summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDiego Elio Pettenò <flameeyes@gentoo.org>2010-04-07 14:35:55 +0000
committerDiego Elio Pettenò <flameeyes@gentoo.org>2010-04-07 14:35:55 +0000
commit17adc4db78f18063bcf3a9914d3e176370d9e4cf (patch)
tree8e15699d17d696cbc2d9b8786000b9ca4d1f1ec1
parentclean up (diff)
downloadgentoo-2-17adc4db78f18063bcf3a9914d3e176370d9e4cf.tar.gz
gentoo-2-17adc4db78f18063bcf3a9914d3e176370d9e4cf.tar.bz2
gentoo-2-17adc4db78f18063bcf3a9914d3e176370d9e4cf.zip
Add important fix for MD5-based password hashes on non-Alpha 64-bit architectures. Thanks to Petr Bravenec for reporting.
(Portage version: 2.2_rc67/cvs/Linux x86_64)
-rw-r--r--sys-auth/pam-pgsql/ChangeLog10
-rw-r--r--sys-auth/pam-pgsql/files/pam-pgsql-0.7.1-64bit.patch138
-rw-r--r--sys-auth/pam-pgsql/pam-pgsql-0.7.1-r1.ebuild (renamed from sys-auth/pam-pgsql/pam-pgsql-0.7.1.ebuild)6
3 files changed, 152 insertions, 2 deletions
diff --git a/sys-auth/pam-pgsql/ChangeLog b/sys-auth/pam-pgsql/ChangeLog
index 6cf573c635b7..b244b06b0e1a 100644
--- a/sys-auth/pam-pgsql/ChangeLog
+++ b/sys-auth/pam-pgsql/ChangeLog
@@ -1,6 +1,14 @@
# ChangeLog for sys-auth/pam-pgsql
# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam-pgsql/ChangeLog,v 1.3 2010/03/16 11:56:16 flameeyes Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam-pgsql/ChangeLog,v 1.4 2010/04/07 14:35:55 flameeyes Exp $
+
+*pam-pgsql-0.7.1-r1 (07 Apr 2010)
+
+ 07 Apr 2010; Diego E. Pettenò <flameeyes@gentoo.org>
+ -pam-pgsql-0.7.1.ebuild, +pam-pgsql-0.7.1-r1.ebuild,
+ +files/pam-pgsql-0.7.1-64bit.patch:
+ Add important fix for MD5-based password hashes on non-Alpha 64-bit
+ architectures. Thanks to Petr Bravenec for reporting.
*pam-pgsql-0.7.1 (16 Mar 2010)
diff --git a/sys-auth/pam-pgsql/files/pam-pgsql-0.7.1-64bit.patch b/sys-auth/pam-pgsql/files/pam-pgsql-0.7.1-64bit.patch
new file mode 100644
index 000000000000..94f171aa67fa
--- /dev/null
+++ b/sys-auth/pam-pgsql/files/pam-pgsql-0.7.1-64bit.patch
@@ -0,0 +1,138 @@
+From 30361fa5f3266c0f088bbc89eb06dddbd032fc54 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Diego=20Elio=20'Flameeyes'=20Petten=C3=B2?= <flameeyes@gmail.com>
+Date: Wed, 7 Apr 2010 15:58:04 +0200
+Subject: [PATCH] Fix md5 code under 64-bit platforms.
+
+The code was previously singling out the Alpha platform as 64-bit, but
+that's definitely not the only platform where unsigned long is 64-bit
+rather than 32.
+
+This change actually relies on C89 standard integers (uint32_t) so that
+there is no more risk of getting it wrong.
+---
+ src/md5.c | 28 ++++++++++++++--------------
+ src/md5.h | 10 +++-------
+ 2 files changed, 17 insertions(+), 21 deletions(-)
+
+diff --git a/src/md5.c b/src/md5.c
+index 3b51e76..df24f16 100644
+--- a/src/md5.c
++++ b/src/md5.c
+@@ -17,7 +17,7 @@
+ #include <string.h> /* for memcpy() */
+ #include "md5.h"
+
+-static void MD5Transform(uint32 buf[4], uint32 const in[16]);
++static void MD5Transform(uint32_t buf[4], uint32_t const in[16]);
+
+ #ifndef HIGHFIRST
+ #define byteReverse(buf, len) /* Nothing */
+@@ -30,11 +30,11 @@ void byteReverse(unsigned char *buf, unsigned longs);
+ */
+ void byteReverse(unsigned char *buf, unsigned longs)
+ {
+- uint32 t;
++ uint32_t t;
+ do {
+- t = (uint32) ((unsigned) buf[3] << 8 | buf[2]) << 16 |
++ t = (uint32_t) ((unsigned) buf[3] << 8 | buf[2]) << 16 |
+ ((unsigned) buf[1] << 8 | buf[0]);
+- *(uint32 *) buf = t;
++ *(uint32_t *) buf = t;
+ buf += 4;
+ } while (--longs);
+ }
+@@ -62,12 +62,12 @@ void MD5Init(struct MD5Context *ctx)
+ */
+ void MD5Update(struct MD5Context *ctx, unsigned char const *buf, unsigned len)
+ {
+- uint32 t;
++ uint32_t t;
+
+ /* Update bitcount */
+
+ t = ctx->bits[0];
+- if ((ctx->bits[0] = t + ((uint32) len << 3)) < t)
++ if ((ctx->bits[0] = t + ((uint32_t) len << 3)) < t)
+ ctx->bits[1]++; /* Carry from low to high */
+ ctx->bits[1] += len >> 29;
+
+@@ -85,7 +85,7 @@ void MD5Update(struct MD5Context *ctx, unsigned char const *buf, unsigned len)
+ }
+ memcpy(p, buf, t);
+ byteReverse(ctx->in, 16);
+- MD5Transform(ctx->buf, (uint32 *) ctx->in);
++ MD5Transform(ctx->buf, (uint32_t *) ctx->in);
+ buf += t;
+ len -= t;
+ }
+@@ -94,7 +94,7 @@ void MD5Update(struct MD5Context *ctx, unsigned char const *buf, unsigned len)
+ while (len >= 64) {
+ memcpy(ctx->in, buf, 64);
+ byteReverse(ctx->in, 16);
+- MD5Transform(ctx->buf, (uint32 *) ctx->in);
++ MD5Transform(ctx->buf, (uint32_t *) ctx->in);
+ buf += 64;
+ len -= 64;
+ }
+@@ -129,7 +129,7 @@ void MD5Final(unsigned char *digest, struct MD5Context *ctx)
+ /* Two lots of padding: Pad the first block to 64 bytes */
+ memset(p, 0, count);
+ byteReverse(ctx->in, 16);
+- MD5Transform(ctx->buf, (uint32 *) ctx->in);
++ MD5Transform(ctx->buf, (uint32_t *) ctx->in);
+
+ /* Now fill the next block with 56 bytes */
+ memset(ctx->in, 0, 56);
+@@ -140,10 +140,10 @@ void MD5Final(unsigned char *digest, struct MD5Context *ctx)
+ byteReverse(ctx->in, 14);
+
+ /* Append length in bits and transform */
+- ((uint32 *) ctx->in)[14] = ctx->bits[0];
+- ((uint32 *) ctx->in)[15] = ctx->bits[1];
++ ((uint32_t *) ctx->in)[14] = ctx->bits[0];
++ ((uint32_t *) ctx->in)[15] = ctx->bits[1];
+
+- MD5Transform(ctx->buf, (uint32 *) ctx->in);
++ MD5Transform(ctx->buf, (uint32_t *) ctx->in);
+ byteReverse((unsigned char *) ctx->buf, 4);
+ memcpy(digest, ctx->buf, 16);
+ memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */
+@@ -173,9 +173,9 @@ void MD5Final(unsigned char *digest, struct MD5Context *ctx)
+ * reflect the addition of 16 longwords of new data. MD5Update blocks
+ * the data and converts bytes into longwords for this routine.
+ */
+-static void MD5Transform(uint32 buf[4], uint32 const in[16])
++static void MD5Transform(uint32_t buf[4], uint32_t const in[16])
+ {
+- register uint32 a, b, c, d;
++ register uint32_t a, b, c, d;
+
+ a = buf[0];
+ b = buf[1];
+diff --git a/src/md5.h b/src/md5.h
+index 6d8d047..a8a952f 100644
+--- a/src/md5.h
++++ b/src/md5.h
+@@ -1,15 +1,11 @@
+ #ifndef MD5_H
+ #define MD5_H
+
+-#ifdef __alpha
+-typedef unsigned int uint32;
+-#else
+-typedef unsigned long uint32;
+-#endif
++#include <stdint.h>
+
+ struct MD5Context {
+- uint32 buf[4];
+- uint32 bits[2];
++ uint32_t buf[4];
++ uint32_t bits[2];
+ unsigned char in[64];
+ };
+
+--
+1.7.0.4
+
diff --git a/sys-auth/pam-pgsql/pam-pgsql-0.7.1.ebuild b/sys-auth/pam-pgsql/pam-pgsql-0.7.1-r1.ebuild
index 1152c58aeae6..e54e641dcfea 100644
--- a/sys-auth/pam-pgsql/pam-pgsql-0.7.1.ebuild
+++ b/sys-auth/pam-pgsql/pam-pgsql-0.7.1-r1.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2010 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam-pgsql/pam-pgsql-0.7.1.ebuild,v 1.1 2010/03/16 11:56:16 flameeyes Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam-pgsql/pam-pgsql-0.7.1-r1.ebuild,v 1.1 2010/04/07 14:35:55 flameeyes Exp $
EAPI=2
@@ -25,6 +25,10 @@ IUSE=""
SLOT="0"
KEYWORDS="~amd64 ~x86"
+src_prepare() {
+ epatch "${FILESDIR}"/${P}-64bit.patch
+}
+
src_configure() {
econf \
--sysconfdir=/etc/security \