From owner-svn-ports-head@freebsd.org  Thu Mar  7 12:03:21 2019
Return-Path: <owner-svn-ports-head@freebsd.org>
Delivered-To: svn-ports-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 465D0152C534;
 Thu,  7 Mar 2019 12:03:21 +0000 (UTC)
 (envelope-from danfe@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id DFC7A80F5C;
 Thu,  7 Mar 2019 12:03:20 +0000 (UTC)
 (envelope-from danfe@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id D4B081B6C5;
 Thu,  7 Mar 2019 12:03:20 +0000 (UTC)
 (envelope-from danfe@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x27C3K6E075058;
 Thu, 7 Mar 2019 12:03:20 GMT (envelope-from danfe@FreeBSD.org)
Received: (from danfe@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id x27C3K2h075057;
 Thu, 7 Mar 2019 12:03:20 GMT (envelope-from danfe@FreeBSD.org)
Message-Id: <201903071203.x27C3K2h075057@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: danfe set sender to
 danfe@FreeBSD.org using -f
From: Alexey Dokuchaev <danfe@FreeBSD.org>
Date: Thu, 7 Mar 2019 12:03:20 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r494925 - head/security/john/files
X-SVN-Group: ports-head
X-SVN-Commit-Author: danfe
X-SVN-Commit-Paths: head/security/john/files
X-SVN-Commit-Revision: 494925
X-SVN-Commit-Repository: ports
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: DFC7A80F5C
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org
X-Spamd-Result: default: False [-2.96 / 15.00];
 local_wl_from(0.00)[FreeBSD.org];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000,0];
 NEURAL_HAM_SHORT(-0.97)[-0.965,0];
 NEURAL_HAM_LONG(-1.00)[-1.000,0];
 ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]
X-BeenThere: svn-ports-head@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the ports tree for head
 <svn-ports-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-head>, 
 <mailto:svn-ports-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-head/>
List-Post: <mailto:svn-ports-head@freebsd.org>
List-Help: <mailto:svn-ports-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Mar 2019 12:03:21 -0000

Author: danfe
Date: Thu Mar  7 12:03:20 2019
New Revision: 494925
URL: https://svnweb.freebsd.org/changeset/ports/494925

Log:
  - Replace OpenSSL HMAC-SHA1 code with JtR code
  - Fix the build against newer OpenSSL versions
  
  Obtained from:	https://github.com/magnumripper/JohnTheRipper/commit/9a5c84c
  		https://github.com/magnumripper/JohnTheRipper/commit/aaeff8b

Added:
  head/security/john/files/patch-encfs__fmt__plug.c   (contents, props changed)

Added: head/security/john/files/patch-encfs__fmt__plug.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/john/files/patch-encfs__fmt__plug.c	Thu Mar  7 12:03:20 2019	(r494925)
@@ -0,0 +1,113 @@
+--- encfs_fmt_plug.c.orig	2014-11-11 14:41:25 UTC
++++ encfs_fmt_plug.c
+@@ -90,25 +90,16 @@ static struct fmt_tests encfs_tests[] = {
+ static void setIVec( unsigned char *ivec, uint64_t seed,
+         unsigned char *key)
+ {
+-	unsigned char md[EVP_MAX_MD_SIZE];
+-	unsigned int mdLen = EVP_MAX_MD_SIZE;
++	unsigned char iv_and_seed[MAX_IVLENGTH+8];
+ 	int i;
+-	HMAC_CTX mac_ctx;
+ 
+-	memcpy( ivec, &key[cur_salt->keySize], cur_salt->ivLength );
++	// combine ivec and seed with HMAC
++	memcpy(iv_and_seed, &key[cur_salt->keySize], cur_salt->ivLength);
+ 	for(i=0; i<8; ++i) {
+-		md[i] = (unsigned char)(seed & 0xff);
++		iv_and_seed[i+cur_salt->ivLength] = (unsigned char)(seed & 0xff);
+ 		seed >>= 8;
+ 	}
+-	// combine ivec and seed with HMAC
+-	HMAC_CTX_init(&mac_ctx);
+-	HMAC_Init_ex( &mac_ctx, key, cur_salt->keySize, EVP_sha1(), 0 );
+-	HMAC_Init_ex( &mac_ctx, 0, 0, 0, 0 );
+-	HMAC_Update( &mac_ctx, ivec, cur_salt->ivLength );
+-	HMAC_Update( &mac_ctx, md, 8 );
+-	HMAC_Final( &mac_ctx, md, &mdLen );
+-	HMAC_CTX_cleanup(&mac_ctx);
+-	memcpy( ivec, md, cur_salt->ivLength );
++	hmac_sha1(key, cur_salt->keySize, iv_and_seed, cur_salt->ivLength+8, ivec, cur_salt->ivLength);
+ }
+ 
+ 
+@@ -144,33 +135,28 @@ static void flipBytes(unsigned char *buf, int size)
+ static uint64_t _checksum_64(unsigned char *key,
+ 		const unsigned char *data, int dataLen, uint64_t *chainedIV)
+ {
+-	unsigned char md[EVP_MAX_MD_SIZE];
++	unsigned char DataIV[128+8];	// max data len is 128
++	unsigned char md[20];
+ 	unsigned int mdLen = EVP_MAX_MD_SIZE;
+ 	int i;
+ 	unsigned char h[8] = {0,0,0,0,0,0,0,0};
+ 	uint64_t value;
+-	HMAC_CTX mac_ctx;
+ 
+-	HMAC_CTX_init(&mac_ctx);
+-	HMAC_Init_ex( &mac_ctx, key, cur_salt->keySize, EVP_sha1(), 0 );
+-	HMAC_Init_ex( &mac_ctx, 0, 0, 0, 0 );
+-	HMAC_Update( &mac_ctx, data, dataLen );
++	memcpy(DataIV, data, dataLen);
+ 	if(chainedIV)
+ 	{
+ 	  // toss in the chained IV as well
+ 		uint64_t tmp = *chainedIV;
+ 		unsigned char h[8];
+ 		for(i=0; i<8; ++i) {
+-			h[i] = tmp & 0xff;
++			h[i] = DataIV[dataLen++] = (tmp & 0xff);
+ 			tmp >>= 8;
+ 		}
+-		HMAC_Update( &mac_ctx, h, 8 );
+ 	}
+-	HMAC_Final( &mac_ctx, md, &mdLen );
+-	HMAC_CTX_cleanup(&mac_ctx);
++	hmac_sha1(key, cur_salt->keySize, DataIV, dataLen, md, 20);
+ 
+ 	// chop this down to a 64bit value..
+-	for(i=0; i < (mdLen - 1); ++i)
++	for(i=0; i < 19; ++i)
+ 		h[i%8] ^= (unsigned char)(md[i]);
+ 
+ 	value = (uint64_t)h[0];
+@@ -202,26 +188,26 @@ static int streamDecode(unsigned char *buf, int size,
+ {
+ 	unsigned char ivec[ MAX_IVLENGTH ];
+ 	int dstLen=0, tmpLen=0;
+-	EVP_CIPHER_CTX stream_dec;
++	EVP_CIPHER_CTX *stream_dec = EVP_CIPHER_CTX_new();
+ 
+ 	setIVec( ivec, iv64 + 1, key);
+-	EVP_CIPHER_CTX_init(&stream_dec);
+-	EVP_DecryptInit_ex( &stream_dec, cur_salt->streamCipher, NULL, NULL, NULL);
+-	EVP_CIPHER_CTX_set_key_length( &stream_dec, cur_salt->keySize );
+-	EVP_CIPHER_CTX_set_padding( &stream_dec, 0 );
+-	EVP_DecryptInit_ex( &stream_dec, NULL, NULL, key, NULL);
++	EVP_CIPHER_CTX_init(stream_dec);
++	EVP_DecryptInit_ex( stream_dec, cur_salt->streamCipher, NULL, NULL, NULL);
++	EVP_CIPHER_CTX_set_key_length( stream_dec, cur_salt->keySize );
++	EVP_CIPHER_CTX_set_padding( stream_dec, 0 );
++	EVP_DecryptInit_ex( stream_dec, NULL, NULL, key, NULL);
+ 
+-	EVP_DecryptInit_ex( &stream_dec, NULL, NULL, NULL, ivec);
+-	EVP_DecryptUpdate( &stream_dec, buf, &dstLen, buf, size );
+-	EVP_DecryptFinal_ex( &stream_dec, buf+dstLen, &tmpLen );
++	EVP_DecryptInit_ex( stream_dec, NULL, NULL, NULL, ivec);
++	EVP_DecryptUpdate( stream_dec, buf, &dstLen, buf, size );
++	EVP_DecryptFinal_ex( stream_dec, buf+dstLen, &tmpLen );
+ 	unshuffleBytes( buf, size );
+ 	flipBytes( buf, size );
+ 
+ 	setIVec( ivec, iv64, key );
+-	EVP_DecryptInit_ex( &stream_dec, NULL, NULL, NULL, ivec);
+-	EVP_DecryptUpdate( &stream_dec, buf, &dstLen, buf, size );
+-	EVP_DecryptFinal_ex( &stream_dec, buf+dstLen, &tmpLen );
+-	EVP_CIPHER_CTX_cleanup(&stream_dec);
++	EVP_DecryptInit_ex( stream_dec, NULL, NULL, NULL, ivec);
++	EVP_DecryptUpdate( stream_dec, buf, &dstLen, buf, size );
++	EVP_DecryptFinal_ex( stream_dec, buf+dstLen, &tmpLen );
++	EVP_CIPHER_CTX_cleanup(stream_dec);
+ 
+ 	unshuffleBytes( buf, size );
+ 	dstLen += tmpLen;