diff options
author | Diego Elio Pettenò <flameeyes@gentoo.org> | 2010-04-07 14:35:55 +0000 |
---|---|---|
committer | Diego Elio Pettenò <flameeyes@gentoo.org> | 2010-04-07 14:35:55 +0000 |
commit | 17adc4db78f18063bcf3a9914d3e176370d9e4cf (patch) | |
tree | 8e15699d17d696cbc2d9b8786000b9ca4d1f1ec1 | |
parent | clean up (diff) | |
download | gentoo-2-17adc4db78f18063bcf3a9914d3e176370d9e4cf.tar.gz gentoo-2-17adc4db78f18063bcf3a9914d3e176370d9e4cf.tar.bz2 gentoo-2-17adc4db78f18063bcf3a9914d3e176370d9e4cf.zip |
Add important fix for MD5-based password hashes on non-Alpha 64-bit architectures. Thanks to Petr Bravenec for reporting.
(Portage version: 2.2_rc67/cvs/Linux x86_64)
-rw-r--r-- | sys-auth/pam-pgsql/ChangeLog | 10 | ||||
-rw-r--r-- | sys-auth/pam-pgsql/files/pam-pgsql-0.7.1-64bit.patch | 138 | ||||
-rw-r--r-- | sys-auth/pam-pgsql/pam-pgsql-0.7.1-r1.ebuild (renamed from sys-auth/pam-pgsql/pam-pgsql-0.7.1.ebuild) | 6 |
3 files changed, 152 insertions, 2 deletions
diff --git a/sys-auth/pam-pgsql/ChangeLog b/sys-auth/pam-pgsql/ChangeLog index 6cf573c635b7..b244b06b0e1a 100644 --- a/sys-auth/pam-pgsql/ChangeLog +++ b/sys-auth/pam-pgsql/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for sys-auth/pam-pgsql # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam-pgsql/ChangeLog,v 1.3 2010/03/16 11:56:16 flameeyes Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam-pgsql/ChangeLog,v 1.4 2010/04/07 14:35:55 flameeyes Exp $ + +*pam-pgsql-0.7.1-r1 (07 Apr 2010) + + 07 Apr 2010; Diego E. Pettenò <flameeyes@gentoo.org> + -pam-pgsql-0.7.1.ebuild, +pam-pgsql-0.7.1-r1.ebuild, + +files/pam-pgsql-0.7.1-64bit.patch: + Add important fix for MD5-based password hashes on non-Alpha 64-bit + architectures. Thanks to Petr Bravenec for reporting. *pam-pgsql-0.7.1 (16 Mar 2010) diff --git a/sys-auth/pam-pgsql/files/pam-pgsql-0.7.1-64bit.patch b/sys-auth/pam-pgsql/files/pam-pgsql-0.7.1-64bit.patch new file mode 100644 index 000000000000..94f171aa67fa --- /dev/null +++ b/sys-auth/pam-pgsql/files/pam-pgsql-0.7.1-64bit.patch @@ -0,0 +1,138 @@ +From 30361fa5f3266c0f088bbc89eb06dddbd032fc54 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Diego=20Elio=20'Flameeyes'=20Petten=C3=B2?= <flameeyes@gmail.com> +Date: Wed, 7 Apr 2010 15:58:04 +0200 +Subject: [PATCH] Fix md5 code under 64-bit platforms. + +The code was previously singling out the Alpha platform as 64-bit, but +that's definitely not the only platform where unsigned long is 64-bit +rather than 32. + +This change actually relies on C89 standard integers (uint32_t) so that +there is no more risk of getting it wrong. +--- + src/md5.c | 28 ++++++++++++++-------------- + src/md5.h | 10 +++------- + 2 files changed, 17 insertions(+), 21 deletions(-) + +diff --git a/src/md5.c b/src/md5.c +index 3b51e76..df24f16 100644 +--- a/src/md5.c ++++ b/src/md5.c +@@ -17,7 +17,7 @@ + #include <string.h> /* for memcpy() */ + #include "md5.h" + +-static void MD5Transform(uint32 buf[4], uint32 const in[16]); ++static void MD5Transform(uint32_t buf[4], uint32_t const in[16]); + + #ifndef HIGHFIRST + #define byteReverse(buf, len) /* Nothing */ +@@ -30,11 +30,11 @@ void byteReverse(unsigned char *buf, unsigned longs); + */ + void byteReverse(unsigned char *buf, unsigned longs) + { +- uint32 t; ++ uint32_t t; + do { +- t = (uint32) ((unsigned) buf[3] << 8 | buf[2]) << 16 | ++ t = (uint32_t) ((unsigned) buf[3] << 8 | buf[2]) << 16 | + ((unsigned) buf[1] << 8 | buf[0]); +- *(uint32 *) buf = t; ++ *(uint32_t *) buf = t; + buf += 4; + } while (--longs); + } +@@ -62,12 +62,12 @@ void MD5Init(struct MD5Context *ctx) + */ + void MD5Update(struct MD5Context *ctx, unsigned char const *buf, unsigned len) + { +- uint32 t; ++ uint32_t t; + + /* Update bitcount */ + + t = ctx->bits[0]; +- if ((ctx->bits[0] = t + ((uint32) len << 3)) < t) ++ if ((ctx->bits[0] = t + ((uint32_t) len << 3)) < t) + ctx->bits[1]++; /* Carry from low to high */ + ctx->bits[1] += len >> 29; + +@@ -85,7 +85,7 @@ void MD5Update(struct MD5Context *ctx, unsigned char const *buf, unsigned len) + } + memcpy(p, buf, t); + byteReverse(ctx->in, 16); +- MD5Transform(ctx->buf, (uint32 *) ctx->in); ++ MD5Transform(ctx->buf, (uint32_t *) ctx->in); + buf += t; + len -= t; + } +@@ -94,7 +94,7 @@ void MD5Update(struct MD5Context *ctx, unsigned char const *buf, unsigned len) + while (len >= 64) { + memcpy(ctx->in, buf, 64); + byteReverse(ctx->in, 16); +- MD5Transform(ctx->buf, (uint32 *) ctx->in); ++ MD5Transform(ctx->buf, (uint32_t *) ctx->in); + buf += 64; + len -= 64; + } +@@ -129,7 +129,7 @@ void MD5Final(unsigned char *digest, struct MD5Context *ctx) + /* Two lots of padding: Pad the first block to 64 bytes */ + memset(p, 0, count); + byteReverse(ctx->in, 16); +- MD5Transform(ctx->buf, (uint32 *) ctx->in); ++ MD5Transform(ctx->buf, (uint32_t *) ctx->in); + + /* Now fill the next block with 56 bytes */ + memset(ctx->in, 0, 56); +@@ -140,10 +140,10 @@ void MD5Final(unsigned char *digest, struct MD5Context *ctx) + byteReverse(ctx->in, 14); + + /* Append length in bits and transform */ +- ((uint32 *) ctx->in)[14] = ctx->bits[0]; +- ((uint32 *) ctx->in)[15] = ctx->bits[1]; ++ ((uint32_t *) ctx->in)[14] = ctx->bits[0]; ++ ((uint32_t *) ctx->in)[15] = ctx->bits[1]; + +- MD5Transform(ctx->buf, (uint32 *) ctx->in); ++ MD5Transform(ctx->buf, (uint32_t *) ctx->in); + byteReverse((unsigned char *) ctx->buf, 4); + memcpy(digest, ctx->buf, 16); + memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */ +@@ -173,9 +173,9 @@ void MD5Final(unsigned char *digest, struct MD5Context *ctx) + * reflect the addition of 16 longwords of new data. MD5Update blocks + * the data and converts bytes into longwords for this routine. + */ +-static void MD5Transform(uint32 buf[4], uint32 const in[16]) ++static void MD5Transform(uint32_t buf[4], uint32_t const in[16]) + { +- register uint32 a, b, c, d; ++ register uint32_t a, b, c, d; + + a = buf[0]; + b = buf[1]; +diff --git a/src/md5.h b/src/md5.h +index 6d8d047..a8a952f 100644 +--- a/src/md5.h ++++ b/src/md5.h +@@ -1,15 +1,11 @@ + #ifndef MD5_H + #define MD5_H + +-#ifdef __alpha +-typedef unsigned int uint32; +-#else +-typedef unsigned long uint32; +-#endif ++#include <stdint.h> + + struct MD5Context { +- uint32 buf[4]; +- uint32 bits[2]; ++ uint32_t buf[4]; ++ uint32_t bits[2]; + unsigned char in[64]; + }; + +-- +1.7.0.4 + diff --git a/sys-auth/pam-pgsql/pam-pgsql-0.7.1.ebuild b/sys-auth/pam-pgsql/pam-pgsql-0.7.1-r1.ebuild index 1152c58aeae6..e54e641dcfea 100644 --- a/sys-auth/pam-pgsql/pam-pgsql-0.7.1.ebuild +++ b/sys-auth/pam-pgsql/pam-pgsql-0.7.1-r1.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2010 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam-pgsql/pam-pgsql-0.7.1.ebuild,v 1.1 2010/03/16 11:56:16 flameeyes Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-auth/pam-pgsql/pam-pgsql-0.7.1-r1.ebuild,v 1.1 2010/04/07 14:35:55 flameeyes Exp $ EAPI=2 @@ -25,6 +25,10 @@ IUSE="" SLOT="0" KEYWORDS="~amd64 ~x86" +src_prepare() { + epatch "${FILESDIR}"/${P}-64bit.patch +} + src_configure() { econf \ --sysconfdir=/etc/security \ |