From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1.migadu.com ([2001:41d0:303:e224::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms8.migadu.com with LMTPS id 6C6KDvh+02V1cgAA62LTzQ:P1 (envelope-from ) for ; Mon, 19 Feb 2024 17:16:56 +0100 Received: from aspmx1.migadu.com ([2001:41d0:303:e224::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1.migadu.com with LMTPS id 6C6KDvh+02V1cgAA62LTzQ (envelope-from ) for ; Mon, 19 Feb 2024 17:16:56 +0100 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=kubisiak.com header.s=s1 header.b=ntYF5uFM; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1708359416; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:resent-cc:resent-from:resent-sender: resent-message-id:list-id:list-help:list-unsubscribe:list-subscribe: list-post:dkim-signature; bh=zaa7kVHkNZDaW1fhoMjMCz8yDO6dVT6WmeJJPhzKft4=; b=MG/uulT49M9tVWPIoOScBQj05OI+Nv+5O6A9rLUcUVjJarQrTcCA01Ez6lwJUc/AanD8Zi SAFRQ+1fNAecQjM89WVejk8rZ6+S04QqrXtG1hOy2lrpb7jlditgVN20v07jH9ZuUNwTGj 2h58rQrXoQxUpVoYsTWXh4pEE/Fj7FMosBf9OcCMidpNngItGlOsnsvacBPrcIXIkc2ewv 9zD3etJt78aIfrasZYKL37w8TRvsVpBYFUHOtece//hHg2LzToRoOGvKrmOapUgn6y+RbS JaLod6n5U7dR8Ydl9vyfFPlDVaKm0HR0/Rz5vrG/9eObzek1elt7higSDpJ52w== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=kubisiak.com header.s=s1 header.b=ntYF5uFM; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org"; dmarc=none ARC-Seal: i=1; s=key1; d=yhetil.org; t=1708359416; a=rsa-sha256; cv=none; b=WTuWxwO7Zjs/D1D4867qA4mXOtRSaad6K0JIiHm7fuAhDo5GfSOihiCdZUba8srpuxLCjK /df1JAX0T27aVxfGHbxZJxTG3DQGfADHNjEitjoj3uE5I61lOUXynzt0wZEONbo69BhWKW tnOSUxBuuLm+6Mq6BiNmpU3V52pnsaLSkSROucK67+1PSuvAiD4zOKi3pZXNjuul7hbUca teo5cgR8xhli7kEDltteyJsfW7jOsNjme26vZ4TwIAKUn6PT7mkHXj/0wmlkZkpdURgODg hjsUg9EjLYB19NVBXeyVrWQdo35Y9PrkOAvQJyD3uDwhKdl0tEjVhyBnv7wz2g== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id ED75F230C1 for ; Mon, 19 Feb 2024 17:16:55 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rc6Jv-0003xu-Oc; Mon, 19 Feb 2024 11:16:43 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rc6Jt-0003vB-4X for guix-patches@gnu.org; Mon, 19 Feb 2024 11:16:41 -0500 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1rc6Js-0006tN-Qh for guix-patches@gnu.org; Mon, 19 Feb 2024 11:16:40 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1rc6KD-0002Kf-V6 for guix-patches@gnu.org; Mon, 19 Feb 2024 11:17:01 -0500 X-Loop: help-debbugs@gnu.org Subject: [bug#69275] [PATCH] gnu: ecryptfs-utils: Add the openssl key module. Resent-From: Brian Kubisiak Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 19 Feb 2024 16:17:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 69275 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 69275@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.17083593868894 (code B ref -1); Mon, 19 Feb 2024 16:17:01 +0000 Received: (at submit) by debbugs.gnu.org; 19 Feb 2024 16:16:26 +0000 Received: from localhost ([127.0.0.1]:43268 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rc6JZ-0002J7-9r for submit@debbugs.gnu.org; Mon, 19 Feb 2024 11:16:26 -0500 Received: from lists.gnu.org ([209.51.188.17]:49344) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1rc6JW-0002Ix-9y for submit@debbugs.gnu.org; Mon, 19 Feb 2024 11:16:20 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rc6JA-0003ls-1h for guix-patches@gnu.org; Mon, 19 Feb 2024 11:15:56 -0500 Received: from [75.171.8.149] (helo=mail.kubisiak.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1rc6Is-0006Tx-1A for guix-patches@gnu.org; Mon, 19 Feb 2024 11:15:55 -0500 dkim-signature: v=1; a=rsa-sha256; d=kubisiak.com; s=s1; c=relaxed/relaxed; q=dns/txt; h=From:Subject:Date:Message-ID:To:MIME-Version:Content-Type; bh=zaa7kVHkNZDaW1fhoMjMCz8yDO6dVT6WmeJJPhzKft4=; b=ntYF5uFMHLy9g9Q10zo5+InVoBnYIJskckQ3NLW3vHVzhD9l3gJSro9e/oqwWuKKR9EH2QRM/VuZvESyiJdU7bFXo6sP6BYd/Y/xGlhOPFlgLj/jXbkZr5yJR2ivkEsK1h2zZLBVNSTXT8ocI56qsHdxAhBKSjUONCX7d7sqzi+5N7j8hcxzulFG6Ka6Y/0mB4ZrxPb4tx2QYo2C9MVevNGwUgrvfLbWMfnUuwpJf+k0+1JSXtY3e7U8o4 9BKmVj+wBMt7PZo2fqB3uruQJss5zF1BPyA2/1PUVleFFvys0MiAvzDmjQr+5aRo5jcFuXur2ZP82yUI5Rh8ydtt9KRg== Received: from peregrine (192-184-148-161.fiber.dynamic.sonic.net [192.184.148.161]) by mail.kubisiak.com with ESMTPSA (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256) ; Mon, 19 Feb 2024 09:15:07 -0600 Date: Mon, 19 Feb 2024 07:15:08 -0800 From: Brian Kubisiak Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Host-Lookup-Failed: Reverse DNS lookup failed for 75.171.8.149 (failed) Received-SPF: pass client-ip=75.171.8.149; envelope-from=brian@kubisiak.com; helo=mail.kubisiak.com X-Spam_score_int: -12 X-Spam_score: -1.3 X-Spam_bar: - X-Spam_report: (-1.3 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RDNS_NONE=0.793, SPF_HELO_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_TEMPERROR=0.01 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: guix-patches-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN X-Migadu-Scanner: mx12.migadu.com X-Migadu-Spam-Score: -1.68 X-Spam-Score: -1.68 X-Migadu-Queue-Id: ED75F230C1 X-TUID: oWeoxW+J8i0h * gnu/packages/patches/ecryptfs-utils-openssl-1.1.patch: New file. * gnu/local.mk (dist_patch_DATA): Add the patch. * gnu/packages/linux.scm (ecryptfs-utils)[source]: Apply the patch. [inputs]: Add openssl-1.1. Change-Id: I89cc15534e93cf20f2b5084157cbefaec5084ec8 --- gnu/local.mk | 1 + gnu/packages/linux.scm | 4 +- .../patches/ecryptfs-utils-openssl-1.1.patch | 52 +++++++++++++++++++ 3 files changed, 56 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/ecryptfs-utils-openssl-1.1.patch diff --git a/gnu/local.mk b/gnu/local.mk index 58011d1149..cb5741dc60 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1107,6 +1107,7 @@ dist_patch_DATA = \ %D%/packages/patches/dvd+rw-tools-add-include.patch \ %D%/packages/patches/dynaconf-unvendor-deps.patch \ %D%/packages/patches/dyninst-fix-glibc-compatibility.patch \ + %D%/packages/patches/ecryptfs-utils-openssl-1.1.patch \ %D%/packages/patches/efivar-211.patch \ %D%/packages/patches/eigen-fix-strict-aliasing-bug.patch \ %D%/packages/patches/einstein-build.patch \ diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index d798c44a8f..100f322afd 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -7024,7 +7024,8 @@ (define-public ecryptfs-utils version ".orig.tar.gz")) (sha256 (base32 - "0zwq19siiwf09h7lwa7n7mgmrr8cxifp45lmwgcfr8c1gviv6b0i")))) + "0zwq19siiwf09h7lwa7n7mgmrr8cxifp45lmwgcfr8c1gviv6b0i")) + (patches (search-patches "ecryptfs-utils-openssl-1.1.patch")))) (build-system gnu-build-system) (arguments `(#:configure-flags (list "--disable-pywrap") @@ -7106,6 +7107,7 @@ (define-public ecryptfs-utils linux-pam lsof lvm2 + openssl-1.1 nss rsync sed diff --git a/gnu/packages/patches/ecryptfs-utils-openssl-1.1.patch b/gnu/packages/patches/ecryptfs-utils-openssl-1.1.patch new file mode 100644 index 0000000000..87b24829b4 --- /dev/null +++ b/gnu/packages/patches/ecryptfs-utils-openssl-1.1.patch @@ -0,0 +1,52 @@ +diff --git a/src/key_mod/ecryptfs_key_mod_openssl.c b/src/key_mod/ecryptfs_key_mod_openssl.c +index 56ebe2d..3959974 100644 +--- a/src/key_mod/ecryptfs_key_mod_openssl.c ++++ b/src/key_mod/ecryptfs_key_mod_openssl.c +@@ -141,6 +141,7 @@ ecryptfs_openssl_destroy_subgraph_ctx(struct ecryptfs_subgraph_ctx *ctx) + static int ecryptfs_openssl_generate_signature(char *sig, RSA *key) + { + int len, nbits, ebits, i; ++ const BIGNUM *n, *e; + int nbytes, ebytes; + unsigned char *hash; + unsigned char *data = NULL; +@@ -152,11 +153,14 @@ static int ecryptfs_openssl_generate_signature(char *sig, RSA *key) + rc = -ENOMEM; + goto out; + } +- nbits = BN_num_bits(key->n); ++ ++ RSA_get0_key(key, &n, &e, NULL); ++ ++ nbits = BN_num_bits(n); + nbytes = nbits / 8; + if (nbits % 8) + nbytes++; +- ebits = BN_num_bits(key->e); ++ ebits = BN_num_bits(e); + ebytes = ebits / 8; + if (ebits % 8) + ebytes++; +@@ -179,11 +183,11 @@ static int ecryptfs_openssl_generate_signature(char *sig, RSA *key) + data[i++] = '\02'; + data[i++] = (nbits >> 8); + data[i++] = nbits; +- BN_bn2bin(key->n, &(data[i])); ++ BN_bn2bin(n, &(data[i])); + i += nbytes; + data[i++] = (ebits >> 8); + data[i++] = ebits; +- BN_bn2bin(key->e, &(data[i])); ++ BN_bn2bin(e, &(data[i])); + i += ebytes; + SHA1(data, len + 3, hash); + to_hex(sig, (char *)hash, ECRYPTFS_SIG_SIZE); +@@ -278,7 +282,7 @@ static int ecryptfs_openssl_read_key(RSA **rsa, unsigned char *blob) + BIO *in = NULL; + int rc; + +- CRYPTO_malloc_init(); ++ OPENSSL_malloc_init(); + ERR_load_crypto_strings(); + OpenSSL_add_all_algorithms(); + ENGINE_load_builtin_engines(); base-commit: a35372cc0b9525b401c9a8b8c5eea6c3a83c9f4b prerequisite-patch-id: 22abd79e623712e121f73c89488a47c1b5b9cd7d prerequisite-patch-id: ebb44601cec0b6a5cf73e980522a864b2aae824e prerequisite-patch-id: 56702abf84319ed57932ea9a895700eb87954a20 prerequisite-patch-id: 26b2a4d0d2d944a4e8c9b5277781daa080836c03 prerequisite-patch-id: 3b30c17f33cfe426c2643be26bb5b8ff83ae7c0c -- 2.41.0