diff --git a/debian/copyright b/debian/copyright index 4678672..fac0cc7 100644 --- a/debian/copyright +++ b/debian/copyright @@ -91,6 +91,9 @@ saslauthd/md5.c saslauthd/saslauthd_md5.h Copyright: 1991-2, RSA Data Security, Inc. Created 1991. All rights reserved. +Comment: The source is patched so that these files do not end up in any binary. + lib/md5.c is relicensed by upstream to BSD-3-Clause-Attribution, which + is reflected in the quilt patch queue. License: RSA-MD Files: lib/saslutil.c diff --git a/debian/patches/0004-Include-dbconverter-2-in-sbin_PROGRAMS-and-set-defau.patch b/debian/patches/0004-Include-dbconverter-2-in-sbin_PROGRAMS-and-set-defau.patch index f7786f6..089c6e8 100644 --- a/debian/patches/0004-Include-dbconverter-2-in-sbin_PROGRAMS-and-set-defau.patch +++ b/debian/patches/0004-Include-dbconverter-2-in-sbin_PROGRAMS-and-set-defau.patch @@ -16,8 +16,8 @@ --- a/utils/Makefile.am +++ b/utils/Makefile.am @@ -45,10 +45,10 @@ - all_sasl_libs = ../lib/libsasl2.la $(SASL_DB_LIB) $(LIB_SOCKET) - all_sasl_static_libs = ../lib/.libs/libsasl2.a $(SASL_DB_LIB) $(LIB_SOCKET) $(GSSAPIBASE_LIBS) $(GSSAPI_LIBS) $(SASL_KRB_LIB) $(LIB_DES) $(PLAIN_LIBS) $(SRP_LIBS) $(LIB_MYSQL) $(LIB_PGSQL) $(LIB_SQLITE) + all_sasl_libs = ../lib/libsasl2.la $(SASL_DB_LIB) $(LIB_SOCKET) -lcrypto + all_sasl_static_libs = ../lib/.libs/libsasl2.a $(SASL_DB_LIB) $(LIB_SOCKET) $(GSSAPIBASE_LIBS) $(GSSAPI_LIBS) $(SASL_KRB_LIB) $(LIB_DES) $(PLAIN_LIBS) $(SRP_LIBS) $(LIB_MYSQL) $(LIB_PGSQL) $(LIB_SQLITE) -lcrypto -sbin_PROGRAMS = @SASL_DB_UTILS@ @SMTPTEST_PROGRAM@ pluginviewer +sbin_PROGRAMS = @SASL_DB_UTILS@ @SMTPTEST_PROGRAM@ pluginviewer dbconverter-2 diff --git a/debian/patches/0012-Make-the-libsasl2-symbols-versioned.patch b/debian/patches/0012-Make-the-libsasl2-symbols-versioned.patch index bf189a1..419dc56 100644 --- a/debian/patches/0012-Make-the-libsasl2-symbols-versioned.patch +++ b/debian/patches/0012-Make-the-libsasl2-symbols-versioned.patch @@ -34,5 +34,5 @@ +libsasl2_la_LDFLAGS = -version-info $(sasl_version) -no-undefined -Wl,--version-script=$(top_srcdir)/Versions +libsasl2_la_DEPENDENCIES = $(LTLIBOBJS) $(top_srcdir)/Versions - libsasl2_la_LIBADD = $(SASL_DL_LIB) $(SASL_STATIC_LIBS) $(LIB_SOCKET) $(LIB_DOOR) $(PLUGIN_COMMON_OBJS) + libsasl2_la_LIBADD = $(SASL_DL_LIB) $(SASL_STATIC_LIBS) $(LIB_SOCKET) $(LIB_DOOR) $(PLUGIN_COMMON_OBJS) -lcrypto if BUILD_LIBOBJ diff --git a/debian/patches/0014-Prevent-recreating-of-md5global.patch b/debian/patches/0014-Prevent-recreating-of-md5global.patch index 1a5f5da..bd907a4 100644 --- a/debian/patches/0014-Prevent-recreating-of-md5global.patch +++ b/debian/patches/0014-Prevent-recreating-of-md5global.patch @@ -8,7 +8,7 @@ +++ b/include/Makefile.am @@ -47,22 +47,13 @@ noinst_HEADERS = gai.h exits.h saslincludedir = $(includedir)/sasl - saslinclude_HEADERS = hmac-md5.h md5.h md5global.h sasl.h saslplug.h saslutil.h prop.h + saslinclude_HEADERS = hmac-md5.h md5global.h sasl.h saslplug.h saslutil.h prop.h -noinst_PROGRAMS = makemd5 - diff --git a/debian/patches/0015-Replace-MD5-with-OpenSSL-legacy-implementation.patch b/debian/patches/0015-Replace-MD5-with-OpenSSL-legacy-implementation.patch new file mode 100644 index 0000000..76ef790 --- /dev/null +++ b/debian/patches/0015-Replace-MD5-with-OpenSSL-legacy-implementation.patch @@ -0,0 +1,525 @@ +Origin: backport, df44e6ae82ffd0f2264972ce14d48a67e008b7d2 +From: Bastian Germann +Date: Sun, 28 May 2023 21:26:04 +0200 +Subject: Replace MD5 with OpenSSL legacy implementation + +Require OpenSSL for the build so that it can be used always. +Drop the internal MD5 implementation and replace every occurence. +Keep the HMAC MD5 implementation for now but base it on OpenSSL. + +Fixes: #513, #712 + +Signed-off-by: Bastian Germann +--- +diff --git a/include/Makefile.am b/include/Makefile.am +index c942efa9..b525ea78 100644 +--- a/include/Makefile.am ++++ b/include/Makefile.am +@@ -45,7 +45,7 @@ + noinst_HEADERS = gai.h exits.h + + saslincludedir = $(includedir)/sasl +-saslinclude_HEADERS = hmac-md5.h md5.h md5global.h sasl.h saslplug.h saslutil.h prop.h ++saslinclude_HEADERS = hmac-md5.h md5global.h sasl.h saslplug.h saslutil.h prop.h + + noinst_PROGRAMS = makemd5 + +diff --git a/include/hmac-md5.h b/include/hmac-md5.h +index babe0031..fb4a740c 100755 +--- a/include/hmac-md5.h ++++ b/include/hmac-md5.h +@@ -4,6 +4,8 @@ + #ifndef HMAC_MD5_H + #define HMAC_MD5_H 1 + ++#include ++ + #define HMAC_MD5_SIZE 16 + + /* intermediate MD5 context */ +@@ -45,8 +47,6 @@ void _sasl_hmac_md5_precalc(HMAC_MD5_STATE *hmac, + */ + void _sasl_hmac_md5_import(HMAC_MD5_CTX *hmac, HMAC_MD5_STATE *state); + +-#define _sasl_hmac_md5_update(hmac, text, text_len) _sasl_MD5Update(&(hmac)->ictx, (text), (text_len)) +- + /* finish hmac from intermediate result. Intermediate result is zeroed. + */ + void _sasl_hmac_md5_final(unsigned char digest[HMAC_MD5_SIZE], +diff --git a/include/saslplug.h b/include/saslplug.h +index 54d42146..bd5eb983 100755 +--- a/include/saslplug.h ++++ b/include/saslplug.h +@@ -7,9 +7,6 @@ + #ifndef MD5GLOBAL_H + #include "md5global.h" + #endif +-#ifndef MD5_H +-#include "md5.h" +-#endif + #ifndef HMAC_MD5_H + #include "hmac-md5.h" + #endif +diff --git a/lib/Makefile.am b/lib/Makefile.am +index 929bf25f..8f1cc13a 100644 +--- a/lib/Makefile.am ++++ b/lib/Makefile.am +@@ -82,7 +82,7 @@ libobj_la_LIBADD = $(LTLIBOBJS) + libsasl2_la_SOURCES = $(common_sources) $(common_headers) + libsasl2_la_LDFLAGS = -version-info $(sasl_version) -no-undefined + +-libsasl2_la_LIBADD = $(SASL_DL_LIB) $(SASL_STATIC_LIBS) $(LIB_SOCKET) $(LIB_DOOR) $(PLUGIN_COMMON_OBJS) ++libsasl2_la_LIBADD = $(SASL_DL_LIB) $(SASL_STATIC_LIBS) $(LIB_SOCKET) $(LIB_DOOR) $(PLUGIN_COMMON_OBJS) -lcrypto + if BUILD_LIBOBJ + libsasl2_la_LIBADD += libobj.la + endif +diff --git a/lib/common.c b/lib/common.c +index 0425abb1..da1c1287 100644 +--- a/lib/common.c ++++ b/lib/common.c +@@ -2075,9 +2075,9 @@ _sasl_alloc_utils(sasl_conn_t *conn, + utils->mutex_unlock = _sasl_mutex_utils.unlock; + utils->mutex_free = _sasl_mutex_utils.free; + +- utils->MD5Init = &_sasl_MD5Init; +- utils->MD5Update= &_sasl_MD5Update; +- utils->MD5Final = &_sasl_MD5Final; ++ utils->MD5Init = &MD5_Init; ++ utils->MD5Update= &MD5_Update; ++ utils->MD5Final = &MD5_Final; + utils->hmac_md5 = &_sasl_hmac_md5; + utils->hmac_md5_init = &_sasl_hmac_md5_init; + utils->hmac_md5_final = &_sasl_hmac_md5_final; +diff --git a/lib/md5.c b/lib/md5.c +index fbe7ae89..e327679e 100644 +--- a/lib/md5.c ++++ b/lib/md5.c +@@ -27,292 +27,15 @@ documentation and/or software. + + #include + #include "md5global.h" +-#include "md5.h" + #include "hmac-md5.h" + + #ifndef WIN32 + # include + #endif + +-/* Constants for MD5Transform routine. +-*/ +- +-#define S11 7 +-#define S12 12 +-#define S13 17 +-#define S14 22 +-#define S21 5 +-#define S22 9 +-#define S23 14 +-#define S24 20 +-#define S31 4 +-#define S32 11 +-#define S33 16 +-#define S34 23 +-#define S41 6 +-#define S42 10 +-#define S43 15 +-#define S44 21 +- +-static void MD5Transform PROTO_LIST ((UINT4 [4], const unsigned char [64])); +-static void Encode PROTO_LIST +- ((unsigned char *, UINT4 *, unsigned int)); +-static void Decode PROTO_LIST +- ((UINT4 *, const unsigned char *, unsigned int)); + static void MD5_memcpy PROTO_LIST ((POINTER, POINTER, unsigned int)); + static void MD5_memset PROTO_LIST ((POINTER, int, unsigned int)); + +-static unsigned char PADDING[64] = { +- 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 +-}; +- +-/* F, G, H and I are basic MD5 functions. +- +- */ +-#ifdef I +-/* This might be defined via NANA */ +-#undef I +-#endif +- +-#define F(x, y, z) (((x) & (y)) | ((~x) & (z))) +-#define G(x, y, z) (((x) & (z)) | ((y) & (~z))) +-#define H(x, y, z) ((x) ^ (y) ^ (z)) +-#define I(x, y, z) ((y) ^ ((x) | (~z))) +- +-/* ROTATE_LEFT rotates x left n bits. +- +- */ +- +-#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n)))) +- +-/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4. +-Rotation is separate from addition to prevent recomputation. +-*/ +- +-#define FF(a, b, c, d, x, s, ac) { (a) += F ((b), (c), (d)) + (x) + (UINT4)(ac); (a) = ROTATE_LEFT ((a), (s)); (a) += (b); } +-#define GG(a, b, c, d, x, s, ac) { (a) += G ((b), (c), (d)) + (x) + (UINT4)(ac); (a) = ROTATE_LEFT ((a), (s)); (a) += (b); } +-#define HH(a, b, c, d, x, s, ac) { (a) += H ((b), (c), (d)) + (x) + (UINT4)(ac); (a) = ROTATE_LEFT ((a), (s)); (a) += (b); } +-#define II(a, b, c, d, x, s, ac) { (a) += I ((b), (c), (d)) + (x) + (UINT4)(ac); (a) = ROTATE_LEFT ((a), (s)); (a) += (b); } +- +-/* MD5 initialization. Begins an MD5 operation, writing a new context. +-*/ +- +-void _sasl_MD5Init (context) +-MD5_CTX *context; /* context */ +-{ +- context->count[0] = context->count[1] = 0; +- +- /* Load magic initialization constants. */ +- context->state[0] = 0x67452301; +- context->state[1] = 0xefcdab89; +- context->state[2] = 0x98badcfe; +- context->state[3] = 0x10325476; +-} +- +-/* MD5 block update operation. Continues an MD5 message-digest +- operation, processing another message block, and updating the context. +-*/ +- +-void _sasl_MD5Update (context, input, inputLen) +-MD5_CTX *context; /* context */ +-const unsigned char *input; /* input block */ +-unsigned int inputLen; /* length of input block */ +-{ +- unsigned int i, index, partLen; +- +- /* Compute number of bytes mod 64 */ +- index = (unsigned int)((context->count[0] >> 3) & 0x3F); +- +- /* Update number of bits */ +- if ((context->count[0] += ((UINT4)inputLen << 3)) +- < ((UINT4)inputLen << 3)) +- context->count[1]++; +- context->count[1] += ((UINT4)inputLen >> 29); +- +- partLen = 64 - index; +- +- /* Transform as many times as possible. +- +-*/ +- if (inputLen >= partLen) { +- MD5_memcpy +- ((POINTER)&context->buffer[index], (POINTER)input, partLen); MD5Transform +- (context->state, context->buffer); +- +- for (i = partLen; i + 63 < inputLen; i += 64) +- MD5Transform (context->state, &input[i]); +- +- index = 0; +- } +- else +- i = 0; +- +- /* Buffer remaining input */ +- MD5_memcpy +- ((POINTER)&context->buffer[index], (POINTER)&input[i], +- inputLen-i); +- +-} +- +-/* MD5 finalization. Ends an MD5 message-digest operation, writing the +- the message digest and zeroizing the context. +-*/ +- +-void _sasl_MD5Final (digest, context) +-unsigned char digest[16]; /* message digest */ +-MD5_CTX *context; /* context */ +-{ +- unsigned char bits[8]; +- unsigned int index, padLen; +- +- /* Save number of bits */ +- Encode (bits, context->count, 8); +- +- /* Pad out to 56 mod 64. */ +- index = (unsigned int)((context->count[0] >> 3) & 0x3f); +- padLen = (index < 56) ? (56 - index) : (120 - index); +- _sasl_MD5Update (context, PADDING, padLen); +- +- /* Append length (before padding) */ +- _sasl_MD5Update (context, bits, 8); +- +- /* Store state in digest */ +- Encode (digest, context->state, 16); +- +- /* Zeroize sensitive information. */ +- MD5_memset ((POINTER)context, 0, sizeof (*context)); +-} +- +-/* MD5 basic transformation. Transforms state based on block. */ +- +-static void MD5Transform (state, block) +-UINT4 state[4]; +-const unsigned char block[64]; +-{ +- UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16]; +- +- Decode (x, block, 64); +- +- /* Round 1 */ +- FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */ +- FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */ +- FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */ +- FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */ +- FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */ +- FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */ +- FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */ +- FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */ +- FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */ +- FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */ +- FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */ +- FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */ +- FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */ +- FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */ +- FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */ +- FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */ +- +- /* Round 2 */ +- GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */ +- GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */ +- GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */ +- GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */ +- GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */ +- GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */ +- GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */ +- GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */ +- GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */ +- GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */ +- GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */ +- GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */ +- GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */ +- GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */ +- GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */ +- GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */ +- +- /* Round 3 */ +- HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */ +- HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */ +- HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */ +- HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */ +- HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */ +- HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */ +- HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */ +- HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */ +- HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */ +- HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */ +- HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */ +- HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */ +- HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */ +- HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */ +- HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */ +- HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */ +- +- /* Round 4 */ +- II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */ +- II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */ +- II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */ +- II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */ +- II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */ +- II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */ +- II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */ +- II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */ +- II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */ +- II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */ +- II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */ +- II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */ +- II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */ +- II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */ +- II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */ +- II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */ +- +- state[0] += a; +- state[1] += b; +- state[2] += c; +- state[3] += d; +- +- /* Zeroize sensitive information. +- */ +- MD5_memset ((POINTER)x, 0, sizeof (x)); +-} +- +-/* Encodes input (UINT4) into output (unsigned char). Assumes len is +- a multiple of 4. +- +- */ +- +-static void Encode (output, input, len) +-unsigned char *output; +-UINT4 *input; +-unsigned int len; +-{ +- unsigned int i, j; +- +- for (i = 0, j = 0; j < len; i++, j += 4) { +- output[j] = (unsigned char)(input[i] & 0xff); +- output[j+1] = (unsigned char)((input[i] >> 8) & 0xff); +- output[j+2] = (unsigned char)((input[i] >> 16) & 0xff); +- output[j+3] = (unsigned char)((input[i] >> 24) & 0xff); +- } +-} +- +-/* Decodes input (unsigned char) into output (UINT4). Assumes len is +- a multiple of 4. +- +- */ +- +-static void Decode (output, input, len) +-UINT4 *output; +-const unsigned char *input; +-unsigned int len; +-{ +- unsigned int i, j; +- +- for (i = 0, j = 0; j < len; i++, j += 4) +- output[i] = ((UINT4)input[j]) | (((UINT4)input[j+1]) << 8) | (((UINT4)input[j+2]) << 16) +- | (((UINT4)input[j+3]) << 24); +-} +- + /* Note: Replace "for loop" with standard memcpy if possible. + + */ +@@ -359,9 +82,9 @@ void _sasl_hmac_md5_init(HMAC_MD5_CTX *hmac, + + MD5_CTX tctx; + +- _sasl_MD5Init(&tctx); +- _sasl_MD5Update(&tctx, key, key_len); +- _sasl_MD5Final(tk, &tctx); ++ MD5_Init(&tctx); ++ MD5_Update(&tctx, key, key_len); ++ MD5_Final(tk, &tctx); + + key = tk; + key_len = 16; +@@ -390,11 +113,11 @@ void _sasl_hmac_md5_init(HMAC_MD5_CTX *hmac, + k_opad[i] ^= 0x5c; + } + +- _sasl_MD5Init(&hmac->ictx); /* init inner context */ +- _sasl_MD5Update(&hmac->ictx, k_ipad, 64); /* apply inner pad */ ++ MD5_Init(&hmac->ictx); /* init inner context */ ++ MD5_Update(&hmac->ictx, k_ipad, 64); /* apply inner pad */ + +- _sasl_MD5Init(&hmac->octx); /* init outer context */ +- _sasl_MD5Update(&hmac->octx, k_opad, 64); /* apply outer pad */ ++ MD5_Init(&hmac->octx); /* init outer context */ ++ MD5_Update(&hmac->octx, k_opad, 64); /* apply outer pad */ + + /* scrub the pads and key context (if used) */ + MD5_memset((POINTER)&k_ipad, 0, sizeof(k_ipad)); +@@ -417,13 +140,19 @@ void _sasl_hmac_md5_precalc(HMAC_MD5_STATE *state, + int key_len) + { + HMAC_MD5_CTX hmac; +- unsigned lupe; + + _sasl_hmac_md5_init(&hmac, key, key_len); +- for (lupe = 0; lupe < 4; lupe++) { +- state->istate[lupe] = htonl(hmac.ictx.state[lupe]); +- state->ostate[lupe] = htonl(hmac.octx.state[lupe]); +- } ++ ++ state->istate[0] = htonl(hmac.ictx.A); ++ state->istate[1] = htonl(hmac.ictx.B); ++ state->istate[2] = htonl(hmac.ictx.C); ++ state->istate[3] = htonl(hmac.ictx.D); ++ ++ state->ostate[0] = htonl(hmac.octx.A); ++ state->ostate[1] = htonl(hmac.octx.B); ++ state->ostate[2] = htonl(hmac.octx.C); ++ state->ostate[3] = htonl(hmac.octx.D); ++ + MD5_memset((POINTER)&hmac, 0, sizeof(hmac)); + } + +@@ -431,24 +160,30 @@ void _sasl_hmac_md5_precalc(HMAC_MD5_STATE *state, + void _sasl_hmac_md5_import(HMAC_MD5_CTX *hmac, + HMAC_MD5_STATE *state) + { +- unsigned lupe; + MD5_memset((POINTER)hmac, 0, sizeof(HMAC_MD5_CTX)); +- for (lupe = 0; lupe < 4; lupe++) { +- hmac->ictx.state[lupe] = ntohl(state->istate[lupe]); +- hmac->octx.state[lupe] = ntohl(state->ostate[lupe]); +- } ++ ++ hmac->ictx.A = ntohl(state->istate[0]); ++ hmac->ictx.B = ntohl(state->istate[1]); ++ hmac->ictx.C = ntohl(state->istate[2]); ++ hmac->ictx.D = ntohl(state->istate[3]); ++ ++ hmac->octx.A = ntohl(state->ostate[0]); ++ hmac->octx.B = ntohl(state->ostate[1]); ++ hmac->octx.C = ntohl(state->ostate[2]); ++ hmac->octx.D = ntohl(state->ostate[3]); ++ + /* Init the counts to account for our having applied + * 64 bytes of key; this works out to 0x200 (64 << 3; see + * MD5Update above...) */ +- hmac->ictx.count[0] = hmac->octx.count[0] = 0x200; ++ hmac->ictx.Nl = hmac->octx.Nl = 0x200; + } + + void _sasl_hmac_md5_final(unsigned char digest[HMAC_MD5_SIZE], + HMAC_MD5_CTX *hmac) + { +- _sasl_MD5Final(digest, &hmac->ictx); /* Finalize inner md5 */ +- _sasl_MD5Update(&hmac->octx, digest, 16); /* Update outer ctx */ +- _sasl_MD5Final(digest, &hmac->octx); /* Finalize outer md5 */ ++ MD5_Final(digest, &hmac->ictx); /* Finalize inner md5 */ ++ MD5_Update(&hmac->octx, digest, 16); /* Update outer ctx */ ++ MD5_Final(digest, &hmac->octx); /* Finalize outer md5 */ + } + + +@@ -474,9 +209,9 @@ unsigned char *digest; /* caller digest to be filled in */ + + MD5_CTX tctx; + +- _sasl_MD5Init(&tctx); +- _sasl_MD5Update(&tctx, key, key_len); +- _sasl_MD5Final(tk, &tctx); ++ MD5_Init(&tctx); ++ MD5_Update(&tctx, key, key_len); ++ MD5_Final(tk, &tctx); + + key = tk; + key_len = 16; +@@ -508,20 +243,20 @@ unsigned char *digest; /* caller digest to be filled in */ + * perform inner MD5 + */ + +- _sasl_MD5Init(&context); /* init context for 1st ++ MD5_Init(&context); /* init context for 1st + * pass */ +- _sasl_MD5Update(&context, k_ipad, 64); /* start with inner pad */ +- _sasl_MD5Update(&context, text, text_len); /* then text of datagram */ +- _sasl_MD5Final(digest, &context); /* finish up 1st pass */ ++ MD5_Update(&context, k_ipad, 64); /* start with inner pad */ ++ MD5_Update(&context, text, text_len); /* then text of datagram */ ++ MD5_Final(digest, &context); /* finish up 1st pass */ + + /* + * perform outer MD5 + */ +- _sasl_MD5Init(&context); /* init context for 2nd ++ MD5_Init(&context); /* init context for 2nd + * pass */ +- _sasl_MD5Update(&context, k_opad, 64); /* start with outer pad */ +- _sasl_MD5Update(&context, digest, 16); /* then results of 1st ++ MD5_Update(&context, k_opad, 64); /* start with outer pad */ ++ MD5_Update(&context, digest, 16); /* then results of 1st + * hash */ +- _sasl_MD5Final(digest, &context); /* finish up 2nd pass */ ++ MD5_Final(digest, &context); /* finish up 2nd pass */ + + } diff --git a/debian/patches/0016-saslauthd-Replace-MD5-with-OpenSSL-EVP-implementation.patch b/debian/patches/0016-saslauthd-Replace-MD5-with-OpenSSL-EVP-implementation.patch new file mode 100644 index 0000000..8784bc0 --- /dev/null +++ b/debian/patches/0016-saslauthd-Replace-MD5-with-OpenSSL-EVP-implementation.patch @@ -0,0 +1,63 @@ +From backport, 023468d6489ddd9873d45ddd8e2de5b46ee82976 +From: Bastian Germann +Date: Sun, 28 May 2023 13:57:03 +0200 +Subject: saslauthd: Replace MD5 with OpenSSL EVP implementation + +Signed-off-by: Bastian Germann +--- +diff --git a/saslauthd/Makefile.am b/saslauthd/Makefile.am +index bf6fbec6..b78b8c2c 100644 +--- a/saslauthd/Makefile.am ++++ b/saslauthd/Makefile.am +@@ -19,13 +19,12 @@ saslauthd_SOURCES = mechanisms.c globals.h \ + auth_sia.h auth_sasldb.c auth_sasldb.h lak.c lak.h \ + auth_ldap.c auth_ldap.h cache.c cache.h cfile.c cfile.h \ + krbtf.c krbtf.h utils.c utils.h \ +- ipc_unix.c ipc_doors.c saslauthd-main.c saslauthd-main.h \ +- md5.c saslauthd_md5.h ++ ipc_unix.c ipc_doors.c saslauthd-main.c saslauthd-main.h + EXTRA_saslauthd_sources = getaddrinfo.c getnameinfo.c + saslauthd_DEPENDENCIES = saslauthd-main.o $(LTLIBOBJS_FULL) + saslauthd_LDADD = @SASL_KRB_LIB@ \ + @GSSAPIBASE_LIBS@ @LIB_CRYPT@ @LIB_SIA@ \ +- @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ $(LTLIBOBJS_FULL) $(CRYPTO_COMPAT_OBJS) $(LIBSASLDB_OBJS) ++ @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ $(LTLIBOBJS_FULL) $(CRYPTO_COMPAT_OBJS) $(LIBSASLDB_OBJS) -lcrypto + + testsaslauthd_SOURCES = testsaslauthd.c utils.c + testsaslauthd_LDADD = @LIB_SOCKET@ +diff --git a/saslauthd/cache.c b/saslauthd/cache.c +index 0d78a735..424dcceb 100644 +--- a/saslauthd/cache.c ++++ b/saslauthd/cache.c +@@ -54,8 +54,7 @@ + #include "cache.h" + #include "utils.h" + #include "globals.h" +-#include "md5global.h" +-#include "saslauthd_md5.h" ++#include + + /**************************************** + * module globals +@@ -164,7 +163,7 @@ int cache_lookup(const char *user, const char *realm, const char *service, const + int service_length = 0; + int hash_offset; + unsigned char pwd_digest[16]; +- MD5_CTX md5_context; ++ EVP_MD_CTX *mdctx = EVP_MD_CTX_new(); + time_t epoch; + time_t epoch_timeout; + struct bucket *ref_bucket; +@@ -211,9 +210,9 @@ int cache_lookup(const char *user, const char *realm, const char *service, const + + hash_offset = cache_pjwhash(userrealmserv); + +- _saslauthd_MD5Init(&md5_context); +- _saslauthd_MD5Update(&md5_context, password, strlen(password)); +- _saslauthd_MD5Final(pwd_digest, &md5_context); ++ EVP_DigestInit(mdctx, EVP_md5()); ++ EVP_DigestUpdate(mdctx, password, strlen(password)); ++ EVP_DigestFinal(mdctx, pwd_digest, NULL); + + /************************************************************** + * Loop through the bucket chain to try and find a hit. diff --git a/debian/patches/0017-Just-completely-remove-libobj-from-autotools-files.patch b/debian/patches/0017-Just-completely-remove-libobj-from-autotools-files.patch index 1577050..09419e5 100644 --- a/debian/patches/0017-Just-completely-remove-libobj-from-autotools-files.patch +++ b/debian/patches/0017-Just-completely-remove-libobj-from-autotools-files.patch @@ -107,7 +107,7 @@ -libsasl2_la_DEPENDENCIES = $(LTLIBOBJS) $(top_srcdir)/Versions +libsasl2_la_DEPENDENCIES = $(top_srcdir)/Versions - libsasl2_la_LIBADD = $(SASL_DL_LIB) $(SASL_STATIC_LIBS) $(LIB_SOCKET) $(LIB_DOOR) $(PLUGIN_COMMON_OBJS) + libsasl2_la_LIBADD = $(SASL_DL_LIB) $(SASL_STATIC_LIBS) $(LIB_SOCKET) $(LIB_DOOR) $(PLUGIN_COMMON_OBJS) -lcrypto -if BUILD_LIBOBJ -libsasl2_la_LIBADD += libobj.la -endif @@ -141,16 +141,15 @@ CRYPTO_COMPAT_OBJS = $(top_builddir)/common/libcrypto_compat.la if AUTH_SASLDB LIBSASLDB_OBJS = $(top_builddir)/sasldb/libsasldb.la -@@ -22,10 +20,10 @@ saslauthd_SOURCES = mechanisms.c globals.h \ - ipc_unix.c ipc_doors.c saslauthd-main.c saslauthd-main.h \ - md5.c saslauthd_md5.h +@@ -22,9 +20,9 @@ saslauthd_SOURCES = mechanisms.c globals.h \ + ipc_unix.c ipc_doors.c saslauthd-main.c saslauthd-main.h EXTRA_saslauthd_sources = getaddrinfo.c getnameinfo.c -saslauthd_DEPENDENCIES = saslauthd-main.o $(LTLIBOBJS_FULL) +saslauthd_DEPENDENCIES = saslauthd-main.o saslauthd_LDADD = @SASL_KRB_LIB@ \ @GSSAPIBASE_LIBS@ @LIB_CRYPT@ @LIB_SIA@ \ -- @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ $(LTLIBOBJS_FULL) $(CRYPTO_COMPAT_OBJS) $(LIBSASLDB_OBJS) -+ @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ $(CRYPTO_COMPAT_OBJS) $(LIBSASLDB_OBJS) +- @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ $(LTLIBOBJS_FULL) $(CRYPTO_COMPAT_OBJS) $(LIBSASLDB_OBJS) -lcrypto ++ @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ $(CRYPTO_COMPAT_OBJS) $(LIBSASLDB_OBJS) -lcrypto testsaslauthd_SOURCES = testsaslauthd.c utils.c testsaslauthd_LDADD = @LIB_SOCKET@ diff --git a/debian/patches/0020-Exclude-md5global.patch b/debian/patches/0020-Exclude-md5global.patch new file mode 100644 index 0000000..ffae5b1 --- /dev/null +++ b/debian/patches/0020-Exclude-md5global.patch @@ -0,0 +1,45 @@ +From backport, 396e0b39f320e31bead99a31f2284eabd62dd176 +From: Bastian Germann +Date: Mon, 29 May 2023 00:33:38 +0200 +Subject: Exclude md5global.h + +--- +diff --git a/include/hmac-md5.h b/include/hmac-md5.h +index fb4a740c..7d84458a 100755 +--- a/include/hmac-md5.h ++++ b/include/hmac-md5.h +@@ -17,8 +17,8 @@ typedef struct HMAC_MD5_CTX_s { + * values stored in network byte order (Big Endian) + */ + typedef struct HMAC_MD5_STATE_s { +- UINT4 istate[4]; +- UINT4 ostate[4]; ++ uint32_t istate[4]; ++ uint32_t ostate[4]; + } HMAC_MD5_STATE; + + #ifdef __cplusplus +diff --git a/lib/md5.c b/lib/md5.c +index e327679e..612cfa68 100644 +--- a/lib/md5.c ++++ b/lib/md5.c +@@ -26,15 +26,16 @@ documentation and/or software. + */ + + #include +-#include "md5global.h" + #include "hmac-md5.h" + + #ifndef WIN32 + # include + #endif + +-static void MD5_memcpy PROTO_LIST ((POINTER, POINTER, unsigned int)); +-static void MD5_memset PROTO_LIST ((POINTER, int, unsigned int)); ++typedef unsigned char *POINTER; ++ ++static void MD5_memcpy (POINTER, POINTER, unsigned int); ++static void MD5_memset (POINTER, int, unsigned int); + + /* Note: Replace "for loop" with standard memcpy if possible. + diff --git a/debian/patches/0021-Replace-custom-memset-with-OPENSSL_cleanse.patch b/debian/patches/0021-Replace-custom-memset-with-OPENSSL_cleanse.patch new file mode 100644 index 0000000..75d7d61 --- /dev/null +++ b/debian/patches/0021-Replace-custom-memset-with-OPENSSL_cleanse.patch @@ -0,0 +1,109 @@ +Origin: upstream, 08cab3392d54a97c84f05640f9f89de78a03d36c +From: Bastian Germann +Date: Tue, 30 May 2023 14:09:09 +0200 +Subject: Replace custom memset with OPENSSL_cleanse + +memset can be elided by linkers, so rely on a function that prevents +that behaviour. Alternatives would be explicit_bzero or the C23 +memset_explicit. However, both of them have protability issues. + +As OpenSSL is in use in this module anyway, use its OPENSSL_cleanse. + +Signed-off-by: Bastian Germann +--- + lib/md5.c | 34 ++++++++++------------------------ + 1 file changed, 10 insertions(+), 24 deletions(-) + +diff --git a/lib/md5.c b/lib/md5.c +index b9c61b36..a53fa7ff 100644 +--- a/lib/md5.c ++++ b/lib/md5.c +@@ -27,6 +27,7 @@ documentation and/or software. + + #include + #include "hmac-md5.h" ++#include + + #ifndef WIN32 + # include +@@ -35,7 +36,6 @@ documentation and/or software. + typedef unsigned char *POINTER; + + static void MD5_memcpy (POINTER, POINTER, unsigned int); +-static void MD5_memset (POINTER, int, unsigned int); + + /* Note: Replace "for loop" with standard memcpy if possible. + +@@ -52,20 +52,6 @@ unsigned int len; + output[i] = input[i]; + } + +-/* Note: Replace "for loop" with standard memset if possible. +-*/ +- +-static void MD5_memset (output, value, len) +-POINTER output; +-int value; +-unsigned int len; +-{ +- unsigned int i; +- +- for (i = 0; i < len; i++) +- ((char *)output)[i] = (char)value; +-} +- + void _sasl_hmac_md5_init(HMAC_MD5_CTX *hmac, + const unsigned char *key, + int key_len) +@@ -103,8 +89,8 @@ void _sasl_hmac_md5_init(HMAC_MD5_CTX *hmac, + */ + + /* start out by storing key in pads */ +- MD5_memset((POINTER)k_ipad, '\0', sizeof k_ipad); +- MD5_memset((POINTER)k_opad, '\0', sizeof k_opad); ++ OPENSSL_cleanse(k_ipad, sizeof(k_ipad)); ++ OPENSSL_cleanse(k_opad, sizeof(k_opad)); + MD5_memcpy( k_ipad, (POINTER)key, key_len); + MD5_memcpy( k_opad, (POINTER)key, key_len); + +@@ -121,9 +107,9 @@ void _sasl_hmac_md5_init(HMAC_MD5_CTX *hmac, + MD5_Update(&hmac->octx, k_opad, 64); /* apply outer pad */ + + /* scrub the pads and key context (if used) */ +- MD5_memset((POINTER)&k_ipad, 0, sizeof(k_ipad)); +- MD5_memset((POINTER)&k_opad, 0, sizeof(k_opad)); +- MD5_memset((POINTER)&tk, 0, sizeof(tk)); ++ OPENSSL_cleanse(&k_ipad, sizeof(k_ipad)); ++ OPENSSL_cleanse(&k_opad, sizeof(k_opad)); ++ OPENSSL_cleanse(&tk, sizeof(tk)); + + /* and we're done. */ + } +@@ -154,14 +140,14 @@ void _sasl_hmac_md5_precalc(HMAC_MD5_STATE *state, + state->ostate[2] = htonl(hmac.octx.C); + state->ostate[3] = htonl(hmac.octx.D); + +- MD5_memset((POINTER)&hmac, 0, sizeof(hmac)); ++ OPENSSL_cleanse(&hmac, sizeof(hmac)); + } + + + void _sasl_hmac_md5_import(HMAC_MD5_CTX *hmac, + HMAC_MD5_STATE *state) + { +- MD5_memset((POINTER)hmac, 0, sizeof(HMAC_MD5_CTX)); ++ OPENSSL_cleanse(hmac, sizeof(HMAC_MD5_CTX)); + + hmac->ictx.A = ntohl(state->istate[0]); + hmac->ictx.B = ntohl(state->istate[1]); +@@ -230,8 +216,8 @@ unsigned char *digest; /* caller digest to be filled in */ + */ + + /* start out by storing key in pads */ +- MD5_memset(k_ipad, '\0', sizeof k_ipad); +- MD5_memset(k_opad, '\0', sizeof k_opad); ++ OPENSSL_cleanse(k_ipad, sizeof(k_ipad)); ++ OPENSSL_cleanse(k_opad, sizeof(k_opad)); + MD5_memcpy( k_ipad, (POINTER)key, key_len); + MD5_memcpy( k_opad, (POINTER)key, key_len); + diff --git a/debian/patches/0022-Replace-custom-with-standard-memcpy.patch b/debian/patches/0022-Replace-custom-with-standard-memcpy.patch new file mode 100644 index 0000000..10cee70 --- /dev/null +++ b/debian/patches/0022-Replace-custom-with-standard-memcpy.patch @@ -0,0 +1,62 @@ +Origin: upstream, 4798f8cae5cedbe5c53ae034e0bbca50896e9094 +From: Bastian Germann +Date: Tue, 30 May 2023 14:12:22 +0200 +Subject: Replace custom with standard memcpy + +Signed-off-by: Bastian Germann +--- + lib/md5.c | 27 ++++----------------------- + 1 file changed, 4 insertions(+), 23 deletions(-) + +diff --git a/lib/md5.c b/lib/md5.c +index a53fa7ff..9afc65c5 100644 +--- a/lib/md5.c ++++ b/lib/md5.c +@@ -33,25 +33,6 @@ documentation and/or software. + # include + #endif + +-typedef unsigned char *POINTER; +- +-static void MD5_memcpy (POINTER, POINTER, unsigned int); +- +-/* Note: Replace "for loop" with standard memcpy if possible. +- +- */ +- +-static void MD5_memcpy (output, input, len) +-POINTER output; +-POINTER input; +-unsigned int len; +-{ +- unsigned int i; +- +- for (i = 0; i < len; i++) +- output[i] = input[i]; +-} +- + void _sasl_hmac_md5_init(HMAC_MD5_CTX *hmac, + const unsigned char *key, + int key_len) +@@ -91,8 +72,8 @@ void _sasl_hmac_md5_init(HMAC_MD5_CTX *hmac, + /* start out by storing key in pads */ + OPENSSL_cleanse(k_ipad, sizeof(k_ipad)); + OPENSSL_cleanse(k_opad, sizeof(k_opad)); +- MD5_memcpy( k_ipad, (POINTER)key, key_len); +- MD5_memcpy( k_opad, (POINTER)key, key_len); ++ memcpy(k_ipad, key, key_len); ++ memcpy(k_opad, key, key_len); + + /* XOR key with ipad and opad values */ + for (i=0; i<64; i++) { +@@ -218,8 +199,8 @@ unsigned char *digest; /* caller digest to be filled in */ + /* start out by storing key in pads */ + OPENSSL_cleanse(k_ipad, sizeof(k_ipad)); + OPENSSL_cleanse(k_opad, sizeof(k_opad)); +- MD5_memcpy( k_ipad, (POINTER)key, key_len); +- MD5_memcpy( k_opad, (POINTER)key, key_len); ++ memcpy(k_ipad, key, key_len); ++ memcpy(k_opad, key, key_len); + + /* XOR key with ipad and opad values */ + for (i=0; i<64; i++) { diff --git a/debian/patches/0023-Add-a-note-on-the-RSA-MD-license.patch b/debian/patches/0023-Add-a-note-on-the-RSA-MD-license.patch new file mode 100644 index 0000000..6a99d2e --- /dev/null +++ b/debian/patches/0023-Add-a-note-on-the-RSA-MD-license.patch @@ -0,0 +1,34 @@ +Origin: upstream, dffe0b3e86925c95e6f30ec0f2de9fb0c439c7bc +From: Bastian Germann +Date: Tue, 30 May 2023 14:58:49 +0200 +Subject: Add a note on the RSA-MD license + +Signed-off-by: Bastian Germann +--- + lib/md5.c | 14 ++++++++++++-- + 1 file changed, 12 insertions(+), 2 deletions(-) + +diff --git a/lib/md5.c b/lib/md5.c +index 5c84dd40..41751547 100644 +--- a/lib/md5.c ++++ b/lib/md5.c +@@ -1,7 +1,17 @@ +-/* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm ++/* MD5C.C - HMAC based on MD5 message-digest algorithm + */ + +-/* Function names changed to avoid namespace collisions: Rob Siemborski */ ++/* The following RSA-MD license grant stems from RSA's MD5 implementation ++that is contained in RFC 1321. All of that code is gone and the only 3rd ++party code that is contained in this module is the HMAC MD5 implementation ++by Pau-Chen Cheng and Jeff Kraemer that is contained in RFC 2104's Appendix. ++Rob Earhart made changes to the code that are possibly copyrightable. ++ ++The module should be relicensed, taking into account a possible RFC 2104 ++license (no restrictions mentioned in the document), and Rob Earhart's consent. ++Eliminating this would be a huge benefit for combining cyrus-sasl with GPL ++licensed software. ++*/ + + /* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All + rights reserved. diff --git a/debian/patches/0024-Relicense-md5.patch b/debian/patches/0024-Relicense-md5.patch new file mode 100644 index 0000000..b77e0ce --- /dev/null +++ b/debian/patches/0024-Relicense-md5.patch @@ -0,0 +1,122 @@ +Origin: upstream, 93e56756838962b0decfe46322a4dc60fd89e739 +From: Richard Laager +Date: Wed, 28 Jun 2023 15:40:38 -0500 +Subject: Relicense md5.c + +"As explained in dffe0b3e86925c95e6f30ec0f2de9fb0c439c7bc, the +RSA-MD-licensed file md5.c can be relicensed easily because the +third-party code that was licensed under RSA-MD is eliminated by now." +-- Bastian Germann in GitHub issue #769 + +The commit referenced was part of GitHub PR #767 and was authored by +Bastian Germann. + +I reviewed the commit history on this file. I concurred with Bastian's +original assessment that the relevant detail was Rob Earhart's code, +and Bastian agreed with my analysis in the bug. + +The next step was confirming that the MD5 code that Rob Earhart +contributed was/is licensed under the same license as the rest of the +project. This is a reasonable assumption, as he was one of the main +authors of the original code, and everything else he contributed was +under that license. + +However, to avoid ambiguity or assumptions, I emailed Rob Earhart. +He responded today, confirming: + +On 2023-06-28 12:14, Rob Earhart wrote: +> Any code I wrote for the Cyrus SASL project has my permission to be +> used under that main license. + +Fixes #769 + +Signed-off-by: Richard Laager +--- + lib/md5.c | 76 ++++++++++++++++++++++++++++++------------------------- + 1 file changed, 41 insertions(+), 35 deletions(-) + +diff --git a/lib/md5.c b/lib/md5.c +index 2406e2b8..356b08d8 100644 +--- a/lib/md5.c ++++ b/lib/md5.c +@@ -1,39 +1,45 @@ +-/* MD5C.C - HMAC based on MD5 message-digest algorithm ++/* md5.c - HMAC based on MD5 message-digest algorithm ++ */ ++/* ++ * Copyright (c) 1998-1999 Carnegie Mellon University. All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in ++ * the documentation and/or other materials provided with the ++ * distribution. ++ * ++ * 3. The name "Carnegie Mellon University" must not be used to ++ * endorse or promote products derived from this software without ++ * prior written permission. For permission or any other legal ++ * details, please contact ++ * Carnegie Mellon University ++ * Center for Technology Transfer and Enterprise Creation ++ * 4615 Forbes Avenue ++ * Suite 302 ++ * Pittsburgh, PA 15213 ++ * (412) 268-7393, fax: (412) 268-7395 ++ * innovation@andrew.cmu.edu ++ * ++ * 4. Redistributions of any form whatsoever must retain the following ++ * acknowledgment: ++ * "This product includes software developed by Computing Services ++ * at Carnegie Mellon University (http://www.cmu.edu/computing/)." ++ * ++ * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO ++ * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY ++ * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE ++ * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES ++ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN ++ * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING ++ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ +- +-/* The following RSA-MD license grant stems from RSA's MD5 implementation +-that is contained in RFC 1321. All of that code is gone and the only 3rd +-party code that is contained in this module is the HMAC MD5 implementation +-by Pau-Chen Cheng and Jeff Kraemer that is contained in RFC 2104's Appendix. +-Rob Earhart made changes to the code that are possibly copyrightable. +- +-The module should be relicensed, taking into account a possible RFC 2104 +-license (no restrictions mentioned in the document), and Rob Earhart's consent. +-Eliminating this would be a huge benefit for combining cyrus-sasl with GPL +-licensed software. +-*/ +- +-/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All +-rights reserved. +- +-License to copy and use this software is granted provided that it +-is identified as the "RSA Data Security, Inc. MD5 Message-Digest +-Algorithm" in all material mentioning or referencing this software +-or this function. +- +-License is also granted to make and use derivative works provided +-that such works are identified as "derived from the RSA Data +-Security, Inc. MD5 Message-Digest Algorithm" in all material +-mentioning or referencing the derived work. +- +-RSA Data Security, Inc. makes no representations concerning either +-the merchantability of this software or the suitability of this +-software for any particular purpose. It is provided "as is" +-without express or implied warranty of any kind. +- +-These notices must be retained in any copies of any part of this +-documentation and/or software. +-*/ + + #include + #include "hmac-md5.h" diff --git a/debian/patches/0028-utils-Link-libcrypto.patch b/debian/patches/0028-utils-Link-libcrypto.patch new file mode 100644 index 0000000..2ea377c --- /dev/null +++ b/debian/patches/0028-utils-Link-libcrypto.patch @@ -0,0 +1,27 @@ +Origin: backport, https://github.com/cyrusimap/cyrus-sasl/pull/780 +From: Bastian Germann +Date: Sun, 23 Jul 2023 20:39:59 +0200 +Subject: utils: Link libcrypto + +With sasl_checkapop enabled, testsuite uses libcrypto functions. + +Signed-off-by: Bastian Germann +--- + utils/Makefile.am | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/utils/Makefile.am b/utils/Makefile.am +index 193929d6..b674bbd0 100644 +--- a/utils/Makefile.am ++++ b/utils/Makefile.am +@@ -42,8 +42,8 @@ + # + ################################################################ + +-all_sasl_libs = ../lib/libsasl2.la $(SASL_DB_LIB) $(LIB_SOCKET) +-all_sasl_static_libs = ../lib/.libs/libsasl2.a $(SASL_DB_LIB) $(LIB_SOCKET) $(GSSAPIBASE_LIBS) $(GSSAPI_LIBS) $(SASL_KRB_LIB) $(LIB_DES) $(PLAIN_LIBS) $(SRP_LIBS) $(LIB_MYSQL) $(LIB_PGSQL) $(LIB_SQLITE) ++all_sasl_libs = ../lib/libsasl2.la $(SASL_DB_LIB) $(LIB_SOCKET) -lcrypto ++all_sasl_static_libs = ../lib/.libs/libsasl2.a $(SASL_DB_LIB) $(LIB_SOCKET) $(GSSAPIBASE_LIBS) $(GSSAPI_LIBS) $(SASL_KRB_LIB) $(LIB_DES) $(PLAIN_LIBS) $(SRP_LIBS) $(LIB_MYSQL) $(LIB_PGSQL) $(LIB_SQLITE) -lcrypto + + sbin_PROGRAMS = @SASL_DB_UTILS@ @SMTPTEST_PROGRAM@ pluginviewer + EXTRA_PROGRAMS = saslpasswd2 sasldblistusers2 testsuite testsuitestatic smtptest pluginviewer diff --git a/debian/patches/0030-testsuite-Replace-MD5-with-OpenSSL-EVP-implementation.patch b/debian/patches/0030-testsuite-Replace-MD5-with-OpenSSL-EVP-implementation.patch new file mode 100644 index 0000000..1c217de --- /dev/null +++ b/debian/patches/0030-testsuite-Replace-MD5-with-OpenSSL-EVP-implementation.patch @@ -0,0 +1,47 @@ +Origin: upstream, 9b22fbfd520938b3aba684740095dbbeb449b733 +From: Bastian Germann +Date: Tue, 30 May 2023 23:40:51 +0200 +Subject: testsuite: Replace MD5 with OpenSSL EVP implementation + +Signed-off-by: Bastian Germann +--- + utils/testsuite.c | 12 +++++++----- + 1 file changed, 7 insertions(+), 5 deletions(-) + +diff --git a/utils/testsuite.c b/utils/testsuite.c +index 79e861d2..da333cfb 100644 +--- a/utils/testsuite.c ++++ b/utils/testsuite.c +@@ -67,6 +67,8 @@ + #include + #include + ++#include ++ + #ifdef HAVE_UNISTD_H + #include + #endif +@@ -2708,7 +2710,7 @@ void create_ids(void) + #ifdef DO_SASL_CHECKAPOP + int i; + const char challenge[] = "<1896.697170952@cyrus.andrew.cmu.edu>"; +- MD5_CTX ctx; ++ EVP_MD_CTX *ctx = EVP_MD_CTX_new(); + unsigned char digest[16]; + char digeststr[33]; + #endif +@@ -2760,10 +2762,10 @@ void create_ids(void) + + /* Test sasl_checkapop */ + #ifdef DO_SASL_CHECKAPOP +- _sasl_MD5Init(&ctx); +- _sasl_MD5Update(&ctx,(const unsigned char *)challenge,strlen(challenge)); +- _sasl_MD5Update(&ctx,(const unsigned char *)password,strlen(password)); +- _sasl_MD5Final(digest, &ctx); ++ EVP_DigestInit(ctx, EVP_md5()); ++ EVP_DigestUpdate(ctx,(const unsigned char *)challenge,strlen(challenge)); ++ EVP_DigestUpdate(ctx,(const unsigned char *)password,strlen(password)); ++ EVP_DigestFinal(ctx, digest, NULL); + + /* convert digest from binary to ASCII hex */ + for (i = 0; i < 16; i++) diff --git a/debian/patches/0031-checkpw-Replace-MD5-with-OpenSSL-EVP-implementation.patch b/debian/patches/0031-checkpw-Replace-MD5-with-OpenSSL-EVP-implementation.patch new file mode 100644 index 0000000..0a15d39 --- /dev/null +++ b/debian/patches/0031-checkpw-Replace-MD5-with-OpenSSL-EVP-implementation.patch @@ -0,0 +1,75 @@ +Origin: backport, ca20488a743bf7c0d8fe6f2ab38860a5b9e4fb24 +From: Bastian Germann +Date: Tue, 30 May 2023 23:30:06 +0200 +Subject: checkpw: Replace MD5 with OpenSSL EVP implementation + +Signed-off-by: Bastian Germann +--- + lib/checkpw.c | 24 +++++++++++++----------- + 1 file changed, 13 insertions(+), 11 deletions(-) + +diff --git a/lib/checkpw.c b/lib/checkpw.c +index b8ad1889..bb7346cb 100644 +--- a/lib/checkpw.c ++++ b/lib/checkpw.c +@@ -96,5 +96,7 @@ + #include + ++#include ++ + #ifdef HAVE_PWD_H + #include + #endif /* HAVE_PWD_H */ +@@ -120,7 +122,7 @@ static int _sasl_make_plain_secret(const char *salt, + const char *passwd, size_t passlen, + sasl_secret_t **secret) + { +- MD5_CTX ctx; ++ EVP_MD_CTX *ctx = EVP_MD_CTX_new(); + unsigned sec_len = 16 + 1 + 16; /* salt + "\0" + hash */ + + *secret = (sasl_secret_t *) sasl_ALLOC(sizeof(sasl_secret_t) + +@@ -129,13 +131,13 @@ static int _sasl_make_plain_secret(const char *salt, + return SASL_NOMEM; + } + +- _sasl_MD5Init(&ctx); +- _sasl_MD5Update(&ctx, (const unsigned char *) salt, 16); +- _sasl_MD5Update(&ctx, (const unsigned char *) "sasldb", 6); +- _sasl_MD5Update(&ctx, (const unsigned char *) passwd, (unsigned int) passlen); ++ EVP_DigestInit(ctx, EVP_md5()); ++ EVP_DigestUpdate(ctx, (const unsigned char *) salt, 16); ++ EVP_DigestUpdate(ctx, (const unsigned char *) "sasldb", 6); ++ EVP_DigestUpdate(ctx, (const unsigned char *) passwd, (unsigned int) passlen); + memcpy((*secret)->data, salt, 16); + (*secret)->data[16] = '\0'; +- _sasl_MD5Final((*secret)->data + 17, &ctx); ++ EVP_DigestFinal(ctx, (*secret)->data + 17, NULL); + (*secret)->len = sec_len; + + return SASL_OK; +@@ -360,7 +362,7 @@ int _sasl_auxprop_verify_apop(sasl_conn_t *conn, + const char *password_request[] = { SASL_AUX_PASSWORD, NULL }; + struct propval auxprop_values[2]; + sasl_server_conn_t *sconn = (sasl_server_conn_t *)conn; +- MD5_CTX ctx; ++ EVP_MD_CTX *ctx = EVP_MD_CTX_new(); + int i; + + if (!conn || !userstr || !challenge || !response) +@@ -383,11 +385,11 @@ int _sasl_auxprop_verify_apop(sasl_conn_t *conn, + goto done; + } + +- _sasl_MD5Init(&ctx); +- _sasl_MD5Update(&ctx, (const unsigned char *) challenge, strlen(challenge)); +- _sasl_MD5Update(&ctx, (const unsigned char *) auxprop_values[0].values[0], ++ EVP_DigestInit(ctx, EVP_md5()); ++ EVP_DigestUpdate(ctx, (const unsigned char *) challenge, strlen(challenge)); ++ EVP_DigestUpdate(ctx, (const unsigned char *) auxprop_values[0].values[0], + strlen(auxprop_values[0].values[0])); +- _sasl_MD5Final(digest, &ctx); ++ EVP_DigestFinal(ctx, digest, NULL); + + /* erase the plaintext password */ + sconn->sparams->utils->prop_erase(sconn->sparams->propctx, diff --git a/debian/patches/series b/debian/patches/series index d37bd9c..dcbc154 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,6 +1,7 @@ 0001-plugins-digestmd5-Remove-debug-log-mech-free.patch 0002-Use-etc-sasldb2-instead-of-.-sasldb-in-the-testsuite.patch 0003-Update-saslauthd.conf-location-in-documentation.patch +0028-utils-Link-libcrypto.patch 0004-Include-dbconverter-2-in-sbin_PROGRAMS-and-set-defau.patch 0005-Fix-time-check.patch 0006-Makefile.am-Set-date-in-man-pages.patch @@ -9,16 +10,25 @@ 0009-Look-for-generic-Berkeley-DB-first.patch 0010-Add-sasldbconverter2.8.patch 0011-honor-log_level-option-on-clients-too.patch +0015-Replace-MD5-with-OpenSSL-legacy-implementation.patch 0012-Make-the-libsasl2-symbols-versioned.patch 0013-Don-t-use-la-files-for-opening-plugins.patch 0014-Prevent-recreating-of-md5global.patch +0016-saslauthd-Replace-MD5-with-OpenSSL-EVP-implementation.patch 0017-Just-completely-remove-libobj-from-autotools-files.patch 0018-Temporary-multiarch-fixes.patch 0019-Add-reference-to-LDAP_SASLAUTHD-file-to-the-saslauth.patch +0020-Exclude-md5global.patch +0021-Replace-custom-memset-with-OPENSSL_cleanse.patch +0022-Replace-custom-with-standard-memcpy.patch +0023-Add-a-note-on-the-RSA-MD-license.patch +0024-Relicense-md5.patch 0025-Revert-upstream-soname-bump.patch 0026-Gracefully-handle-failed-init.patch 0027-Catch-errors-from-EVP_Digest-functions.patch 0029-Load-OpenSSL3-legacy-provider-digestmd5.patch +0030-testsuite-Replace-MD5-with-OpenSSL-EVP-implementation.patch +0031-checkpw-Replace-MD5-with-OpenSSL-EVP-implementation.patch 0032-Add-with_pgsql-include-postgresql-to-include-path.patch 0034-channel-binding-gssapi-gss-spnego.patch 0035-Add-support-for-setting-max-ssf-0-to-GSS-SPNEGO-1.patch