Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 557880 Details for
Bug 673222
net-analyzer/ettercap-0.8.2-r1 fails to compile with dev-libs/openssl-1.1.1a (PATCH)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
debian patch 740.patch
740.patch (text/plain), 8.56 KB, created by
Anton Bolshakov
on 2018-12-16 00:23:34 UTC
(
hide
)
Description:
debian patch 740.patch
Filename:
MIME Type:
Creator:
Anton Bolshakov
Created:
2018-12-16 00:23:34 UTC
Size:
8.56 KB
patch
obsolete
>From f0d63b27c82df2ad5f7ada6310727d841b43fbcc Mon Sep 17 00:00:00 2001 >From: Gianfranco Costamagna <costamagnagianfranco@yahoo.it> >Date: Mon, 27 Jun 2016 12:41:33 +0200 >Subject: [PATCH 1/2] First draft of openssl 1.1 compatibility layer (from > https://github.com/curl/curl/commit/cfe16c22d7891a1f65ea8cd4c5352504a2afbddc) > Closes: #739 > >--- > src/dissectors/ec_ssh.c | 93 ++++++++++++++++++++++++++++++++++++++++++++++++- > src/ec_sslwrap.c | 14 ++++++++ > 2 files changed, 106 insertions(+), 1 deletion(-) > >Index: ettercap-0.8.2/src/dissectors/ec_ssh.c >=================================================================== >--- ettercap-0.8.2.orig/src/dissectors/ec_ssh.c >+++ ettercap-0.8.2/src/dissectors/ec_ssh.c >@@ -36,6 +36,10 @@ > #include <openssl/md5.h> > #include <zlib.h> > >+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) >+#define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */ >+#endif >+ > #define SMSG_PUBLIC_KEY 2 > #define CMSG_SESSION_KEY 3 > #define CMSG_USER 4 >@@ -138,6 +142,11 @@ > char tmp[MAX_ASCII_ADDR_LEN]; > u_int32 ssh_len, ssh_mod; > u_char ssh_packet_type, *ptr, *key_to_put; >+#ifdef HAVE_OPAQUE_RSA_DSA_DH >+ BIGNUM *h_n, *s_n, *m_h_n, *m_s_n; >+ BIGNUM *h_e, *s_e, *m_h_e, *m_s_e; >+ BIGNUM *h_d, *s_d, *m_h_d, *m_s_d; >+#endif > > /* don't complain about unused var */ > (void) DECODE_DATA; >@@ -383,12 +392,25 @@ > if (session_data->ptrkey == NULL) { > /* Initialize RSA key structures (other fileds are set to 0) */ > session_data->serverkey = RSA_new(); >+#ifdef HAVE_OPAQUE_RSA_DSA_DH >+ s_n = BN_new(); >+ s_e = BN_new(); >+ RSA_set0_key(session_data->serverkey, s_n, s_e, s_d); >+#else > session_data->serverkey->n = BN_new(); > session_data->serverkey->e = BN_new(); >+#endif > > session_data->hostkey = RSA_new(); >+ >+#ifdef HAVE_OPAQUE_RSA_DSA_DH >+ h_n = BN_new(); >+ h_e = BN_new(); >+ RSA_set0_key(session_data->hostkey, h_n, h_e, h_d); >+#else > session_data->hostkey->n = BN_new(); > session_data->hostkey->e = BN_new(); >+#endif > > /* Get the RSA Key from the packet */ > NS_GET32(server_mod,ptr); >@@ -396,19 +418,37 @@ > DEBUG_MSG("Dissector_ssh Bougs Server_Mod"); > return NULL; > } >+#ifdef HAVE_OPAQUE_RSA_DSA_DH >+ RSA_get0_key(session_data->serverkey, &s_n, &s_e, &s_d); >+ get_bn(s_e, &ptr); >+ get_bn(s_n, &ptr); >+#else > get_bn(session_data->serverkey->e, &ptr); > get_bn(session_data->serverkey->n, &ptr); >+#endif > > NS_GET32(host_mod,ptr); > if (ptr + (host_mod/8) > PACKET->DATA.data + PACKET->DATA.len) { > DEBUG_MSG("Dissector_ssh Bougs Host_Mod"); > return NULL; > } >+ >+#ifdef HAVE_OPAQUE_RSA_DSA_DH >+ RSA_get0_key(session_data->hostkey, &h_n, &h_e, &h_d); >+ get_bn(h_e, &ptr); >+ get_bn(h_n, &ptr); >+#else > get_bn(session_data->hostkey->e, &ptr); > get_bn(session_data->hostkey->n, &ptr); >+#endif > >+#ifdef HAVE_OPAQUE_RSA_DSA_DH >+ server_exp = BN_get_word(s_e); >+ host_exp = BN_get_word(h_e); >+#else > server_exp = *(session_data->serverkey->e->d); > host_exp = *(session_data->hostkey->e->d); >+#endif > > /* Check if we already have a suitable RSA key to substitute */ > index_ssl = &ssh_conn_key; >@@ -424,7 +464,7 @@ > SAFE_CALLOC(*index_ssl, 1, sizeof(ssh_my_key)); > > /* Generate the new key */ >- (*index_ssl)->myserverkey = (RSA *)RSA_generate_key(server_mod, server_exp, NULL, NULL); >+ (*index_ssl)->myserverkey = (RSA *)RSA_generate_key_ex(server_mod, server_exp, NULL, NULL); > (*index_ssl)->myhostkey = (RSA *)RSA_generate_key(host_mod, host_exp, NULL, NULL); > (*index_ssl)->server_mod = server_mod; > (*index_ssl)->host_mod = host_mod; >@@ -443,11 +483,25 @@ > > /* Put our RSA key in the packet */ > key_to_put+=4; >+ >+#ifdef HAVE_OPAQUE_RSA_DSA_DH >+ RSA_get0_key(session_data->ptrkey->myserverkey, &m_s_n, &m_s_e, &m_s_d); >+ put_bn(m_s_e, &key_to_put); >+ put_bn(m_s_n, &key_to_put); >+#else > put_bn(session_data->ptrkey->myserverkey->e, &key_to_put); > put_bn(session_data->ptrkey->myserverkey->n, &key_to_put); >+#endif > key_to_put+=4; >+ >+#ifdef HAVE_OPAQUE_RSA_DSA_DH >+ RSA_get0_key(session_data->ptrkey->myhostkey, &m_h_n, &m_h_e, &m_h_d); >+ put_bn(m_h_e, &key_to_put); >+ put_bn(m_h_n, &key_to_put); >+#else > put_bn(session_data->ptrkey->myhostkey->e, &key_to_put); > put_bn(session_data->ptrkey->myhostkey->n, &key_to_put); >+#endif > > /* Recalculate SSH crc */ > *(u_int32 *)(PACKET->DATA.data + PACKET->DATA.len - 4) = htonl(CRC_checksum(PACKET->DATA.data+4, PACKET->DATA.len-8, CRC_INIT_ZERO)); >@@ -482,19 +536,34 @@ > key_to_put = ptr; > > /* Calculate real session id and our fake session id */ >+#ifdef HAVE_OPAQUE_RSA_DSA_DH >+ temp_session_id = ssh_session_id(cookie, h_n, s_n); >+#else > temp_session_id = ssh_session_id(cookie, session_data->hostkey->n, session_data->serverkey->n); >+#endif > if (temp_session_id) > memcpy(session_id1, temp_session_id, 16); >+ >+#ifdef HAVE_OPAQUE_RSA_DSA_DH >+ temp_session_id=ssh_session_id(cookie, m_h_n, m_s_n); >+#else > temp_session_id=ssh_session_id(cookie, session_data->ptrkey->myhostkey->n, session_data->ptrkey->myserverkey->n); >+#endif >+ > if (temp_session_id) > memcpy(session_id2, temp_session_id, 16); > > /* Get the session key */ > enckey = BN_new(); >+ > get_bn(enckey, &ptr); > > /* Decrypt session key */ >+#ifdef HAVE_OPAQUE_RSA_DSA_DH >+ if (BN_cmp(m_s_n, m_h_n) > 0) { >+#else > if (BN_cmp(session_data->ptrkey->myserverkey->n, session_data->ptrkey->myhostkey->n) > 0) { >+#endif > rsa_private_decrypt(enckey, enckey, session_data->ptrkey->myserverkey); > rsa_private_decrypt(enckey, enckey, session_data->ptrkey->myhostkey); > } else { >@@ -534,7 +603,11 @@ > BN_add_word(bn, sesskey[i]); > } > >+#ifdef HAVE_OPAQUE_RSA_DSA_DH >+ if (BN_cmp(s_n, h_n) < 0) { >+#else > if (BN_cmp(session_data->serverkey->n, session_data->hostkey->n) < 0) { >+#endif > rsa_public_encrypt(bn, bn, session_data->serverkey); > rsa_public_encrypt(bn, bn, session_data->hostkey); > } else { >@@ -716,7 +789,16 @@ > u_char *inbuf, *outbuf; > int32 len, ilen, olen; > >+#ifdef HAVE_OPAQUE_RSA_DSA_DH >+ BIGNUM *n; >+ BIGNUM *e; >+ BIGNUM *d; >+ RSA_get0_key(key, &n, &e, &d); >+ olen = BN_num_bytes(n); >+#else > olen = BN_num_bytes(key->n); >+#endif >+ > outbuf = malloc(olen); > if (outbuf == NULL) /* oops, couldn't allocate memory */ > return; >@@ -744,7 +826,16 @@ > u_char *inbuf, *outbuf; > int32 len, ilen, olen; > >+#ifdef HAVE_OPAQUE_RSA_DSA_DH >+ BIGNUM *n; >+ BIGNUM *e; >+ BIGNUM *d; >+ RSA_get0_key(key, &n, &e, &d); >+ olen = BN_num_bytes(n); >+#else > olen = BN_num_bytes(key->n); >+#endif >+ > outbuf = malloc(olen); > if (outbuf == NULL) /* oops, couldn't allocate memory */ > return; >Index: ettercap-0.8.2/src/ec_sslwrap.c >=================================================================== >--- ettercap-0.8.2.orig/src/ec_sslwrap.c >+++ ettercap-0.8.2/src/ec_sslwrap.c >@@ -53,6 +53,10 @@ > #define OPENSSL_NO_KRB5 1 > #include <openssl/ssl.h> > >+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) >+#define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */ >+#endif >+ > #define BREAK_ON_ERROR(x,y,z) do { \ > if (x == -E_INVALID) { \ > SAFE_FREE(z.DATA.disp_data); \ >@@ -974,9 +978,19 @@ > index = X509_get_ext_by_NID(server_cert, NID_authority_key_identifier, -1); > if (index >=0) { > ext = X509_get_ext(server_cert, index); >+#ifdef HAVE_OPAQUE_RSA_DSA_DH >+ ASN1_OCTET_STRING* os; >+ os = X509_EXTENSION_get_data (ext); >+#endif > if (ext) { >+#ifdef HAVE_OPAQUE_RSA_DSA_DH >+ os->data[7] = 0xe7; >+ os->data[8] = 0x7e; >+ X509_EXTENSION_set_data (ext, os); >+#else > ext->value->data[7] = 0xe7; > ext->value->data[8] = 0x7e; >+#endif > X509_add_ext(out_cert, ext, -1); > } > }
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 673222
: 557880