pppd: Use openssl for the DES instead of the libcrypt / glibc

It seems the latest glibc (in Fedora glibc-2.27.9000-12.fc29) dropped
libcrypt.  The libxcrypt standalone package can be used instead, but
it dropped the old setkey/encrypt API which ppp uses for DES.  There
is support for using openssl in pppcrypt.c, but it contains typos
preventing it from compiling and seems to be written for an ancient
openssl version.

This updates the code to use current openssl.

[paulus@ozlabs.org - wrote the commit description, fixed comment in
 Makefile.linux.]

Signed-off-by: Jaroslav Škarvada <jskarvad@redhat.com>
Signed-off-by: Paul Mackerras <paulus@ozlabs.org>

diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
index 36d2b036a8c5d228b0ab3cf754efccc5ffa0c9c5..8d5ce99d92202c4326730393c0d9e56d327fbefe 100644 (file)
--- a/pppd/Makefile.linux
+++ b/pppd/Makefile.linux
@@ -35,10 +35,10 @@ endif
 COPTS = -O2 -pipe -Wall -g
 LIBS =
 
 COPTS = -O2 -pipe -Wall -g
 LIBS =
 

-# Uncomment the next 2 lines to include support for Microsoft's
+# Uncomment the next line to include support for Microsoft's

 # MS-CHAP authentication protocol.  Also, edit plugins/radius/Makefile.linux.
 CHAPMS=y
 # MS-CHAP authentication protocol.  Also, edit plugins/radius/Makefile.linux.
 CHAPMS=y

-USE_CRYPT=y
+#USE_CRYPT=y

 # Don't use MSLANMAN unless you really know what you're doing.
 #MSLANMAN=y
 # Uncomment the next line to include support for MPPE.  CHAPMS (above) must
 # Don't use MSLANMAN unless you really know what you're doing.
 #MSLANMAN=y
 # Uncomment the next line to include support for MPPE.  CHAPMS (above) must


@@ -137,7 +137,8 @@ endif
 
 ifdef NEEDDES
 ifndef USE_CRYPT
 
 ifdef NEEDDES
 ifndef USE_CRYPT

-LIBS     += -ldes $(LIBS)
+CFLAGS   += -I/usr/include/openssl
+LIBS     += -lcrypto

 else
 CFLAGS   += -DUSE_CRYPT=1
 endif
 else
 CFLAGS   += -DUSE_CRYPT=1
 endif

diff --git a/pppd/pppcrypt.c b/pppd/pppcrypt.c
index 8b85b13276ab30fd51a9ab7ad5352f605453acdb..6b35375edc5e4b1a02485c9630140b32b7de52b7 100644 (file)
--- a/pppd/pppcrypt.c
+++ b/pppd/pppcrypt.c
@@ -64,7 +64,7 @@ u_char *des_key;      /* OUT 64 bit DES key with parity bits added */
        des_key[7] = Get7Bits(key, 49);
 
 #ifndef USE_CRYPT
        des_key[7] = Get7Bits(key, 49);
 
 #ifndef USE_CRYPT

-       des_set_odd_parity((des_cblock *)des_key);
+       DES_set_odd_parity((DES_cblock *)des_key);

 #endif
 }
 
 #endif
 }
 


@@ -158,25 +158,25 @@ u_char *clear;    /* OUT 8 octets */
 }
 
 #else /* USE_CRYPT */
 }
 
 #else /* USE_CRYPT */

-static des_key_schedule        key_schedule;
+static DES_key_schedule        key_schedule;

 
 bool
 DesSetkey(key)
 u_char *key;
 {
 
 bool
 DesSetkey(key)
 u_char *key;
 {

-       des_cblock des_key;
+       DES_cblock des_key;

        MakeKey(key, des_key);
        MakeKey(key, des_key);

-       des_set_key(&des_key, key_schedule);
+       DES_set_key(&des_key, &key_schedule);

        return (1);
 }
 
 bool
        return (1);
 }
 
 bool

-DesEncrypt(clear, key, cipher)
+DesEncrypt(clear, cipher)

 u_char *clear; /* IN  8 octets */
 u_char *cipher;        /* OUT 8 octets */
 {
 u_char *clear; /* IN  8 octets */
 u_char *cipher;        /* OUT 8 octets */
 {

-       des_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher,
-           key_schedule, 1);
+       DES_ecb_encrypt((DES_cblock *)clear, (DES_cblock *)cipher,
+           &key_schedule, 1);

        return (1);
 }
 
        return (1);
 }
 


@@ -185,8 +185,8 @@ DesDecrypt(cipher, clear)
 u_char *cipher;        /* IN  8 octets */
 u_char *clear; /* OUT 8 octets */
 {
 u_char *cipher;        /* IN  8 octets */
 u_char *clear; /* OUT 8 octets */
 {

-       des_ecb_encrypt((des_cblock *)cipher, (des_cblock *)clear,
-           key_schedule, 0);
+       DES_ecb_encrypt((DES_cblock *)cipher, (DES_cblock *)clear,
+           &key_schedule, 0);

        return (1);
 }
 
        return (1);
 }