Date: Wed, 12 Nov 2014 17:59:34 +0000 (UTC) From: Xin LI <delphij@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r372499 - in head/net/openldap24-server: . files Message-ID: <201411121759.sACHxYlk004616@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: delphij Date: Wed Nov 12 17:59:34 2014 New Revision: 372499 URL: https://svnweb.freebsd.org/changeset/ports/372499 QAT: https://qat.redports.org/buildarchive/r372499/ Log: - Fix Perl dependency by converting the port from using bsd.port.{pre,post}.mk to options.mk. [1] - Fix build with LibreSSL. [2] [3] - Make LM Password optional and disable by default. [3] Reported by: Lorenzo Perone <lorenzo.perone@bytesatwork.com> [1], brd [1] Submitted by: spil.oss@gmail.com [2] PR: 194841 [3] Added: head/net/openldap24-server/files/patch-des (contents, props changed) Modified: head/net/openldap24-server/Makefile Modified: head/net/openldap24-server/Makefile ============================================================================== --- head/net/openldap24-server/Makefile Wed Nov 12 17:48:18 2014 (r372498) +++ head/net/openldap24-server/Makefile Wed Nov 12 17:59:34 2014 (r372499) @@ -58,8 +58,8 @@ WANT_OPENLDAP_VER?= 24 BROKEN= incompatible OpenLDAP version: ${WANT_OPENLDAP_VER} .endif -PORTREVISION_CLIENT= 0 -PORTREVISION_SERVER= 1 +PORTREVISION_CLIENT= 1 +PORTREVISION_SERVER= 2 OPENLDAP_SHLIB_MAJOR= 2 OPENLDAP_SHLIB_MINOR= 10.3 OPENLDAP_MAJOR= ${DISTVERSION:R} @@ -76,6 +76,7 @@ OPTIONS_DEFINE+= ACCESSLOG AUDITLOG COLL OPTIONS_DEFINE+= DEREF DYNGROUP DYNLIST MEMBEROF PPOLICY PROXYCACHE OPTIONS_DEFINE+= REFINT RETCODE RWM SEQMOD SSSVLV SYNCPROV TRANSLUCENT OPTIONS_DEFINE+= UNIQUE VALSORT SMBPWD SHA2 DYNAMIC_BACKENDS SASL +OPTIONS_DEFINE+= LMPASSWD OPTIONS_DEFAULT= MDB SYNCPROV DYNAMIC_BACKENDS @@ -117,6 +118,7 @@ UNIQUE_DESC= With attribute Uniqueness VALSORT_DESC= With Value Sorting overlay SMBPWD_DESC= With Samba Password hashes overlay SHA2_DESC= With SHA2 Password hashes overlay +LMPASSWD_DESC= With LM hash password support (DEPRECATED) DYNAMIC_BACKENDS_DESC= Build dynamic backends .endif @@ -130,7 +132,7 @@ OPENLDAP_PKGFILESUFX= CONFIGURE_SED= -e 's,uuid/uuid.h,xxuuid/uuid.h,g' -.include <bsd.port.pre.mk> +.include <bsd.port.options.mk> .if defined(CLIENT_ONLY) PORTDOCS= CHANGES drafts rfc @@ -244,7 +246,6 @@ OVERLAY_ENABLE= yes CONFIGURE_ARGS+= --localstatedir=${LOCALSTATEDIR} \ --enable-crypt \ - --enable-lmpasswd \ --enable-ldap=${BACKEND_ENABLE} \ --enable-meta=${BACKEND_ENABLE} \ --enable-rewrite \ @@ -285,6 +286,10 @@ CONFIGURE_ARGS+= --enable-dyngroup=${OVE CONFIGURE_ARGS+= --enable-dynlist=${OVERLAY_ENABLE} .endif +.if ${PORT_OPTIONS:MLMPASSWD} +CONFIGURE_ARGS+= --enable-lmpasswd +.endif + .if ${PORT_OPTIONS:MMEMBEROF} CONFIGURE_ARGS+= --enable-memberof=${OVERLAY_ENABLE} .endif @@ -561,4 +566,4 @@ post-install: .endif .endif # defined(CLIENT_ONLY) -.include <bsd.port.post.mk> +.include <bsd.port.mk> Added: head/net/openldap24-server/files/patch-des ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/openldap24-server/files/patch-des Wed Nov 12 17:59:34 2014 (r372499) @@ -0,0 +1,204 @@ +--- libraries/liblutil/passwd.c.orig 2014-09-19 03:48:49.000000000 +0200 ++++ libraries/liblutil/passwd.c 2014-11-05 19:57:10.807555025 +0100 +@@ -38,11 +38,11 @@ + # include <openssl/des.h> + + +-typedef des_cblock des_key; +-typedef des_cblock des_data_block; +-typedef des_key_schedule des_context; +-#define des_failed(encrypted) 0 +-#define des_finish(key, schedule) ++typedef DES_cblock DES_key; ++typedef DES_cblock DES_data_block; ++typedef DES_key_schedule DES_context; ++#define DES_failed(encrypted) 0 ++#define DES_finish(key, schedule) + + #elif defined(HAVE_MOZNSS) + /* +@@ -53,9 +53,9 @@ + */ + #define PROTYPES_H 1 + # include <nss/pk11pub.h> +-typedef PK11SymKey *des_key; +-typedef unsigned char des_data_block[8]; +-typedef PK11Context *des_context[1]; ++typedef PK11SymKey *DES_key; ++typedef unsigned char DES_data_block[8]; ++typedef PK11Context *DES_context[1]; + #define DES_ENCRYPT CKA_ENCRYPT + + #endif +@@ -664,10 +664,10 @@ + * abstract away setting the parity. + */ + static void +-des_set_key_and_parity( des_key *key, unsigned char *keyData) ++DES_set_key_and_parity( DES_key *key, unsigned char *keyData) + { + memcpy(key, keyData, 8); +- des_set_odd_parity( key ); ++ DES_set_odd_parity( key ); + } + + +@@ -677,7 +677,7 @@ + * implement MozNSS wrappers for the openSSL calls + */ + static void +-des_set_key_and_parity( des_key *key, unsigned char *keyData) ++DES_set_key_and_parity( DES_key *key, unsigned char *keyData) + { + SECItem keyDataItem; + PK11SlotInfo *slot; +@@ -699,7 +699,7 @@ + } + + static void +-des_set_key_unchecked( des_key *key, des_context ctxt ) ++DES_set_key_unchecked( DES_key *key, DES_context ctxt ) + { + ctxt[0] = NULL; + +@@ -712,37 +712,37 @@ + } + + static void +-des_ecb_encrypt( des_data_block *plain, des_data_block *encrypted, +- des_context ctxt, int op) ++DES_ecb_encrypt( DES_data_block *plain, DES_data_block *encrypted, ++ DES_context ctxt, int op) + { + SECStatus rv; + int size; + + if (ctxt[0] == NULL) { + /* need to fail here... */ +- memset(encrypted, 0, sizeof(des_data_block)); ++ memset(encrypted, 0, sizeof(DES_data_block)); + return; + } + rv = PK11_CipherOp(ctxt[0], (unsigned char *)&encrypted[0], +- &size, sizeof(des_data_block), +- (unsigned char *)&plain[0], sizeof(des_data_block)); ++ &size, sizeof(DES_data_block), ++ (unsigned char *)&plain[0], sizeof(DES_data_block)); + if (rv != SECSuccess) { + /* signal failure */ +- memset(encrypted, 0, sizeof(des_data_block)); ++ memset(encrypted, 0, sizeof(DES_data_block)); + return; + } + return; + } + + static int +-des_failed(des_data_block *encrypted) ++DES_failed(DES_data_block *encrypted) + { +- static const des_data_block zero = { 0 }; ++ static const DES_data_block zero = { 0 }; + return memcmp(encrypted, zero, sizeof(zero)) == 0; + } + + static void +-des_finish(des_key *key, des_context ctxt) ++DES_finish(DES_key *key, DES_context ctxt) + { + if (*key) { + PK11_FreeSymKey(*key); +@@ -817,7 +817,7 @@ + + static void lmPasswd_to_key( + const char *lmPasswd, +- des_key *key) ++ DES_key *key) + { + const unsigned char *lpw = (const unsigned char *) lmPasswd; + unsigned char k[8]; +@@ -832,7 +832,7 @@ + k[6] = ((lpw[5] & 0x3F) << 2) | (lpw[6] >> 6); + k[7] = ((lpw[6] & 0x7F) << 1); + +- des_set_key_and_parity( key, k ); ++ DES_set_key_and_parity( key, k ); + } + + static int chk_lanman( +@@ -843,10 +843,10 @@ + { + ber_len_t i; + char UcasePassword[15]; +- des_key key; +- des_context schedule; +- des_data_block StdText = "KGS!@#$%"; +- des_data_block PasswordHash1, PasswordHash2; ++ DES_key key; ++ DES_context schedule; ++ DES_data_block StdText = "KGS!@#$%"; ++ DES_data_block PasswordHash1, PasswordHash2; + char PasswordHash[33], storedPasswordHash[33]; + + for( i=0; i<cred->bv_len; i++) { +@@ -864,21 +864,21 @@ + ldap_pvt_str2upper( UcasePassword ); + + lmPasswd_to_key( UcasePassword, &key ); +- des_set_key_unchecked( &key, schedule ); +- des_ecb_encrypt( &StdText, &PasswordHash1, schedule , DES_ENCRYPT ); ++ DES_set_key_unchecked( &key, &schedule ); ++ DES_ecb_encrypt( &StdText, &PasswordHash1, &schedule , DES_ENCRYPT ); + +- if (des_failed(&PasswordHash1)) { ++ if (DES_failed(&PasswordHash1)) { + return LUTIL_PASSWD_ERR; + } + + lmPasswd_to_key( &UcasePassword[7], &key ); +- des_set_key_unchecked( &key, schedule ); +- des_ecb_encrypt( &StdText, &PasswordHash2, schedule , DES_ENCRYPT ); +- if (des_failed(&PasswordHash2)) { ++ DES_set_key_unchecked( &key, &schedule ); ++ DES_ecb_encrypt( &StdText, &PasswordHash2, &schedule , DES_ENCRYPT ); ++ if (DES_failed(&PasswordHash2)) { + return LUTIL_PASSWD_ERR; + } + +- des_finish( &key, schedule ); ++ DES_finish( &key, schedule ); + + sprintf( PasswordHash, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", + PasswordHash1[0],PasswordHash1[1],PasswordHash1[2],PasswordHash1[3], +@@ -1139,10 +1139,10 @@ + + ber_len_t i; + char UcasePassword[15]; +- des_key key; +- des_context schedule; +- des_data_block StdText = "KGS!@#$%"; +- des_data_block PasswordHash1, PasswordHash2; ++ DES_key key; ++ DES_context schedule; ++ DES_data_block StdText = "KGS!@#$%"; ++ DES_data_block PasswordHash1, PasswordHash2; + char PasswordHash[33]; + + for( i=0; i<passwd->bv_len; i++) { +@@ -1160,12 +1160,12 @@ + ldap_pvt_str2upper( UcasePassword ); + + lmPasswd_to_key( UcasePassword, &key ); +- des_set_key_unchecked( &key, schedule ); +- des_ecb_encrypt( &StdText, &PasswordHash1, schedule , DES_ENCRYPT ); ++ DES_set_key_unchecked( &key, &schedule ); ++ DES_ecb_encrypt( &StdText, &PasswordHash1, &schedule , DES_ENCRYPT ); + + lmPasswd_to_key( &UcasePassword[7], &key ); +- des_set_key_unchecked( &key, schedule ); +- des_ecb_encrypt( &StdText, &PasswordHash2, schedule , DES_ENCRYPT ); ++ DES_set_key_unchecked( &key, &schedule ); ++ DES_ecb_encrypt( &StdText, &PasswordHash2, &schedule , DES_ENCRYPT ); + + sprintf( PasswordHash, "%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", + PasswordHash1[0],PasswordHash1[1],PasswordHash1[2],PasswordHash1[3],
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201411121759.sACHxYlk004616>