From 5a9cdf3bbf85f677f0cf02efa2d2f4981215f324 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Tue, 27 Mar 2018 17:02:14 +0200 Subject: [PATCH] Used openssl for the DES instead of the libcrypt / glibc Resolves: rhbz#1556132 --- ppp-2.4.7-DES-openssl.patch | 79 +++++++++++++++++++++++++++++++++++++ ppp.spec | 9 ++++- 2 files changed, 87 insertions(+), 1 deletion(-) create mode 100644 ppp-2.4.7-DES-openssl.patch diff --git a/ppp-2.4.7-DES-openssl.patch b/ppp-2.4.7-DES-openssl.patch new file mode 100644 index 0000000..ad3b268 --- /dev/null +++ b/ppp-2.4.7-DES-openssl.patch @@ -0,0 +1,79 @@ +diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux +index 534ccc2..cf11b74 100644 +--- a/pppd/Makefile.linux ++++ b/pppd/Makefile.linux +@@ -41,7 +41,7 @@ COPTS = -Wall $(RPM_OPT_FLAGS) -DLIBDIR=\""$(LIBDIR)"\" + # Uncomment the next 2 lines to include support for Microsoft's + # MS-CHAP authentication protocol. Also, edit plugins/radius/Makefile.linux. + CHAPMS=y +-USE_CRYPT=y ++#USE_CRYPT=y + # Don't use MSLANMAN unless you really know what you're doing. + #MSLANMAN=y + # Uncomment the next line to include support for MPPE. CHAPMS (above) must +@@ -147,7 +147,8 @@ endif + + ifdef NEEDDES + ifndef USE_CRYPT +-LIBS += -ldes $(LIBS) ++CFLAGS += -I/usr/include/openssl ++LIBS += -lcrypto + else + CFLAGS += -DUSE_CRYPT=1 + endif +diff --git a/pppd/pppcrypt.c b/pppd/pppcrypt.c +index 8b85b13..6b35375 100644 +--- a/pppd/pppcrypt.c ++++ b/pppd/pppcrypt.c +@@ -64,7 +64,7 @@ u_char *des_key; /* OUT 64 bit DES key with parity bits added */ + des_key[7] = Get7Bits(key, 49); + + #ifndef USE_CRYPT +- des_set_odd_parity((des_cblock *)des_key); ++ DES_set_odd_parity((DES_cblock *)des_key); + #endif + } + +@@ -158,25 +158,25 @@ u_char *clear; /* OUT 8 octets */ + } + + #else /* USE_CRYPT */ +-static des_key_schedule key_schedule; ++static DES_key_schedule key_schedule; + + bool + DesSetkey(key) + u_char *key; + { +- des_cblock des_key; ++ DES_cblock des_key; + MakeKey(key, des_key); +- des_set_key(&des_key, key_schedule); ++ DES_set_key(&des_key, &key_schedule); + return (1); + } + + bool +-DesEncrypt(clear, key, cipher) ++DesEncrypt(clear, cipher) + u_char *clear; /* IN 8 octets */ + u_char *cipher; /* OUT 8 octets */ + { +- des_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher, +- key_schedule, 1); ++ DES_ecb_encrypt((DES_cblock *)clear, (DES_cblock *)cipher, ++ &key_schedule, 1); + return (1); + } + +@@ -185,8 +185,8 @@ DesDecrypt(cipher, clear) + u_char *cipher; /* IN 8 octets */ + u_char *clear; /* OUT 8 octets */ + { +- des_ecb_encrypt((des_cblock *)cipher, (des_cblock *)clear, +- key_schedule, 0); ++ DES_ecb_encrypt((DES_cblock *)cipher, (DES_cblock *)clear, ++ &key_schedule, 0); + return (1); + } + diff --git a/ppp.spec b/ppp.spec index 1d16daf..fba6300 100644 --- a/ppp.spec +++ b/ppp.spec @@ -3,7 +3,7 @@ Summary: The Point-to-Point Protocol daemon Name: ppp Version: 2.4.7 -Release: 17%{?dist} +Release: 18%{?dist} License: BSD and LGPLv2+ and GPLv2+ and Public Domain Group: System Environment/Daemons URL: http://www.samba.org/ppp @@ -51,6 +51,9 @@ Patch0026: 0026-Revert-pppd-rebase-EAP-TLS-patch-v0.994.patch Patch0027: 0027-pppd-EAP-TLS-patch-v0.999.patch Patch0028: 0028-pppoe-include-netinet-in.h-before-linux-in.h.patch +# rhbz#1556132 +Patch0029: ppp-2.4.7-DES-openssl.patch + BuildRequires: pam-devel, libpcap-devel, systemd, systemd-devel, glib2-devel BuildRequires: openssl-devel Requires: glibc >= 2.0.6, /etc/pam.d/system-auth, libpcap >= 14:0.8.3-6, systemd, initscripts >= 9.54 @@ -169,6 +172,10 @@ install -p %{SOURCE11} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/ifdo %doc PLUGINS %changelog +* Tue Mar 27 2018 Jaroslav Škarvada - 2.4.7-18 +- Used openssl for the DES instead of the libcrypt / glibc + Resolves: rhbz#1556132 + * Fri Feb 09 2018 Igor Gnatenko - 2.4.7-17 - Escape macros in %%changelog