Eliminate RSA-MD from binaries (Closes: #748061)
Bastian Germann
8 months ago
90 | 90 | saslauthd/md5.c |
91 | 91 | saslauthd/saslauthd_md5.h |
92 | 92 | Copyright: 1991-2, RSA Data Security, Inc. Created 1991. All rights reserved. |
93 | Comment: The source is patched so that these files do not end up in any binary. | |
94 | lib/md5.c is relicensed by upstream to BSD-3-Clause-Attribution, which | |
95 | is reflected in the quilt patch queue. | |
93 | 96 | License: RSA-MD |
94 | 97 | |
95 | 98 | Files: lib/saslutil.c |
15 | 15 | --- a/utils/Makefile.am |
16 | 16 | +++ b/utils/Makefile.am |
17 | 17 | @@ -45,10 +45,10 @@ |
18 | all_sasl_libs = ../lib/libsasl2.la $(SASL_DB_LIB) $(LIB_SOCKET) | |
19 | all_sasl_static_libs = ../lib/.libs/libsasl2.a $(SASL_DB_LIB) $(LIB_SOCKET) $(GSSAPIBASE_LIBS) $(GSSAPI_LIBS) $(SASL_KRB_LIB) $(LIB_DES) $(PLAIN_LIBS) $(SRP_LIBS) $(LIB_MYSQL) $(LIB_PGSQL) $(LIB_SQLITE) | |
18 | all_sasl_libs = ../lib/libsasl2.la $(SASL_DB_LIB) $(LIB_SOCKET) -lcrypto | |
19 | all_sasl_static_libs = ../lib/.libs/libsasl2.a $(SASL_DB_LIB) $(LIB_SOCKET) $(GSSAPIBASE_LIBS) $(GSSAPI_LIBS) $(SASL_KRB_LIB) $(LIB_DES) $(PLAIN_LIBS) $(SRP_LIBS) $(LIB_MYSQL) $(LIB_PGSQL) $(LIB_SQLITE) -lcrypto | |
20 | 20 | |
21 | 21 | -sbin_PROGRAMS = @SASL_DB_UTILS@ @SMTPTEST_PROGRAM@ pluginviewer |
22 | 22 | +sbin_PROGRAMS = @SASL_DB_UTILS@ @SMTPTEST_PROGRAM@ pluginviewer dbconverter-2 |
33 | 33 | +libsasl2_la_LDFLAGS = -version-info $(sasl_version) -no-undefined -Wl,--version-script=$(top_srcdir)/Versions |
34 | 34 | +libsasl2_la_DEPENDENCIES = $(LTLIBOBJS) $(top_srcdir)/Versions |
35 | 35 | |
36 | libsasl2_la_LIBADD = $(SASL_DL_LIB) $(SASL_STATIC_LIBS) $(LIB_SOCKET) $(LIB_DOOR) $(PLUGIN_COMMON_OBJS) | |
36 | libsasl2_la_LIBADD = $(SASL_DL_LIB) $(SASL_STATIC_LIBS) $(LIB_SOCKET) $(LIB_DOOR) $(PLUGIN_COMMON_OBJS) -lcrypto | |
37 | 37 | if BUILD_LIBOBJ |
7 | 7 | +++ b/include/Makefile.am |
8 | 8 | @@ -47,22 +47,13 @@ noinst_HEADERS = gai.h exits.h |
9 | 9 | saslincludedir = $(includedir)/sasl |
10 | saslinclude_HEADERS = hmac-md5.h md5.h md5global.h sasl.h saslplug.h saslutil.h prop.h | |
10 | saslinclude_HEADERS = hmac-md5.h md5global.h sasl.h saslplug.h saslutil.h prop.h | |
11 | 11 | |
12 | 12 | -noinst_PROGRAMS = makemd5 |
13 | 13 | - |
0 | Origin: backport, df44e6ae82ffd0f2264972ce14d48a67e008b7d2 | |
1 | From: Bastian Germann <bage@debian.org> | |
2 | Date: Sun, 28 May 2023 21:26:04 +0200 | |
3 | Subject: Replace MD5 with OpenSSL legacy implementation | |
4 | ||
5 | Require OpenSSL for the build so that it can be used always. | |
6 | Drop the internal MD5 implementation and replace every occurence. | |
7 | Keep the HMAC MD5 implementation for now but base it on OpenSSL. | |
8 | ||
9 | Fixes: #513, #712 | |
10 | ||
11 | Signed-off-by: Bastian Germann <bage@debian.org> | |
12 | --- | |
13 | diff --git a/include/Makefile.am b/include/Makefile.am | |
14 | index c942efa9..b525ea78 100644 | |
15 | --- a/include/Makefile.am | |
16 | +++ b/include/Makefile.am | |
17 | @@ -45,7 +45,7 @@ | |
18 | noinst_HEADERS = gai.h exits.h | |
19 | ||
20 | saslincludedir = $(includedir)/sasl | |
21 | -saslinclude_HEADERS = hmac-md5.h md5.h md5global.h sasl.h saslplug.h saslutil.h prop.h | |
22 | +saslinclude_HEADERS = hmac-md5.h md5global.h sasl.h saslplug.h saslutil.h prop.h | |
23 | ||
24 | noinst_PROGRAMS = makemd5 | |
25 | ||
26 | diff --git a/include/hmac-md5.h b/include/hmac-md5.h | |
27 | index babe0031..fb4a740c 100755 | |
28 | --- a/include/hmac-md5.h | |
29 | +++ b/include/hmac-md5.h | |
30 | @@ -4,6 +4,8 @@ | |
31 | #ifndef HMAC_MD5_H | |
32 | #define HMAC_MD5_H 1 | |
33 | ||
34 | +#include <openssl/md5.h> | |
35 | + | |
36 | #define HMAC_MD5_SIZE 16 | |
37 | ||
38 | /* intermediate MD5 context */ | |
39 | @@ -45,8 +47,6 @@ void _sasl_hmac_md5_precalc(HMAC_MD5_STATE *hmac, | |
40 | */ | |
41 | void _sasl_hmac_md5_import(HMAC_MD5_CTX *hmac, HMAC_MD5_STATE *state); | |
42 | ||
43 | -#define _sasl_hmac_md5_update(hmac, text, text_len) _sasl_MD5Update(&(hmac)->ictx, (text), (text_len)) | |
44 | - | |
45 | /* finish hmac from intermediate result. Intermediate result is zeroed. | |
46 | */ | |
47 | void _sasl_hmac_md5_final(unsigned char digest[HMAC_MD5_SIZE], | |
48 | diff --git a/include/saslplug.h b/include/saslplug.h | |
49 | index 54d42146..bd5eb983 100755 | |
50 | --- a/include/saslplug.h | |
51 | +++ b/include/saslplug.h | |
52 | @@ -7,9 +7,6 @@ | |
53 | #ifndef MD5GLOBAL_H | |
54 | #include "md5global.h" | |
55 | #endif | |
56 | -#ifndef MD5_H | |
57 | -#include "md5.h" | |
58 | -#endif | |
59 | #ifndef HMAC_MD5_H | |
60 | #include "hmac-md5.h" | |
61 | #endif | |
62 | diff --git a/lib/Makefile.am b/lib/Makefile.am | |
63 | index 929bf25f..8f1cc13a 100644 | |
64 | --- a/lib/Makefile.am | |
65 | +++ b/lib/Makefile.am | |
66 | @@ -82,7 +82,7 @@ libobj_la_LIBADD = $(LTLIBOBJS) | |
67 | libsasl2_la_SOURCES = $(common_sources) $(common_headers) | |
68 | libsasl2_la_LDFLAGS = -version-info $(sasl_version) -no-undefined | |
69 | ||
70 | -libsasl2_la_LIBADD = $(SASL_DL_LIB) $(SASL_STATIC_LIBS) $(LIB_SOCKET) $(LIB_DOOR) $(PLUGIN_COMMON_OBJS) | |
71 | +libsasl2_la_LIBADD = $(SASL_DL_LIB) $(SASL_STATIC_LIBS) $(LIB_SOCKET) $(LIB_DOOR) $(PLUGIN_COMMON_OBJS) -lcrypto | |
72 | if BUILD_LIBOBJ | |
73 | libsasl2_la_LIBADD += libobj.la | |
74 | endif | |
75 | diff --git a/lib/common.c b/lib/common.c | |
76 | index 0425abb1..da1c1287 100644 | |
77 | --- a/lib/common.c | |
78 | +++ b/lib/common.c | |
79 | @@ -2075,9 +2075,9 @@ _sasl_alloc_utils(sasl_conn_t *conn, | |
80 | utils->mutex_unlock = _sasl_mutex_utils.unlock; | |
81 | utils->mutex_free = _sasl_mutex_utils.free; | |
82 | ||
83 | - utils->MD5Init = &_sasl_MD5Init; | |
84 | - utils->MD5Update= &_sasl_MD5Update; | |
85 | - utils->MD5Final = &_sasl_MD5Final; | |
86 | + utils->MD5Init = &MD5_Init; | |
87 | + utils->MD5Update= &MD5_Update; | |
88 | + utils->MD5Final = &MD5_Final; | |
89 | utils->hmac_md5 = &_sasl_hmac_md5; | |
90 | utils->hmac_md5_init = &_sasl_hmac_md5_init; | |
91 | utils->hmac_md5_final = &_sasl_hmac_md5_final; | |
92 | diff --git a/lib/md5.c b/lib/md5.c | |
93 | index fbe7ae89..e327679e 100644 | |
94 | --- a/lib/md5.c | |
95 | +++ b/lib/md5.c | |
96 | @@ -27,292 +27,15 @@ documentation and/or software. | |
97 | ||
98 | #include <config.h> | |
99 | #include "md5global.h" | |
100 | -#include "md5.h" | |
101 | #include "hmac-md5.h" | |
102 | ||
103 | #ifndef WIN32 | |
104 | # include <arpa/inet.h> | |
105 | #endif | |
106 | ||
107 | -/* Constants for MD5Transform routine. | |
108 | -*/ | |
109 | - | |
110 | -#define S11 7 | |
111 | -#define S12 12 | |
112 | -#define S13 17 | |
113 | -#define S14 22 | |
114 | -#define S21 5 | |
115 | -#define S22 9 | |
116 | -#define S23 14 | |
117 | -#define S24 20 | |
118 | -#define S31 4 | |
119 | -#define S32 11 | |
120 | -#define S33 16 | |
121 | -#define S34 23 | |
122 | -#define S41 6 | |
123 | -#define S42 10 | |
124 | -#define S43 15 | |
125 | -#define S44 21 | |
126 | - | |
127 | -static void MD5Transform PROTO_LIST ((UINT4 [4], const unsigned char [64])); | |
128 | -static void Encode PROTO_LIST | |
129 | - ((unsigned char *, UINT4 *, unsigned int)); | |
130 | -static void Decode PROTO_LIST | |
131 | - ((UINT4 *, const unsigned char *, unsigned int)); | |
132 | static void MD5_memcpy PROTO_LIST ((POINTER, POINTER, unsigned int)); | |
133 | static void MD5_memset PROTO_LIST ((POINTER, int, unsigned int)); | |
134 | ||
135 | -static unsigned char PADDING[64] = { | |
136 | - 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
137 | - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 | |
138 | -}; | |
139 | - | |
140 | -/* F, G, H and I are basic MD5 functions. | |
141 | - | |
142 | - */ | |
143 | -#ifdef I | |
144 | -/* This might be defined via NANA */ | |
145 | -#undef I | |
146 | -#endif | |
147 | - | |
148 | -#define F(x, y, z) (((x) & (y)) | ((~x) & (z))) | |
149 | -#define G(x, y, z) (((x) & (z)) | ((y) & (~z))) | |
150 | -#define H(x, y, z) ((x) ^ (y) ^ (z)) | |
151 | -#define I(x, y, z) ((y) ^ ((x) | (~z))) | |
152 | - | |
153 | -/* ROTATE_LEFT rotates x left n bits. | |
154 | - | |
155 | - */ | |
156 | - | |
157 | -#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n)))) | |
158 | - | |
159 | -/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4. | |
160 | -Rotation is separate from addition to prevent recomputation. | |
161 | -*/ | |
162 | - | |
163 | -#define FF(a, b, c, d, x, s, ac) { (a) += F ((b), (c), (d)) + (x) + (UINT4)(ac); (a) = ROTATE_LEFT ((a), (s)); (a) += (b); } | |
164 | -#define GG(a, b, c, d, x, s, ac) { (a) += G ((b), (c), (d)) + (x) + (UINT4)(ac); (a) = ROTATE_LEFT ((a), (s)); (a) += (b); } | |
165 | -#define HH(a, b, c, d, x, s, ac) { (a) += H ((b), (c), (d)) + (x) + (UINT4)(ac); (a) = ROTATE_LEFT ((a), (s)); (a) += (b); } | |
166 | -#define II(a, b, c, d, x, s, ac) { (a) += I ((b), (c), (d)) + (x) + (UINT4)(ac); (a) = ROTATE_LEFT ((a), (s)); (a) += (b); } | |
167 | - | |
168 | -/* MD5 initialization. Begins an MD5 operation, writing a new context. | |
169 | -*/ | |
170 | - | |
171 | -void _sasl_MD5Init (context) | |
172 | -MD5_CTX *context; /* context */ | |
173 | -{ | |
174 | - context->count[0] = context->count[1] = 0; | |
175 | - | |
176 | - /* Load magic initialization constants. */ | |
177 | - context->state[0] = 0x67452301; | |
178 | - context->state[1] = 0xefcdab89; | |
179 | - context->state[2] = 0x98badcfe; | |
180 | - context->state[3] = 0x10325476; | |
181 | -} | |
182 | - | |
183 | -/* MD5 block update operation. Continues an MD5 message-digest | |
184 | - operation, processing another message block, and updating the context. | |
185 | -*/ | |
186 | - | |
187 | -void _sasl_MD5Update (context, input, inputLen) | |
188 | -MD5_CTX *context; /* context */ | |
189 | -const unsigned char *input; /* input block */ | |
190 | -unsigned int inputLen; /* length of input block */ | |
191 | -{ | |
192 | - unsigned int i, index, partLen; | |
193 | - | |
194 | - /* Compute number of bytes mod 64 */ | |
195 | - index = (unsigned int)((context->count[0] >> 3) & 0x3F); | |
196 | - | |
197 | - /* Update number of bits */ | |
198 | - if ((context->count[0] += ((UINT4)inputLen << 3)) | |
199 | - < ((UINT4)inputLen << 3)) | |
200 | - context->count[1]++; | |
201 | - context->count[1] += ((UINT4)inputLen >> 29); | |
202 | - | |
203 | - partLen = 64 - index; | |
204 | - | |
205 | - /* Transform as many times as possible. | |
206 | - | |
207 | -*/ | |
208 | - if (inputLen >= partLen) { | |
209 | - MD5_memcpy | |
210 | - ((POINTER)&context->buffer[index], (POINTER)input, partLen); MD5Transform | |
211 | - (context->state, context->buffer); | |
212 | - | |
213 | - for (i = partLen; i + 63 < inputLen; i += 64) | |
214 | - MD5Transform (context->state, &input[i]); | |
215 | - | |
216 | - index = 0; | |
217 | - } | |
218 | - else | |
219 | - i = 0; | |
220 | - | |
221 | - /* Buffer remaining input */ | |
222 | - MD5_memcpy | |
223 | - ((POINTER)&context->buffer[index], (POINTER)&input[i], | |
224 | - inputLen-i); | |
225 | - | |
226 | -} | |
227 | - | |
228 | -/* MD5 finalization. Ends an MD5 message-digest operation, writing the | |
229 | - the message digest and zeroizing the context. | |
230 | -*/ | |
231 | - | |
232 | -void _sasl_MD5Final (digest, context) | |
233 | -unsigned char digest[16]; /* message digest */ | |
234 | -MD5_CTX *context; /* context */ | |
235 | -{ | |
236 | - unsigned char bits[8]; | |
237 | - unsigned int index, padLen; | |
238 | - | |
239 | - /* Save number of bits */ | |
240 | - Encode (bits, context->count, 8); | |
241 | - | |
242 | - /* Pad out to 56 mod 64. */ | |
243 | - index = (unsigned int)((context->count[0] >> 3) & 0x3f); | |
244 | - padLen = (index < 56) ? (56 - index) : (120 - index); | |
245 | - _sasl_MD5Update (context, PADDING, padLen); | |
246 | - | |
247 | - /* Append length (before padding) */ | |
248 | - _sasl_MD5Update (context, bits, 8); | |
249 | - | |
250 | - /* Store state in digest */ | |
251 | - Encode (digest, context->state, 16); | |
252 | - | |
253 | - /* Zeroize sensitive information. */ | |
254 | - MD5_memset ((POINTER)context, 0, sizeof (*context)); | |
255 | -} | |
256 | - | |
257 | -/* MD5 basic transformation. Transforms state based on block. */ | |
258 | - | |
259 | -static void MD5Transform (state, block) | |
260 | -UINT4 state[4]; | |
261 | -const unsigned char block[64]; | |
262 | -{ | |
263 | - UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16]; | |
264 | - | |
265 | - Decode (x, block, 64); | |
266 | - | |
267 | - /* Round 1 */ | |
268 | - FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */ | |
269 | - FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */ | |
270 | - FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */ | |
271 | - FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */ | |
272 | - FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */ | |
273 | - FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */ | |
274 | - FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */ | |
275 | - FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */ | |
276 | - FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */ | |
277 | - FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */ | |
278 | - FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */ | |
279 | - FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */ | |
280 | - FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */ | |
281 | - FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */ | |
282 | - FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */ | |
283 | - FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */ | |
284 | - | |
285 | - /* Round 2 */ | |
286 | - GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */ | |
287 | - GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */ | |
288 | - GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */ | |
289 | - GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */ | |
290 | - GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */ | |
291 | - GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */ | |
292 | - GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */ | |
293 | - GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */ | |
294 | - GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */ | |
295 | - GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */ | |
296 | - GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */ | |
297 | - GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */ | |
298 | - GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */ | |
299 | - GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */ | |
300 | - GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */ | |
301 | - GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */ | |
302 | - | |
303 | - /* Round 3 */ | |
304 | - HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */ | |
305 | - HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */ | |
306 | - HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */ | |
307 | - HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */ | |
308 | - HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */ | |
309 | - HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */ | |
310 | - HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */ | |
311 | - HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */ | |
312 | - HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */ | |
313 | - HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */ | |
314 | - HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */ | |
315 | - HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */ | |
316 | - HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */ | |
317 | - HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */ | |
318 | - HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */ | |
319 | - HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */ | |
320 | - | |
321 | - /* Round 4 */ | |
322 | - II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */ | |
323 | - II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */ | |
324 | - II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */ | |
325 | - II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */ | |
326 | - II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */ | |
327 | - II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */ | |
328 | - II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */ | |
329 | - II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */ | |
330 | - II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */ | |
331 | - II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */ | |
332 | - II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */ | |
333 | - II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */ | |
334 | - II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */ | |
335 | - II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */ | |
336 | - II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */ | |
337 | - II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */ | |
338 | - | |
339 | - state[0] += a; | |
340 | - state[1] += b; | |
341 | - state[2] += c; | |
342 | - state[3] += d; | |
343 | - | |
344 | - /* Zeroize sensitive information. | |
345 | - */ | |
346 | - MD5_memset ((POINTER)x, 0, sizeof (x)); | |
347 | -} | |
348 | - | |
349 | -/* Encodes input (UINT4) into output (unsigned char). Assumes len is | |
350 | - a multiple of 4. | |
351 | - | |
352 | - */ | |
353 | - | |
354 | -static void Encode (output, input, len) | |
355 | -unsigned char *output; | |
356 | -UINT4 *input; | |
357 | -unsigned int len; | |
358 | -{ | |
359 | - unsigned int i, j; | |
360 | - | |
361 | - for (i = 0, j = 0; j < len; i++, j += 4) { | |
362 | - output[j] = (unsigned char)(input[i] & 0xff); | |
363 | - output[j+1] = (unsigned char)((input[i] >> 8) & 0xff); | |
364 | - output[j+2] = (unsigned char)((input[i] >> 16) & 0xff); | |
365 | - output[j+3] = (unsigned char)((input[i] >> 24) & 0xff); | |
366 | - } | |
367 | -} | |
368 | - | |
369 | -/* Decodes input (unsigned char) into output (UINT4). Assumes len is | |
370 | - a multiple of 4. | |
371 | - | |
372 | - */ | |
373 | - | |
374 | -static void Decode (output, input, len) | |
375 | -UINT4 *output; | |
376 | -const unsigned char *input; | |
377 | -unsigned int len; | |
378 | -{ | |
379 | - unsigned int i, j; | |
380 | - | |
381 | - for (i = 0, j = 0; j < len; i++, j += 4) | |
382 | - output[i] = ((UINT4)input[j]) | (((UINT4)input[j+1]) << 8) | (((UINT4)input[j+2]) << 16) | |
383 | - | (((UINT4)input[j+3]) << 24); | |
384 | -} | |
385 | - | |
386 | /* Note: Replace "for loop" with standard memcpy if possible. | |
387 | ||
388 | */ | |
389 | @@ -359,9 +82,9 @@ void _sasl_hmac_md5_init(HMAC_MD5_CTX *hmac, | |
390 | ||
391 | MD5_CTX tctx; | |
392 | ||
393 | - _sasl_MD5Init(&tctx); | |
394 | - _sasl_MD5Update(&tctx, key, key_len); | |
395 | - _sasl_MD5Final(tk, &tctx); | |
396 | + MD5_Init(&tctx); | |
397 | + MD5_Update(&tctx, key, key_len); | |
398 | + MD5_Final(tk, &tctx); | |
399 | ||
400 | key = tk; | |
401 | key_len = 16; | |
402 | @@ -390,11 +113,11 @@ void _sasl_hmac_md5_init(HMAC_MD5_CTX *hmac, | |
403 | k_opad[i] ^= 0x5c; | |
404 | } | |
405 | ||
406 | - _sasl_MD5Init(&hmac->ictx); /* init inner context */ | |
407 | - _sasl_MD5Update(&hmac->ictx, k_ipad, 64); /* apply inner pad */ | |
408 | + MD5_Init(&hmac->ictx); /* init inner context */ | |
409 | + MD5_Update(&hmac->ictx, k_ipad, 64); /* apply inner pad */ | |
410 | ||
411 | - _sasl_MD5Init(&hmac->octx); /* init outer context */ | |
412 | - _sasl_MD5Update(&hmac->octx, k_opad, 64); /* apply outer pad */ | |
413 | + MD5_Init(&hmac->octx); /* init outer context */ | |
414 | + MD5_Update(&hmac->octx, k_opad, 64); /* apply outer pad */ | |
415 | ||
416 | /* scrub the pads and key context (if used) */ | |
417 | MD5_memset((POINTER)&k_ipad, 0, sizeof(k_ipad)); | |
418 | @@ -417,13 +140,19 @@ void _sasl_hmac_md5_precalc(HMAC_MD5_STATE *state, | |
419 | int key_len) | |
420 | { | |
421 | HMAC_MD5_CTX hmac; | |
422 | - unsigned lupe; | |
423 | ||
424 | _sasl_hmac_md5_init(&hmac, key, key_len); | |
425 | - for (lupe = 0; lupe < 4; lupe++) { | |
426 | - state->istate[lupe] = htonl(hmac.ictx.state[lupe]); | |
427 | - state->ostate[lupe] = htonl(hmac.octx.state[lupe]); | |
428 | - } | |
429 | + | |
430 | + state->istate[0] = htonl(hmac.ictx.A); | |
431 | + state->istate[1] = htonl(hmac.ictx.B); | |
432 | + state->istate[2] = htonl(hmac.ictx.C); | |
433 | + state->istate[3] = htonl(hmac.ictx.D); | |
434 | + | |
435 | + state->ostate[0] = htonl(hmac.octx.A); | |
436 | + state->ostate[1] = htonl(hmac.octx.B); | |
437 | + state->ostate[2] = htonl(hmac.octx.C); | |
438 | + state->ostate[3] = htonl(hmac.octx.D); | |
439 | + | |
440 | MD5_memset((POINTER)&hmac, 0, sizeof(hmac)); | |
441 | } | |
442 | ||
443 | @@ -431,24 +160,30 @@ void _sasl_hmac_md5_precalc(HMAC_MD5_STATE *state, | |
444 | void _sasl_hmac_md5_import(HMAC_MD5_CTX *hmac, | |
445 | HMAC_MD5_STATE *state) | |
446 | { | |
447 | - unsigned lupe; | |
448 | MD5_memset((POINTER)hmac, 0, sizeof(HMAC_MD5_CTX)); | |
449 | - for (lupe = 0; lupe < 4; lupe++) { | |
450 | - hmac->ictx.state[lupe] = ntohl(state->istate[lupe]); | |
451 | - hmac->octx.state[lupe] = ntohl(state->ostate[lupe]); | |
452 | - } | |
453 | + | |
454 | + hmac->ictx.A = ntohl(state->istate[0]); | |
455 | + hmac->ictx.B = ntohl(state->istate[1]); | |
456 | + hmac->ictx.C = ntohl(state->istate[2]); | |
457 | + hmac->ictx.D = ntohl(state->istate[3]); | |
458 | + | |
459 | + hmac->octx.A = ntohl(state->ostate[0]); | |
460 | + hmac->octx.B = ntohl(state->ostate[1]); | |
461 | + hmac->octx.C = ntohl(state->ostate[2]); | |
462 | + hmac->octx.D = ntohl(state->ostate[3]); | |
463 | + | |
464 | /* Init the counts to account for our having applied | |
465 | * 64 bytes of key; this works out to 0x200 (64 << 3; see | |
466 | * MD5Update above...) */ | |
467 | - hmac->ictx.count[0] = hmac->octx.count[0] = 0x200; | |
468 | + hmac->ictx.Nl = hmac->octx.Nl = 0x200; | |
469 | } | |
470 | ||
471 | void _sasl_hmac_md5_final(unsigned char digest[HMAC_MD5_SIZE], | |
472 | HMAC_MD5_CTX *hmac) | |
473 | { | |
474 | - _sasl_MD5Final(digest, &hmac->ictx); /* Finalize inner md5 */ | |
475 | - _sasl_MD5Update(&hmac->octx, digest, 16); /* Update outer ctx */ | |
476 | - _sasl_MD5Final(digest, &hmac->octx); /* Finalize outer md5 */ | |
477 | + MD5_Final(digest, &hmac->ictx); /* Finalize inner md5 */ | |
478 | + MD5_Update(&hmac->octx, digest, 16); /* Update outer ctx */ | |
479 | + MD5_Final(digest, &hmac->octx); /* Finalize outer md5 */ | |
480 | } | |
481 | ||
482 | ||
483 | @@ -474,9 +209,9 @@ unsigned char *digest; /* caller digest to be filled in */ | |
484 | ||
485 | MD5_CTX tctx; | |
486 | ||
487 | - _sasl_MD5Init(&tctx); | |
488 | - _sasl_MD5Update(&tctx, key, key_len); | |
489 | - _sasl_MD5Final(tk, &tctx); | |
490 | + MD5_Init(&tctx); | |
491 | + MD5_Update(&tctx, key, key_len); | |
492 | + MD5_Final(tk, &tctx); | |
493 | ||
494 | key = tk; | |
495 | key_len = 16; | |
496 | @@ -508,20 +243,20 @@ unsigned char *digest; /* caller digest to be filled in */ | |
497 | * perform inner MD5 | |
498 | */ | |
499 | ||
500 | - _sasl_MD5Init(&context); /* init context for 1st | |
501 | + MD5_Init(&context); /* init context for 1st | |
502 | * pass */ | |
503 | - _sasl_MD5Update(&context, k_ipad, 64); /* start with inner pad */ | |
504 | - _sasl_MD5Update(&context, text, text_len); /* then text of datagram */ | |
505 | - _sasl_MD5Final(digest, &context); /* finish up 1st pass */ | |
506 | + MD5_Update(&context, k_ipad, 64); /* start with inner pad */ | |
507 | + MD5_Update(&context, text, text_len); /* then text of datagram */ | |
508 | + MD5_Final(digest, &context); /* finish up 1st pass */ | |
509 | ||
510 | /* | |
511 | * perform outer MD5 | |
512 | */ | |
513 | - _sasl_MD5Init(&context); /* init context for 2nd | |
514 | + MD5_Init(&context); /* init context for 2nd | |
515 | * pass */ | |
516 | - _sasl_MD5Update(&context, k_opad, 64); /* start with outer pad */ | |
517 | - _sasl_MD5Update(&context, digest, 16); /* then results of 1st | |
518 | + MD5_Update(&context, k_opad, 64); /* start with outer pad */ | |
519 | + MD5_Update(&context, digest, 16); /* then results of 1st | |
520 | * hash */ | |
521 | - _sasl_MD5Final(digest, &context); /* finish up 2nd pass */ | |
522 | + MD5_Final(digest, &context); /* finish up 2nd pass */ | |
523 | ||
524 | } |
0 | From backport, 023468d6489ddd9873d45ddd8e2de5b46ee82976 | |
1 | From: Bastian Germann <bage@debian.org> | |
2 | Date: Sun, 28 May 2023 13:57:03 +0200 | |
3 | Subject: saslauthd: Replace MD5 with OpenSSL EVP implementation | |
4 | ||
5 | Signed-off-by: Bastian Germann <bage@debian.org> | |
6 | --- | |
7 | diff --git a/saslauthd/Makefile.am b/saslauthd/Makefile.am | |
8 | index bf6fbec6..b78b8c2c 100644 | |
9 | --- a/saslauthd/Makefile.am | |
10 | +++ b/saslauthd/Makefile.am | |
11 | @@ -19,13 +19,12 @@ saslauthd_SOURCES = mechanisms.c globals.h \ | |
12 | auth_sia.h auth_sasldb.c auth_sasldb.h lak.c lak.h \ | |
13 | auth_ldap.c auth_ldap.h cache.c cache.h cfile.c cfile.h \ | |
14 | krbtf.c krbtf.h utils.c utils.h \ | |
15 | - ipc_unix.c ipc_doors.c saslauthd-main.c saslauthd-main.h \ | |
16 | - md5.c saslauthd_md5.h | |
17 | + ipc_unix.c ipc_doors.c saslauthd-main.c saslauthd-main.h | |
18 | EXTRA_saslauthd_sources = getaddrinfo.c getnameinfo.c | |
19 | saslauthd_DEPENDENCIES = saslauthd-main.o $(LTLIBOBJS_FULL) | |
20 | saslauthd_LDADD = @SASL_KRB_LIB@ \ | |
21 | @GSSAPIBASE_LIBS@ @LIB_CRYPT@ @LIB_SIA@ \ | |
22 | - @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ $(LTLIBOBJS_FULL) $(CRYPTO_COMPAT_OBJS) $(LIBSASLDB_OBJS) | |
23 | + @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ $(LTLIBOBJS_FULL) $(CRYPTO_COMPAT_OBJS) $(LIBSASLDB_OBJS) -lcrypto | |
24 | ||
25 | testsaslauthd_SOURCES = testsaslauthd.c utils.c | |
26 | testsaslauthd_LDADD = @LIB_SOCKET@ | |
27 | diff --git a/saslauthd/cache.c b/saslauthd/cache.c | |
28 | index 0d78a735..424dcceb 100644 | |
29 | --- a/saslauthd/cache.c | |
30 | +++ b/saslauthd/cache.c | |
31 | @@ -54,8 +54,7 @@ | |
32 | #include "cache.h" | |
33 | #include "utils.h" | |
34 | #include "globals.h" | |
35 | -#include "md5global.h" | |
36 | -#include "saslauthd_md5.h" | |
37 | +#include <openssl/evp.h> | |
38 | ||
39 | /**************************************** | |
40 | * module globals | |
41 | @@ -164,7 +163,7 @@ int cache_lookup(const char *user, const char *realm, const char *service, const | |
42 | int service_length = 0; | |
43 | int hash_offset; | |
44 | unsigned char pwd_digest[16]; | |
45 | - MD5_CTX md5_context; | |
46 | + EVP_MD_CTX *mdctx = EVP_MD_CTX_new(); | |
47 | time_t epoch; | |
48 | time_t epoch_timeout; | |
49 | struct bucket *ref_bucket; | |
50 | @@ -211,9 +210,9 @@ int cache_lookup(const char *user, const char *realm, const char *service, const | |
51 | ||
52 | hash_offset = cache_pjwhash(userrealmserv); | |
53 | ||
54 | - _saslauthd_MD5Init(&md5_context); | |
55 | - _saslauthd_MD5Update(&md5_context, password, strlen(password)); | |
56 | - _saslauthd_MD5Final(pwd_digest, &md5_context); | |
57 | + EVP_DigestInit(mdctx, EVP_md5()); | |
58 | + EVP_DigestUpdate(mdctx, password, strlen(password)); | |
59 | + EVP_DigestFinal(mdctx, pwd_digest, NULL); | |
60 | ||
61 | /************************************************************** | |
62 | * Loop through the bucket chain to try and find a hit. |
106 | 106 | -libsasl2_la_DEPENDENCIES = $(LTLIBOBJS) $(top_srcdir)/Versions |
107 | 107 | +libsasl2_la_DEPENDENCIES = $(top_srcdir)/Versions |
108 | 108 | |
109 | libsasl2_la_LIBADD = $(SASL_DL_LIB) $(SASL_STATIC_LIBS) $(LIB_SOCKET) $(LIB_DOOR) $(PLUGIN_COMMON_OBJS) | |
109 | libsasl2_la_LIBADD = $(SASL_DL_LIB) $(SASL_STATIC_LIBS) $(LIB_SOCKET) $(LIB_DOOR) $(PLUGIN_COMMON_OBJS) -lcrypto | |
110 | 110 | -if BUILD_LIBOBJ |
111 | 111 | -libsasl2_la_LIBADD += libobj.la |
112 | 112 | -endif |
140 | 140 | CRYPTO_COMPAT_OBJS = $(top_builddir)/common/libcrypto_compat.la |
141 | 141 | if AUTH_SASLDB |
142 | 142 | LIBSASLDB_OBJS = $(top_builddir)/sasldb/libsasldb.la |
143 | @@ -22,10 +20,10 @@ saslauthd_SOURCES = mechanisms.c globals.h \ | |
144 | ipc_unix.c ipc_doors.c saslauthd-main.c saslauthd-main.h \ | |
145 | md5.c saslauthd_md5.h | |
143 | @@ -22,9 +20,9 @@ saslauthd_SOURCES = mechanisms.c globals.h \ | |
144 | ipc_unix.c ipc_doors.c saslauthd-main.c saslauthd-main.h | |
146 | 145 | EXTRA_saslauthd_sources = getaddrinfo.c getnameinfo.c |
147 | 146 | -saslauthd_DEPENDENCIES = saslauthd-main.o $(LTLIBOBJS_FULL) |
148 | 147 | +saslauthd_DEPENDENCIES = saslauthd-main.o |
149 | 148 | saslauthd_LDADD = @SASL_KRB_LIB@ \ |
150 | 149 | @GSSAPIBASE_LIBS@ @LIB_CRYPT@ @LIB_SIA@ \ |
151 | - @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ $(LTLIBOBJS_FULL) $(CRYPTO_COMPAT_OBJS) $(LIBSASLDB_OBJS) | |
152 | + @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ $(CRYPTO_COMPAT_OBJS) $(LIBSASLDB_OBJS) | |
150 | - @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ $(LTLIBOBJS_FULL) $(CRYPTO_COMPAT_OBJS) $(LIBSASLDB_OBJS) -lcrypto | |
151 | + @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ $(CRYPTO_COMPAT_OBJS) $(LIBSASLDB_OBJS) -lcrypto | |
153 | 152 | |
154 | 153 | testsaslauthd_SOURCES = testsaslauthd.c utils.c |
155 | 154 | testsaslauthd_LDADD = @LIB_SOCKET@ |
0 | From backport, 396e0b39f320e31bead99a31f2284eabd62dd176 | |
1 | From: Bastian Germann <bage@debian.org> | |
2 | Date: Mon, 29 May 2023 00:33:38 +0200 | |
3 | Subject: Exclude md5global.h | |
4 | ||
5 | --- | |
6 | diff --git a/include/hmac-md5.h b/include/hmac-md5.h | |
7 | index fb4a740c..7d84458a 100755 | |
8 | --- a/include/hmac-md5.h | |
9 | +++ b/include/hmac-md5.h | |
10 | @@ -17,8 +17,8 @@ typedef struct HMAC_MD5_CTX_s { | |
11 | * values stored in network byte order (Big Endian) | |
12 | */ | |
13 | typedef struct HMAC_MD5_STATE_s { | |
14 | - UINT4 istate[4]; | |
15 | - UINT4 ostate[4]; | |
16 | + uint32_t istate[4]; | |
17 | + uint32_t ostate[4]; | |
18 | } HMAC_MD5_STATE; | |
19 | ||
20 | #ifdef __cplusplus | |
21 | diff --git a/lib/md5.c b/lib/md5.c | |
22 | index e327679e..612cfa68 100644 | |
23 | --- a/lib/md5.c | |
24 | +++ b/lib/md5.c | |
25 | @@ -26,15 +26,16 @@ documentation and/or software. | |
26 | */ | |
27 | ||
28 | #include <config.h> | |
29 | -#include "md5global.h" | |
30 | #include "hmac-md5.h" | |
31 | ||
32 | #ifndef WIN32 | |
33 | # include <arpa/inet.h> | |
34 | #endif | |
35 | ||
36 | -static void MD5_memcpy PROTO_LIST ((POINTER, POINTER, unsigned int)); | |
37 | -static void MD5_memset PROTO_LIST ((POINTER, int, unsigned int)); | |
38 | +typedef unsigned char *POINTER; | |
39 | + | |
40 | +static void MD5_memcpy (POINTER, POINTER, unsigned int); | |
41 | +static void MD5_memset (POINTER, int, unsigned int); | |
42 | ||
43 | /* Note: Replace "for loop" with standard memcpy if possible. | |
44 |
0 | Origin: upstream, 08cab3392d54a97c84f05640f9f89de78a03d36c | |
1 | From: Bastian Germann <bage@debian.org> | |
2 | Date: Tue, 30 May 2023 14:09:09 +0200 | |
3 | Subject: Replace custom memset with OPENSSL_cleanse | |
4 | ||
5 | memset can be elided by linkers, so rely on a function that prevents | |
6 | that behaviour. Alternatives would be explicit_bzero or the C23 | |
7 | memset_explicit. However, both of them have protability issues. | |
8 | ||
9 | As OpenSSL is in use in this module anyway, use its OPENSSL_cleanse. | |
10 | ||
11 | Signed-off-by: Bastian Germann <bage@debian.org> | |
12 | --- | |
13 | lib/md5.c | 34 ++++++++++------------------------ | |
14 | 1 file changed, 10 insertions(+), 24 deletions(-) | |
15 | ||
16 | diff --git a/lib/md5.c b/lib/md5.c | |
17 | index b9c61b36..a53fa7ff 100644 | |
18 | --- a/lib/md5.c | |
19 | +++ b/lib/md5.c | |
20 | @@ -27,6 +27,7 @@ documentation and/or software. | |
21 | ||
22 | #include <config.h> | |
23 | #include "hmac-md5.h" | |
24 | +#include <openssl/crypto.h> | |
25 | ||
26 | #ifndef WIN32 | |
27 | # include <arpa/inet.h> | |
28 | @@ -35,7 +36,6 @@ documentation and/or software. | |
29 | typedef unsigned char *POINTER; | |
30 | ||
31 | static void MD5_memcpy (POINTER, POINTER, unsigned int); | |
32 | -static void MD5_memset (POINTER, int, unsigned int); | |
33 | ||
34 | /* Note: Replace "for loop" with standard memcpy if possible. | |
35 | ||
36 | @@ -52,20 +52,6 @@ unsigned int len; | |
37 | output[i] = input[i]; | |
38 | } | |
39 | ||
40 | -/* Note: Replace "for loop" with standard memset if possible. | |
41 | -*/ | |
42 | - | |
43 | -static void MD5_memset (output, value, len) | |
44 | -POINTER output; | |
45 | -int value; | |
46 | -unsigned int len; | |
47 | -{ | |
48 | - unsigned int i; | |
49 | - | |
50 | - for (i = 0; i < len; i++) | |
51 | - ((char *)output)[i] = (char)value; | |
52 | -} | |
53 | - | |
54 | void _sasl_hmac_md5_init(HMAC_MD5_CTX *hmac, | |
55 | const unsigned char *key, | |
56 | int key_len) | |
57 | @@ -103,8 +89,8 @@ void _sasl_hmac_md5_init(HMAC_MD5_CTX *hmac, | |
58 | */ | |
59 | ||
60 | /* start out by storing key in pads */ | |
61 | - MD5_memset((POINTER)k_ipad, '\0', sizeof k_ipad); | |
62 | - MD5_memset((POINTER)k_opad, '\0', sizeof k_opad); | |
63 | + OPENSSL_cleanse(k_ipad, sizeof(k_ipad)); | |
64 | + OPENSSL_cleanse(k_opad, sizeof(k_opad)); | |
65 | MD5_memcpy( k_ipad, (POINTER)key, key_len); | |
66 | MD5_memcpy( k_opad, (POINTER)key, key_len); | |
67 | ||
68 | @@ -121,9 +107,9 @@ void _sasl_hmac_md5_init(HMAC_MD5_CTX *hmac, | |
69 | MD5_Update(&hmac->octx, k_opad, 64); /* apply outer pad */ | |
70 | ||
71 | /* scrub the pads and key context (if used) */ | |
72 | - MD5_memset((POINTER)&k_ipad, 0, sizeof(k_ipad)); | |
73 | - MD5_memset((POINTER)&k_opad, 0, sizeof(k_opad)); | |
74 | - MD5_memset((POINTER)&tk, 0, sizeof(tk)); | |
75 | + OPENSSL_cleanse(&k_ipad, sizeof(k_ipad)); | |
76 | + OPENSSL_cleanse(&k_opad, sizeof(k_opad)); | |
77 | + OPENSSL_cleanse(&tk, sizeof(tk)); | |
78 | ||
79 | /* and we're done. */ | |
80 | } | |
81 | @@ -154,14 +140,14 @@ void _sasl_hmac_md5_precalc(HMAC_MD5_STATE *state, | |
82 | state->ostate[2] = htonl(hmac.octx.C); | |
83 | state->ostate[3] = htonl(hmac.octx.D); | |
84 | ||
85 | - MD5_memset((POINTER)&hmac, 0, sizeof(hmac)); | |
86 | + OPENSSL_cleanse(&hmac, sizeof(hmac)); | |
87 | } | |
88 | ||
89 | ||
90 | void _sasl_hmac_md5_import(HMAC_MD5_CTX *hmac, | |
91 | HMAC_MD5_STATE *state) | |
92 | { | |
93 | - MD5_memset((POINTER)hmac, 0, sizeof(HMAC_MD5_CTX)); | |
94 | + OPENSSL_cleanse(hmac, sizeof(HMAC_MD5_CTX)); | |
95 | ||
96 | hmac->ictx.A = ntohl(state->istate[0]); | |
97 | hmac->ictx.B = ntohl(state->istate[1]); | |
98 | @@ -230,8 +216,8 @@ unsigned char *digest; /* caller digest to be filled in */ | |
99 | */ | |
100 | ||
101 | /* start out by storing key in pads */ | |
102 | - MD5_memset(k_ipad, '\0', sizeof k_ipad); | |
103 | - MD5_memset(k_opad, '\0', sizeof k_opad); | |
104 | + OPENSSL_cleanse(k_ipad, sizeof(k_ipad)); | |
105 | + OPENSSL_cleanse(k_opad, sizeof(k_opad)); | |
106 | MD5_memcpy( k_ipad, (POINTER)key, key_len); | |
107 | MD5_memcpy( k_opad, (POINTER)key, key_len); | |
108 |
0 | Origin: upstream, 4798f8cae5cedbe5c53ae034e0bbca50896e9094 | |
1 | From: Bastian Germann <bage@debian.org> | |
2 | Date: Tue, 30 May 2023 14:12:22 +0200 | |
3 | Subject: Replace custom with standard memcpy | |
4 | ||
5 | Signed-off-by: Bastian Germann <bage@debian.org> | |
6 | --- | |
7 | lib/md5.c | 27 ++++----------------------- | |
8 | 1 file changed, 4 insertions(+), 23 deletions(-) | |
9 | ||
10 | diff --git a/lib/md5.c b/lib/md5.c | |
11 | index a53fa7ff..9afc65c5 100644 | |
12 | --- a/lib/md5.c | |
13 | +++ b/lib/md5.c | |
14 | @@ -33,25 +33,6 @@ documentation and/or software. | |
15 | # include <arpa/inet.h> | |
16 | #endif | |
17 | ||
18 | -typedef unsigned char *POINTER; | |
19 | - | |
20 | -static void MD5_memcpy (POINTER, POINTER, unsigned int); | |
21 | - | |
22 | -/* Note: Replace "for loop" with standard memcpy if possible. | |
23 | - | |
24 | - */ | |
25 | - | |
26 | -static void MD5_memcpy (output, input, len) | |
27 | -POINTER output; | |
28 | -POINTER input; | |
29 | -unsigned int len; | |
30 | -{ | |
31 | - unsigned int i; | |
32 | - | |
33 | - for (i = 0; i < len; i++) | |
34 | - output[i] = input[i]; | |
35 | -} | |
36 | - | |
37 | void _sasl_hmac_md5_init(HMAC_MD5_CTX *hmac, | |
38 | const unsigned char *key, | |
39 | int key_len) | |
40 | @@ -91,8 +72,8 @@ void _sasl_hmac_md5_init(HMAC_MD5_CTX *hmac, | |
41 | /* start out by storing key in pads */ | |
42 | OPENSSL_cleanse(k_ipad, sizeof(k_ipad)); | |
43 | OPENSSL_cleanse(k_opad, sizeof(k_opad)); | |
44 | - MD5_memcpy( k_ipad, (POINTER)key, key_len); | |
45 | - MD5_memcpy( k_opad, (POINTER)key, key_len); | |
46 | + memcpy(k_ipad, key, key_len); | |
47 | + memcpy(k_opad, key, key_len); | |
48 | ||
49 | /* XOR key with ipad and opad values */ | |
50 | for (i=0; i<64; i++) { | |
51 | @@ -218,8 +199,8 @@ unsigned char *digest; /* caller digest to be filled in */ | |
52 | /* start out by storing key in pads */ | |
53 | OPENSSL_cleanse(k_ipad, sizeof(k_ipad)); | |
54 | OPENSSL_cleanse(k_opad, sizeof(k_opad)); | |
55 | - MD5_memcpy( k_ipad, (POINTER)key, key_len); | |
56 | - MD5_memcpy( k_opad, (POINTER)key, key_len); | |
57 | + memcpy(k_ipad, key, key_len); | |
58 | + memcpy(k_opad, key, key_len); | |
59 | ||
60 | /* XOR key with ipad and opad values */ | |
61 | for (i=0; i<64; i++) { |
0 | Origin: upstream, dffe0b3e86925c95e6f30ec0f2de9fb0c439c7bc | |
1 | From: Bastian Germann <bage@debian.org> | |
2 | Date: Tue, 30 May 2023 14:58:49 +0200 | |
3 | Subject: Add a note on the RSA-MD license | |
4 | ||
5 | Signed-off-by: Bastian Germann <bage@debian.org> | |
6 | --- | |
7 | lib/md5.c | 14 ++++++++++++-- | |
8 | 1 file changed, 12 insertions(+), 2 deletions(-) | |
9 | ||
10 | diff --git a/lib/md5.c b/lib/md5.c | |
11 | index 5c84dd40..41751547 100644 | |
12 | --- a/lib/md5.c | |
13 | +++ b/lib/md5.c | |
14 | @@ -1,7 +1,17 @@ | |
15 | -/* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm | |
16 | +/* MD5C.C - HMAC based on MD5 message-digest algorithm | |
17 | */ | |
18 | ||
19 | -/* Function names changed to avoid namespace collisions: Rob Siemborski */ | |
20 | +/* The following RSA-MD license grant stems from RSA's MD5 implementation | |
21 | +that is contained in RFC 1321. All of that code is gone and the only 3rd | |
22 | +party code that is contained in this module is the HMAC MD5 implementation | |
23 | +by Pau-Chen Cheng and Jeff Kraemer that is contained in RFC 2104's Appendix. | |
24 | +Rob Earhart made changes to the code that are possibly copyrightable. | |
25 | + | |
26 | +The module should be relicensed, taking into account a possible RFC 2104 | |
27 | +license (no restrictions mentioned in the document), and Rob Earhart's consent. | |
28 | +Eliminating this would be a huge benefit for combining cyrus-sasl with GPL | |
29 | +licensed software. | |
30 | +*/ | |
31 | ||
32 | /* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All | |
33 | rights reserved. |
0 | Origin: upstream, 93e56756838962b0decfe46322a4dc60fd89e739 | |
1 | From: Richard Laager <rlaager@wiktel.com> | |
2 | Date: Wed, 28 Jun 2023 15:40:38 -0500 | |
3 | Subject: Relicense md5.c | |
4 | ||
5 | "As explained in dffe0b3e86925c95e6f30ec0f2de9fb0c439c7bc, the | |
6 | RSA-MD-licensed file md5.c can be relicensed easily because the | |
7 | third-party code that was licensed under RSA-MD is eliminated by now." | |
8 | -- Bastian Germann <bage@debian.org> in GitHub issue #769 | |
9 | ||
10 | The commit referenced was part of GitHub PR #767 and was authored by | |
11 | Bastian Germann. | |
12 | ||
13 | I reviewed the commit history on this file. I concurred with Bastian's | |
14 | original assessment that the relevant detail was Rob Earhart's code, | |
15 | and Bastian agreed with my analysis in the bug. | |
16 | ||
17 | The next step was confirming that the MD5 code that Rob Earhart | |
18 | contributed was/is licensed under the same license as the rest of the | |
19 | project. This is a reasonable assumption, as he was one of the main | |
20 | authors of the original code, and everything else he contributed was | |
21 | under that license. | |
22 | ||
23 | However, to avoid ambiguity or assumptions, I emailed Rob Earhart. | |
24 | He responded today, confirming: | |
25 | ||
26 | On 2023-06-28 12:14, Rob Earhart wrote: | |
27 | > Any code I wrote for the Cyrus SASL project has my permission to be | |
28 | > used under that main license. | |
29 | ||
30 | Fixes #769 | |
31 | ||
32 | Signed-off-by: Richard Laager <rlaager@wiktel.com> | |
33 | --- | |
34 | lib/md5.c | 76 ++++++++++++++++++++++++++++++------------------------- | |
35 | 1 file changed, 41 insertions(+), 35 deletions(-) | |
36 | ||
37 | diff --git a/lib/md5.c b/lib/md5.c | |
38 | index 2406e2b8..356b08d8 100644 | |
39 | --- a/lib/md5.c | |
40 | +++ b/lib/md5.c | |
41 | @@ -1,39 +1,45 @@ | |
42 | -/* MD5C.C - HMAC based on MD5 message-digest algorithm | |
43 | +/* md5.c - HMAC based on MD5 message-digest algorithm | |
44 | + */ | |
45 | +/* | |
46 | + * Copyright (c) 1998-1999 Carnegie Mellon University. All rights reserved. | |
47 | + * | |
48 | + * Redistribution and use in source and binary forms, with or without | |
49 | + * modification, are permitted provided that the following conditions | |
50 | + * are met: | |
51 | + * | |
52 | + * 1. Redistributions of source code must retain the above copyright | |
53 | + * notice, this list of conditions and the following disclaimer. | |
54 | + * | |
55 | + * 2. Redistributions in binary form must reproduce the above copyright | |
56 | + * notice, this list of conditions and the following disclaimer in | |
57 | + * the documentation and/or other materials provided with the | |
58 | + * distribution. | |
59 | + * | |
60 | + * 3. The name "Carnegie Mellon University" must not be used to | |
61 | + * endorse or promote products derived from this software without | |
62 | + * prior written permission. For permission or any other legal | |
63 | + * details, please contact | |
64 | + * Carnegie Mellon University | |
65 | + * Center for Technology Transfer and Enterprise Creation | |
66 | + * 4615 Forbes Avenue | |
67 | + * Suite 302 | |
68 | + * Pittsburgh, PA 15213 | |
69 | + * (412) 268-7393, fax: (412) 268-7395 | |
70 | + * innovation@andrew.cmu.edu | |
71 | + * | |
72 | + * 4. Redistributions of any form whatsoever must retain the following | |
73 | + * acknowledgment: | |
74 | + * "This product includes software developed by Computing Services | |
75 | + * at Carnegie Mellon University (http://www.cmu.edu/computing/)." | |
76 | + * | |
77 | + * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO | |
78 | + * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
79 | + * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE | |
80 | + * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | |
81 | + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN | |
82 | + * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING | |
83 | + * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | |
84 | */ | |
85 | - | |
86 | -/* The following RSA-MD license grant stems from RSA's MD5 implementation | |
87 | -that is contained in RFC 1321. All of that code is gone and the only 3rd | |
88 | -party code that is contained in this module is the HMAC MD5 implementation | |
89 | -by Pau-Chen Cheng and Jeff Kraemer that is contained in RFC 2104's Appendix. | |
90 | -Rob Earhart made changes to the code that are possibly copyrightable. | |
91 | - | |
92 | -The module should be relicensed, taking into account a possible RFC 2104 | |
93 | -license (no restrictions mentioned in the document), and Rob Earhart's consent. | |
94 | -Eliminating this would be a huge benefit for combining cyrus-sasl with GPL | |
95 | -licensed software. | |
96 | -*/ | |
97 | - | |
98 | -/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All | |
99 | -rights reserved. | |
100 | - | |
101 | -License to copy and use this software is granted provided that it | |
102 | -is identified as the "RSA Data Security, Inc. MD5 Message-Digest | |
103 | -Algorithm" in all material mentioning or referencing this software | |
104 | -or this function. | |
105 | - | |
106 | -License is also granted to make and use derivative works provided | |
107 | -that such works are identified as "derived from the RSA Data | |
108 | -Security, Inc. MD5 Message-Digest Algorithm" in all material | |
109 | -mentioning or referencing the derived work. | |
110 | - | |
111 | -RSA Data Security, Inc. makes no representations concerning either | |
112 | -the merchantability of this software or the suitability of this | |
113 | -software for any particular purpose. It is provided "as is" | |
114 | -without express or implied warranty of any kind. | |
115 | - | |
116 | -These notices must be retained in any copies of any part of this | |
117 | -documentation and/or software. | |
118 | -*/ | |
119 | ||
120 | #include <config.h> | |
121 | #include "hmac-md5.h" |
0 | Origin: backport, https://github.com/cyrusimap/cyrus-sasl/pull/780 | |
1 | From: Bastian Germann <bage@debian.org> | |
2 | Date: Sun, 23 Jul 2023 20:39:59 +0200 | |
3 | Subject: utils: Link libcrypto | |
4 | ||
5 | With sasl_checkapop enabled, testsuite uses libcrypto functions. | |
6 | ||
7 | Signed-off-by: Bastian Germann <bage@debian.org> | |
8 | --- | |
9 | utils/Makefile.am | 4 ++-- | |
10 | 1 file changed, 2 insertions(+), 2 deletions(-) | |
11 | ||
12 | diff --git a/utils/Makefile.am b/utils/Makefile.am | |
13 | index 193929d6..b674bbd0 100644 | |
14 | --- a/utils/Makefile.am | |
15 | +++ b/utils/Makefile.am | |
16 | @@ -42,8 +42,8 @@ | |
17 | # | |
18 | ################################################################ | |
19 | ||
20 | -all_sasl_libs = ../lib/libsasl2.la $(SASL_DB_LIB) $(LIB_SOCKET) | |
21 | -all_sasl_static_libs = ../lib/.libs/libsasl2.a $(SASL_DB_LIB) $(LIB_SOCKET) $(GSSAPIBASE_LIBS) $(GSSAPI_LIBS) $(SASL_KRB_LIB) $(LIB_DES) $(PLAIN_LIBS) $(SRP_LIBS) $(LIB_MYSQL) $(LIB_PGSQL) $(LIB_SQLITE) | |
22 | +all_sasl_libs = ../lib/libsasl2.la $(SASL_DB_LIB) $(LIB_SOCKET) -lcrypto | |
23 | +all_sasl_static_libs = ../lib/.libs/libsasl2.a $(SASL_DB_LIB) $(LIB_SOCKET) $(GSSAPIBASE_LIBS) $(GSSAPI_LIBS) $(SASL_KRB_LIB) $(LIB_DES) $(PLAIN_LIBS) $(SRP_LIBS) $(LIB_MYSQL) $(LIB_PGSQL) $(LIB_SQLITE) -lcrypto | |
24 | ||
25 | sbin_PROGRAMS = @SASL_DB_UTILS@ @SMTPTEST_PROGRAM@ pluginviewer | |
26 | EXTRA_PROGRAMS = saslpasswd2 sasldblistusers2 testsuite testsuitestatic smtptest pluginviewer |
0 | Origin: upstream, 9b22fbfd520938b3aba684740095dbbeb449b733 | |
1 | From: Bastian Germann <bage@debian.org> | |
2 | Date: Tue, 30 May 2023 23:40:51 +0200 | |
3 | Subject: testsuite: Replace MD5 with OpenSSL EVP implementation | |
4 | ||
5 | Signed-off-by: Bastian Germann <bage@debian.org> | |
6 | --- | |
7 | utils/testsuite.c | 12 +++++++----- | |
8 | 1 file changed, 7 insertions(+), 5 deletions(-) | |
9 | ||
10 | diff --git a/utils/testsuite.c b/utils/testsuite.c | |
11 | index 79e861d2..da333cfb 100644 | |
12 | --- a/utils/testsuite.c | |
13 | +++ b/utils/testsuite.c | |
14 | @@ -67,6 +67,8 @@ | |
15 | #include <saslutil.h> | |
16 | #include <prop.h> | |
17 | ||
18 | +#include <openssl/evp.h> | |
19 | + | |
20 | #ifdef HAVE_UNISTD_H | |
21 | #include <unistd.h> | |
22 | #endif | |
23 | @@ -2708,7 +2710,7 @@ void create_ids(void) | |
24 | #ifdef DO_SASL_CHECKAPOP | |
25 | int i; | |
26 | const char challenge[] = "<1896.697170952@cyrus.andrew.cmu.edu>"; | |
27 | - MD5_CTX ctx; | |
28 | + EVP_MD_CTX *ctx = EVP_MD_CTX_new(); | |
29 | unsigned char digest[16]; | |
30 | char digeststr[33]; | |
31 | #endif | |
32 | @@ -2760,10 +2762,10 @@ void create_ids(void) | |
33 | ||
34 | /* Test sasl_checkapop */ | |
35 | #ifdef DO_SASL_CHECKAPOP | |
36 | - _sasl_MD5Init(&ctx); | |
37 | - _sasl_MD5Update(&ctx,(const unsigned char *)challenge,strlen(challenge)); | |
38 | - _sasl_MD5Update(&ctx,(const unsigned char *)password,strlen(password)); | |
39 | - _sasl_MD5Final(digest, &ctx); | |
40 | + EVP_DigestInit(ctx, EVP_md5()); | |
41 | + EVP_DigestUpdate(ctx,(const unsigned char *)challenge,strlen(challenge)); | |
42 | + EVP_DigestUpdate(ctx,(const unsigned char *)password,strlen(password)); | |
43 | + EVP_DigestFinal(ctx, digest, NULL); | |
44 | ||
45 | /* convert digest from binary to ASCII hex */ | |
46 | for (i = 0; i < 16; i++) |
0 | Origin: backport, ca20488a743bf7c0d8fe6f2ab38860a5b9e4fb24 | |
1 | From: Bastian Germann <bage@debian.org> | |
2 | Date: Tue, 30 May 2023 23:30:06 +0200 | |
3 | Subject: checkpw: Replace MD5 with OpenSSL EVP implementation | |
4 | ||
5 | Signed-off-by: Bastian Germann <bage@debian.org> | |
6 | --- | |
7 | lib/checkpw.c | 24 +++++++++++++----------- | |
8 | 1 file changed, 13 insertions(+), 11 deletions(-) | |
9 | ||
10 | diff --git a/lib/checkpw.c b/lib/checkpw.c | |
11 | index b8ad1889..bb7346cb 100644 | |
12 | --- a/lib/checkpw.c | |
13 | +++ b/lib/checkpw.c | |
14 | @@ -96,5 +96,7 @@ | |
15 | #include <ctype.h> | |
16 | ||
17 | +#include <openssl/evp.h> | |
18 | + | |
19 | #ifdef HAVE_PWD_H | |
20 | #include <pwd.h> | |
21 | #endif /* HAVE_PWD_H */ | |
22 | @@ -120,7 +122,7 @@ static int _sasl_make_plain_secret(const char *salt, | |
23 | const char *passwd, size_t passlen, | |
24 | sasl_secret_t **secret) | |
25 | { | |
26 | - MD5_CTX ctx; | |
27 | + EVP_MD_CTX *ctx = EVP_MD_CTX_new(); | |
28 | unsigned sec_len = 16 + 1 + 16; /* salt + "\0" + hash */ | |
29 | ||
30 | *secret = (sasl_secret_t *) sasl_ALLOC(sizeof(sasl_secret_t) + | |
31 | @@ -129,13 +131,13 @@ static int _sasl_make_plain_secret(const char *salt, | |
32 | return SASL_NOMEM; | |
33 | } | |
34 | ||
35 | - _sasl_MD5Init(&ctx); | |
36 | - _sasl_MD5Update(&ctx, (const unsigned char *) salt, 16); | |
37 | - _sasl_MD5Update(&ctx, (const unsigned char *) "sasldb", 6); | |
38 | - _sasl_MD5Update(&ctx, (const unsigned char *) passwd, (unsigned int) passlen); | |
39 | + EVP_DigestInit(ctx, EVP_md5()); | |
40 | + EVP_DigestUpdate(ctx, (const unsigned char *) salt, 16); | |
41 | + EVP_DigestUpdate(ctx, (const unsigned char *) "sasldb", 6); | |
42 | + EVP_DigestUpdate(ctx, (const unsigned char *) passwd, (unsigned int) passlen); | |
43 | memcpy((*secret)->data, salt, 16); | |
44 | (*secret)->data[16] = '\0'; | |
45 | - _sasl_MD5Final((*secret)->data + 17, &ctx); | |
46 | + EVP_DigestFinal(ctx, (*secret)->data + 17, NULL); | |
47 | (*secret)->len = sec_len; | |
48 | ||
49 | return SASL_OK; | |
50 | @@ -360,7 +362,7 @@ int _sasl_auxprop_verify_apop(sasl_conn_t *conn, | |
51 | const char *password_request[] = { SASL_AUX_PASSWORD, NULL }; | |
52 | struct propval auxprop_values[2]; | |
53 | sasl_server_conn_t *sconn = (sasl_server_conn_t *)conn; | |
54 | - MD5_CTX ctx; | |
55 | + EVP_MD_CTX *ctx = EVP_MD_CTX_new(); | |
56 | int i; | |
57 | ||
58 | if (!conn || !userstr || !challenge || !response) | |
59 | @@ -383,11 +385,11 @@ int _sasl_auxprop_verify_apop(sasl_conn_t *conn, | |
60 | goto done; | |
61 | } | |
62 | ||
63 | - _sasl_MD5Init(&ctx); | |
64 | - _sasl_MD5Update(&ctx, (const unsigned char *) challenge, strlen(challenge)); | |
65 | - _sasl_MD5Update(&ctx, (const unsigned char *) auxprop_values[0].values[0], | |
66 | + EVP_DigestInit(ctx, EVP_md5()); | |
67 | + EVP_DigestUpdate(ctx, (const unsigned char *) challenge, strlen(challenge)); | |
68 | + EVP_DigestUpdate(ctx, (const unsigned char *) auxprop_values[0].values[0], | |
69 | strlen(auxprop_values[0].values[0])); | |
70 | - _sasl_MD5Final(digest, &ctx); | |
71 | + EVP_DigestFinal(ctx, digest, NULL); | |
72 | ||
73 | /* erase the plaintext password */ | |
74 | sconn->sparams->utils->prop_erase(sconn->sparams->propctx, |
0 | 0 | 0001-plugins-digestmd5-Remove-debug-log-mech-free.patch |
1 | 1 | 0002-Use-etc-sasldb2-instead-of-.-sasldb-in-the-testsuite.patch |
2 | 2 | 0003-Update-saslauthd.conf-location-in-documentation.patch |
3 | 0028-utils-Link-libcrypto.patch | |
3 | 4 | 0004-Include-dbconverter-2-in-sbin_PROGRAMS-and-set-defau.patch |
4 | 5 | 0005-Fix-time-check.patch |
5 | 6 | 0006-Makefile.am-Set-date-in-man-pages.patch |
8 | 9 | 0009-Look-for-generic-Berkeley-DB-first.patch |
9 | 10 | 0010-Add-sasldbconverter2.8.patch |
10 | 11 | 0011-honor-log_level-option-on-clients-too.patch |
12 | 0015-Replace-MD5-with-OpenSSL-legacy-implementation.patch | |
11 | 13 | 0012-Make-the-libsasl2-symbols-versioned.patch |
12 | 14 | 0013-Don-t-use-la-files-for-opening-plugins.patch |
13 | 15 | 0014-Prevent-recreating-of-md5global.patch |
16 | 0016-saslauthd-Replace-MD5-with-OpenSSL-EVP-implementation.patch | |
14 | 17 | 0017-Just-completely-remove-libobj-from-autotools-files.patch |
15 | 18 | 0018-Temporary-multiarch-fixes.patch |
16 | 19 | 0019-Add-reference-to-LDAP_SASLAUTHD-file-to-the-saslauth.patch |
20 | 0020-Exclude-md5global.patch | |
21 | 0021-Replace-custom-memset-with-OPENSSL_cleanse.patch | |
22 | 0022-Replace-custom-with-standard-memcpy.patch | |
23 | 0023-Add-a-note-on-the-RSA-MD-license.patch | |
24 | 0024-Relicense-md5.patch | |
17 | 25 | 0025-Revert-upstream-soname-bump.patch |
18 | 26 | 0026-Gracefully-handle-failed-init.patch |
19 | 27 | 0027-Catch-errors-from-EVP_Digest-functions.patch |
20 | 28 | 0029-Load-OpenSSL3-legacy-provider-digestmd5.patch |
29 | 0030-testsuite-Replace-MD5-with-OpenSSL-EVP-implementation.patch | |
30 | 0031-checkpw-Replace-MD5-with-OpenSSL-EVP-implementation.patch | |
21 | 31 | 0032-Add-with_pgsql-include-postgresql-to-include-path.patch |
22 | 32 | 0034-channel-binding-gssapi-gss-spnego.patch |
23 | 33 | 0035-Add-support-for-setting-max-ssf-0-to-GSS-SPNEGO-1.patch |