0006-Disable-DES-authentification-support.patch 4.39 KB
edit raw blame history



1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148


From 79975eb4104667be85abd06874c258438826b674 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Krause?= <joerg.krause@embedded.rocks>
Date: Fri, 24 Jul 2015 14:45:52 +0200
Subject: [PATCH] Disable DES authentification support
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

uClibc and musl does not provide DES authentication.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
[peda@axentia.se: update for 1.0.1]
Signed-off-by: Peter Rosin <peda@axentia.se>
---
 src/Makefile.am |  2 +-
 src/rpc_soc.c   | 32 --------------------------------
 2 files changed, 1 insertion(+), 33 deletions(-)

diff --git a/src/Makefile.am b/src/Makefile.am
index 960a522..3a88e31 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -22,9 +22,8 @@ libtirpc_la_SOURCES = auth_none.c auth_unix.c authunix_prot.c bindresvport.c cln
         pmap_prot.c pmap_prot2.c pmap_rmt.c rpc_prot.c rpc_commondata.c \
         rpc_callmsg.c rpc_generic.c rpc_soc.c rpcb_clnt.c rpcb_prot.c \
         rpcb_st_xdr.c svc.c svc_auth.c svc_dg.c svc_auth_unix.c svc_auth_none.c \
-	svc_auth_des.c \
         svc_generic.c svc_raw.c svc_run.c svc_simple.c svc_vc.c getpeereid.c \
-        auth_des.c authdes_prot.c debug.c
+        debug.c
 
 ## XDR
 libtirpc_la_SOURCES += xdr.c xdr_rec.c xdr_array.c xdr_float.c xdr_mem.c xdr_reference.c xdr_stdio.c xdr_sizeof.c
diff --git a/src/svc_auth.c b/src/svc_auth.c
--- a/src/svc_auth.c
+++ b/src/svc_auth.c
@@ -114,9 +114,6 @@ _gss_authenticate(rqst, msg, no_dispatch)
 	case AUTH_SHORT:
 		dummy = _svcauth_short(rqst, msg);
 		return (dummy);
-	case AUTH_DES:
-		dummy = _svcauth_des(rqst, msg);
-		return (dummy);
 #ifdef HAVE_RPCSEC_GSS
 	case RPCSEC_GSS:
 		dummy = _svcauth_gss(rqst, msg, no_dispatch);
diff --git a/src/rpc_soc.c b/src/rpc_soc.c
index e146ed4..161a1ec 100644
--- a/src/rpc_soc.c
+++ b/src/rpc_soc.c
@@ -61,7 +61,6 @@ #ifdef PORTMAP
 #include <string.h>
 #include <unistd.h>
 #include <fcntl.h>
-#include <rpcsvc/nis.h>
 
 #include "rpc_com.h"
 
@@ -522,86 +521,6 @@ clnt_broadcast(prog, vers, proc, xargs, argsp, xresults, resultsp, eachresult)
 }
 
 /*
- * Create the client des authentication object. Obsoleted by
- * authdes_seccreate().
- */
-AUTH *
-authdes_create(servername, window, syncaddr, ckey)
-	char *servername;		/* network name of server */
-	u_int window;			/* time to live */
-	struct sockaddr *syncaddr;	/* optional hostaddr to sync with */
-	des_block *ckey;		/* optional conversation key to use */
-{
-	AUTH *nauth;
-	char hostname[NI_MAXHOST];
-
-	if (syncaddr) {
-		/*
-		 * Change addr to hostname, because that is the way
-		 * new interface takes it.
-		 */
-	        switch (syncaddr->sa_family) {
-		case AF_INET:
-		  if (getnameinfo(syncaddr, sizeof(struct sockaddr_in), hostname,
-				  sizeof hostname, NULL, 0, 0) != 0)
-		    goto fallback;
-		  break;
-		case AF_INET6:
-		  if (getnameinfo(syncaddr, sizeof(struct sockaddr_in6), hostname,
-				  sizeof hostname, NULL, 0, 0) != 0)
-		    goto fallback;
-		  break;
-		default:
-		  goto fallback;
-		}
-		nauth = authdes_seccreate(servername, window, hostname, ckey);
-		return (nauth);
-	}
-fallback:
-	return authdes_seccreate(servername, window, NULL, ckey);
-}
-
-/*
- * Create the client des authentication object. Obsoleted by
- * authdes_pk_seccreate().
- */
-extern AUTH *authdes_pk_seccreate(const char *, netobj *, u_int, const char *,
-        const des_block *, nis_server *);
-
-AUTH *
-authdes_pk_create(servername, pkey, window, syncaddr, ckey)
-	char *servername;		/* network name of server */
-	netobj *pkey;			/* public key */
-	u_int window;			/* time to live */
-	struct sockaddr *syncaddr;	/* optional hostaddr to sync with */
-	des_block *ckey;		/* optional conversation key to use */
-{
-	AUTH *nauth;
-	char hostname[NI_MAXHOST];
-
-	if (syncaddr) {
-		/*
-		 * Change addr to hostname, because that is the way
-		 * new interface takes it.
-		 */
-	        switch (syncaddr->sa_family) {
-		case AF_INET:
-		  if (getnameinfo(syncaddr, sizeof(struct sockaddr_in), hostname,
-				  sizeof hostname, NULL, 0, 0) != 0)
-		    goto fallback;
-		  break;
-		default:
-		  goto fallback;
-		}
-		nauth = authdes_pk_seccreate(servername, pkey, window, hostname, ckey, NULL);
-		return (nauth);
-	}
-fallback:
-	return authdes_pk_seccreate(servername, pkey, window, NULL, ckey, NULL);
-}
-
-
-/*
  * Create a client handle for a unix connection. Obsoleted by clnt_vc_create()
  */
 CLIENT *
-- 
2.4.6