[bitlbee] Add two missing patches
Matej Cepl
mcepl at fedoraproject.org
Sun Nov 21 21:50:11 UTC 2010
commit b00e2c3f9e99fc6eab0f739c5053ca9fc6cc04e1
Author: Matěj Cepl <mcepl at redhat.com>
Date: Fri Nov 19 01:10:40 2010 +0100
Add two missing patches
bitlbee-3.0-configure-eclipse.patch | 16 +++
bitlbee-3.0-nss.patch | 179 +++++++++++++++++++++++++++++++++++
2 files changed, 195 insertions(+), 0 deletions(-)
---
diff --git a/bitlbee-3.0-configure-eclipse.patch b/bitlbee-3.0-configure-eclipse.patch
new file mode 100644
index 0000000..a00f088
--- /dev/null
+++ b/bitlbee-3.0-configure-eclipse.patch
@@ -0,0 +1,16 @@
+diff --git a/configure b/configure
+index be06d6a..8976adc 100755
+--- a/configure
++++ b/configure
+@@ -128,8 +128,9 @@ LFLAGS=
+ EFLAGS=
+ EOF
+
+-srcdir="$(dirname $0)"
+-if [ "$srcdir" != "." ]; then
++srcdir="$(readlink -f $(dirname $0))"
++curdir="$(readlink -f $(pwd))"
++if [ "$srcdir" != "$curdir" ]; then
+ echo
+ echo "configure script run from a different directory. Will create some symlinks..."
+ if [ ! -e Makefile -o -L Makefile ]; then
diff --git a/bitlbee-3.0-nss.patch b/bitlbee-3.0-nss.patch
new file mode 100644
index 0000000..36abcef
--- /dev/null
+++ b/bitlbee-3.0-nss.patch
@@ -0,0 +1,179 @@
+diff --git a/configure b/configure
+index ff68da8..be06d6a 100755
+--- a/configure
++++ b/configure
+@@ -288,10 +288,10 @@ EOF
+
+ detect_nss()
+ {
+- if $PKG_CONFIG --version > /dev/null 2>/dev/null && $PKG_CONFIG mozilla-nss; then
++ if $PKG_CONFIG --version > /dev/null 2>/dev/null && $PKG_CONFIG nss; then
+ cat<<EOF>>Makefile.settings
+-EFLAGS+=`$PKG_CONFIG --libs mozilla-nss`
+-CFLAGS+=`$PKG_CONFIG --cflags mozilla-nss`
++EFLAGS+=`$PKG_CONFIG --libs nss`
++CFLAGS+=`$PKG_CONFIG --cflags nss`
+ EOF
+
+ ssl=nss
+@@ -426,7 +426,7 @@ if [ "$ret" = "0" ]; then
+ exit 1
+ fi;
+
+-if [ "$msn" = "1" -a "$ssl" != "openssl" -a "$ssl" != "gnutls" ]; then
++if [ "$msn" = "1" -a "$ssl" != "openssl" -a "$ssl" != "nss" -a "$ssl" != "gnutls" ]; then
+ # Needed for MSN only. OpenSSL exports nice cipher functions already,
+ # in case of GnuTLS we should be able to use gcrypt. Otherwise, use
+ # built-in stuff. (Since right now those are the only two supported
+diff --git a/lib/ssl_nss.c b/lib/ssl_nss.c
+index b0e2f9f..63a47f5 100644
+--- a/lib/ssl_nss.c
++++ b/lib/ssl_nss.c
+@@ -33,8 +33,10 @@
+ #include <prio.h>
+ #include <sslproto.h>
+ #include <nss.h>
++#include <pk11pub.h>
+ #include <private/pprio.h>
+ #include <ssl.h>
++#include <seccomon.h>
+ #include <secerr.h>
+ #include <sslerr.h>
+
+@@ -52,6 +54,7 @@ struct scd
+ };
+
+ static gboolean ssl_connected( gpointer data, gint source, b_input_condition cond );
++static gboolean ssl_starttls_real( gpointer data, gint source, b_input_condition cond );
+
+
+ static SECStatus nss_auth_cert (void *arg, PRFileDesc *socket, PRBool checksig, PRBool isserver)
+@@ -121,6 +124,35 @@ void *ssl_connect( char *host, int port, ssl_input_function func, gpointer data
+ return( conn );
+ }
+
++static gboolean ssl_starttls_real( gpointer data, gint source, b_input_condition cond )
++{
++ struct scd *conn = data;
++
++ return ssl_connected( conn, conn->fd, B_EV_IO_WRITE );
++}
++
++void *ssl_starttls( int fd, ssl_input_function func, gpointer data )
++{
++ struct scd *conn = g_new0( struct scd, 1 );
++
++ conn->fd = fd;
++ conn->func = func;
++ conn->data = data;
++
++ /* This function should be called via a (short) timeout instead of
++ directly from here, because these SSL calls are *supposed* to be
++ *completely* asynchronous and not ready yet when this function
++ (or *_connect, for examle) returns. Also, errors are reported via
++ the callback function, not via this function's return value.
++
++ In short, doing things like this makes the rest of the code a lot
++ simpler. */
++
++ b_timeout_add( 1, ssl_starttls_real, conn );
++
++ return conn;
++}
++
+ static gboolean ssl_connected( gpointer data, gint source, b_input_condition cond )
+ {
+ struct scd *conn = data;
+@@ -200,3 +232,92 @@ b_input_condition ssl_getdirection( void *conn )
+ /* Just in case someone calls us, let's return the most likely case: */
+ return B_EV_IO_READ;
+ }
++
++size_t ssl_des3_encrypt(const unsigned char *key, size_t key_len,
++ const unsigned char *input, size_t input_len, const unsigned char *iv,
++ unsigned char **res)
++{
++ int output_length = 0;
++
++ CK_MECHANISM_TYPE cipherMech;
++ PK11SlotInfo* slot = NULL;
++ PK11SymKey* SymKey = NULL;
++ SECItem* SecParam = NULL;
++ PK11Context* EncContext = NULL;
++ SECItem keyItem, ivItem;
++ SECStatus rv1, rv2;
++ int tmp1_outlen, tmp2_outlen;
++
++ if (!initialized)
++ {
++ ssl_init();
++ }
++
++ *res = g_new0(unsigned char, 1024);
++
++ cipherMech = CKM_DES3_CBC_PAD;
++ slot = PK11_GetBestSlot(cipherMech, NULL);
++
++ if (slot == NULL)
++ {
++ fprintf(stderr, "Unable to find security device (err %d)\n",
++ PR_GetError());
++ goto out;
++ }
++
++ // Converts "raw key" into a key object.
++ keyItem.type = siBuffer;
++ keyItem.data = (unsigned char*)key;
++ keyItem.len = key_len;
++
++ SymKey = PK11_ImportSymKey(slot, cipherMech, PK11_OriginUnwrap, CKA_ENCRYPT,
++ &keyItem, NULL);
++
++ if (SymKey == NULL)
++ {
++ fprintf(stderr, "Failure to import key into NSS (err %d)\n",
++ PR_GetError());
++ goto out;
++ }
++
++ /* set up the PKCS11 encryption paramters.
++ * when not using CBC mode, ivItem.data and ivItem.len can be 0, or you
++ * can simply pass NULL for the iv parameter in PK11_ParamFromIV func
++ */
++ ivItem.type = siBuffer;
++ ivItem.data = iv;
++ ivItem.len = strlen(iv); // ??? Is it right? FIXME
++ SecParam = PK11_ParamFromIV(cipherMech, &ivItem);
++ if (SecParam == NULL)
++ {
++ fprintf(stderr, "Failure to set up PKCS11 param (err %d)\n",
++ PR_GetError());
++ goto out;
++ }
++
++ /* ========================= START SECTION ============================= */
++ /* If using the the same key and iv over and over, stuff before this */
++ /* section and after this section needs to be done only ONCE */
++ /* ENCRYPT data into buf1. buf1 len must be atleast (data len + 8) */
++ tmp1_outlen = tmp2_outlen = 0;
++
++ /* Create cipher context */
++ EncContext = PK11_CreateContextBySymKey(cipherMech, CKA_ENCRYPT,
++ SymKey, SecParam);
++ rv1 = PK11_CipherOp(EncContext, res, &tmp1_outlen, sizeof(res),
++ input, input_len+1);
++ rv2 = PK11_DigestFinal(EncContext, res+tmp1_outlen, &tmp2_outlen,
++ sizeof(res)-tmp1_outlen);
++ PK11_DestroyContext(EncContext, PR_TRUE);
++ output_length = tmp1_outlen + tmp2_outlen;
++ if (rv1 != SECSuccess || rv2 != SECSuccess)
++ goto out;
++
++ return output_length;
++
++ out:
++ if (SymKey)
++ PK11_FreeSymKey(SymKey);
++ if (SecParam)
++ SECITEM_FreeItem(SecParam, PR_TRUE);
++}
More information about the scm-commits
mailing list