[bitlbee] Add two missing patches

Matej Cepl mcepl at fedoraproject.org
Sun Nov 21 21:50:11 UTC 2010 

commit b00e2c3f9e99fc6eab0f739c5053ca9fc6cc04e1
Author: Matěj Cepl <mcepl at redhat.com>
Date:   Fri Nov 19 01:10:40 2010 +0100

    Add two missing patches

 bitlbee-3.0-configure-eclipse.patch |   16 +++
 bitlbee-3.0-nss.patch               |  179 +++++++++++++++++++++++++++++++++++
 2 files changed, 195 insertions(+), 0 deletions(-)
---
diff --git a/bitlbee-3.0-configure-eclipse.patch b/bitlbee-3.0-configure-eclipse.patch
new file mode 100644
index 0000000..a00f088
--- /dev/null
+++ b/bitlbee-3.0-configure-eclipse.patch
@@ -0,0 +1,16 @@
+diff --git a/configure b/configure
+index be06d6a..8976adc 100755
+--- a/configure
++++ b/configure
+@@ -128,8 +128,9 @@ LFLAGS=
+ EFLAGS=
+ EOF
+ 
+-srcdir="$(dirname $0)"
+-if [ "$srcdir" != "." ]; then
++srcdir="$(readlink -f $(dirname $0))"
++curdir="$(readlink -f $(pwd))"
++if [ "$srcdir" != "$curdir" ]; then
+ 	echo
+ 	echo "configure script run from a different directory. Will create some symlinks..."
+ 	if [ ! -e Makefile -o -L Makefile ]; then
diff --git a/bitlbee-3.0-nss.patch b/bitlbee-3.0-nss.patch
new file mode 100644
index 0000000..36abcef
--- /dev/null
+++ b/bitlbee-3.0-nss.patch
@@ -0,0 +1,179 @@
+diff --git a/configure b/configure
+index ff68da8..be06d6a 100755
+--- a/configure
++++ b/configure
+@@ -288,10 +288,10 @@ EOF
+ 
+ detect_nss()
+ {
+-	if $PKG_CONFIG --version > /dev/null 2>/dev/null && $PKG_CONFIG mozilla-nss; then
++	if $PKG_CONFIG --version > /dev/null 2>/dev/null && $PKG_CONFIG nss; then
+ 		cat<<EOF>>Makefile.settings
+-EFLAGS+=`$PKG_CONFIG --libs mozilla-nss`
+-CFLAGS+=`$PKG_CONFIG --cflags mozilla-nss`
++EFLAGS+=`$PKG_CONFIG --libs nss`
++CFLAGS+=`$PKG_CONFIG --cflags nss`
+ EOF
+ 		
+ 		ssl=nss
+@@ -426,7 +426,7 @@ if [ "$ret" = "0" ]; then
+ 	exit 1
+ fi;
+ 
+-if [ "$msn" = "1" -a "$ssl" != "openssl" -a "$ssl" != "gnutls" ]; then
++if [ "$msn" = "1" -a "$ssl" != "openssl" -a "$ssl" != "nss" -a "$ssl" != "gnutls" ]; then
+ 	# Needed for MSN only. OpenSSL exports nice cipher functions already,
+ 	# in case of GnuTLS we should be able to use gcrypt. Otherwise, use
+ 	# built-in stuff. (Since right now those are the only two supported
+diff --git a/lib/ssl_nss.c b/lib/ssl_nss.c
+index b0e2f9f..63a47f5 100644
+--- a/lib/ssl_nss.c
++++ b/lib/ssl_nss.c
+@@ -33,8 +33,10 @@
+ #include <prio.h>
+ #include <sslproto.h>
+ #include <nss.h>
++#include <pk11pub.h>
+ #include <private/pprio.h>
+ #include <ssl.h>
++#include <seccomon.h>
+ #include <secerr.h>
+ #include <sslerr.h>
+ 
+@@ -52,6 +54,7 @@ struct scd
+ };
+ 
+ static gboolean ssl_connected( gpointer data, gint source, b_input_condition cond );
++static gboolean ssl_starttls_real( gpointer data, gint source, b_input_condition cond );
+ 
+ 
+ static SECStatus nss_auth_cert (void *arg, PRFileDesc *socket, PRBool checksig, PRBool isserver)
+@@ -121,6 +124,35 @@ void *ssl_connect( char *host, int port, ssl_input_function func, gpointer data
+ 	return( conn );
+ }
+ 
++static gboolean ssl_starttls_real( gpointer data, gint source, b_input_condition cond )
++{
++	struct scd *conn = data;
++
++	return ssl_connected( conn, conn->fd, B_EV_IO_WRITE );
++}
++
++void *ssl_starttls( int fd, ssl_input_function func, gpointer data )
++{
++	struct scd *conn = g_new0( struct scd, 1 );
++
++	conn->fd = fd;
++	conn->func = func;
++	conn->data = data;
++
++	/* This function should be called via a (short) timeout instead of
++	   directly from here, because these SSL calls are *supposed* to be
++	   *completely* asynchronous and not ready yet when this function
++	   (or *_connect, for examle) returns. Also, errors are reported via
++	   the callback function, not via this function's return value.
++
++	   In short, doing things like this makes the rest of the code a lot
++	   simpler. */
++
++	b_timeout_add( 1, ssl_starttls_real, conn );
++
++	return conn;
++}
++
+ static gboolean ssl_connected( gpointer data, gint source, b_input_condition cond )
+ {
+ 	struct scd *conn = data;
+@@ -200,3 +232,92 @@ b_input_condition ssl_getdirection( void *conn )
+ 	/* Just in case someone calls us, let's return the most likely case: */
+ 	return B_EV_IO_READ;
+ }
++
++size_t ssl_des3_encrypt(const unsigned char *key, size_t key_len,
++    const unsigned char *input, size_t input_len, const unsigned char *iv,
++    unsigned char **res)
++{
++  int output_length = 0;
++
++  CK_MECHANISM_TYPE cipherMech;
++  PK11SlotInfo* slot = NULL;
++  PK11SymKey* SymKey = NULL;
++  SECItem* SecParam = NULL;
++  PK11Context* EncContext = NULL;
++  SECItem keyItem, ivItem;
++  SECStatus rv1, rv2;
++  int tmp1_outlen, tmp2_outlen;
++
++  if (!initialized)
++    {
++      ssl_init();
++    }
++
++  *res = g_new0(unsigned char, 1024);
++
++  cipherMech = CKM_DES3_CBC_PAD;
++  slot = PK11_GetBestSlot(cipherMech, NULL);
++
++  if (slot == NULL)
++    {
++      fprintf(stderr, "Unable to find security device (err %d)\n",
++          PR_GetError());
++      goto out;
++    }
++
++  // Converts "raw key" into a key object.
++  keyItem.type = siBuffer;
++  keyItem.data = (unsigned char*)key;
++  keyItem.len = key_len;
++
++  SymKey = PK11_ImportSymKey(slot, cipherMech, PK11_OriginUnwrap, CKA_ENCRYPT,
++                             &keyItem, NULL);
++
++  if (SymKey == NULL)
++  {
++    fprintf(stderr, "Failure to import key into NSS (err %d)\n",
++            PR_GetError());
++    goto out;
++  }
++
++  /* set up the PKCS11 encryption paramters.
++   * when not using CBC mode, ivItem.data and ivItem.len can be 0, or you
++   * can simply pass NULL for the iv parameter in PK11_ParamFromIV func
++   */
++  ivItem.type = siBuffer;
++  ivItem.data = iv;
++  ivItem.len = strlen(iv); // ??? Is it right? FIXME
++  SecParam = PK11_ParamFromIV(cipherMech, &ivItem);
++  if (SecParam == NULL)
++  {
++    fprintf(stderr, "Failure to set up PKCS11 param (err %d)\n",
++            PR_GetError());
++    goto out;
++  }
++
++  /* ========================= START SECTION ============================= */
++  /* If using the the same key and iv over and over, stuff before this     */
++  /* section and after this section needs to be done only ONCE             */
++  /* ENCRYPT data into buf1. buf1 len must be atleast (data len + 8) */
++  tmp1_outlen = tmp2_outlen = 0;
++
++  /* Create cipher context */
++  EncContext = PK11_CreateContextBySymKey(cipherMech, CKA_ENCRYPT,
++                                          SymKey, SecParam);
++  rv1 = PK11_CipherOp(EncContext, res, &tmp1_outlen, sizeof(res),
++                      input, input_len+1);
++  rv2 = PK11_DigestFinal(EncContext, res+tmp1_outlen, &tmp2_outlen,
++                         sizeof(res)-tmp1_outlen);
++  PK11_DestroyContext(EncContext, PR_TRUE);
++  output_length = tmp1_outlen + tmp2_outlen;
++  if (rv1 != SECSuccess || rv2 != SECSuccess)
++    goto out;
++
++  return output_length;
++
++  out:
++    if (SymKey)
++      PK11_FreeSymKey(SymKey);
++    if (SecParam)
++      SECITEM_FreeItem(SecParam, PR_TRUE);
++}

More information about the scm-commits mailing list