Convert to set USE_OLD_DES_API=yes, and remove unnecessary patches to

teach fressh how to use either DES API. Bump PKGREVISION since on NetBSD>=2.0, fressh gains a library dependency on -ldes.
author: jlam <jlam@pkgsrc.org> 2004-12-15 19:34:40 +0000
committer: jlam <jlam@pkgsrc.org> 2004-12-15 19:34:40 +0000
commit: c7897dbee10ea6890f02ed757fe0434d5c1f9d19 (patch)
tree: 1d4923e61fadd3c4de7fb1bc577814f5386e4575 /security
parent: 4adcab1e5af671d174b383026963564c8dd51cca (diff)
download: pkgsrc-c7897dbee10ea6890f02ed757fe0434d5c1f9d19.tar.gz
5 files changed, 4 insertions, 372 deletions
diff --git a/security/fressh/Makefile b/security/fressh/Makefile
index 06d0cd002a6..c471dde9d9f 100644
--- a/security/fressh/Makefile
+++ b/security/fressh/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.12 2004/12/04 12:10:35 wiz Exp $
+# $NetBSD: Makefile,v 1.13 2004/12/15 19:34:40 jlam Exp $
 
 DISTNAME=		fressh-0.8.1
-PKGREVISION=		2
+PKGREVISION=		3
 CATEGORIES=		security
 MASTER_SITES=		http://www.fressh.org/
 EXTRACT_SUFX=		.tar.bz2
@@ -11,6 +11,7 @@ HOMEPAGE=		http://www.fressh.org/
 COMMENT=		New, free, rewritten implementation of the SSH communication protocol
 
 USE_BUILDLINK3=		yes
+USE_OLD_DES_API=	yes
 
 # Some versions of the openssl header files gives warnings.
 BUILDLINK_TRANSFORM+=	rm:-Wstrict-prototypes
diff --git a/security/fressh/distinfo b/security/fressh/distinfo
index 2f9b5eeac8a..de013eaba2d 100644
--- a/security/fressh/distinfo
+++ b/security/fressh/distinfo
@@ -1,12 +1,9 @@
-$NetBSD: distinfo,v 1.6 2003/10/31 23:38:46 kristerw Exp $
+$NetBSD: distinfo,v 1.7 2004/12/15 19:34:40 jlam Exp $
 
 SHA1 (fressh-0.8.1.tar.bz2) = 4dd0a6d4240337b4726a6a68b17878a45974cf82
 Size (fressh-0.8.1.tar.bz2) = 110390 bytes
 SHA1 (patch-aa) = 0b65db8177ffb81084412f9716f73e92920d559c
 SHA1 (patch-ab) = 612c7f5e1541d413f3d336a4330528343f78e420
-SHA1 (patch-ac) = 71477043d47a8e85c7dd0bc1e41b33f18be2a268
-SHA1 (patch-ad) = db398df2db517e49c5df4c04e863ddc2b99052ce
-SHA1 (patch-ae) = d4fe3fc48edf751e9c79a843dee80bef53fa301e
 SHA1 (patch-af) = a62d7421315f4bf70558224dcb4b4b4a7fbaadd1
 SHA1 (patch-ag) = eb02a24bc9ed6a299f40722bfb87d0aefd22ab34
 SHA1 (patch-ah) = 5a4aefc5fdad1c6a0517a7351af461aaa53462a3
diff --git a/security/fressh/patches/patch-ac b/security/fressh/patches/patch-ac
deleted file mode 100644
index 0f62755670e..00000000000
--- a/security/fressh/patches/patch-ac
+++ /dev/null
@@ -1,36 +0,0 @@
-$NetBSD: patch-ac,v 1.1 2003/09/21 08:35:53 jmc Exp $
-
---- crypto/ssh_3des.h.orig	2003-09-21 03:04:38.000000000 +0000
-+++ crypto/ssh_3des.h	2003-09-21 03:05:29.000000000 +0000
-@@ -16,6 +16,7 @@
- #ifndef _SSH_3DES_H
- #define _SSH_3DES_H
- 
-+#include "openssl/opensslv.h"
- #include "openssl/des.h"
- #include "openssl/hmac.h"
- 
-@@ -24,13 +25,23 @@
- struct ssh_cipher;
- 
- typedef struct {
-+#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
-+	DES_key_schedule des_ks[3];
-+	DES_cblock	 des_ivec[6];	/* Two directions, same key! */
-+#else
- 	des_key_schedule des_ks[3];
- 	des_cblock	 des_ivec[6];	/* Two directions, same key! */
-+#endif
- } ssh_3des_t;
- 
- typedef struct {
-+#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
-+	DES_key_schedule des_ks[6];
-+	DES_cblock	 des_ivec[2];
-+#else
- 	des_key_schedule des_ks[6];
- 	des_cblock	 des_ivec[2];
-+#endif
- 	u_int8_t	 mac_key[2][16];
- } ssh_des3_t;
- 
diff --git a/security/fressh/patches/patch-ad b/security/fressh/patches/patch-ad
deleted file mode 100644
index cce1c8c3d79..00000000000
--- a/security/fressh/patches/patch-ad
+++ /dev/null
@@ -1,307 +0,0 @@
-$NetBSD: patch-ad,v 1.1 2003/09/21 08:35:54 jmc Exp $
-
---- crypto/ssh_crypto_openssl.c.orig	2003-09-21 03:06:28.000000000 +0000
-+++ crypto/ssh_crypto_openssl.c	2003-09-21 03:26:42.000000000 +0000
-@@ -50,7 +50,11 @@
- #include <openssl/opensslv.h>
- 
- #if OPENSSL_VERSION_NUMBER >= 0x00903000L
-+#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
-+#define TO_CBLOCK(x)	((DES_cblock *)(x))
-+#else
- #define TO_CBLOCK(x)	((des_cblock *)(x))
-+#endif
- #else
- #define	TO_CBLOCK(x)	(x)
- #endif
-@@ -431,7 +435,11 @@
- 	FUNC_DECL(ssh_des_initialize);
- 
- 	int err;
-+#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
-+	DES_cblock key;
-+#else
- 	des_cblock key;
-+#endif
- 	ssh_des_t *key_data;
- 
- 	if (klen < 8) {
-@@ -444,12 +452,21 @@
- 	if (key_data == NULL)
- 		return NULL;
- 
-+#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
-+	memcpy(key, session_key, sizeof(DES_cblock));
-+	DES_set_odd_parity(TO_CBLOCK(key));
-+	if (!DES_is_weak_key(TO_CBLOCK(key)))
-+		(void) DES_set_key(TO_CBLOCK(key), &key_data->des_ks);
-+	else
-+		err = 1;
-+#else
- 	memcpy(key, session_key, sizeof(des_cblock));
- 	des_set_odd_parity(TO_CBLOCK(key));
- 	if (!des_is_weak_key(TO_CBLOCK(key)))
- 		(void) des_set_key(TO_CBLOCK(key), key_data->des_ks);
- 	else
- 		err = 1;
-+#endif
- 
- 	memset(key_data->des_ivec[0], 0, sizeof(key_data->des_ivec[0]));
- 	memset(key_data->des_ivec[1], 0, sizeof(key_data->des_ivec[1]));
-@@ -477,8 +494,13 @@
- 		ssh_des_t *key_data)
- {
- 
-+#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
-+	DES_ncbc_encrypt(clear, enc, length, &key_data->des_ks,
-+			 TO_CBLOCK(key_data->des_ivec[0]), DES_ENCRYPT);
-+#else
- 	des_ncbc_encrypt(clear, enc, length, key_data->des_ks,
- 			 TO_CBLOCK(key_data->des_ivec[0]), DES_ENCRYPT);
-+#endif
- }
- 
- void
-@@ -486,8 +508,13 @@
- 		ssh_des_t *key_data)
- {
- 
-+#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
-+	DES_ncbc_encrypt(enc, clear, length, &key_data->des_ks,
-+			 TO_CBLOCK(key_data->des_ivec[1]), DES_DECRYPT);
-+#else
- 	des_ncbc_encrypt(enc, clear, length, key_data->des_ks,
- 			 TO_CBLOCK(key_data->des_ivec[1]), DES_DECRYPT);
-+#endif
- }
- #endif /* WITH_CIPHER_DES */
- 
-@@ -528,7 +555,11 @@
- 	FUNC_DECL(ssh_3des_initialize);
- 
- 	int i, j;
-+#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
-+	DES_cblock key[3];
-+#else
- 	des_cblock key[3];
-+#endif
- 	ssh_3des_t *key_data;
- 
- 	if (klen < 16) {
-@@ -540,6 +571,22 @@
- 		return NULL;
- 
- 	for (i = j = 0; i < 3; i++) {
-+#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
-+		memcpy(key[i], session_key + j, sizeof(DES_cblock));
-+		DES_set_odd_parity(TO_CBLOCK(key[i]));
-+		if (DES_is_weak_key(TO_CBLOCK(key[i])))
-+			break;
-+		(void) DES_set_key(TO_CBLOCK(key[i]), &key_data->des_ks[i]);
-+		/*
-+		 * when keying from a passphrase (after md5) we will run
-+		 * out of keying material after two keys, so be *very*
-+		 * general about how big we expect the keying material
-+		 * to be.
-+		 */
-+		j += sizeof(DES_cblock);
-+		if (j + sizeof(DES_cblock) > klen)
-+			j = 0;
-+#else
- 		memcpy(key[i], session_key + j, sizeof(des_cblock));
- 		des_set_odd_parity(TO_CBLOCK(key[i]));
- 		if (des_is_weak_key(TO_CBLOCK(key[i])))
-@@ -554,6 +601,7 @@
- 		j += sizeof(des_cblock);
- 		if (j + sizeof(des_cblock) > klen)
- 			j = 0;
-+#endif
- 	}
- 
- 	memset(key_data->des_ivec[0], 0, sizeof(key_data->des_ivec[0]));
-@@ -588,7 +636,11 @@
- 	FUNC_DECL(ssh_des3_initialize);
- 
- 	int i;
-+#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
-+	DES_cblock key;
-+#else
- 	des_cblock key;
-+#endif
- 	ssh_des3_t *key_data;
- 	u_int8_t key1ofb[24] = {
- 		0x10, 0x23, 0x66, 0x20, 0x10, 0x1d, 0xb7, 0x37,
-@@ -655,6 +707,17 @@
- 
- 		temp = key1ofb;
- 		for (i = 0; i < 3; i++) {
-+#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
-+			memcpy(&key, temp, sizeof(DES_cblock));
-+			DES_set_odd_parity(TO_CBLOCK(&key));
-+			if (DES_is_weak_key(TO_CBLOCK(&key)))
-+				weak++;
-+			(void) DES_set_key(TO_CBLOCK(&key),
-+					   &key_data->des_ks[i]);
-+			temp += sizeof(DES_cblock);
-+		}
-+		memset(&key, 0, sizeof(DES_cblock));
-+#else
- 			memcpy(&key, temp, sizeof(des_cblock));
- 			des_set_odd_parity(TO_CBLOCK(&key));
- 			if (des_is_weak_key(TO_CBLOCK(&key)))
-@@ -664,10 +727,22 @@
- 			temp += sizeof(des_cblock);
- 		}
- 		memset(&key, 0, sizeof(des_cblock));
-+#endif
- 		memset(key1ofb, 0, 24);
- 
- 		temp = key2ofb;
- 		for (i = 3; i < 6; i++) {
-+#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
-+			memcpy(&key, temp, sizeof(DES_cblock));
-+			DES_set_odd_parity(TO_CBLOCK(&key));
-+			if (DES_is_weak_key(TO_CBLOCK(&key)))
-+				weak++;
-+			(void) DES_set_key(TO_CBLOCK(&key),
-+					   &key_data->des_ks[i]);
-+			temp += sizeof(DES_cblock);
-+		}
-+		memset(&key, 0, sizeof(DES_cblock));
-+#else
- 			memcpy(&key, temp, sizeof(des_cblock));
- 			des_set_odd_parity(TO_CBLOCK(&key));
- 			if (des_is_weak_key(TO_CBLOCK(&key)))
-@@ -677,6 +752,7 @@
- 			temp += sizeof(des_cblock);
- 		}
- 		memset(&key, 0, sizeof(des_cblock));
-+#endif
- 		memset(key2ofb, 0, 24);
- 		break;
- 	case SSH_ROLE_CLIENT:
-@@ -688,6 +764,17 @@
- 
- 		temp = key2ofb;
- 		for (i = 0; i < 3; i++) {
-+#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
-+			memcpy(&key, temp, sizeof(DES_cblock));
-+			DES_set_odd_parity(TO_CBLOCK(&key));
-+			if (DES_is_weak_key(TO_CBLOCK(&key)))
-+				weak++;
-+			(void) DES_set_key(TO_CBLOCK(&key),
-+					   &key_data->des_ks[i]);
-+			temp += sizeof(DES_cblock);
-+		}
-+		memset(&key, 0, sizeof(DES_cblock));
-+#else
- 			memcpy(&key, temp, sizeof(des_cblock));
- 			des_set_odd_parity(TO_CBLOCK(&key));
- 			if (des_is_weak_key(TO_CBLOCK(&key)))
-@@ -697,10 +784,22 @@
- 			temp += sizeof(des_cblock);
- 		}
- 		memset(&key, 0, sizeof(des_cblock));
-+#endif
- 		memset(key2ofb, 0, 24);
- 
- 		temp = key1ofb;
- 		for (i = 3; i < 6; i++) {
-+#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
-+			memcpy(&key, temp, sizeof(DES_cblock));
-+			DES_set_odd_parity(TO_CBLOCK(&key));
-+			if (DES_is_weak_key(TO_CBLOCK(&key)))
-+				weak++;
-+			(void) DES_set_key(TO_CBLOCK(&key),
-+					   &key_data->des_ks[i]);
-+			temp += sizeof(DES_cblock);
-+		}
-+		memset(&key, 0, sizeof(DES_cblock));
-+#else
- 			memcpy(&key, temp, sizeof(des_cblock));
- 			des_set_odd_parity(TO_CBLOCK(&key));
- 			if (des_is_weak_key(TO_CBLOCK(&key)))
-@@ -710,6 +809,7 @@
- 			temp += sizeof(des_cblock);
- 		}
- 		memset(&key, 0, sizeof(des_cblock));
-+#endif
- 		memset(key1ofb, 0, 24);
- 		break;
- 	}
-@@ -737,12 +837,21 @@
- 		 ssh_3des_t *key_data)
- {
- 
-+#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
-+	DES_ncbc_encrypt(clear, enc, length, &key_data->des_ks[0],
-+			 TO_CBLOCK(key_data->des_ivec[0]), DES_ENCRYPT);
-+	DES_ncbc_encrypt(enc, enc, length, &key_data->des_ks[1],
-+			 TO_CBLOCK(key_data->des_ivec[1]), DES_DECRYPT);
-+	DES_ncbc_encrypt(enc, enc, length, &key_data->des_ks[2],
-+			 TO_CBLOCK(key_data->des_ivec[2]), DES_ENCRYPT);
-+#else
- 	des_ncbc_encrypt(clear, enc, length, key_data->des_ks[0],
- 			 TO_CBLOCK(key_data->des_ivec[0]), DES_ENCRYPT);
- 	des_ncbc_encrypt(enc, enc, length, key_data->des_ks[1],
- 			 TO_CBLOCK(key_data->des_ivec[1]), DES_DECRYPT);
- 	des_ncbc_encrypt(enc, enc, length, key_data->des_ks[2],
- 			 TO_CBLOCK(key_data->des_ivec[2]), DES_ENCRYPT);
-+#endif
- }
- 
- void
-@@ -750,12 +859,21 @@
- 		 ssh_3des_t *key_data)
- {
- 
-+#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
-+	DES_ncbc_encrypt(enc, clear, length, &key_data->des_ks[2],
-+			 TO_CBLOCK(key_data->des_ivec[3]), DES_DECRYPT);
-+	DES_ncbc_encrypt(clear, clear, length, &key_data->des_ks[1],
-+			 TO_CBLOCK(key_data->des_ivec[4]), DES_ENCRYPT);
-+	DES_ncbc_encrypt(clear, clear, length, &key_data->des_ks[0],
-+			 TO_CBLOCK(key_data->des_ivec[5]), DES_DECRYPT);
-+#else
- 	des_ncbc_encrypt(enc, clear, length, key_data->des_ks[2],
- 			 TO_CBLOCK(key_data->des_ivec[3]), DES_DECRYPT);
- 	des_ncbc_encrypt(clear, clear, length, key_data->des_ks[1],
- 			 TO_CBLOCK(key_data->des_ivec[4]), DES_ENCRYPT);
- 	des_ncbc_encrypt(clear, clear, length, key_data->des_ks[0],
- 			 TO_CBLOCK(key_data->des_ivec[5]), DES_DECRYPT);
-+#endif
- 
- }
- 
-@@ -764,9 +882,15 @@
- 		 ssh_des3_t *key_data)
- {
- 
-+#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
-+	DES_ede3_cbc_encrypt(clear, enc, length, &key_data->des_ks[0],
-+			     &key_data->des_ks[1], &key_data->des_ks[2],
-+			     TO_CBLOCK(key_data->des_ivec[0]), DES_ENCRYPT);
-+#else
- 	des_ede3_cbc_encrypt(clear, enc, length, key_data->des_ks[0],
- 			     key_data->des_ks[1], key_data->des_ks[2],
- 			     TO_CBLOCK(key_data->des_ivec[0]), DES_ENCRYPT);
-+#endif
- }
- 
- void
-@@ -774,9 +898,15 @@
- 		 ssh_des3_t *key_data)
- {
- 
-+#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
-+	DES_ede3_cbc_encrypt(enc, clear, length, &key_data->des_ks[3],
-+			     &key_data->des_ks[4], &key_data->des_ks[5],
-+			     TO_CBLOCK(key_data->des_ivec[1]), DES_DECRYPT);
-+#else
- 	des_ede3_cbc_encrypt(enc, clear, length, key_data->des_ks[3],
- 			     key_data->des_ks[4], key_data->des_ks[5],
- 			     TO_CBLOCK(key_data->des_ivec[1]), DES_DECRYPT);
-+#endif
- 
- }
- 
diff --git a/security/fressh/patches/patch-ae b/security/fressh/patches/patch-ae
deleted file mode 100644
index 708a01e0e17..00000000000
--- a/security/fressh/patches/patch-ae
+++ /dev/null
@@ -1,23 +0,0 @@
-$NetBSD: patch-ae,v 1.1 2003/09/21 08:35:55 jmc Exp $
-
---- crypto/ssh_des.h.orig	2003-09-21 03:02:53.000000000 +0000
-+++ crypto/ssh_des.h	2003-09-21 03:04:13.000000000 +0000
-@@ -16,12 +16,18 @@
- #ifndef _SSH_DES_H
- #define _SSH_DES_H
- 
-+#include "openssl/opensslv.h"
- #include "openssl/des.h"
- struct ssh_cipher;
- 
- typedef struct {
-+#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
-+	DES_key_schedule des_ks;
-+	DES_cblock	 des_ivec[2];	/* Two directions, same key! */
-+#else
- 	des_key_schedule des_ks;
- 	des_cblock	 des_ivec[2];	/* Two directions, same key! */
-+#endif
- } ssh_des_t;
- 
- void ssh_des_attach(struct ssh_cipher *);
author	jlam <jlam@pkgsrc.org>	2004-12-15 19:34:40 +0000
committer	jlam <jlam@pkgsrc.org>	2004-12-15 19:34:40 +0000
commit	c7897dbee10ea6890f02ed757fe0434d5c1f9d19 (patch)
tree	1d4923e61fadd3c4de7fb1bc577814f5386e4575 /security
parent	4adcab1e5af671d174b383026963564c8dd51cca (diff)
download	pkgsrc-c7897dbee10ea6890f02ed757fe0434d5c1f9d19.tar.gz