see log for the other error upstream will (?) fix this in version 2.5, for now I found a patch in the openldap mailing list that will fix this (applied locally and build) gcc -Os -pipe -march=native -mtune=native -fomit-frame-pointer -mfpmath=sse -Wformat -Wformat-security -Wl,-O1 -Wl,--as-needed -Wl,-O2 -Wl,-fuse-ld=gold -Wl,-z,now -Wl, -z,relro -lpthread -lgomp -fweb -fgcse-after-reload -fivopts -fopenmp -Wno-error=implicit-function-declaration -pthread -I../../include -I/var/tmp/portage/net-nd s/openldap-2.4.44/work/openldap-2.4.44/include -D_REENTRANT -DLDAP_CONNECTIONLESS -I/usr/include/db5.3 -I/usr/include/iodbc -D_REENTRANT -DLDAP_CONNECTIONLESS -c - o passwd.o /var/tmp/portage/net-nds/openldap-2.4.44/work/openldap-2.4.44/libraries/liblutil/passwd.c /var/tmp/portage/net-nds/openldap-2.4.44/work/openldap-2.4.44/libraries/liblutil/passwd.c:41:9: error: unknown type name ‘des_cblock’ typedef des_cblock des_key; ^ /var/tmp/portage/net-nds/openldap-2.4.44/work/openldap-2.4.44/libraries/liblutil/passwd.c:42:9: error: unknown type name ‘des_cblock’ typedef des_cblock des_data_block; ^ /var/tmp/portage/net-nds/openldap-2.4.44/work/openldap-2.4.44/libraries/liblutil/passwd.c:43:9: error: unknown type name ‘des_key_schedule’ typedef des_key_schedule des_context; ^
Created attachment 475192 [details] info info
Created attachment 475196 [details] openldap-2.4.44:20170604-234033.log log
Created attachment 475198 [details, diff] libressl.patch patch
Could you put in a diff for the ebuild? on 2.4.45 I'm getting patch errors when applying this patch last.
ya, iirc some of the DES capitalization changes were done in another patch change. can someone on the libressl team verify this patch?
(In reply to Matthew Thode ( prometheanfire ) from comment #5) > ya, iirc some of the DES capitalization changes were done in another patch > change. > > can someone on the libressl team verify this patch? openldap-2.4.45-fix-lmpasswd-gnutls-symbols.patch also makes relevant changes: @@ -51,6 +51,26 @@ typedef unsigned char des_data_block[8]; typedef PK11Context *des_context[1]; #define DES_ENCRYPT CKA_ENCRYPT +#elif defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT) +# include <gcrypt.h> +static int gcrypt_init = 0; + +typedef const void* des_key; +typedef unsigned char DES_cblock[8]; +typedef des_cblock des_data_block; +typedef int DES_key_schedule; /* unused */ +typedef DES_key_schedule des_context; /* unused */ +#define des_failed(encrypted) 0 +#define des_finish(key, schedule) + +#define DES_set_key_unchecked( key, key_sched ) \ + gcry_cipher_setkey( hd, key, 8 ) + +#define DES_ecb_encrypt( input, output, key_sched, enc ) \ + gcry_cipher_encrypt( hd, *output, 8, *input, 8 ) + +#define DES_set_odd_parity( key ) do {} while(0) + #endif #endif /* SLAPD_LMHASH */
Created attachment 478246 [details, diff] Complete DES changes Note, that I have problems compiling openldap with USE=gnutls. It seems the DES related changes are incomplete. I crafted this patch to address the problem. BR: Dw.
I have tested this USE flag combination with net-nds/openldap-2.4.44 against dev-libs/libressl-{2.6.4,2.7.2}. I am unable to reproduce. Everything builds and runs fine.
Sorry, meant to make it a test-request.
