[OE-core] [PATCH 6/8] ppp: Use openssl for the DES instead of the libcrypt / glibc

Burton, Ross ross.burton at intel.com
Wed Aug 8 20:11:36 UTC 2018 

Is it possible to backport the patch from upstream so when they do
make a new release, devtool doesn't report conflicts but will just
delete the patch?

Ross

On 8 August 2018 at 18:04, Khem Raj <raj.khem at gmail.com> wrote:
> Signed-off-by: Khem Raj <raj.khem at gmail.com>
> ---
>  .../ppp/ppp/ppp-2.4.7-DES-openssl.patch       | 84 +++++++++++++++++++
>  meta/recipes-connectivity/ppp/ppp_2.4.7.bb    |  5 +-
>  2 files changed, 87 insertions(+), 2 deletions(-)
>  create mode 100644 meta/recipes-connectivity/ppp/ppp/ppp-2.4.7-DES-openssl.patch
>
> diff --git a/meta/recipes-connectivity/ppp/ppp/ppp-2.4.7-DES-openssl.patch b/meta/recipes-connectivity/ppp/ppp/ppp-2.4.7-DES-openssl.patch
> new file mode 100644
> index 0000000000..e53f240543
> --- /dev/null
> +++ b/meta/recipes-connectivity/ppp/ppp/ppp-2.4.7-DES-openssl.patch
> @@ -0,0 +1,84 @@
> +Used openssl for the DES instead of the libcrypt / glibc
> +
> +Upstream-Status: Pending
> +
> +Signed-off-by: Khem Raj <raj.khem at gmail.com>
> +
> +Index: ppp-2.4.7/pppd/Makefile.linux
> +===================================================================
> +--- ppp-2.4.7.orig/pppd/Makefile.linux
> ++++ ppp-2.4.7/pppd/Makefile.linux
> +@@ -38,7 +38,7 @@ LIBS =
> + # Uncomment the next 2 lines to include support for Microsoft's
> + # MS-CHAP authentication protocol.  Also, edit plugins/radius/Makefile.linux.
> + CHAPMS=y
> +-USE_CRYPT=y
> ++#USE_CRYPT=y
> + # Don't use MSLANMAN unless you really know what you're doing.
> + #MSLANMAN=y
> + # Uncomment the next line to include support for MPPE.  CHAPMS (above) must
> +@@ -132,7 +132,7 @@ endif
> +
> + ifdef NEEDDES
> + ifndef USE_CRYPT
> +-LIBS     += -ldes $(LIBS)
> ++LIBS     += -lcrypto
> + else
> + CFLAGS   += -DUSE_CRYPT=1
> + endif
> +Index: ppp-2.4.7/pppd/pppcrypt.c
> +===================================================================
> +--- ppp-2.4.7.orig/pppd/pppcrypt.c
> ++++ ppp-2.4.7/pppd/pppcrypt.c
> +@@ -64,7 +64,7 @@ u_char *des_key;     /* OUT 64 bit DES key w
> +       des_key[7] = Get7Bits(key, 49);
> +
> + #ifndef USE_CRYPT
> +-      des_set_odd_parity((des_cblock *)des_key);
> ++      DES_set_odd_parity((DES_cblock *)des_key);
> + #endif
> + }
> +
> +@@ -158,25 +158,25 @@ u_char *clear;   /* OUT 8 octets */
> + }
> +
> + #else /* USE_CRYPT */
> +-static des_key_schedule       key_schedule;
> ++static DES_key_schedule       key_schedule;
> +
> + bool
> + DesSetkey(key)
> + u_char *key;
> + {
> +-      des_cblock des_key;
> ++      DES_cblock des_key;
> +       MakeKey(key, des_key);
> +-      des_set_key(&des_key, key_schedule);
> ++      DES_set_key(&des_key, &key_schedule);
> +       return (1);
> + }
> +
> + bool
> +-DesEncrypt(clear, key, cipher)
> ++DesEncrypt(clear, cipher)
> + u_char *clear;        /* IN  8 octets */
> + u_char *cipher;       /* OUT 8 octets */
> + {
> +-      des_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher,
> +-          key_schedule, 1);
> ++      DES_ecb_encrypt((DES_cblock *)clear, (DES_cblock *)cipher,
> ++          &key_schedule, 1);
> +       return (1);
> + }
> +
> +@@ -185,8 +185,8 @@ DesDecrypt(cipher, clear)
> + u_char *cipher;       /* IN  8 octets */
> + u_char *clear;        /* OUT 8 octets */
> + {
> +-      des_ecb_encrypt((des_cblock *)cipher, (des_cblock *)clear,
> +-          key_schedule, 0);
> ++      DES_ecb_encrypt((DES_cblock *)cipher, (DES_cblock *)clear,
> ++          &key_schedule, 0);
> +       return (1);
> + }
> +
> diff --git a/meta/recipes-connectivity/ppp/ppp_2.4.7.bb b/meta/recipes-connectivity/ppp/ppp_2.4.7.bb
> index a1bb7d71c1..f4646bd693 100644
> --- a/meta/recipes-connectivity/ppp/ppp_2.4.7.bb
> +++ b/meta/recipes-connectivity/ppp/ppp_2.4.7.bb
> @@ -4,7 +4,7 @@ the Point-to-Point Protocol (PPP) on Linux and Solaris systems."
>  SECTION = "console/network"
>  HOMEPAGE = "http://samba.org/ppp/"
>  BUGTRACKER = "http://ppp.samba.org/cgi-bin/ppp-bugs"
> -DEPENDS = "libpcap"
> +DEPENDS = "libpcap openssl"
>  LICENSE = "BSD & GPLv2+ & LGPLv2+ & PD"
>  LIC_FILES_CHKSUM = "file://pppd/ccp.c;beginline=1;endline=29;md5=e2c43fe6e81ff77d87dc9c290a424dea \
>                      file://pppd/plugins/passprompt.c;beginline=1;endline=10;md5=3bcbcdbf0e369c9a3e0b8c8275b065d8 \
> @@ -32,6 +32,7 @@ SRC_URI = "https://download.samba.org/pub/${BPN}/${BP}.tar.gz \
>             file://fix-CVE-2015-3310.patch \
>             file://0001-pppoe-include-netinet-in.h-before-linux-in.h.patch \
>             file://0001-ppp-Remove-unneeded-include.patch \
> +           file://ppp-2.4.7-DES-openssl.patch \
>  "
>
>  SRC_URI_append_libc-musl = "\
> @@ -49,7 +50,7 @@ EXTRA_OECONF = "--disable-strip"
>  # Package Makefile computes CFLAGS, referencing COPTS.
>  # Typically hard-coded to '-O2 -g' in the Makefile's.
>  #
> -EXTRA_OEMAKE += ' COPTS="${CFLAGS} -I${S}/include"'
> +EXTRA_OEMAKE += ' COPTS="${CFLAGS} -I${STAGING_INCDIR}/openssl -I${S}/include"'
>
>  do_configure () {
>         oe_runconf
> --
> 2.18.0
>
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core at lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core

More information about the Openembedded-core mailing list