From f2d94089d8408b868cec25705e00528a93eaec70 Mon Sep 17 00:00:00 2001 From: Mario Fetka Date: Fri, 19 Apr 2013 10:53:36 +0200 Subject: [PATCH] add heimdal patch --- .../openssl-0.9.8i-heimdal-partial.patch | 217 ++++++++++++++++++ 1 file changed, 217 insertions(+) create mode 100644 dev-libs/openssl/files/openssl-0.9.8i-heimdal-partial.patch diff --git a/dev-libs/openssl/files/openssl-0.9.8i-heimdal-partial.patch b/dev-libs/openssl/files/openssl-0.9.8i-heimdal-partial.patch new file mode 100644 index 00000000..ccb83b93 --- /dev/null +++ b/dev-libs/openssl/files/openssl-0.9.8i-heimdal-partial.patch @@ -0,0 +1,217 @@ +diff -Naur openssl-0.9.8i/include/openssl/kssl.h openssl-0.9.8i-heimdal/include/openssl/kssl.h +--- include/openssl/kssl.h 2005-04-09 23:55:55.000000000 +0000 ++++ include/openssl/kssl.h 2008-11-22 16:27:24.000000000 +0000 +@@ -81,6 +81,7 @@ + */ + #ifdef KRB5_HEIMDAL + typedef unsigned char krb5_octet; ++typedef krb5_times krb5_ticket_times; + #define FAR + #else + +diff -Naur openssl-0.9.8i/ssl/kssl.c openssl-0.9.8i-heimdal/ssl/kssl.c +--- ssl/kssl.c 2008-04-02 11:15:05.000000000 +0000 ++++ ssl/kssl.c 2008-11-24 16:05:07.000000000 +0000 +@@ -821,16 +821,27 @@ + { + switch (enctype) + { +- case ENCTYPE_DES_HMAC_SHA1: /* EVP_des_cbc(); */ +- case ENCTYPE_DES_CBC_CRC: ++ case ENCTYPE_DES_CBC_CRC: /* EVP_des_cbc(); */ + case ENCTYPE_DES_CBC_MD4: + case ENCTYPE_DES_CBC_MD5: ++#ifdef KRB5_HEIMDAL ++ case ENCTYPE_DES_CBC_NONE: ++ case ENCTYPE_DES_CFB64_NONE: ++ case ENCTYPE_DES_PCBC_NONE: ++#else ++ case ENCTYPE_DES_HMAC_SHA1: + case ENCTYPE_DES_CBC_RAW: ++#endif + return EVP_des_cbc(); + break; + case ENCTYPE_DES3_CBC_SHA1: /* EVP_des_ede3_cbc(); */ ++#ifdef KRB5_HEIMDAL ++ case ENCTYPE_DES3_CBC_MD5: ++ case ENCTYPE_DES3_CBC_NONE: ++#else + case ENCTYPE_DES3_CBC_SHA: + case ENCTYPE_DES3_CBC_RAW: ++#endif + return EVP_des_ede3_cbc(); + break; + default: return NULL; +@@ -883,6 +894,7 @@ + { + int i, j, n; + static size_t *cklens = NULL; ++ size_t cksumsize; + + #ifdef KRB5_MIT_OLD11 + n = krb5_max_cksum; +@@ -894,13 +906,14 @@ + if (!cklens && !(cklens = (size_t *) calloc(sizeof(int),n+1))) return NULL; + + for (i=0; i < n; i++) { +- if (!valid_cksumtype(i)) continue; /* array has holes */ ++ if (!krb5_c_valid_cksumtype(i)) continue; /* array has holes */ ++ if (krb5_c_checksum_length(NULL, i, &cksumsize)) continue; /* there's something wrong */ + for (j=0; j < n; j++) { + if (cklens[j] == 0) { +- cklens[j] = krb5_checksum_size(NULL,i); ++ cklens[j] = cksumsize; + break; /* krb5 elem was new: add */ + } +- if (cklens[j] == krb5_checksum_size(NULL,i)) { ++ if (cklens[j] == cksumsize) { + break; /* ignore duplicate elements */ + } + } +@@ -957,14 +970,21 @@ + print_krb5_data(char *label, krb5_data *kdata) + { + int i; ++ unsigned char *datastring; ++ ++#ifdef KRB5_HEIMDAL ++ memcpy(datastring, kdata->data, kdata->length); ++#else ++ datastring = kdata->data; ++#endif + + printf("%s[%d] ", label, kdata->length); + for (i=0; i < (int)kdata->length; i++) + { +- if (0 && isprint((int) kdata->data[i])) +- printf( "%c ", kdata->data[i]); ++ if (0 && isprint((int) datastring[i])) ++ printf( "%c ", datastring[i]); + else +- printf( "%02x ", (unsigned char) kdata->data[i]); ++ printf( "%02x ", datastring[i]); + } + printf("\n"); + } +@@ -1002,28 +1022,28 @@ + print_krb5_keyblock(char *label, krb5_keyblock *keyblk) + { + int i; ++ unsigned char *keyblkcontents; + + if (keyblk == NULL) + { + printf("%s, keyblk==0\n", label); + return; + } ++ + #ifdef KRB5_HEIMDAL + printf("%s\n\t[et%d:%d]: ", label, keyblk->keytype, +- keyblk->keyvalue->length); +- for (i=0; i < (int)keyblk->keyvalue->length; i++) +- { +- printf("%02x",(unsigned char *)(keyblk->keyvalue->contents)[i]); +- } +- printf("\n"); ++ keyblk->keyvalue.length); ++ memcpy(keyblkcontents, keyblk->keyvalue.data, keyblk->keyvalue.length); ++ for (i=0; i < (int)keyblk->keyvalue.length; i++) + #else + printf("%s\n\t[et%d:%d]: ", label, keyblk->enctype, keyblk->length); ++ keyblkcontents = keyblk->contents; + for (i=0; i < (int)keyblk->length; i++) ++#endif + { +- printf("%02x",keyblk->contents[i]); ++ printf("%02x",keyblkcontents[i]); + } + printf("\n"); +-#endif + } + + +@@ -1034,10 +1054,37 @@ + print_krb5_princ(char *label, krb5_principal_data *princ) + { + int i, ui, uj; ++ unsigned int realmlength; ++ char *realmdata; + + printf("%s principal Realm: ", label); + if (princ == NULL) return; +- for (ui=0; ui < (int)princ->realm.length; ui++) putchar(princ->realm.data[ui]); ++ ++#ifdef KRB5_HEIMDAL ++ realmlength = krb5_realm_length(princ->realm); ++ realmdata = krb5_realm_data(princ->realm); ++#else ++ realmlength = princ->realm.length; ++ realmdata = princ->realm.data; ++#endif ++ ++ for (ui=0; ui < (int)realmlength; ui++) putchar(realmdata[ui]); ++ ++#ifdef KRB5_HEIMDAL ++ printf(" (nametype %d) has %d strings:\n", ++ princ->name.name_type, ++ princ->name.name_string.len); ++ for (i=0; i < (int)princ->name.name_string.len; i++) ++ { ++ realmlength = krb5_realm_length(princ->name.name_string.val[i]); ++ realmdata = krb5_realm_data(princ->name.name_string.val[i]); ++ printf("\t%d [%d]: ", i, realmlength); ++ for (uj=0; uj < (int)realmlength; uj++) { ++ putchar(realmdata[uj]); ++ } ++ printf("\n"); ++ } ++#else + printf(" (nametype %d) has %d strings:\n", princ->type,princ->length); + for (i=0; i < (int)princ->length; i++) + { +@@ -1047,6 +1094,8 @@ + } + printf("\n"); + } ++#endif ++ + return; + } + +@@ -1275,6 +1324,17 @@ + return krb5rc; /* or KRB5KRB_ERR_GENERIC; */ + } + ++#ifdef KRB5_HEIMDAL ++ krb5_principal_set_type(krb5context, new5ticket->server, ++ asn1ticket->sname->nametype->data[0]); ++/* ++** To do. ++** MIT krb5_ticket looks more like the Ticket type of Heimdal, ++** there seems to be no simple translation. ++** May be the whole kssl_TKT2tkt function will have to be left out, ++** and kssl_sget_tkt deeply rewriten for Heimdal. ++*/ ++#else + krb5_princ_type(krb5context, new5ticket->server) = + asn1ticket->sname->nametype->data[0]; + new5ticket->enc_part.enctype = asn1ticket->encdata->etype->data[0]; +@@ -1296,6 +1356,7 @@ + asn1ticket->encdata->cipher->data, + asn1ticket->encdata->cipher->length); + } ++#endif + + *krb5ticket = new5ticket; + return 0; +diff -Naur openssl-0.9.8i/ssl/kssl.h openssl-0.9.8i-heimdal/ssl/kssl.h +--- ssl/kssl.h 2005-04-09 23:55:55.000000000 +0000 ++++ ssl/kssl.h 2008-11-22 16:27:24.000000000 +0000 +@@ -81,6 +81,7 @@ + */ + #ifdef KRB5_HEIMDAL + typedef unsigned char krb5_octet; ++typedef krb5_times krb5_ticket_times; + #define FAR + #else +