Tree - rpms/cyrus-sasl - CentOS Git server

rpms / cyrus-sasl

Blame SOURCES/cyrus-sasl-pr559-RC4-openssl.patch

Blob History Raw

		8b8af0	`From 8aa9ae816ddf66921b4a8a0f422517e6f2e55ac6 Mon Sep 17 00:00:00 2001`
		8b8af0	`From: Simo Sorce <simo@redhat.com>`
		8b8af0	`Date: Wed, 27 Mar 2019 14:29:08 -0400`
		8b8af0	`Subject: [PATCH] Use Openssl RC4 when available`
		8b8af0
		8b8af0	`Signed-off-by: Simo Sorce <simo@redhat.com>`
		8b8af0	`---`
		8b8af0	`configure.ac \| 5 +--`
		8b8af0	`plugins/digestmd5.c \| 107 +++++++++++++++++++++++++++++++++++++++++++-`
		8b8af0	`2 files changed, 108 insertions(+), 4 deletions(-)`
		8b8af0
		8b8af0	`diff --git a/configure.ac b/configure.ac`
		8b8af0	`index 388f5d02..cfdee4a2 100644`
		8b8af0	`--- a/configure.ac`
		8b8af0	`+++ b/configure.ac`
		8b8af0	`@@ -1103,13 +1103,12 @@ AC_ARG_WITH(configdir, [ --with-configdir=DIR set the directory where confi`
		8b8af0	`configdir='${plugindir}:${sysconfdir}/sasl2')`
		8b8af0	`AC_SUBST(configdir)`
		8b8af0
		8b8af0	`-dnl look for rc4 libraries. we accept the CMU one or one from openSSL`
		8b8af0	`-AC_ARG_WITH(rc4, [ --with-rc4 use internal rc4 routines [[yes]] ],`
		8b8af0	`+AC_ARG_WITH(rc4, [ --with-rc4 use rc4 routines [[yes]] ],`
		8b8af0	`with_rc4=$withval,`
		8b8af0	`with_rc4=yes)`
		8b8af0
		8b8af0	`if test "$with_rc4" != no; then`
		8b8af0	`- AC_DEFINE(WITH_RC4,[],[Use internal RC4 implementation?])`
		8b8af0	`+ AC_DEFINE(WITH_RC4,[],[Use RC4])`
		8b8af0	`fi`
		8b8af0
		8b8af0	`building_for_macosx=no`
		8b8af0	`diff --git a/plugins/digestmd5.c b/plugins/digestmd5.c`
		8b8af0	`index df35093d..c6b54317 100644`
		8b8af0	`--- a/plugins/digestmd5.c`
		8b8af0	`+++ b/plugins/digestmd5.c`
		8b8af0	`@@ -1117,6 +1117,111 @@ static void free_des(context_t *text)`
		8b8af0	`#endif /* WITH_DES */`
		8b8af0
		8b8af0	`#ifdef WITH_RC4`
		8b8af0	`+#ifdef HAVE_OPENSSL`
		8b8af0	`+#include <openssl/evp.h>`
		8b8af0	`+`
		8b8af0	`+static void free_rc4(context_t *text)`
		8b8af0	`+{`
		8b8af0	`+ if (text->cipher_enc_context) {`
		8b8af0	`+ EVP_CIPHER_CTX_free((EVP_CIPHER_CTX *)text->cipher_enc_context);`
		8b8af0	`+ text->cipher_enc_context = NULL;`
		8b8af0	`+ }`
		8b8af0	`+ if (text->cipher_dec_context) {`
		8b8af0	`+ EVP_CIPHER_CTX_free((EVP_CIPHER_CTX *)text->cipher_dec_context);`
		8b8af0	`+ text->cipher_dec_context = NULL;`
		8b8af0	`+ }`
		8b8af0	`+}`
		8b8af0	`+`
		8b8af0	`+static int init_rc4(context_t *text,`
		8b8af0	`+ unsigned char enckey[16],`
		8b8af0	`+ unsigned char deckey[16])`
		8b8af0	`+{`
		8b8af0	`+ EVP_CIPHER_CTX *ctx;`
		8b8af0	`+ int rc;`
		8b8af0	`+`
		8b8af0	`+ ctx = EVP_CIPHER_CTX_new();`
		8b8af0	`+ if (ctx == NULL) return SASL_NOMEM;`
		8b8af0	`+`
		8b8af0	`+ rc = EVP_EncryptInit_ex(ctx, EVP_rc4(), NULL, enckey, NULL);`
		8b8af0	`+ if (rc != 1) return SASL_FAIL;`
		8b8af0	`+`
		8b8af0	`+ text->cipher_enc_context = (void *)ctx;`
		8b8af0	`+`
		8b8af0	`+ ctx = EVP_CIPHER_CTX_new();`
		8b8af0	`+ if (ctx == NULL) return SASL_NOMEM;`
		8b8af0	`+`
		8b8af0	`+ rc = EVP_DecryptInit_ex(ctx, EVP_rc4(), NULL, deckey, NULL);`
		8b8af0	`+ if (rc != 1) return SASL_FAIL;`
		8b8af0	`+`
		8b8af0	`+ text->cipher_dec_context = (void *)ctx;`
		8b8af0	`+`
		8b8af0	`+ return SASL_OK;`
		8b8af0	`+}`
		8b8af0	`+`
		8b8af0	`+static int dec_rc4(context_t *text,`
		8b8af0	`+ const char *input,`
		8b8af0	`+ unsigned inputlen,`
		8b8af0	`+ unsigned char digest[16] __attribute__((unused)),`
		8b8af0	`+ char *output,`
		8b8af0	`+ unsigned *outputlen)`
		8b8af0	`+{`
		8b8af0	`+ int len;`
		8b8af0	`+ int rc;`
		8b8af0	`+`
		8b8af0	`+ /* decrypt the text part & HMAC */`
		8b8af0	`+ rc = EVP_DecryptUpdate((EVP_CIPHER_CTX *)text->cipher_dec_context,`
		8b8af0	`+ (unsigned char *)output, &len,`
		8b8af0	`+ (const unsigned char *)input, inputlen);`
		8b8af0	`+ if (rc != 1) return SASL_FAIL;`
		8b8af0	`+`
		8b8af0	`+ *outputlen = len;`
		8b8af0	`+`
		8b8af0	`+ rc = EVP_DecryptFinal_ex((EVP_CIPHER_CTX *)text->cipher_dec_context,`
		8b8af0	`+ (unsigned char *)output + len, &len;;`
		8b8af0	`+ if (rc != 1) return SASL_FAIL;`
		8b8af0	`+`
		8b8af0	`+ *outputlen += len;`
		8b8af0	`+`
		8b8af0	`+ /* subtract the HMAC to get the text length */`
		8b8af0	`+ *outputlen -= 10;`
		8b8af0	`+`
		8b8af0	`+ return SASL_OK;`
		8b8af0	`+}`
		8b8af0	`+`
		8b8af0	`+static int enc_rc4(context_t *text,`
		8b8af0	`+ const char *input,`
		8b8af0	`+ unsigned inputlen,`
		8b8af0	`+ unsigned char digest[16],`
		8b8af0	`+ char *output,`
		8b8af0	`+ unsigned *outputlen)`
		8b8af0	`+{`
		8b8af0	`+ int len;`
		8b8af0	`+ int rc;`
		8b8af0	`+ /* encrypt the text part */`
		8b8af0	`+ rc = EVP_EncryptUpdate((EVP_CIPHER_CTX *)text->cipher_enc_context,`
		8b8af0	`+ (unsigned char *)output, &len,`
		8b8af0	`+ (const unsigned char *)input, inputlen);`
		8b8af0	`+ if (rc != 1) return SASL_FAIL;`
		8b8af0	`+`
		8b8af0	`+ *outputlen = len;`
		8b8af0	`+`
		8b8af0	+ /* encrypt the `MAC part */
		8b8af0	`+ rc = EVP_EncryptUpdate((EVP_CIPHER_CTX *)text->cipher_enc_context,`
		8b8af0	`+ (unsigned char )output + outputlen, &len,`
		8b8af0	`+ digest, 10);`
		8b8af0	`+ if (rc != 1) return SASL_FAIL;`
		8b8af0	`+`
		8b8af0	`+ *outputlen += len;`
		8b8af0	`+`
		8b8af0	`+ rc = EVP_EncryptFinal_ex((EVP_CIPHER_CTX *)text->cipher_enc_context,`
		8b8af0	`+ (unsigned char )output + outputlen, &len;;`
		8b8af0	`+ if (rc != 1) return SASL_FAIL;`
		8b8af0	`+`
		8b8af0	`+ *outputlen += len;`
		8b8af0	`+`
		8b8af0	`+ return SASL_OK;`
		8b8af0	`+}`
		8b8af0	`+#else`
		8b8af0	`/* quick generic implementation of RC4 */`
		8b8af0	`struct rc4_context_s {`
		8b8af0	`unsigned char sbox[256];`
		8b8af0	`@@ -1296,7 +1401,7 @@ static int enc_rc4(context_t *text,`
		8b8af0
		8b8af0	`return SASL_OK;`
		8b8af0	`}`
		8b8af0	`-`
		8b8af0	`+#endif /* HAVE_OPENSSL */`
		8b8af0	`#endif /* WITH_RC4 */`
		8b8af0
		8b8af0	`struct digest_cipher available_ciphers[] =`

rpms / cyrus-sasl

Source Code

Blame SOURCES/cyrus-sasl-pr559-RC4-openssl.patch