| From 3c7b86229f7bd2600d74db14b1fe5b3896be3875 Mon Sep 17 00:00:00 2001 |
| From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= <jskarvad@redhat.com> |
| Date: Fri, 6 Apr 2018 14:27:18 +0200 |
| Subject: [PATCH] pppd: Use openssl for the DES instead of the libcrypt / glibc |
| MIME-Version: 1.0 |
| Content-Type: text/plain; charset=UTF-8 |
| Content-Transfer-Encoding: 8bit |
| |
| It seems the latest glibc (in Fedora glibc-2.27.9000-12.fc29) dropped |
| libcrypt. The libxcrypt standalone package can be used instead, but |
| it dropped the old setkey/encrypt API which ppp uses for DES. There |
| is support for using openssl in pppcrypt.c, but it contains typos |
| preventing it from compiling and seems to be written for an ancient |
| openssl version. |
| |
| This updates the code to use current openssl. |
| |
| [paulus@ozlabs.org - wrote the commit description, fixed comment in |
| Makefile.linux.] |
| |
| Signed-off-by: Jaroslav Škarvada <jskarvad@redhat.com> |
| Signed-off-by: Paul Mackerras <paulus@ozlabs.org> |
| Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> |
| [Retrieved from: |
| https://github.com/paulusmack/ppp/commit/3c7b86229f7bd2600d74db14b1fe5b3896be3875] |
| --- |
| pppd/Makefile.linux | 7 ++++--- |
| pppd/pppcrypt.c | 18 +++++++++--------- |
| 2 files changed, 13 insertions(+), 12 deletions(-) |
| |
| diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux |
| index 36d2b036..8d5ce99d 100644 |
| --- a/pppd/Makefile.linux |
| +++ b/pppd/Makefile.linux |
| @@ -35,10 +35,10 @@ endif |
| COPTS = -O2 -pipe -Wall -g |
| LIBS = |
| |
| -# Uncomment the next 2 lines to include support for Microsoft's |
| +# Uncomment the next line to include support for Microsoft's |
| # MS-CHAP authentication protocol. Also, edit plugins/radius/Makefile.linux. |
| CHAPMS=y |
| -USE_CRYPT=y |
| +#USE_CRYPT=y |
| # Don't use MSLANMAN unless you really know what you're doing. |
| #MSLANMAN=y |
| # Uncomment the next line to include support for MPPE. CHAPMS (above) must |
| @@ -137,7 +137,8 @@ endif |
| |
| ifdef NEEDDES |
| ifndef USE_CRYPT |
| -LIBS += -ldes $(LIBS) |
| +CFLAGS += -I/usr/include/openssl |
| +LIBS += -lcrypto |
| else |
| CFLAGS += -DUSE_CRYPT=1 |
| endif |
| diff --git a/pppd/pppcrypt.c b/pppd/pppcrypt.c |
| index 8b85b132..6b35375e 100644 |
| --- a/pppd/pppcrypt.c |
| +++ b/pppd/pppcrypt.c |
| @@ -64,7 +64,7 @@ u_char *des_key; /* OUT 64 bit DES key with parity bits added */ |
| des_key[7] = Get7Bits(key, 49); |
| |
| #ifndef USE_CRYPT |
| - des_set_odd_parity((des_cblock *)des_key); |
| + DES_set_odd_parity((DES_cblock *)des_key); |
| #endif |
| } |
| |
| @@ -158,25 +158,25 @@ u_char *clear; /* OUT 8 octets */ |
| } |
| |
| #else /* USE_CRYPT */ |
| -static des_key_schedule key_schedule; |
| +static DES_key_schedule key_schedule; |
| |
| bool |
| DesSetkey(key) |
| u_char *key; |
| { |
| - des_cblock des_key; |
| + DES_cblock des_key; |
| MakeKey(key, des_key); |
| - des_set_key(&des_key, key_schedule); |
| + DES_set_key(&des_key, &key_schedule); |
| return (1); |
| } |
| |
| bool |
| -DesEncrypt(clear, key, cipher) |
| +DesEncrypt(clear, cipher) |
| u_char *clear; /* IN 8 octets */ |
| u_char *cipher; /* OUT 8 octets */ |
| { |
| - des_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher, |
| - key_schedule, 1); |
| + DES_ecb_encrypt((DES_cblock *)clear, (DES_cblock *)cipher, |
| + &key_schedule, 1); |
| return (1); |
| } |
| |
| @@ -185,8 +185,8 @@ DesDecrypt(cipher, clear) |
| u_char *cipher; /* IN 8 octets */ |
| u_char *clear; /* OUT 8 octets */ |
| { |
| - des_ecb_encrypt((des_cblock *)cipher, (des_cblock *)clear, |
| - key_schedule, 0); |
| + DES_ecb_encrypt((DES_cblock *)cipher, (DES_cblock *)clear, |
| + &key_schedule, 0); |
| return (1); |
| } |
| |