use rsaref port
This commit is contained in:
parent
c1db3645d0
commit
b131dffd16
@ -1,4 +1,4 @@
|
||||
# $OpenBSD: Makefile,v 1.44 1999/12/09 17:55:55 brad Exp $
|
||||
# $OpenBSD: Makefile,v 1.45 1999/12/12 22:09:25 dugsong Exp $
|
||||
|
||||
DISTNAME= ssh-1.2.27
|
||||
CATEGORIES= security net
|
||||
@ -6,9 +6,6 @@ MASTER_SITES= http://the.wiretapped.net/security/cryptography/ssh/SSH/ \
|
||||
ftp://ftp.cs.hut.fi/pub/ssh/ \
|
||||
ftp://ftp.funet.fi/pub/unix/security/login/ssh/ \
|
||||
ftp://ftp.cert.dfn.de/pub/tools/net/ssh/
|
||||
MASTER_SITES0= http://the.wiretapped.net/security/cryptography/libs/rsa/ \
|
||||
ftp://idea.dsi.unimi.it/pub/security/crypt/math/ \
|
||||
ftp://ftp.it.net.au/mirrors/crypto/misc/
|
||||
|
||||
PATCH_SITES= http://www.ssh.org/patches/ \
|
||||
ftp://ftp2.inch.com/pub/FreeBSD/
|
||||
@ -23,8 +20,9 @@ RESTRICTED= "Crypto; export-controlled"
|
||||
MAINTAINER= todd@openbsd.org
|
||||
|
||||
.if defined(USA_RESIDENT) && ${USA_RESIDENT:U} == YES
|
||||
DISTFILES= ${DISTNAME}.tar.gz rsaref2.tar.gz:0
|
||||
CONFIGURE_ARGS+= --with-rsaref
|
||||
BUILD_DEPENDS= ${PREFIX}/lib/librsaref.a:${PORTSDIR}/security/rsaref
|
||||
CONFIGURE_ARGS+= --with-rsaref=${PREFIX}/lib
|
||||
CFLAGS+= -I${PREFIX}/include
|
||||
.endif
|
||||
|
||||
GNU_CONFIGURE= yes
|
||||
@ -71,19 +69,9 @@ ETCDIR?= /etc
|
||||
RSHPROG?= /usr/bin/rsh
|
||||
|
||||
pre-patch:
|
||||
.if defined(USA_RESIDENT) && ${USA_RESIDENT:U} == YES
|
||||
@cp ${FILESDIR}/patch-rsaref2 ${PATCHDIR}
|
||||
@cp ${FILESDIR}/patch-rsaref2-2 ${PATCHDIR}
|
||||
.endif
|
||||
@mv -f ${WRKSRC}/make-ssh-known-hosts.pl \
|
||||
${WRKSRC}/make-ssh-known-hosts.pl.in
|
||||
|
||||
post-patch:
|
||||
.if defined(USA_RESIDENT) && ${USA_RESIDENT:U} == YES
|
||||
@rm -f ${PATCHDIR}/patch-rsaref2
|
||||
@rm -f ${PATCHDIR}/patch-rsaref2-2
|
||||
.endif
|
||||
|
||||
fetch-depends:
|
||||
.if !defined(NO_WARNINGS)
|
||||
.if !defined(USA_RESIDENT) || ${USA_RESIDENT:U} != YES && ${USA_RESIDENT:U} != NO
|
||||
@ -101,11 +89,6 @@ fetch-depends:
|
||||
.endif
|
||||
.endif
|
||||
|
||||
post-extract:
|
||||
.if defined(USA_RESIDENT) && ${USA_RESIDENT:U} == YES
|
||||
@mv ${WRKDIR}/rsaref2 ${WRKSRC}/rsaref2
|
||||
.endif
|
||||
|
||||
# Put the config files someplace where they can be found to
|
||||
# create a package.
|
||||
post-install:
|
||||
|
@ -1,9 +1,6 @@
|
||||
MD5 (patch-ssh-1.2.27-bsd.tty.chown) = e4d7755994c2fa0d419a60723e8a9d53
|
||||
MD5 (rsaref2.tar.gz) = 0b474c97bf1f1c0d27e5a95f1239c08d
|
||||
MD5 (ssh-1.2.27.tar.gz) = c22bc000bee0f7d6f4845eab72a81395
|
||||
RMD160 (patch-ssh-1.2.27-bsd.tty.chown) = 90dd710dc0ba69473eaad648720165914f921f4a
|
||||
RMD160 (rsaref2.tar.gz) = 282d62321c50ddc3cefb8bab924200594d24af0c
|
||||
RMD160 (ssh-1.2.27.tar.gz) = b2295e38551f8cc479e0a8e6081ae4312bf946fb
|
||||
SHA1 (patch-ssh-1.2.27-bsd.tty.chown) = 69692ec9b28ebfc552c5c7e2727eb1bc210bcfcf
|
||||
SHA1 (rsaref2.tar.gz) = 0b1e58ed2dd82bed07fe80c01c3cfa8558dc745f
|
||||
SHA1 (ssh-1.2.27.tar.gz) = 0e7d59c6a62b094bd51818599ae24f7de3462d14
|
||||
|
@ -1,25 +0,0 @@
|
||||
--- rsaref2/source/global.h.~1~ Fri Mar 25 12:01:46 1994
|
||||
+++ rsaref2/source/global.h Thu Apr 2 00:12:23 1998
|
||||
@@ -7,6 +7,8 @@
|
||||
#ifndef _GLOBAL_H_
|
||||
#define _GLOBAL_H_ 1
|
||||
|
||||
+#include <limits.h>
|
||||
+
|
||||
/* PROTOTYPES should be set to one if and only if the compiler supports
|
||||
function argument prototyping.
|
||||
The following makes PROTOTYPES default to 1 if it has not already been
|
||||
@@ -23,7 +25,13 @@
|
||||
typedef unsigned short int UINT2;
|
||||
|
||||
/* UINT4 defines a four byte word */
|
||||
+#if ( UINT_MAX == 0xffffffffU )
|
||||
+typedef unsigned int UINT4;
|
||||
+#elif ( ULONG_MAX == 0xffffffffU )
|
||||
typedef unsigned long int UINT4;
|
||||
+#else
|
||||
+# error Unknown size for UINT4
|
||||
+#endif
|
||||
|
||||
#ifndef NULL_PTR
|
||||
#define NULL_PTR ((POINTER)0)
|
@ -1,38 +0,0 @@
|
||||
--- rsaref2/source/rsa.c.orig Fri Mar 25 14:01:48 1994
|
||||
+++ rsaref2/source/rsa.c Sun Dec 12 13:47:57 1999
|
||||
@@ -33,6 +33,8 @@
|
||||
unsigned char byte, pkcsBlock[MAX_RSA_MODULUS_LEN];
|
||||
unsigned int i, modulusLen;
|
||||
|
||||
+ if (publicKey->bits > MAX_RSA_MODULUS_BITS)
|
||||
+ return (RE_LEN);
|
||||
modulusLen = (publicKey->bits + 7) / 8;
|
||||
if (inputLen + 11 > modulusLen)
|
||||
return (RE_LEN);
|
||||
@@ -78,6 +80,8 @@
|
||||
unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
|
||||
unsigned int i, modulusLen, pkcsBlockLen;
|
||||
|
||||
+ if (publicKey->bits > MAX_RSA_MODULUS_BITS)
|
||||
+ return (RE_LEN);
|
||||
modulusLen = (publicKey->bits + 7) / 8;
|
||||
if (inputLen > modulusLen)
|
||||
return (RE_LEN);
|
||||
@@ -129,6 +133,8 @@
|
||||
unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
|
||||
unsigned int i, modulusLen;
|
||||
|
||||
+ if (privateKey->bits > MAX_RSA_MODULUS_BITS)
|
||||
+ return (RE_LEN);
|
||||
modulusLen = (privateKey->bits + 7) / 8;
|
||||
if (inputLen + 11 > modulusLen)
|
||||
return (RE_LEN);
|
||||
@@ -168,6 +174,8 @@
|
||||
unsigned char pkcsBlock[MAX_RSA_MODULUS_LEN];
|
||||
unsigned int i, modulusLen, pkcsBlockLen;
|
||||
|
||||
+ if (privateKey->bits > MAX_RSA_MODULUS_BITS)
|
||||
+ return (RE_LEN);
|
||||
modulusLen = (privateKey->bits + 7) / 8;
|
||||
if (inputLen > modulusLen)
|
||||
return (RE_LEN);
|
@ -1,5 +1,16 @@
|
||||
--- rsaglue.c.orig Wed May 12 07:19:28 1999
|
||||
+++ rsaglue.c Wed Nov 10 09:30:32 1999
|
||||
+++ rsaglue.c Sun Dec 12 16:20:41 1999
|
||||
@@ -71,8 +71,8 @@
|
||||
interface without modifying RSAREF. */
|
||||
|
||||
#define _MD5_H_ /* Kludge to prevent inclusion of rsaref md5.h. */
|
||||
-#include "rsaref2/source/global.h"
|
||||
-#include "rsaref2/source/rsaref.h"
|
||||
+#include "global.h"
|
||||
+#include "rsaref.h"
|
||||
|
||||
/* Convert an integer from gmp to rsaref representation. */
|
||||
|
||||
@@ -139,6 +139,10 @@
|
||||
|
||||
input_bits = mpz_sizeinbase(input, 2);
|
||||
|
@ -3,6 +3,3 @@ ssh-1.2.27: patch-ai fixes the buffer overflow in RSAREF rsaglue code.
|
||||
|
||||
OpenSSH (integrated into OpenBSD-2.6) does not have this bug.
|
||||
|
||||
patch-rsaref2-2 fixes the buffer overflow in RSA{Private,Public}{De,En}crypt(),
|
||||
as published by CORE SDI in their advisory of Dec. 1, 1999.
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user