From patchwork Mon Apr 30 19:19:15 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Baruch Siach X-Patchwork-Id: 906835 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=busybox.net (client-ip=140.211.166.138; helo=whitealder.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=tkos.co.il Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 40ZZCL6vB0z9s27 for ; Tue, 1 May 2018 05:21:18 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 6822E875A0; Mon, 30 Apr 2018 19:21:16 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CofJetNGWRmJ; Mon, 30 Apr 2018 19:21:14 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by whitealder.osuosl.org (Postfix) with ESMTP id C6DFE875A2; Mon, 30 Apr 2018 19:21:14 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by ash.osuosl.org (Postfix) with ESMTP id E91951C25D9 for ; Mon, 30 Apr 2018 19:21:10 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id E64FD875A2 for ; Mon, 30 Apr 2018 19:21:10 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dELUovLm-Pbo for ; Mon, 30 Apr 2018 19:21:08 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mx.tkos.co.il (guitar.tcltek.co.il [192.115.133.116]) by whitealder.osuosl.org (Postfix) with ESMTPS id 1430F875A0 for ; Mon, 30 Apr 2018 19:21:08 +0000 (UTC) Received: from tarshish.tkos.co.il (unknown [10.0.8.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx.tkos.co.il (Postfix) with ESMTPSA id 0BA9044047B; Mon, 30 Apr 2018 22:20:50 +0300 (IDT) From: Baruch Siach To: buildroot@busybox.net Date: Mon, 30 Apr 2018 22:19:15 +0300 Message-Id: <91db976709291253cb9914a411a9d75872165f75.1525115956.git.baruch@tkos.co.il> X-Mailer: git-send-email 2.17.0 MIME-Version: 1.0 Subject: [Buildroot] [PATCH 1/2] cups: fix build without PAM X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.24 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Olivier Schonken Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" Add upstream patch removing MD5 code that builds when PAM is not enabled. Fixes: http://autobuild.buildroot.net/results/48d/48d53bdeceafdbb51756d5c0b9936ce7c98b4ddc/ http://autobuild.buildroot.net/results/13c/13cb03a8d0ae215c418fe2520a27b2940efd4a39/ http://autobuild.buildroot.net/results/fd3/fd3c56b60bb0411b38dc7279880d1fab7228c20a/ Cc: Olivier Schonken Signed-off-by: Baruch Siach Acked-by: Olivier Schonken Signed-off-by: Baruch Siach <baruch@tkos.co.il>
--- ...05-Fix-builds-without-PAM-Issue-5283.patch | 189 ++++++++++++++++++ 1 file changed, 189 insertions(+) create mode 100644 package/cups/0005-Fix-builds-without-PAM-Issue-5283.patch diff --git a/package/cups/0005-Fix-builds-without-PAM-Issue-5283.patch b/package/cups/0005-Fix-builds-without-PAM-Issue-5283.patch new file mode 100644 index 000000000000..ff242f82760b --- /dev/null +++ b/package/cups/0005-Fix-builds-without-PAM-Issue-5283.patch @@ -0,0 +1,189 @@ +From 570933a6a3597371bae1beeb754ee8711d6305ab Mon Sep 17 00:00:00 2001 +From: Michael R Sweet +Date: Mon, 2 Apr 2018 20:05:13 -0400 +Subject: [PATCH] Fix builds without PAM (Issue #5283) + +[baruch: drop CHANGES.md hunk] +Signed-off-by: Baruch Siach +--- +Upstream status: commit 570933a6a3 + + CHANGES.md | 8 ++- + scheduler/auth.c | 134 ++--------------------------------------------- + 2 files changed, 11 insertions(+), 131 deletions(-) + +diff --git a/scheduler/auth.c b/scheduler/auth.c +index 8b134b5d7257..fa4e2715de34 100644 +--- a/scheduler/auth.c ++++ b/scheduler/auth.c +@@ -1,8 +1,8 @@ + /* + * Authorization routines for the CUPS scheduler. + * +- * Copyright 2007-2016 by Apple Inc. +- * Copyright 1997-2007 by Easy Software Products, all rights reserved. ++ * Copyright © 2007-2018 by Apple Inc. ++ * Copyright © 1997-2007 by Easy Software Products, all rights reserved. + * + * This file contains Kerberos support code, copyright 2006 by + * Jelmer Vernooij. +@@ -71,9 +71,6 @@ static int check_authref(cupsd_client_t *con, const char *right); + static int compare_locations(cupsd_location_t *a, + cupsd_location_t *b); + static cupsd_authmask_t *copy_authmask(cupsd_authmask_t *am, void *data); +-#if !HAVE_LIBPAM +-static char *cups_crypt(const char *pw, const char *salt); +-#endif /* !HAVE_LIBPAM */ + static void free_authmask(cupsd_authmask_t *am, void *data); + #if HAVE_LIBPAM + static int pam_func(int, const struct pam_message **, +@@ -694,14 +691,14 @@ cupsdAuthorize(cupsd_client_t *con) /* I - Client connection */ + * client... + */ + +- pass = cups_crypt(password, pw->pw_passwd); ++ pass = crypt(password, pw->pw_passwd); + + if (!pass || strcmp(pw->pw_passwd, pass)) + { + # ifdef HAVE_SHADOW_H + if (spw) + { +- pass = cups_crypt(password, spw->sp_pwdp); ++ pass = crypt(password, spw->sp_pwdp); + + if (pass == NULL || strcmp(spw->sp_pwdp, pass)) + { +@@ -1995,129 +1992,6 @@ copy_authmask(cupsd_authmask_t *mask, /* I - Existing auth mask */ + } + + +-#if !HAVE_LIBPAM +-/* +- * 'cups_crypt()' - Encrypt the password using the DES or MD5 algorithms, +- * as needed. +- */ +- +-static char * /* O - Encrypted password */ +-cups_crypt(const char *pw, /* I - Password string */ +- const char *salt) /* I - Salt (key) string */ +-{ +- if (!strncmp(salt, "$1$", 3)) +- { +- /* +- * Use MD5 passwords without the benefit of PAM; this is for +- * Slackware Linux, and the algorithm was taken from the +- * old shadow-19990827/lib/md5crypt.c source code... :( +- */ +- +- int i; /* Looping var */ +- unsigned long n; /* Output number */ +- int pwlen; /* Length of password string */ +- const char *salt_end; /* End of "salt" data for MD5 */ +- char *ptr; /* Pointer into result string */ +- _cups_md5_state_t state; /* Primary MD5 state info */ +- _cups_md5_state_t state2; /* Secondary MD5 state info */ +- unsigned char digest[16]; /* MD5 digest result */ +- static char result[120]; /* Final password string */ +- +- +- /* +- * Get the salt data between dollar signs, e.g. $1$saltdata$md5. +- * Get a maximum of 8 characters of salt data after $1$... +- */ +- +- for (salt_end = salt + 3; *salt_end && (salt_end - salt) < 11; salt_end ++) +- if (*salt_end == '$') +- break; +- +- /* +- * Compute the MD5 sum we need... +- */ +- +- pwlen = strlen(pw); +- +- _cupsMD5Init(&state); +- _cupsMD5Append(&state, (unsigned char *)pw, pwlen); +- _cupsMD5Append(&state, (unsigned char *)salt, salt_end - salt); +- +- _cupsMD5Init(&state2); +- _cupsMD5Append(&state2, (unsigned char *)pw, pwlen); +- _cupsMD5Append(&state2, (unsigned char *)salt + 3, salt_end - salt - 3); +- _cupsMD5Append(&state2, (unsigned char *)pw, pwlen); +- _cupsMD5Finish(&state2, digest); +- +- for (i = pwlen; i > 0; i -= 16) +- _cupsMD5Append(&state, digest, i > 16 ? 16 : i); +- +- for (i = pwlen; i > 0; i >>= 1) +- _cupsMD5Append(&state, (unsigned char *)((i & 1) ? "" : pw), 1); +- +- _cupsMD5Finish(&state, digest); +- +- for (i = 0; i < 1000; i ++) +- { +- _cupsMD5Init(&state); +- +- if (i & 1) +- _cupsMD5Append(&state, (unsigned char *)pw, pwlen); +- else +- _cupsMD5Append(&state, digest, 16); +- +- if (i % 3) +- _cupsMD5Append(&state, (unsigned char *)salt + 3, salt_end - salt - 3); +- +- if (i % 7) +- _cupsMD5Append(&state, (unsigned char *)pw, pwlen); +- +- if (i & 1) +- _cupsMD5Append(&state, digest, 16); +- else +- _cupsMD5Append(&state, (unsigned char *)pw, pwlen); +- +- _cupsMD5Finish(&state, digest); +- } +- +- /* +- * Copy the final sum to the result string and return... +- */ +- +- memcpy(result, salt, (size_t)(salt_end - salt)); +- ptr = result + (salt_end - salt); +- *ptr++ = '$'; +- +- for (i = 0; i < 5; i ++, ptr += 4) +- { +- n = ((((unsigned)digest[i] << 8) | (unsigned)digest[i + 6]) << 8); +- +- if (i < 4) +- n |= (unsigned)digest[i + 12]; +- else +- n |= (unsigned)digest[5]; +- +- to64(ptr, n, 4); +- } +- +- to64(ptr, (unsigned)digest[11], 2); +- ptr += 2; +- *ptr = '\0'; +- +- return (result); +- } +- else +- { +- /* +- * Use the standard crypt() function... +- */ +- +- return (crypt(pw, salt)); +- } +-} +-#endif /* !HAVE_LIBPAM */ +- +- + /* + * 'free_authmask()' - Free function for auth masks. + */ +-- +2.17.0 +