[pkgsrc/trunk]: pkgsrc/security/isakmpd Add some patches so if using openssl ...

[jmc <jmc%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/5cdb967d8861
branches:  trunk
changeset: 461764:5cdb967d8861
user:      jmc <jmc%pkgsrc.org@localhost>
date:      Sun Sep 21 08:02:21 2003 +0000

description:
Add some patches so if using openssl >= 0.9.7 the new des API is used

diffstat:

 security/isakmpd/distinfo         |   4 +-
 security/isakmpd/patches/patch-ah |  24 ++++++++++
 security/isakmpd/patches/patch-ai |  92 +++++++++++++++++++++++++++++++++++++++
 3 files changed, 119 insertions(+), 1 deletions(-)

diffs (139 lines):

diff -r 4dc80577d783 -r 5cdb967d8861 security/isakmpd/distinfo
--- a/security/isakmpd/distinfo Sat Sep 20 17:05:54 2003 +0000
+++ b/security/isakmpd/distinfo Sun Sep 21 08:02:21 2003 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.12 2003/02/08 17:06:26 dmcmahill Exp $
+$NetBSD: distinfo,v 1.13 2003/09/21 08:02:21 jmc Exp $
 
 SHA1 (isakmpd-20021118.tar.gz) = 806ed2f922ccc31c9bf9d4eeec90bddc34995565
 Size (isakmpd-20021118.tar.gz) = 348169 bytes
@@ -8,3 +8,5 @@
 SHA1 (patch-ae) = 5b7488fb50f2b3970c05e7dcfcf9979a05cb5719
 SHA1 (patch-af) = 5ef6311e2b065ee0ac61bdbd48f38d76291d68dc
 SHA1 (patch-ag) = f0af67b96e2f72333e79486495ce6abf1b31b9c1
+SHA1 (patch-ah) = 69f7b24995d243ac052c6b80f20945ff3346190f
+SHA1 (patch-ai) = 67b85a7c52582f07ff0bacb40054361835189081
diff -r 4dc80577d783 -r 5cdb967d8861 security/isakmpd/patches/patch-ah
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/isakmpd/patches/patch-ah Sun Sep 21 08:02:21 2003 +0000
@@ -0,0 +1,24 @@
+$NetBSD: patch-ah,v 1.1 2003/09/21 08:02:23 jmc Exp $
+
+--- crypto.h.orig      2003-09-21 02:42:10.000000000 +0000
++++ crypto.h   2003-09-21 02:44:47.000000000 +0000
+@@ -49,6 +49,7 @@
+ 
+ #else
+ 
++#include <openssl/opensslv.h>
+ #include <des.h>
+ #ifdef USE_BLOWFISH
+ #include <blf.h>
+@@ -106,7 +107,11 @@
+   u_int8_t    iv2[MAXBLK];
+   u_int8_t    *riv, *liv;
+   union {
++#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
++    DES_key_schedule desks[3];
++#else
+     des_key_schedule desks[3];
++#endif
+ #ifdef USE_BLOWFISH
+     blf_ctx blfks;
+ #endif
diff -r 4dc80577d783 -r 5cdb967d8861 security/isakmpd/patches/patch-ai
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/isakmpd/patches/patch-ai Sun Sep 21 08:02:21 2003 +0000
@@ -0,0 +1,92 @@
+$NetBSD: patch-ai,v 1.1 2003/09/21 08:02:24 jmc Exp $
+
+--- crypto.c.orig      2003-09-21 02:46:15.000000000 +0000
++++ crypto.c   2003-09-21 02:54:49.000000000 +0000
+@@ -99,8 +99,13 @@
+ des1_init (struct keystate *ks, u_int8_t *key, u_int16_t len)
+ {
+   /* des_set_key returns -1 for parity problems, and -2 for weak keys */
++#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
++  DES_set_odd_parity (DC key);
++  switch (DES_set_key (DC key, &ks->ks_des[0]))
++#else
+   des_set_odd_parity (DC key);
+   switch (des_set_key (DC key, ks->ks_des[0]))
++#endif
+     {
+     case -2:
+       return EWEAKKEY;
+@@ -112,19 +117,37 @@
+ void
+ des1_encrypt (struct keystate *ks, u_int8_t *d, u_int16_t len)
+ {
++#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
++  DES_cbc_encrypt (DC d, DC d, len, &ks->ks_des[0], DC ks->riv, DES_ENCRYPT);
++#else
+   des_cbc_encrypt (DC d, DC d, len, ks->ks_des[0], DC ks->riv, DES_ENCRYPT);
++#endif
+ }
+ 
+ void
+ des1_decrypt (struct keystate *ks, u_int8_t *d, u_int16_t len)
+ {
++#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
++  DES_cbc_encrypt (DC d, DC d, len, &ks->ks_des[0], DC ks->riv, DES_DECRYPT);
++#else
+   des_cbc_encrypt (DC d, DC d, len, ks->ks_des[0], DC ks->riv, DES_DECRYPT);
++#endif
+ }
+ 
+ #ifdef USE_TRIPLEDES
+ enum cryptoerr
+ des3_init (struct keystate *ks, u_int8_t *key, u_int16_t len)
+ {
++#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
++  DES_set_odd_parity (DC key);
++  DES_set_odd_parity (DC (key + 8));
++  DES_set_odd_parity (DC (key + 16));
++
++  /* As of the draft Tripe-DES does not check for weak keys */
++  DES_set_key (DC key, &ks->ks_des[0]);
++  DES_set_key (DC (key + 8), &ks->ks_des[1]);
++  DES_set_key (DC (key + 16), &ks->ks_des[2]);
++#else
+   des_set_odd_parity (DC key);
+   des_set_odd_parity (DC (key + 8));
+   des_set_odd_parity (DC (key + 16));
+@@ -133,6 +156,7 @@
+   des_set_key (DC key, ks->ks_des[0]);
+   des_set_key (DC (key + 8), ks->ks_des[1]);
+   des_set_key (DC (key + 16), ks->ks_des[2]);
++#endif
+ 
+   return EOKAY;
+ }
+@@ -143,8 +167,13 @@
+   u_int8_t iv[MAXBLK];
+ 
+   memcpy (iv, ks->riv, ks->xf->blocksize);
++#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
++  DES_ede3_cbc_encrypt (DC data, DC data, len, &ks->ks_des[0], &ks->ks_des[1],
++                      &ks->ks_des[2], DC iv, DES_ENCRYPT);
++#else
+   des_ede3_cbc_encrypt (DC data, DC data, len, ks->ks_des[0], ks->ks_des[1],
+                       ks->ks_des[2], DC iv, DES_ENCRYPT);
++#endif
+ }
+ 
+ void
+@@ -153,8 +182,13 @@
+   u_int8_t iv[MAXBLK];
+ 
+   memcpy (iv, ks->riv, ks->xf->blocksize);
++#if OPENSSL_VERSION_NUMBER >= 0x0090702fL
++  DES_ede3_cbc_encrypt (DC data, DC data, len, &ks->ks_des[0], &ks->ks_des[1],
++                      &ks->ks_des[2], DC iv, DES_DECRYPT);
++#else
+   des_ede3_cbc_encrypt (DC data, DC data, len, ks->ks_des[0], ks->ks_des[1],
+                       ks->ks_des[2], DC iv, DES_DECRYPT);
++#endif
+ }
+ #undef DC
+ #endif /* USE_TRIPLEDES */