000000 +0000 ++++ crypto.c 2003-09-21 02:54:49.000000000 +0000 +@@ -99,8 +99,13 @@ + des1_init (struct keystate *ks, u_int8_t *key, u_int16_t len) + { + /* des_set_key returns -1 for parity problems, and -2 for weak keys */ ++#if OPENSSL_VERSION_NUMBER >= 0x0090702fL ++ DES_set_odd_parity (DC key); ++ switch (DES_set_key (DC key, &ks->ks_des[0])) ++#else + des_set_odd_parity (DC key); + switch (des_set_key (DC key, ks->ks_des[0])) ++#endif + { + case -2: + return EWEAKKEY; +@@ -112,19 +117,37 @@ + void + des1_encrypt (struct keystate *ks, u_int8_t *d, u_int16_t len) + { ++#if OPENSSL_VERSION_NUMBER >= 0x0090702fL ++ DES_cbc_encrypt (DC d, DC d, len, &ks->ks_des[0], DC ks->riv, DES_ENCRYPT); ++#else + des_cbc_encrypt (DC d, DC d, len, ks->ks_des[0], DC ks->riv, DES_ENCRYPT); ++#endif + } + + void + des1_decrypt (struct keystate *ks, u_int8_t *d, u_int16_t len) + { ++#if OPENSSL_VERSION_NUMBER >= 0x0090702fL ++ DES_cbc_encrypt (DC d, DC d, len, &ks->ks_des[0], DC ks->riv, DES_DECRYPT); ++#else + des_cbc_encrypt (DC d, DC d, len, ks->ks_des[0], DC ks->riv, DES_DECRYPT); ++#endif + } + + #ifdef USE_TRIPLEDES + enum cryptoerr + des3_init (struct keystate *ks, u_int8_t *key, u_int16_t len) + { ++#if OPENSSL_VERSION_NUMBER >= 0x0090702fL ++ DES_set_odd_parity (DC key); ++ DES_set_odd_parity (DC (key + 8)); ++ DES_set_odd_parity (DC (key + 16)); ++ ++ /* As of the draft Tripe-DES does not check for weak keys */ ++ DES_set_key (DC key, &ks->ks_des[0]); ++ DES_set_key (DC (key + 8), &ks->ks_des[1]); ++ DES_set_key (DC (key + 16), &ks->ks_des[2]); ++#else + des_set_odd_parity (DC key); + des_set_odd_parity (DC (key + 8)); + des_set_odd_parity (DC (key + 16)); +@@ -133,6 +156,7 @@ + des_set_key (DC key, ks->ks_des[0]); + des_set_key (DC (key + 8), ks->ks_des[1]); + des_set_key (DC (key + 16), ks->ks_des[2]); ++#endif + + return EOKAY; + } +@@ -143,8 +167,13 @@ + u_int8_t iv[MAXBLK]; + + memcpy (iv, ks->riv, ks->xf->blocksize); ++#if OPENSSL_VERSION_NUMBER >= 0x0090702fL ++ DES_ede3_cbc_encrypt (DC data, DC data, len, &ks->ks_des[0], &ks->ks_des[1], ++ &ks->ks_des[2], DC iv, DES_ENCRYPT); ++#else + des_ede3_cbc_encrypt (DC data, DC data, len, ks->ks_des[0], ks->ks_des[1], + ks->ks_des[2], DC iv, DES_ENCRYPT); ++#endif + } + + void +@@ -153,8 +182,13 @@ + u_int8_t iv[MAXBLK]; + + memcpy (iv, ks->riv, ks->xf->blocksize); ++#if OPENSSL_VERSION_NUMBER >= 0x0090702fL ++ DES_ede3_cbc_encrypt (DC data, DC data, len, &ks->ks_des[0], &ks->ks_des[1], ++ &ks->ks_des[2], DC iv, DES_DECRYPT); ++#else + des_ede3_cbc_encrypt (DC data, DC data, len, ks->ks_des[0], ks->ks_des[1], + ks->ks_des[2], DC iv, DES_DECRYPT); ++#endif + } + #undef DC + #endif /* USE_TRIPLEDES */ |