|
|
@ -1,6 +1,6 @@
|
|
|
|
diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plugins/digestmd5.c
|
|
|
|
diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plugins/digestmd5.c
|
|
|
|
--- cyrus-sasl-2.1.27/plugins/digestmd5.c 2021-09-30 17:13:06.573093526 -0400
|
|
|
|
--- cyrus-sasl-2.1.27/plugins/digestmd5.c 2022-09-08 12:22:03.782961573 -0400
|
|
|
|
+++ cyrus-sasl-2.1.27.digestmd5/plugins/digestmd5.c 2021-09-30 17:26:31.818378442 -0400
|
|
|
|
+++ cyrus-sasl-2.1.27.digestmd5/plugins/digestmd5.c 2022-09-08 12:24:20.289994669 -0400
|
|
|
|
@@ -80,6 +80,12 @@
|
|
|
|
@@ -80,6 +80,12 @@
|
|
|
|
# endif
|
|
|
|
# endif
|
|
|
|
#endif /* WITH_DES */
|
|
|
|
#endif /* WITH_DES */
|
|
|
@ -105,7 +105,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
|
|
|
|
|
|
|
|
|
|
|
|
/* setup dec context */
|
|
|
|
/* setup dec context */
|
|
|
|
c++;
|
|
|
|
c++;
|
|
|
|
@@ -1102,60 +1114,139 @@
|
|
|
|
@@ -1102,34 +1114,83 @@
|
|
|
|
|
|
|
|
|
|
|
|
memcpy(c->ivec, ((char *) deckey) + 8, 8);
|
|
|
|
memcpy(c->ivec, ((char *) deckey) + 8, 8);
|
|
|
|
|
|
|
|
|
|
|
@ -201,16 +201,14 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int init_rc4(context_t *text,
|
|
|
|
static int init_rc4(context_t *text,
|
|
|
|
unsigned char enckey[16],
|
|
|
|
@@ -1139,23 +1200,57 @@
|
|
|
|
unsigned char deckey[16])
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
+ const EVP_CIPHER *cipher;
|
|
|
|
|
|
|
|
EVP_CIPHER_CTX *ctx;
|
|
|
|
EVP_CIPHER_CTX *ctx;
|
|
|
|
int rc;
|
|
|
|
int rc;
|
|
|
|
|
|
|
|
|
|
|
|
- ctx = EVP_CIPHER_CTX_new();
|
|
|
|
- ctx = EVP_CIPHER_CTX_new();
|
|
|
|
- if (ctx == NULL) return SASL_NOMEM;
|
|
|
|
- if (ctx == NULL) return SASL_NOMEM;
|
|
|
|
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
|
|
|
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
|
|
|
|
|
|
|
+ EVP_CIPHER *cipher;
|
|
|
|
+ ossl3_context_t *ossl3_ctx;
|
|
|
|
+ ossl3_context_t *ossl3_ctx;
|
|
|
|
|
|
|
|
|
|
|
|
- rc = EVP_EncryptInit_ex(ctx, EVP_rc4(), NULL, enckey, NULL);
|
|
|
|
- rc = EVP_EncryptInit_ex(ctx, EVP_rc4(), NULL, enckey, NULL);
|
|
|
@ -221,6 +219,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
|
|
|
|
+ ossl3_ctx = (ossl3_context_t *)text->crypto.libctx;
|
|
|
|
+ ossl3_ctx = (ossl3_context_t *)text->crypto.libctx;
|
|
|
|
+ cipher = EVP_CIPHER_fetch(ossl3_ctx->libctx, "RC4", "");
|
|
|
|
+ cipher = EVP_CIPHER_fetch(ossl3_ctx->libctx, "RC4", "");
|
|
|
|
+#else
|
|
|
|
+#else
|
|
|
|
|
|
|
|
+ const EVP_CIPHER *cipher;
|
|
|
|
+ cipher = EVP_rc4();
|
|
|
|
+ cipher = EVP_rc4();
|
|
|
|
+#endif
|
|
|
|
+#endif
|
|
|
|
|
|
|
|
|
|
|
@ -241,25 +240,28 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
|
|
|
|
+ goto done;
|
|
|
|
+ goto done;
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+ text->crypto.enc_ctx = (void *)ctx;
|
|
|
|
+ text->crypto.enc_ctx = (void *)ctx;
|
|
|
|
|
|
|
|
+
|
|
|
|
- text->cipher_dec_context = (void *)ctx;
|
|
|
|
|
|
|
|
+ ctx = EVP_CIPHER_CTX_new();
|
|
|
|
+ ctx = EVP_CIPHER_CTX_new();
|
|
|
|
+ if (ctx == NULL) {
|
|
|
|
+ if (ctx == NULL) {
|
|
|
|
+ rc = SASL_NOMEM;
|
|
|
|
+ rc = SASL_NOMEM;
|
|
|
|
+ goto done;
|
|
|
|
+ goto done;
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
|
|
|
|
+
|
|
|
|
- return SASL_OK;
|
|
|
|
|
|
|
|
+ rc = EVP_DecryptInit_ex(ctx, cipher, NULL, deckey, NULL);
|
|
|
|
+ rc = EVP_DecryptInit_ex(ctx, cipher, NULL, deckey, NULL);
|
|
|
|
+ if (rc != 1) {
|
|
|
|
+ if (rc != 1) {
|
|
|
|
+ rc = SASL_FAIL;
|
|
|
|
+ rc = SASL_FAIL;
|
|
|
|
+ goto done;
|
|
|
|
+ goto done;
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+ text->crypto.dec_ctx = (void *)ctx;
|
|
|
|
+ text->crypto.dec_ctx = (void *)ctx;
|
|
|
|
+
|
|
|
|
|
|
|
|
|
|
|
|
- text->cipher_dec_context = (void *)ctx;
|
|
|
|
+ rc = SASL_OK;
|
|
|
|
+ rc = SASL_OK;
|
|
|
|
+
|
|
|
|
|
|
|
|
|
|
|
|
- return SASL_OK;
|
|
|
|
+done:
|
|
|
|
+done:
|
|
|
|
|
|
|
|
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
|
|
|
|
|
|
|
+ EVP_CIPHER_free(cipher);
|
|
|
|
|
|
|
|
+#endif
|
|
|
|
+ if (rc != SASL_OK) {
|
|
|
|
+ if (rc != SASL_OK) {
|
|
|
|
+ free_rc4(text);
|
|
|
|
+ free_rc4(text);
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
@ -267,7 +269,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int dec_rc4(context_t *text,
|
|
|
|
static int dec_rc4(context_t *text,
|
|
|
|
@@ -1169,14 +1260,14 @@
|
|
|
|
@@ -1169,14 +1264,14 @@
|
|
|
|
int rc;
|
|
|
|
int rc;
|
|
|
|
|
|
|
|
|
|
|
|
/* decrypt the text part & HMAC */
|
|
|
|
/* decrypt the text part & HMAC */
|
|
|
@ -284,7 +286,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
|
|
|
|
(unsigned char *)output + len, &len);
|
|
|
|
(unsigned char *)output + len, &len);
|
|
|
|
if (rc != 1) return SASL_FAIL;
|
|
|
|
if (rc != 1) return SASL_FAIL;
|
|
|
|
|
|
|
|
|
|
|
|
@@ -1198,7 +1289,7 @@
|
|
|
|
@@ -1198,7 +1293,7 @@
|
|
|
|
int len;
|
|
|
|
int len;
|
|
|
|
int rc;
|
|
|
|
int rc;
|
|
|
|
/* encrypt the text part */
|
|
|
|
/* encrypt the text part */
|
|
|
@ -293,7 +295,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
|
|
|
|
(unsigned char *)output, &len,
|
|
|
|
(unsigned char *)output, &len,
|
|
|
|
(const unsigned char *)input, inputlen);
|
|
|
|
(const unsigned char *)input, inputlen);
|
|
|
|
if (rc != 1) return SASL_FAIL;
|
|
|
|
if (rc != 1) return SASL_FAIL;
|
|
|
|
@@ -1206,14 +1297,14 @@
|
|
|
|
@@ -1206,14 +1301,14 @@
|
|
|
|
*outputlen = len;
|
|
|
|
*outputlen = len;
|
|
|
|
|
|
|
|
|
|
|
|
/* encrypt the `MAC part */
|
|
|
|
/* encrypt the `MAC part */
|
|
|
@ -310,7 +312,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
|
|
|
|
(unsigned char *)output + *outputlen, &len);
|
|
|
|
(unsigned char *)output + *outputlen, &len);
|
|
|
|
if (rc != 1) return SASL_FAIL;
|
|
|
|
if (rc != 1) return SASL_FAIL;
|
|
|
|
|
|
|
|
|
|
|
|
@@ -1221,188 +1312,11 @@
|
|
|
|
@@ -1221,188 +1316,11 @@
|
|
|
|
|
|
|
|
|
|
|
|
return SASL_OK;
|
|
|
|
return SASL_OK;
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -499,7 +501,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
|
|
|
|
{ "rc4", 128, 16, 0x04, &enc_rc4, &dec_rc4, &init_rc4, &free_rc4 },
|
|
|
|
{ "rc4", 128, 16, 0x04, &enc_rc4, &dec_rc4, &init_rc4, &free_rc4 },
|
|
|
|
#endif
|
|
|
|
#endif
|
|
|
|
#ifdef WITH_DES
|
|
|
|
#ifdef WITH_DES
|
|
|
|
@@ -2815,6 +2729,7 @@
|
|
|
|
@@ -2815,6 +2733,7 @@
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (cptr->name) {
|
|
|
|
if (cptr->name) {
|
|
|
@ -507,7 +509,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
|
|
|
|
text->cipher_enc = cptr->cipher_enc;
|
|
|
|
text->cipher_enc = cptr->cipher_enc;
|
|
|
|
text->cipher_dec = cptr->cipher_dec;
|
|
|
|
text->cipher_dec = cptr->cipher_dec;
|
|
|
|
text->cipher_init = cptr->cipher_init;
|
|
|
|
text->cipher_init = cptr->cipher_init;
|
|
|
|
@@ -2958,7 +2873,10 @@
|
|
|
|
@@ -2958,7 +2877,10 @@
|
|
|
|
if (text->cipher_init) {
|
|
|
|
if (text->cipher_init) {
|
|
|
|
if (text->cipher_init(text, enckey, deckey) != SASL_OK) {
|
|
|
|
if (text->cipher_init(text, enckey, deckey) != SASL_OK) {
|
|
|
|
sparams->utils->seterror(sparams->utils->conn, 0,
|
|
|
|
sparams->utils->seterror(sparams->utils->conn, 0,
|
|
|
@ -519,7 +521,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
@@ -3509,6 +3427,7 @@
|
|
|
|
@@ -3509,6 +3431,7 @@
|
|
|
|
oparams->mech_ssf = ctext->cipher->ssf;
|
|
|
|
oparams->mech_ssf = ctext->cipher->ssf;
|
|
|
|
|
|
|
|
|
|
|
|
nbits = ctext->cipher->n;
|
|
|
|
nbits = ctext->cipher->n;
|
|
|
@ -527,7 +529,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
|
|
|
|
text->cipher_enc = ctext->cipher->cipher_enc;
|
|
|
|
text->cipher_enc = ctext->cipher->cipher_enc;
|
|
|
|
text->cipher_dec = ctext->cipher->cipher_dec;
|
|
|
|
text->cipher_dec = ctext->cipher->cipher_dec;
|
|
|
|
text->cipher_free = ctext->cipher->cipher_free;
|
|
|
|
text->cipher_free = ctext->cipher->cipher_free;
|
|
|
|
@@ -3733,7 +3652,13 @@
|
|
|
|
@@ -3733,7 +3656,13 @@
|
|
|
|
|
|
|
|
|
|
|
|
/* initialize cipher if need be */
|
|
|
|
/* initialize cipher if need be */
|
|
|
|
if (text->cipher_init) {
|
|
|
|
if (text->cipher_init) {
|
|
|
|