[OE-core] [PATCH 10/18] ppp: Use openssl for the DES instead of the libcrypt / glibc
Burton, Ross
ross.burton at intel.com
Wed Aug 8 15:14:58 UTC 2018
My understanding is that libxcrypt was basically the crypto pieces
ripped out of glibc, but the github page lists DES as an implemented
algorithm.
Ross
On 8 August 2018 at 16:01, Khem Raj <raj.khem at gmail.com> wrote:
> Does it provide DES implementation I am not sure but if it does then it
> might be another option
>
> On Wed, Aug 8, 2018 at 3:40 AM Burton, Ross <ross.burton at intel.com> wrote:
>>
>> Why not use libxcrypt?
>>
>> Ross
>>
>> On 6 August 2018 at 23:57, Khem Raj <raj.khem at gmail.com> wrote:
>> > Signed-off-by: Khem Raj <raj.khem at gmail.com>
>> > ---
>> > .../ppp/ppp/ppp-2.4.7-DES-openssl.patch | 84 +++++++++++++++++++
>> > meta/recipes-connectivity/ppp/ppp_2.4.7.bb | 5 +-
>> > 2 files changed, 87 insertions(+), 2 deletions(-)
>> > create mode 100644
>> > meta/recipes-connectivity/ppp/ppp/ppp-2.4.7-DES-openssl.patch
>> >
>> > diff --git
>> > a/meta/recipes-connectivity/ppp/ppp/ppp-2.4.7-DES-openssl.patch
>> > b/meta/recipes-connectivity/ppp/ppp/ppp-2.4.7-DES-openssl.patch
>> > new file mode 100644
>> > index 0000000000..e53f240543
>> > --- /dev/null
>> > +++ b/meta/recipes-connectivity/ppp/ppp/ppp-2.4.7-DES-openssl.patch
>> > @@ -0,0 +1,84 @@
>> > +Used openssl for the DES instead of the libcrypt / glibc
>> > +
>> > +Upstream-Status: Pending
>> > +
>> > +Signed-off-by: Khem Raj <raj.khem at gmail.com>
>> > +
>> > +Index: ppp-2.4.7/pppd/Makefile.linux
>> > +===================================================================
>> > +--- ppp-2.4.7.orig/pppd/Makefile.linux
>> > ++++ ppp-2.4.7/pppd/Makefile.linux
>> > +@@ -38,7 +38,7 @@ LIBS =
>> > + # Uncomment the next 2 lines to include support for Microsoft's
>> > + # MS-CHAP authentication protocol. Also, edit
>> > plugins/radius/Makefile.linux.
>> > + CHAPMS=y
>> > +-USE_CRYPT=y
>> > ++#USE_CRYPT=y
>> > + # Don't use MSLANMAN unless you really know what you're doing.
>> > + #MSLANMAN=y
>> > + # Uncomment the next line to include support for MPPE. CHAPMS (above)
>> > must
>> > +@@ -132,7 +132,7 @@ endif
>> > +
>> > + ifdef NEEDDES
>> > + ifndef USE_CRYPT
>> > +-LIBS += -ldes $(LIBS)
>> > ++LIBS += -lcrypto
>> > + else
>> > + CFLAGS += -DUSE_CRYPT=1
>> > + endif
>> > +Index: ppp-2.4.7/pppd/pppcrypt.c
>> > +===================================================================
>> > +--- ppp-2.4.7.orig/pppd/pppcrypt.c
>> > ++++ ppp-2.4.7/pppd/pppcrypt.c
>> > +@@ -64,7 +64,7 @@ u_char *des_key; /* OUT 64 bit DES key w
>> > + des_key[7] = Get7Bits(key, 49);
>> > +
>> > + #ifndef USE_CRYPT
>> > +- des_set_odd_parity((des_cblock *)des_key);
>> > ++ DES_set_odd_parity((DES_cblock *)des_key);
>> > + #endif
>> > + }
>> > +
>> > +@@ -158,25 +158,25 @@ u_char *clear; /* OUT 8 octets */
>> > + }
>> > +
>> > + #else /* USE_CRYPT */
>> > +-static des_key_schedule key_schedule;
>> > ++static DES_key_schedule key_schedule;
>> > +
>> > + bool
>> > + DesSetkey(key)
>> > + u_char *key;
>> > + {
>> > +- des_cblock des_key;
>> > ++ DES_cblock des_key;
>> > + MakeKey(key, des_key);
>> > +- des_set_key(&des_key, key_schedule);
>> > ++ DES_set_key(&des_key, &key_schedule);
>> > + return (1);
>> > + }
>> > +
>> > + bool
>> > +-DesEncrypt(clear, key, cipher)
>> > ++DesEncrypt(clear, cipher)
>> > + u_char *clear; /* IN 8 octets */
>> > + u_char *cipher; /* OUT 8 octets */
>> > + {
>> > +- des_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher,
>> > +- key_schedule, 1);
>> > ++ DES_ecb_encrypt((DES_cblock *)clear, (DES_cblock *)cipher,
>> > ++ &key_schedule, 1);
>> > + return (1);
>> > + }
>> > +
>> > +@@ -185,8 +185,8 @@ DesDecrypt(cipher, clear)
>> > + u_char *cipher; /* IN 8 octets */
>> > + u_char *clear; /* OUT 8 octets */
>> > + {
>> > +- des_ecb_encrypt((des_cblock *)cipher, (des_cblock *)clear,
>> > +- key_schedule, 0);
>> > ++ DES_ecb_encrypt((DES_cblock *)cipher, (DES_cblock *)clear,
>> > ++ &key_schedule, 0);
>> > + return (1);
>> > + }
>> > +
>> > diff --git a/meta/recipes-connectivity/ppp/ppp_2.4.7.bb
>> > b/meta/recipes-connectivity/ppp/ppp_2.4.7.bb
>> > index a1bb7d71c1..f4646bd693 100644
>> > --- a/meta/recipes-connectivity/ppp/ppp_2.4.7.bb
>> > +++ b/meta/recipes-connectivity/ppp/ppp_2.4.7.bb
>> > @@ -4,7 +4,7 @@ the Point-to-Point Protocol (PPP) on Linux and Solaris
>> > systems."
>> > SECTION = "console/network"
>> > HOMEPAGE = "http://samba.org/ppp/"
>> > BUGTRACKER = "http://ppp.samba.org/cgi-bin/ppp-bugs"
>> > -DEPENDS = "libpcap"
>> > +DEPENDS = "libpcap openssl"
>> > LICENSE = "BSD & GPLv2+ & LGPLv2+ & PD"
>> > LIC_FILES_CHKSUM =
>> > "file://pppd/ccp.c;beginline=1;endline=29;md5=e2c43fe6e81ff77d87dc9c290a424dea
>> > \
>> >
>> > file://pppd/plugins/passprompt.c;beginline=1;endline=10;md5=3bcbcdbf0e369c9a3e0b8c8275b065d8
>> > \
>> > @@ -32,6 +32,7 @@ SRC_URI =
>> > "https://download.samba.org/pub/${BPN}/${BP}.tar.gz \
>> > file://fix-CVE-2015-3310.patch \
>> >
>> > file://0001-pppoe-include-netinet-in.h-before-linux-in.h.patch \
>> > file://0001-ppp-Remove-unneeded-include.patch \
>> > + file://ppp-2.4.7-DES-openssl.patch \
>> > "
>> >
>> > SRC_URI_append_libc-musl = "\
>> > @@ -49,7 +50,7 @@ EXTRA_OECONF = "--disable-strip"
>> > # Package Makefile computes CFLAGS, referencing COPTS.
>> > # Typically hard-coded to '-O2 -g' in the Makefile's.
>> > #
>> > -EXTRA_OEMAKE += ' COPTS="${CFLAGS} -I${S}/include"'
>> > +EXTRA_OEMAKE += ' COPTS="${CFLAGS} -I${STAGING_INCDIR}/openssl
>> > -I${S}/include"'
>> >
>> > do_configure () {
>> > oe_runconf
>> > --
>> > 2.18.0
>> >
>> > --
>> > _______________________________________________
>> > Openembedded-core mailing list
>> > Openembedded-core at lists.openembedded.org
>> > http://lists.openembedded.org/mailman/listinfo/openembedded-core
More information about the Openembedded-core
mailing list