Attachment #199442 for bug #233633




typedef PK11Context *des_context[1];
#define DES_ENCRYPT CKA_ENCRYPT

#elif defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
#	include <gcrypt.h>
static int gcrypt_init = 0;

typedef const void* des_key;
typedef unsigned char des_cblock[8];
typedef des_cblock des_data_block;
typedef int des_key_schedule; /* unused */
typedef des_key_schedule des_context; /* unused */
#define des_failed(encrypted) 0
#define des_finish(key, schedule) 

#define des_set_key_unchecked( key, key_sched ) \
  gcry_cipher_setkey( hd, key, 8 )

#define des_ecb_encrypt( input, output, key_sched, enc ) \
  gcry_cipher_encrypt( hd, *output, 8, *input, 8 )

#define des_set_odd_parity( key ) do {} while(0)

#endif

#endif /* SLAPD_LMHASH */


#ifdef SLAPD_LMHASH

#if defined(HAVE_OPENSSL) || defined(HAVE_GNUTLS_GNUTLS_H)

/*
 * abstract away setting the parity.

	des_data_block StdText = "KGS!@#$%";
	des_data_block PasswordHash1, PasswordHash2;
	char PasswordHash[33], storedPasswordHash[33];

#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
	gcry_cipher_hd_t hd;

	if ( !gcrypt_init ) {
	  gcry_check_version( GCRYPT_VERSION );
	  gcrypt_init = 1;
	}

	schedule = schedule; /* unused - avoid warning */

	gcry_cipher_open( &hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0 );
#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
	
	for( i=0; i<cred->bv_len; i++) {
		if(cred->bv_val[i] == '\0') {

	strncpy( storedPasswordHash, passwd->bv_val, 32 );
	storedPasswordHash[32] = '\0';
	ldap_pvt_str2lower( storedPasswordHash );

#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
	gcry_cipher_close( hd );
#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
	
	return memcmp( PasswordHash, storedPasswordHash, 32) ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;
}

	des_data_block PasswordHash1, PasswordHash2;
	char PasswordHash[33];
	
#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
	gcry_cipher_hd_t hd;

	if ( !gcrypt_init ) {
	  gcry_check_version( GCRYPT_VERSION );
	  gcrypt_init = 1;
	}

	schedule = schedule; /* unused - avoid warning */

	gcry_cipher_open( &hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0 );
#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */

	for( i=0; i<passwd->bv_len; i++) {
		if(passwd->bv_val[i] == '\0') {
			return LUTIL_PASSWD_ERR;	/* NUL character in password */

	
	hash->bv_val = PasswordHash;
	hash->bv_len = 32;

#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
	gcry_cipher_close( hd );
#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
	
	return pw_string( scheme, hash );
}

Return to bug 233633

Lines 51-56 typedef unsigned char des_data_block[8]; Link Here

(-)openldap-2.4.17.orig/libraries/liblutil/passwd.c (-1 / +55 lines)
51	typedef PK11Context *des_context[1];	51	typedef PK11Context *des_context[1];
52	#define DES_ENCRYPT CKA_ENCRYPT	52	#define DES_ENCRYPT CKA_ENCRYPT
53		53
		54	#elif defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
		55	# include <gcrypt.h>
		56	static int gcrypt_init = 0;
		57
		58	typedef const void* des_key;
		59	typedef unsigned char des_cblock[8];
		60	typedef des_cblock des_data_block;
		61	typedef int des_key_schedule; /* unused */
		62	typedef des_key_schedule des_context; /* unused */
		63	#define des_failed(encrypted) 0
		64	#define des_finish(key, schedule)
		65
		66	#define des_set_key_unchecked( key, key_sched ) \
		67	gcry_cipher_setkey( hd, key, 8 )
		68
		69	#define des_ecb_encrypt( input, output, key_sched, enc ) \
		70	gcry_cipher_encrypt( hd, output, 8, input, 8 )
		71
		72	#define des_set_odd_parity( key ) do {} while(0)
		73
54	#endif	74	#endif
55		75
56	#endif /* SLAPD_LMHASH */	76	#endif /* SLAPD_LMHASH */
Lines 651-657 static int chk_md5( Link Here
651		671
652	#ifdef SLAPD_LMHASH	672	#ifdef SLAPD_LMHASH
653		673
654	#if defined(HAVE_OPENSSL)	674	#if defined(HAVE_OPENSSL) \|\| defined(HAVE_GNUTLS_GNUTLS_H)
655		675
656	/*	676	/*
657	* abstract away setting the parity.	677	* abstract away setting the parity.
Lines 841-846 static int chk_lanman( Link Here
841	des_data_block StdText = "KGS!@#$%";	861	des_data_block StdText = "KGS!@#$%";
842	des_data_block PasswordHash1, PasswordHash2;	862	des_data_block PasswordHash1, PasswordHash2;
843	char PasswordHash[33], storedPasswordHash[33];	863	char PasswordHash[33], storedPasswordHash[33];
		864
		865	#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
		866	gcry_cipher_hd_t hd;
		867
		868	if ( !gcrypt_init ) {
		869	gcry_check_version( GCRYPT_VERSION );
		870	gcrypt_init = 1;
		871	}
		872
		873	schedule = schedule; /* unused - avoid warning */
		874
		875	gcry_cipher_open( &hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0 );
		876	#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
844		877
845	for( i=0; i<cred->bv_len; i++) {	878	for( i=0; i<cred->bv_len; i++) {
846	if(cred->bv_val[i] == '\0') {	879	if(cred->bv_val[i] == '\0') {
Lines 883-888 static int chk_lanman( Link Here
883	strncpy( storedPasswordHash, passwd->bv_val, 32 );	916	strncpy( storedPasswordHash, passwd->bv_val, 32 );
884	storedPasswordHash[32] = '\0';	917	storedPasswordHash[32] = '\0';
885	ldap_pvt_str2lower( storedPasswordHash );	918	ldap_pvt_str2lower( storedPasswordHash );
		919
		920	#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
		921	gcry_cipher_close( hd );
		922	#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
886		923
887	return memcmp( PasswordHash, storedPasswordHash, 32) ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;	924	return memcmp( PasswordHash, storedPasswordHash, 32) ? LUTIL_PASSWD_ERR : LUTIL_PASSWD_OK;
888	}	925	}
Lines 1138-1143 static int hash_lanman( Link Here
1138	des_data_block PasswordHash1, PasswordHash2;	1175	des_data_block PasswordHash1, PasswordHash2;
1139	char PasswordHash[33];	1176	char PasswordHash[33];
1140		1177
		1178	#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
		1179	gcry_cipher_hd_t hd;
		1180
		1181	if ( !gcrypt_init ) {
		1182	gcry_check_version( GCRYPT_VERSION );
		1183	gcrypt_init = 1;
		1184	}
		1185
		1186	schedule = schedule; /* unused - avoid warning */
		1187
		1188	gcry_cipher_open( &hd, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0 );
		1189	#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
		1190
1141	for( i=0; i<passwd->bv_len; i++) {	1191	for( i=0; i<passwd->bv_len; i++) {
1142	if(passwd->bv_val[i] == '\0') {	1192	if(passwd->bv_val[i] == '\0') {
1143	return LUTIL_PASSWD_ERR; /* NUL character in password */	1193	return LUTIL_PASSWD_ERR; /* NUL character in password */
Lines 1168-1173 static int hash_lanman( Link Here
1168		1218
1169	hash->bv_val = PasswordHash;	1219	hash->bv_val = PasswordHash;
1170	hash->bv_len = 32;	1220	hash->bv_len = 32;
		1221
		1222	#if defined(HAVE_GNUTLS_GNUTLS_H) && !defined(DES_ENCRYPT)
		1223	gcry_cipher_close( hd );
		1224	#endif /* HAVE_GNUTLS_GNUTLS_H && !DES_ENCRYPT */
1171		1225
1172	return pw_string( scheme, hash );	1226	return pw_string( scheme, hash );
1173	}	1227	}