Message ID | 91db976709291253cb9914a411a9d75872165f75.1525115956.git.baruch@tkos.co.il |
---|---|
State | Accepted |
Commit | d11d46e33ced07ad4e8382fee3d8fe54d261f475 |
Headers | show |
Series | [1/2] cups: fix build without PAM | expand |
Acked-by: Olivier Schonken <olivier.schonken@gmail.com> On Mon, 30 Apr 2018, 21:21 Baruch Siach, <baruch@tkos.co.il> wrote: > Add upstream patch removing MD5 code that builds when PAM is not > enabled. > > Fixes: > > http://autobuild.buildroot.net/results/48d/48d53bdeceafdbb51756d5c0b9936ce7c98b4ddc/ > > http://autobuild.buildroot.net/results/13c/13cb03a8d0ae215c418fe2520a27b2940efd4a39/ > > http://autobuild.buildroot.net/results/fd3/fd3c56b60bb0411b38dc7279880d1fab7228c20a/ > > Cc: Olivier Schonken <olivier.schonken@gmail.com> > Signed-off-by: Baruch Siach <baruch@tkos.co.il> > --- > ...05-Fix-builds-without-PAM-Issue-5283.patch | 189 ++++++++++++++++++ > 1 file changed, 189 insertions(+) > create mode 100644 > package/cups/0005-Fix-builds-without-PAM-Issue-5283.patch > > diff --git a/package/cups/0005-Fix-builds-without-PAM-Issue-5283.patch > b/package/cups/0005-Fix-builds-without-PAM-Issue-5283.patch > new file mode 100644 > index 000000000000..ff242f82760b > --- /dev/null > +++ b/package/cups/0005-Fix-builds-without-PAM-Issue-5283.patch > @@ -0,0 +1,189 @@ > +From 570933a6a3597371bae1beeb754ee8711d6305ab Mon Sep 17 00:00:00 2001 > +From: Michael R Sweet <michael.r.sweet@gmail.com> > +Date: Mon, 2 Apr 2018 20:05:13 -0400 > +Subject: [PATCH] Fix builds without PAM (Issue #5283) > + > +[baruch: drop CHANGES.md hunk] > +Signed-off-by: Baruch Siach <baruch@tkos.co.il> > +--- > +Upstream status: commit 570933a6a3 > + > + CHANGES.md | 8 ++- > + scheduler/auth.c | 134 ++--------------------------------------------- > + 2 files changed, 11 insertions(+), 131 deletions(-) > + > +diff --git a/scheduler/auth.c b/scheduler/auth.c > +index 8b134b5d7257..fa4e2715de34 100644 > +--- a/scheduler/auth.c > ++++ b/scheduler/auth.c > +@@ -1,8 +1,8 @@ > + /* > + * Authorization routines for the CUPS scheduler. > + * > +- * Copyright 2007-2016 by Apple Inc. > +- * Copyright 1997-2007 by Easy Software Products, all rights reserved. > ++ * Copyright © 2007-2018 by Apple Inc. > ++ * Copyright © 1997-2007 by Easy Software Products, all rights reserved. > + * > + * This file contains Kerberos support code, copyright 2006 by > + * Jelmer Vernooij. > +@@ -71,9 +71,6 @@ static int check_authref(cupsd_client_t *con, > const char *right); > + static int compare_locations(cupsd_location_t *a, > + cupsd_location_t *b); > + static cupsd_authmask_t *copy_authmask(cupsd_authmask_t *am, void > *data); > +-#if !HAVE_LIBPAM > +-static char *cups_crypt(const char *pw, const char *salt); > +-#endif /* !HAVE_LIBPAM */ > + static void free_authmask(cupsd_authmask_t *am, void *data); > + #if HAVE_LIBPAM > + static int pam_func(int, const struct pam_message **, > +@@ -694,14 +691,14 @@ cupsdAuthorize(cupsd_client_t *con) /* I - > Client connection */ > + * client... > + */ > + > +- pass = cups_crypt(password, pw->pw_passwd); > ++ pass = crypt(password, pw->pw_passwd); > + > + if (!pass || strcmp(pw->pw_passwd, pass)) > + { > + # ifdef HAVE_SHADOW_H > + if (spw) > + { > +- pass = cups_crypt(password, spw->sp_pwdp); > ++ pass = crypt(password, spw->sp_pwdp); > + > + if (pass == NULL || strcmp(spw->sp_pwdp, pass)) > + { > +@@ -1995,129 +1992,6 @@ copy_authmask(cupsd_authmask_t *mask, /* I - > Existing auth mask */ > + } > + > + > +-#if !HAVE_LIBPAM > +-/* > +- * 'cups_crypt()' - Encrypt the password using the DES or MD5 algorithms, > +- * as needed. > +- */ > +- > +-static char * /* O - Encrypted password */ > +-cups_crypt(const char *pw, /* I - Password string */ > +- const char *salt) /* I - Salt (key) string */ > +-{ > +- if (!strncmp(salt, "$1$", 3)) > +- { > +- /* > +- * Use MD5 passwords without the benefit of PAM; this is for > +- * Slackware Linux, and the algorithm was taken from the > +- * old shadow-19990827/lib/md5crypt.c source code... :( > +- */ > +- > +- int i; /* Looping var */ > +- unsigned long n; /* Output number */ > +- int pwlen; /* Length of password > string */ > +- const char *salt_end; /* End of "salt" data for > MD5 */ > +- char *ptr; /* Pointer into result string */ > +- _cups_md5_state_t state; /* Primary MD5 state info */ > +- _cups_md5_state_t state2; /* Secondary MD5 state info */ > +- unsigned char digest[16]; /* MD5 digest result */ > +- static char result[120]; /* Final password string */ > +- > +- > +- /* > +- * Get the salt data between dollar signs, e.g. $1$saltdata$md5. > +- * Get a maximum of 8 characters of salt data after $1$... > +- */ > +- > +- for (salt_end = salt + 3; *salt_end && (salt_end - salt) < 11; > salt_end ++) > +- if (*salt_end == '$') > +- break; > +- > +- /* > +- * Compute the MD5 sum we need... > +- */ > +- > +- pwlen = strlen(pw); > +- > +- _cupsMD5Init(&state); > +- _cupsMD5Append(&state, (unsigned char *)pw, pwlen); > +- _cupsMD5Append(&state, (unsigned char *)salt, salt_end - salt); > +- > +- _cupsMD5Init(&state2); > +- _cupsMD5Append(&state2, (unsigned char *)pw, pwlen); > +- _cupsMD5Append(&state2, (unsigned char *)salt + 3, salt_end - salt - > 3); > +- _cupsMD5Append(&state2, (unsigned char *)pw, pwlen); > +- _cupsMD5Finish(&state2, digest); > +- > +- for (i = pwlen; i > 0; i -= 16) > +- _cupsMD5Append(&state, digest, i > 16 ? 16 : i); > +- > +- for (i = pwlen; i > 0; i >>= 1) > +- _cupsMD5Append(&state, (unsigned char *)((i & 1) ? "" : pw), 1); > +- > +- _cupsMD5Finish(&state, digest); > +- > +- for (i = 0; i < 1000; i ++) > +- { > +- _cupsMD5Init(&state); > +- > +- if (i & 1) > +- _cupsMD5Append(&state, (unsigned char *)pw, pwlen); > +- else > +- _cupsMD5Append(&state, digest, 16); > +- > +- if (i % 3) > +- _cupsMD5Append(&state, (unsigned char *)salt + 3, salt_end - > salt - 3); > +- > +- if (i % 7) > +- _cupsMD5Append(&state, (unsigned char *)pw, pwlen); > +- > +- if (i & 1) > +- _cupsMD5Append(&state, digest, 16); > +- else > +- _cupsMD5Append(&state, (unsigned char *)pw, pwlen); > +- > +- _cupsMD5Finish(&state, digest); > +- } > +- > +- /* > +- * Copy the final sum to the result string and return... > +- */ > +- > +- memcpy(result, salt, (size_t)(salt_end - salt)); > +- ptr = result + (salt_end - salt); > +- *ptr++ = '$'; > +- > +- for (i = 0; i < 5; i ++, ptr += 4) > +- { > +- n = ((((unsigned)digest[i] << 8) | (unsigned)digest[i + 6]) << 8); > +- > +- if (i < 4) > +- n |= (unsigned)digest[i + 12]; > +- else > +- n |= (unsigned)digest[5]; > +- > +- to64(ptr, n, 4); > +- } > +- > +- to64(ptr, (unsigned)digest[11], 2); > +- ptr += 2; > +- *ptr = '\0'; > +- > +- return (result); > +- } > +- else > +- { > +- /* > +- * Use the standard crypt() function... > +- */ > +- > +- return (crypt(pw, salt)); > +- } > +-} > +-#endif /* !HAVE_LIBPAM */ > +- > +- > + /* > + * 'free_authmask()' - Free function for auth masks. > + */ > +-- > +2.17.0 > + > -- > 2.17.0 > > <div dir="auto"><span style="font-family:sans-serif;font-size:12.8px">Acked-by: Olivier Schonken <</span><a href="mailto:olivier.schonken@gmail.com" style="text-decoration-line:none;color:rgb(66,133,244);font-family:sans-serif;font-size:12.8px">olivier.schonken@gmail.com</a><span style="font-family:sans-serif;font-size:12.8px">></span></div><br><div class="gmail_quote"><div dir="ltr">On Mon, 30 Apr 2018, 21:21 Baruch Siach, <<a href="mailto:baruch@tkos.co.il">baruch@tkos.co.il</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Add upstream patch removing MD5 code that builds when PAM is not<br> enabled.<br> <br> Fixes:<br> <a href="http://autobuild.buildroot.net/results/48d/48d53bdeceafdbb51756d5c0b9936ce7c98b4ddc/" rel="noreferrer noreferrer" target="_blank">http://autobuild.buildroot.net/results/48d/48d53bdeceafdbb51756d5c0b9936ce7c98b4ddc/</a><br> <a href="http://autobuild.buildroot.net/results/13c/13cb03a8d0ae215c418fe2520a27b2940efd4a39/" rel="noreferrer noreferrer" target="_blank">http://autobuild.buildroot.net/results/13c/13cb03a8d0ae215c418fe2520a27b2940efd4a39/</a><br> <a href="http://autobuild.buildroot.net/results/fd3/fd3c56b60bb0411b38dc7279880d1fab7228c20a/" rel="noreferrer noreferrer" target="_blank">http://autobuild.buildroot.net/results/fd3/fd3c56b60bb0411b38dc7279880d1fab7228c20a/</a><br> <br> Cc: Olivier Schonken <<a href="mailto:olivier.schonken@gmail.com" target="_blank" rel="noreferrer">olivier.schonken@gmail.com</a>><br> Signed-off-by: Baruch Siach <<a href="mailto:baruch@tkos.co.il" target="_blank" rel="noreferrer">baruch@tkos.co.il</a>><br> ---<br> ...05-Fix-builds-without-PAM-Issue-5283.patch | 189 ++++++++++++++++++<br> 1 file changed, 189 insertions(+)<br> create mode 100644 package/cups/0005-Fix-builds-without-PAM-Issue-5283.patch<br> <br> diff --git a/package/cups/0005-Fix-builds-without-PAM-Issue-5283.patch b/package/cups/0005-Fix-builds-without-PAM-Issue-5283.patch<br> new file mode 100644<br> index 000000000000..ff242f82760b<br> --- /dev/null<br> +++ b/package/cups/0005-Fix-builds-without-PAM-Issue-5283.patch<br> @@ -0,0 +1,189 @@<br> +From 570933a6a3597371bae1beeb754ee8711d6305ab Mon Sep 17 00:00:00 2001<br> +From: Michael R Sweet <<a href="mailto:michael.r.sweet@gmail.com" target="_blank" rel="noreferrer">michael.r.sweet@gmail.com</a>><br> +Date: Mon, 2 Apr 2018 20:05:13 -0400<br> +Subject: [PATCH] Fix builds without PAM (Issue #5283)<br> +<br> +[baruch: drop CHANGES.md hunk]<br> +Signed-off-by: Baruch Siach <<a href="mailto:baruch@tkos.co.il" target="_blank" rel="noreferrer">baruch@tkos.co.il</a>><br> +---<br> +Upstream status: commit 570933a6a3<br> +<br> + CHANGES.md | 8 ++-<br> + scheduler/auth.c | 134 ++---------------------------------------------<br> + 2 files changed, 11 insertions(+), 131 deletions(-)<br> +<br> +diff --git a/scheduler/auth.c b/scheduler/auth.c<br> +index 8b134b5d7257..fa4e2715de34 100644<br> +--- a/scheduler/auth.c<br> ++++ b/scheduler/auth.c<br> +@@ -1,8 +1,8 @@<br> + /*<br> + * Authorization routines for the CUPS scheduler.<br> + *<br> +- * Copyright 2007-2016 by Apple Inc.<br> +- * Copyright 1997-2007 by Easy Software Products, all rights reserved.<br> ++ * Copyright © 2007-2018 by Apple Inc.<br> ++ * Copyright © 1997-2007 by Easy Software Products, all rights reserved.<br> + *<br> + * This file contains Kerberos support code, copyright 2006 by<br> + * Jelmer Vernooij.<br> +@@ -71,9 +71,6 @@ static int check_authref(cupsd_client_t *con, const char *right);<br> + static int compare_locations(cupsd_location_t *a,<br> + cupsd_location_t *b);<br> + static cupsd_authmask_t *copy_authmask(cupsd_authmask_t *am, void *data);<br> +-#if !HAVE_LIBPAM<br> +-static char *cups_crypt(const char *pw, const char *salt);<br> +-#endif /* !HAVE_LIBPAM */<br> + static void free_authmask(cupsd_authmask_t *am, void *data);<br> + #if HAVE_LIBPAM<br> + static int pam_func(int, const struct pam_message **,<br> +@@ -694,14 +691,14 @@ cupsdAuthorize(cupsd_client_t *con) /* I - Client connection */<br> + * client...<br> + */<br> + <br> +- pass = cups_crypt(password, pw->pw_passwd);<br> ++ pass = crypt(password, pw->pw_passwd);<br> + <br> + if (!pass || strcmp(pw->pw_passwd, pass))<br> + {<br> + # ifdef HAVE_SHADOW_H<br> + if (spw)<br> + {<br> +- pass = cups_crypt(password, spw->sp_pwdp);<br> ++ pass = crypt(password, spw->sp_pwdp);<br> + <br> + if (pass == NULL || strcmp(spw->sp_pwdp, pass))<br> + {<br> +@@ -1995,129 +1992,6 @@ copy_authmask(cupsd_authmask_t *mask, /* I - Existing auth mask */<br> + }<br> + <br> + <br> +-#if !HAVE_LIBPAM<br> +-/*<br> +- * 'cups_crypt()' - Encrypt the password using the DES or MD5 algorithms,<br> +- * as needed.<br> +- */<br> +-<br> +-static char * /* O - Encrypted password */<br> +-cups_crypt(const char *pw, /* I - Password string */<br> +- const char *salt) /* I - Salt (key) string */<br> +-{<br> +- if (!strncmp(salt, "$1$", 3))<br> +- {<br> +- /*<br> +- * Use MD5 passwords without the benefit of PAM; this is for<br> +- * Slackware Linux, and the algorithm was taken from the<br> +- * old shadow-19990827/lib/md5crypt.c source code... :(<br> +- */<br> +-<br> +- int i; /* Looping var */<br> +- unsigned long n; /* Output number */<br> +- int pwlen; /* Length of password string */<br> +- const char *salt_end; /* End of "salt" data for MD5 */<br> +- char *ptr; /* Pointer into result string */<br> +- _cups_md5_state_t state; /* Primary MD5 state info */<br> +- _cups_md5_state_t state2; /* Secondary MD5 state info */<br> +- unsigned char digest[16]; /* MD5 digest result */<br> +- static char result[120]; /* Final password string */<br> +-<br> +-<br> +- /*<br> +- * Get the salt data between dollar signs, e.g. $1$saltdata$md5.<br> +- * Get a maximum of 8 characters of salt data after $1$...<br> +- */<br> +-<br> +- for (salt_end = salt + 3; *salt_end && (salt_end - salt) < 11; salt_end ++)<br> +- if (*salt_end == '$')<br> +- break;<br> +-<br> +- /*<br> +- * Compute the MD5 sum we need...<br> +- */<br> +-<br> +- pwlen = strlen(pw);<br> +-<br> +- _cupsMD5Init(&state);<br> +- _cupsMD5Append(&state, (unsigned char *)pw, pwlen);<br> +- _cupsMD5Append(&state, (unsigned char *)salt, salt_end - salt);<br> +-<br> +- _cupsMD5Init(&state2);<br> +- _cupsMD5Append(&state2, (unsigned char *)pw, pwlen);<br> +- _cupsMD5Append(&state2, (unsigned char *)salt + 3, salt_end - salt - 3);<br> +- _cupsMD5Append(&state2, (unsigned char *)pw, pwlen);<br> +- _cupsMD5Finish(&state2, digest);<br> +-<br> +- for (i = pwlen; i > 0; i -= 16)<br> +- _cupsMD5Append(&state, digest, i > 16 ? 16 : i);<br> +-<br> +- for (i = pwlen; i > 0; i >>= 1)<br> +- _cupsMD5Append(&state, (unsigned char *)((i & 1) ? "" : pw), 1);<br> +-<br> +- _cupsMD5Finish(&state, digest);<br> +-<br> +- for (i = 0; i < 1000; i ++)<br> +- {<br> +- _cupsMD5Init(&state);<br> +-<br> +- if (i & 1)<br> +- _cupsMD5Append(&state, (unsigned char *)pw, pwlen);<br> +- else<br> +- _cupsMD5Append(&state, digest, 16);<br> +-<br> +- if (i % 3)<br> +- _cupsMD5Append(&state, (unsigned char *)salt + 3, salt_end - salt - 3);<br> +-<br> +- if (i % 7)<br> +- _cupsMD5Append(&state, (unsigned char *)pw, pwlen);<br> +-<br> +- if (i & 1)<br> +- _cupsMD5Append(&state, digest, 16);<br> +- else<br> +- _cupsMD5Append(&state, (unsigned char *)pw, pwlen);<br> +-<br> +- _cupsMD5Finish(&state, digest);<br> +- }<br> +-<br> +- /*<br> +- * Copy the final sum to the result string and return...<br> +- */<br> +-<br> +- memcpy(result, salt, (size_t)(salt_end - salt));<br> +- ptr = result + (salt_end - salt);<br> +- *ptr++ = '$';<br> +-<br> +- for (i = 0; i < 5; i ++, ptr += 4)<br> +- {<br> +- n = ((((unsigned)digest[i] << 8) | (unsigned)digest[i + 6]) << 8);<br> +-<br> +- if (i < 4)<br> +- n |= (unsigned)digest[i + 12];<br> +- else<br> +- n |= (unsigned)digest[5];<br> +-<br> +- to64(ptr, n, 4);<br> +- }<br> +-<br> +- to64(ptr, (unsigned)digest[11], 2);<br> +- ptr += 2;<br> +- *ptr = '\0';<br> +-<br> +- return (result);<br> +- }<br> +- else<br> +- {<br> +- /*<br> +- * Use the standard crypt() function...<br> +- */<br> +-<br> +- return (crypt(pw, salt));<br> +- }<br> +-}<br> +-#endif /* !HAVE_LIBPAM */<br> +-<br> +-<br> + /*<br> + * 'free_authmask()' - Free function for auth masks.<br> + */<br> +-- <br> +2.17.0<br> +<br> -- <br> 2.17.0<br> <br> </blockquote></div>
>>>>> "Baruch" == Baruch Siach <baruch@tkos.co.il> writes: > Add upstream patch removing MD5 code that builds when PAM is not > enabled. > Fixes: > http://autobuild.buildroot.net/results/48d/48d53bdeceafdbb51756d5c0b9936ce7c98b4ddc/ > http://autobuild.buildroot.net/results/13c/13cb03a8d0ae215c418fe2520a27b2940efd4a39/ > http://autobuild.buildroot.net/results/fd3/fd3c56b60bb0411b38dc7279880d1fab7228c20a/ > Cc: Olivier Schonken <olivier.schonken@gmail.com> > Signed-off-by: Baruch Siach <baruch@tkos.co.il> Committed, thanks.
diff --git a/package/cups/0005-Fix-builds-without-PAM-Issue-5283.patch b/package/cups/0005-Fix-builds-without-PAM-Issue-5283.patch new file mode 100644 index 000000000000..ff242f82760b --- /dev/null +++ b/package/cups/0005-Fix-builds-without-PAM-Issue-5283.patch @@ -0,0 +1,189 @@ +From 570933a6a3597371bae1beeb754ee8711d6305ab Mon Sep 17 00:00:00 2001 +From: Michael R Sweet <michael.r.sweet@gmail.com> +Date: Mon, 2 Apr 2018 20:05:13 -0400 +Subject: [PATCH] Fix builds without PAM (Issue #5283) + +[baruch: drop CHANGES.md hunk] +Signed-off-by: Baruch Siach <baruch@tkos.co.il> +--- +Upstream status: commit 570933a6a3 + + CHANGES.md | 8 ++- + scheduler/auth.c | 134 ++--------------------------------------------- + 2 files changed, 11 insertions(+), 131 deletions(-) + +diff --git a/scheduler/auth.c b/scheduler/auth.c +index 8b134b5d7257..fa4e2715de34 100644 +--- a/scheduler/auth.c ++++ b/scheduler/auth.c +@@ -1,8 +1,8 @@ + /* + * Authorization routines for the CUPS scheduler. + * +- * Copyright 2007-2016 by Apple Inc. +- * Copyright 1997-2007 by Easy Software Products, all rights reserved. ++ * Copyright © 2007-2018 by Apple Inc. ++ * Copyright © 1997-2007 by Easy Software Products, all rights reserved. + * + * This file contains Kerberos support code, copyright 2006 by + * Jelmer Vernooij. +@@ -71,9 +71,6 @@ static int check_authref(cupsd_client_t *con, const char *right); + static int compare_locations(cupsd_location_t *a, + cupsd_location_t *b); + static cupsd_authmask_t *copy_authmask(cupsd_authmask_t *am, void *data); +-#if !HAVE_LIBPAM +-static char *cups_crypt(const char *pw, const char *salt); +-#endif /* !HAVE_LIBPAM */ + static void free_authmask(cupsd_authmask_t *am, void *data); + #if HAVE_LIBPAM + static int pam_func(int, const struct pam_message **, +@@ -694,14 +691,14 @@ cupsdAuthorize(cupsd_client_t *con) /* I - Client connection */ + * client... + */ + +- pass = cups_crypt(password, pw->pw_passwd); ++ pass = crypt(password, pw->pw_passwd); + + if (!pass || strcmp(pw->pw_passwd, pass)) + { + # ifdef HAVE_SHADOW_H + if (spw) + { +- pass = cups_crypt(password, spw->sp_pwdp); ++ pass = crypt(password, spw->sp_pwdp); + + if (pass == NULL || strcmp(spw->sp_pwdp, pass)) + { +@@ -1995,129 +1992,6 @@ copy_authmask(cupsd_authmask_t *mask, /* I - Existing auth mask */ + } + + +-#if !HAVE_LIBPAM +-/* +- * 'cups_crypt()' - Encrypt the password using the DES or MD5 algorithms, +- * as needed. +- */ +- +-static char * /* O - Encrypted password */ +-cups_crypt(const char *pw, /* I - Password string */ +- const char *salt) /* I - Salt (key) string */ +-{ +- if (!strncmp(salt, "$1$", 3)) +- { +- /* +- * Use MD5 passwords without the benefit of PAM; this is for +- * Slackware Linux, and the algorithm was taken from the +- * old shadow-19990827/lib/md5crypt.c source code... :( +- */ +- +- int i; /* Looping var */ +- unsigned long n; /* Output number */ +- int pwlen; /* Length of password string */ +- const char *salt_end; /* End of "salt" data for MD5 */ +- char *ptr; /* Pointer into result string */ +- _cups_md5_state_t state; /* Primary MD5 state info */ +- _cups_md5_state_t state2; /* Secondary MD5 state info */ +- unsigned char digest[16]; /* MD5 digest result */ +- static char result[120]; /* Final password string */ +- +- +- /* +- * Get the salt data between dollar signs, e.g. $1$saltdata$md5. +- * Get a maximum of 8 characters of salt data after $1$... +- */ +- +- for (salt_end = salt + 3; *salt_end && (salt_end - salt) < 11; salt_end ++) +- if (*salt_end == '$') +- break; +- +- /* +- * Compute the MD5 sum we need... +- */ +- +- pwlen = strlen(pw); +- +- _cupsMD5Init(&state); +- _cupsMD5Append(&state, (unsigned char *)pw, pwlen); +- _cupsMD5Append(&state, (unsigned char *)salt, salt_end - salt); +- +- _cupsMD5Init(&state2); +- _cupsMD5Append(&state2, (unsigned char *)pw, pwlen); +- _cupsMD5Append(&state2, (unsigned char *)salt + 3, salt_end - salt - 3); +- _cupsMD5Append(&state2, (unsigned char *)pw, pwlen); +- _cupsMD5Finish(&state2, digest); +- +- for (i = pwlen; i > 0; i -= 16) +- _cupsMD5Append(&state, digest, i > 16 ? 16 : i); +- +- for (i = pwlen; i > 0; i >>= 1) +- _cupsMD5Append(&state, (unsigned char *)((i & 1) ? "" : pw), 1); +- +- _cupsMD5Finish(&state, digest); +- +- for (i = 0; i < 1000; i ++) +- { +- _cupsMD5Init(&state); +- +- if (i & 1) +- _cupsMD5Append(&state, (unsigned char *)pw, pwlen); +- else +- _cupsMD5Append(&state, digest, 16); +- +- if (i % 3) +- _cupsMD5Append(&state, (unsigned char *)salt + 3, salt_end - salt - 3); +- +- if (i % 7) +- _cupsMD5Append(&state, (unsigned char *)pw, pwlen); +- +- if (i & 1) +- _cupsMD5Append(&state, digest, 16); +- else +- _cupsMD5Append(&state, (unsigned char *)pw, pwlen); +- +- _cupsMD5Finish(&state, digest); +- } +- +- /* +- * Copy the final sum to the result string and return... +- */ +- +- memcpy(result, salt, (size_t)(salt_end - salt)); +- ptr = result + (salt_end - salt); +- *ptr++ = '$'; +- +- for (i = 0; i < 5; i ++, ptr += 4) +- { +- n = ((((unsigned)digest[i] << 8) | (unsigned)digest[i + 6]) << 8); +- +- if (i < 4) +- n |= (unsigned)digest[i + 12]; +- else +- n |= (unsigned)digest[5]; +- +- to64(ptr, n, 4); +- } +- +- to64(ptr, (unsigned)digest[11], 2); +- ptr += 2; +- *ptr = '\0'; +- +- return (result); +- } +- else +- { +- /* +- * Use the standard crypt() function... +- */ +- +- return (crypt(pw, salt)); +- } +-} +-#endif /* !HAVE_LIBPAM */ +- +- + /* + * 'free_authmask()' - Free function for auth masks. + */ +-- +2.17.0 +
Add upstream patch removing MD5 code that builds when PAM is not enabled. Fixes: http://autobuild.buildroot.net/results/48d/48d53bdeceafdbb51756d5c0b9936ce7c98b4ddc/ http://autobuild.buildroot.net/results/13c/13cb03a8d0ae215c418fe2520a27b2940efd4a39/ http://autobuild.buildroot.net/results/fd3/fd3c56b60bb0411b38dc7279880d1fab7228c20a/ Cc: Olivier Schonken <olivier.schonken@gmail.com> Signed-off-by: Baruch Siach <baruch@tkos.co.il> --- ...05-Fix-builds-without-PAM-Issue-5283.patch | 189 ++++++++++++++++++ 1 file changed, 189 insertions(+) create mode 100644 package/cups/0005-Fix-builds-without-PAM-Issue-5283.patch