guix-patches
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#69275] [PATCH] gnu: ecryptfs-utils: Add the openssl key module.

From: Brian Kubisiak
Subject: [bug#69275] [PATCH] gnu: ecryptfs-utils: Add the openssl key module.
Date: Mon, 19 Feb 2024 07:15:08 -0800 
* gnu/packages/patches/ecryptfs-utils-openssl-1.1.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add the patch.
* gnu/packages/linux.scm (ecryptfs-utils)[source]: Apply the patch.
[inputs]: Add openssl-1.1.

Change-Id: I89cc15534e93cf20f2b5084157cbefaec5084ec8
---
 gnu/local.mk                                  |  1 +
 gnu/packages/linux.scm                        |  4 +-
 .../patches/ecryptfs-utils-openssl-1.1.patch  | 52 +++++++++++++++++++
 3 files changed, 56 insertions(+), 1 deletion(-)
 create mode 100644 gnu/packages/patches/ecryptfs-utils-openssl-1.1.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 58011d1149..cb5741dc60 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1107,6 +1107,7 @@ dist_patch_DATA =                                         
\
   %D%/packages/patches/dvd+rw-tools-add-include.patch          \
   %D%/packages/patches/dynaconf-unvendor-deps.patch            \
   %D%/packages/patches/dyninst-fix-glibc-compatibility.patch   \
+  %D%/packages/patches/ecryptfs-utils-openssl-1.1.patch        \
   %D%/packages/patches/efivar-211.patch                        \
   %D%/packages/patches/eigen-fix-strict-aliasing-bug.patch     \
   %D%/packages/patches/einstein-build.patch                    \
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index d798c44a8f..100f322afd 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -7024,7 +7024,8 @@ (define-public ecryptfs-utils
                            version ".orig.tar.gz"))
        (sha256
         (base32
-         "0zwq19siiwf09h7lwa7n7mgmrr8cxifp45lmwgcfr8c1gviv6b0i"))))
+         "0zwq19siiwf09h7lwa7n7mgmrr8cxifp45lmwgcfr8c1gviv6b0i"))
+       (patches (search-patches "ecryptfs-utils-openssl-1.1.patch"))))
     (build-system gnu-build-system)
     (arguments
      `(#:configure-flags (list "--disable-pywrap")
@@ -7106,6 +7107,7 @@ (define-public ecryptfs-utils
            linux-pam
            lsof
            lvm2
+           openssl-1.1
            nss
            rsync
            sed
diff --git a/gnu/packages/patches/ecryptfs-utils-openssl-1.1.patch 
b/gnu/packages/patches/ecryptfs-utils-openssl-1.1.patch
new file mode 100644
index 0000000000..87b24829b4
--- /dev/null
+++ b/gnu/packages/patches/ecryptfs-utils-openssl-1.1.patch
@@ -0,0 +1,52 @@
+diff --git a/src/key_mod/ecryptfs_key_mod_openssl.c 
b/src/key_mod/ecryptfs_key_mod_openssl.c
+index 56ebe2d..3959974 100644
+--- a/src/key_mod/ecryptfs_key_mod_openssl.c
++++ b/src/key_mod/ecryptfs_key_mod_openssl.c
+@@ -141,6 +141,7 @@ ecryptfs_openssl_destroy_subgraph_ctx(struct 
ecryptfs_subgraph_ctx *ctx)
+ static int ecryptfs_openssl_generate_signature(char *sig, RSA *key)
+ {
+       int len, nbits, ebits, i;
++      const BIGNUM *n, *e;
+       int nbytes, ebytes;
+       unsigned char *hash;
+       unsigned char *data = NULL;
+@@ -152,11 +153,14 @@ static int ecryptfs_openssl_generate_signature(char 
*sig, RSA *key)
+               rc = -ENOMEM;
+               goto out;
+       }
+-      nbits = BN_num_bits(key->n);
++
++      RSA_get0_key(key, &n, &e, NULL);
++
++      nbits = BN_num_bits(n);
+       nbytes = nbits / 8;
+       if (nbits % 8)
+               nbytes++;
+-      ebits = BN_num_bits(key->e);
++      ebits = BN_num_bits(e);
+       ebytes = ebits / 8;
+       if (ebits % 8)
+               ebytes++;
+@@ -179,11 +183,11 @@ static int ecryptfs_openssl_generate_signature(char 
*sig, RSA *key)
+       data[i++] = '\02';
+       data[i++] = (nbits >> 8);
+       data[i++] = nbits;
+-      BN_bn2bin(key->n, &(data[i]));
++      BN_bn2bin(n, &(data[i]));
+       i += nbytes;
+       data[i++] = (ebits >> 8);
+       data[i++] = ebits;
+-      BN_bn2bin(key->e, &(data[i]));
++      BN_bn2bin(e, &(data[i]));
+       i += ebytes;
+       SHA1(data, len + 3, hash);
+       to_hex(sig, (char *)hash, ECRYPTFS_SIG_SIZE);
+@@ -278,7 +282,7 @@ static int ecryptfs_openssl_read_key(RSA **rsa, unsigned 
char *blob)
+       BIO *in = NULL;
+       int rc;
+ 
+-      CRYPTO_malloc_init();
++      OPENSSL_malloc_init();
+       ERR_load_crypto_strings();
+       OpenSSL_add_all_algorithms();
+       ENGINE_load_builtin_engines();

base-commit: a35372cc0b9525b401c9a8b8c5eea6c3a83c9f4b
prerequisite-patch-id: 22abd79e623712e121f73c89488a47c1b5b9cd7d
prerequisite-patch-id: ebb44601cec0b6a5cf73e980522a864b2aae824e
prerequisite-patch-id: 56702abf84319ed57932ea9a895700eb87954a20
prerequisite-patch-id: 26b2a4d0d2d944a4e8c9b5277781daa080836c03
prerequisite-patch-id: 3b30c17f33cfe426c2643be26bb5b8ff83ae7c0c
-- 
2.41.0
reply via email to
[Prev in Thread] Current Thread [Next in Thread]