From 120511d35095a48d60abbb7cb2367d0c30fbc757 Mon Sep 17 00:00:00 2001 From: Mark Reynolds Date: Wed, 25 Aug 2021 13:20:56 -0400 Subject: [PATCH] Remove GOST-YESCRYPT password sotrage scheme --- .../tests/suites/password/pwd_algo_test.py | 1 - ldap/ldif/template-dse-minimal.ldif.in | 9 --------- ldap/ldif/template-dse.ldif.in | 9 --------- ldap/servers/plugins/pwdstorage/pwd_init.c | 18 ------------------ ldap/servers/slapd/fedse.c | 13 ------------- 5 files changed, 50 deletions(-) diff --git a/dirsrvtests/tests/suites/password/pwd_algo_test.py b/dirsrvtests/tests/suites/password/pwd_algo_test.py index 66bda420e..88f8e40b7 100644 --- a/dirsrvtests/tests/suites/password/pwd_algo_test.py +++ b/dirsrvtests/tests/suites/password/pwd_algo_test.py @@ -124,7 +124,6 @@ def _test_algo_for_pbkdf2(inst, algo_name): ('CLEAR', 'CRYPT', 'CRYPT-MD5', 'CRYPT-SHA256', 'CRYPT-SHA512', 'MD5', 'SHA', 'SHA256', 'SHA384', 'SHA512', 'SMD5', 'SSHA', 'SSHA256', 'SSHA384', 'SSHA512', 'PBKDF2_SHA256', 'DEFAULT', - 'GOST_YESCRYPT', )) def test_pwd_algo_test(topology_st, algo): """Assert that all of our password algorithms correctly PASS and FAIL varying diff --git a/ldap/ldif/template-dse-minimal.ldif.in b/ldap/ldif/template-dse-minimal.ldif.in index 2eccae9b2..1a05f4a67 100644 --- a/ldap/ldif/template-dse-minimal.ldif.in +++ b/ldap/ldif/template-dse-minimal.ldif.in @@ -194,15 +194,6 @@ nsslapd-pluginarg1: nsds5ReplicaCredentials nsslapd-pluginid: aes-storage-scheme nsslapd-pluginprecedence: 1 -dn: cn=GOST_YESCRYPT,cn=Password Storage Schemes,cn=plugins,cn=config -objectclass: top -objectclass: nsSlapdPlugin -cn: GOST_YESCRYPT -nsslapd-pluginpath: libpwdstorage-plugin -nsslapd-plugininitfunc: gost_yescrypt_pwd_storage_scheme_init -nsslapd-plugintype: pwdstoragescheme -nsslapd-pluginenabled: on - dn: cn=Syntax Validation Task,cn=plugins,cn=config objectclass: top objectclass: nsSlapdPlugin diff --git a/ldap/ldif/template-dse.ldif.in b/ldap/ldif/template-dse.ldif.in index 7e7480cba..f30531bec 100644 --- a/ldap/ldif/template-dse.ldif.in +++ b/ldap/ldif/template-dse.ldif.in @@ -242,15 +242,6 @@ nsslapd-pluginarg2: nsds5ReplicaBootstrapCredentials nsslapd-pluginid: aes-storage-scheme nsslapd-pluginprecedence: 1 -dn: cn=GOST_YESCRYPT,cn=Password Storage Schemes,cn=plugins,cn=config -objectclass: top -objectclass: nsSlapdPlugin -cn: GOST_YESCRYPT -nsslapd-pluginpath: libpwdstorage-plugin -nsslapd-plugininitfunc: gost_yescrypt_pwd_storage_scheme_init -nsslapd-plugintype: pwdstoragescheme -nsslapd-pluginenabled: on - dn: cn=Syntax Validation Task,cn=plugins,cn=config objectclass: top objectclass: nsSlapdPlugin diff --git a/ldap/servers/plugins/pwdstorage/pwd_init.c b/ldap/servers/plugins/pwdstorage/pwd_init.c index 606e63404..59cfc4684 100644 --- a/ldap/servers/plugins/pwdstorage/pwd_init.c +++ b/ldap/servers/plugins/pwdstorage/pwd_init.c @@ -52,8 +52,6 @@ static Slapi_PluginDesc smd5_pdesc = {"smd5-password-storage-scheme", VENDOR, DS static Slapi_PluginDesc pbkdf2_sha256_pdesc = {"pbkdf2-sha256-password-storage-scheme", VENDOR, DS_PACKAGE_VERSION, "Salted PBKDF2 SHA256 hash algorithm (PBKDF2_SHA256)"}; -static Slapi_PluginDesc gost_yescrypt_pdesc = {"gost-yescrypt-password-storage-scheme", VENDOR, DS_PACKAGE_VERSION, "Yescrypt KDF algorithm (Streebog256)"}; - static char *plugin_name = "NSPwdStoragePlugin"; int @@ -431,19 +429,3 @@ pbkdf2_sha256_pwd_storage_scheme_init(Slapi_PBlock *pb) return rc; } -int -gost_yescrypt_pwd_storage_scheme_init(Slapi_PBlock *pb) -{ - int rc; - - slapi_log_err(SLAPI_LOG_PLUGIN, plugin_name, "=> gost_yescrypt_pwd_storage_scheme_init\n"); - - rc = slapi_pblock_set(pb, SLAPI_PLUGIN_VERSION, (void *)SLAPI_PLUGIN_VERSION_01); - rc |= slapi_pblock_set(pb, SLAPI_PLUGIN_DESCRIPTION, (void *)&gost_yescrypt_pdesc); - rc |= slapi_pblock_set(pb, SLAPI_PLUGIN_PWD_STORAGE_SCHEME_ENC_FN, (void *)gost_yescrypt_pw_enc); - rc |= slapi_pblock_set(pb, SLAPI_PLUGIN_PWD_STORAGE_SCHEME_CMP_FN, (void *)gost_yescrypt_pw_cmp); - rc |= slapi_pblock_set(pb, SLAPI_PLUGIN_PWD_STORAGE_SCHEME_NAME, GOST_YESCRYPT_SCHEME_NAME); - - slapi_log_err(SLAPI_LOG_PLUGIN, plugin_name, "<= gost_yescrypt_pwd_storage_scheme_init %d\n", rc); - return rc; -} diff --git a/ldap/servers/slapd/fedse.c b/ldap/servers/slapd/fedse.c index 44159c991..24b7ed11c 100644 --- a/ldap/servers/slapd/fedse.c +++ b/ldap/servers/slapd/fedse.c @@ -203,19 +203,6 @@ static const char *internal_entries[] = "nsslapd-pluginVersion: none\n" "nsslapd-pluginVendor: 389 Project\n" "nsslapd-pluginDescription: CRYPT-SHA512\n", - - "dn: cn=GOST_YESCRYPT,cn=Password Storage Schemes,cn=plugins,cn=config\n" - "objectclass: top\n" - "objectclass: nsSlapdPlugin\n" - "cn: GOST_YESCRYPT\n" - "nsslapd-pluginpath: libpwdstorage-plugin\n" - "nsslapd-plugininitfunc: gost_yescrypt_pwd_storage_scheme_init\n" - "nsslapd-plugintype: pwdstoragescheme\n" - "nsslapd-pluginenabled: on\n" - "nsslapd-pluginId: GOST_YESCRYPT\n" - "nsslapd-pluginVersion: none\n" - "nsslapd-pluginVendor: 389 Project\n" - "nsslapd-pluginDescription: GOST_YESCRYPT\n", }; static int NUM_INTERNAL_ENTRIES = sizeof(internal_entries) / sizeof(internal_entries[0]); -- 2.31.1