FreeBSD Bugzilla – Attachment 197419 Details for
Bug 231647
security/cyrus-sasl2 saslauthd patch included for openssl 1.1.0
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
Patch for cyrus-sasl2-saslauthd enabling openssl 1.1.0 build
patch-saslauthd_lak1.c (text/plain), 2.71 KB, created by
dewayne
on 2018-09-24 00:17:18 UTC
(
hide
)
Description:
Patch for cyrus-sasl2-saslauthd enabling openssl 1.1.0 build
Filename:
MIME Type:
Creator:
dewayne
Created:
2018-09-24 00:17:18 UTC
Size:
2.71 KB
patch
obsolete
>--- saslauthd/lak.c.orig 2012-10-12 16:05:48.000000000 +0200 >+++ saslauthd/lak.c 2017-09-04 12:00:57.773615637 +0200 >@@ -61,6 +61,35 @@ > #include <sasl.h> > #include "lak.h" > >+#if OPENSSL_VERSION_NUMBER < 0x10100000L >+static EVP_MD_CTX *EVP_MD_CTX_new(void) >+{ >+ return EVP_MD_CTX_create(); >+} >+static void EVP_MD_CTX_free(EVP_MD_CTX *ctx) >+{ >+ if (ctx == NULL) >+ return; >+ >+ EVP_MD_CTX_destroy(ctx); >+} >+ >+static EVP_ENCODE_CTX *EVP_ENCODE_CTX_new(void) >+{ >+ EVP_ENCODE_CTX *ctx = OPENSSL_malloc(sizeof(*ctx)); >+ >+ if (ctx != NULL) { >+ memset(ctx, 0, sizeof(*ctx)); >+ } >+ return ctx; >+} >+static void EVP_ENCODE_CTX_free(EVP_ENCODE_CTX *ctx) >+{ >+ OPENSSL_free(ctx); >+ return; >+} >+#endif >+ > typedef struct lak_auth_method { > int method; > int (*check) (LAK *lak, const char *user, const char *service, const char *realm, const char *password) ; >@@ -1715,20 +1744,28 @@ static int lak_base64_decode( > > int rc, i, tlen = 0; > char *text; >- EVP_ENCODE_CTX EVP_ctx; >+ EVP_ENCODE_CTX *enc_ctx = EVP_ENCODE_CTX_new(); > >- text = (char *)malloc(((strlen(src)+3)/4 * 3) + 1); > if (text == NULL) > return LAK_NOMEM; > >- EVP_DecodeInit(&EVP_ctx); >- rc = EVP_DecodeUpdate(&EVP_ctx, text, &i, (char *)src, strlen(src)); >+ text = (char *)malloc(((strlen(src)+3)/4 * 3) + 1); >+ if (text == NULL) { >+ EVP_ENCODE_CTX_free(enc_ctx); >+ return LAK_NOMEM; >+ } >+ >+ EVP_DecodeInit(enc_ctx); >+ rc = EVP_DecodeUpdate(enc_ctx, (unsigned char *) text, &i, (const unsigned char *)src, strlen(src)); > if (rc < 0) { >+ EVP_ENCODE_CTX_free(enc_ctx); > free(text); > return LAK_FAIL; > } > tlen += i; >- EVP_DecodeFinal(&EVP_ctx, text, &i); >+ EVP_DecodeFinal(enc_ctx, (unsigned char *) text, &i); >+ >+ EVP_ENCODE_CTX_free(enc_ctx); > > *ret = text; > if (rlen != NULL) >@@ -1744,7 +1781,7 @@ static int lak_check_hashed( > { > int rc, clen; > LAK_HASH_ROCK *hrock = (LAK_HASH_ROCK *) rock; >- EVP_MD_CTX mdctx; >+ EVP_MD_CTX *mdctx; > const EVP_MD *md; > unsigned char digest[EVP_MAX_MD_SIZE]; > char *cred; >@@ -1753,17 +1790,24 @@ static int lak_check_hashed( > if (!md) > return LAK_FAIL; > >+ mdctx = EVP_MD_CTX_new(); >+ if (!mdctx) >+ return LAK_NOMEM; >+ > rc = lak_base64_decode(hash, &cred, &clen); >- if (rc != LAK_OK) >+ if (rc != LAK_OK) { >+ EVP_MD_CTX_free(mdctx); > return rc; >+ } > >- EVP_DigestInit(&mdctx, md); >- EVP_DigestUpdate(&mdctx, passwd, strlen(passwd)); >+ EVP_DigestInit(mdctx, md); >+ EVP_DigestUpdate(mdctx, passwd, strlen(passwd)); > if (hrock->salted) { >- EVP_DigestUpdate(&mdctx, &cred[EVP_MD_size(md)], >+ EVP_DigestUpdate(mdctx, &cred[EVP_MD_size(md)], > clen - EVP_MD_size(md)); > } >- EVP_DigestFinal(&mdctx, digest, NULL); >+ EVP_DigestFinal(mdctx, digest, NULL); >+ EVP_MD_CTX_free(mdctx); > > rc = memcmp((char *)cred, (char *)digest, EVP_MD_size(md)); > free(cred);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=197419">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 231647
: 197419