aboutsummaryrefslogtreecommitdiff
path: root/net/rsync/patches/009-Use-full-MD4-len.patch
diff options
context:
space:
mode:
Diffstat (limited to 'net/rsync/patches/009-Use-full-MD4-len.patch')
-rw-r--r--net/rsync/patches/009-Use-full-MD4-len.patch97
1 files changed, 97 insertions, 0 deletions
diff --git a/net/rsync/patches/009-Use-full-MD4-len.patch b/net/rsync/patches/009-Use-full-MD4-len.patch
new file mode 100644
index 000000000..21f8b3d73
--- /dev/null
+++ b/net/rsync/patches/009-Use-full-MD4-len.patch
@@ -0,0 +1,97 @@
+commit bc112b0e7feece62ce98708092306639a8a53cce
+Author: Wayne Davison <wayned@samba.org>
+Date: Mon Oct 30 09:11:16 2017 -0700
+
+ Use full MD4 len for archaic protocol auth.
+
+diff --git a/authenticate.c b/authenticate.c
+index a106b0f..519429d 100644
+--- a/authenticate.c
++++ b/authenticate.c
+@@ -22,7 +22,6 @@
+ #include "itypes.h"
+
+ extern int read_only;
+-extern int protocol_version;
+ extern char *password_file;
+
+ /***************************************************************************
+@@ -75,6 +74,8 @@ static void gen_challenge(const char *addr, char *challenge)
+ sum_init(-1, 0);
+ sum_update(input, sizeof input);
+ len = sum_end(digest);
++ if (len == 2) /* The archaic checksum is 2 bytes, but sum_end() filled in the full MD4 checksum for us. */
++ len = MD4_DIGEST_LEN;
+
+ base64_encode(digest, len, challenge, 0);
+ }
+@@ -90,6 +91,8 @@ static void generate_hash(const char *in, const char *challenge, char *out)
+ sum_update(in, strlen(in));
+ sum_update(challenge, strlen(challenge));
+ len = sum_end(buf);
++ if (len == 2) /* The archaic checksum is 2 bytes, but sum_end() filled in the full MD4 checksum for us. */
++ len = MD4_DIGEST_LEN;
+
+ base64_encode(buf, len, out, 0);
+ }
+@@ -238,11 +241,6 @@ char *auth_server(int f_in, int f_out, int module, const char *host,
+ if (!users || !*users)
+ return "";
+
+- if (protocol_version < 21) { /* Don't allow a weak checksum for the password. */
+- rprintf(FERROR, "ERROR: protocol version is too old!\n");
+- exit_cleanup(RERR_PROTOCOL);
+- }
+-
+ gen_challenge(addr, challenge);
+
+ io_printf(f_out, "%s%s\n", leader, challenge);
+diff --git a/checksum.c b/checksum.c
+index c119f97..741ad7d 100644
+--- a/checksum.c
++++ b/checksum.c
+@@ -86,6 +86,8 @@ int csum_len_for_type(int cst)
+ return MD4_DIGEST_LEN;
+ case CSUM_MD5:
+ return MD5_DIGEST_LEN;
++ default: /* paranoia to prevent missing case values */
++ exit_cleanup(RERR_UNSUPPORTED);
+ }
+ return 0;
+ }
+@@ -181,6 +183,8 @@ void get_checksum2(char *buf, int32 len, char *sum)
+ mdfour_result(&m, (uchar *)sum);
+ break;
+ }
++ default: /* paranoia to prevent missing case values */
++ exit_cleanup(RERR_UNSUPPORTED);
+ }
+ }
+
+@@ -275,6 +279,8 @@ void sum_init(int csum_type, int seed)
+ break;
+ case CSUM_NONE:
+ break;
++ default: /* paranoia to prevent missing case values */
++ exit_cleanup(RERR_UNSUPPORTED);
+ }
+ }
+
+@@ -322,6 +328,8 @@ void sum_update(const char *p, int32 len)
+ break;
+ case CSUM_NONE:
+ break;
++ default: /* paranoia to prevent missing case values */
++ exit_cleanup(RERR_UNSUPPORTED);
+ }
+ }
+
+@@ -349,6 +357,8 @@ int sum_end(char *sum)
+ case CSUM_NONE:
+ *sum = '\0';
+ break;
++ default: /* paranoia to prevent missing case values */
++ exit_cleanup(RERR_UNSUPPORTED);
+ }
+
+ return csum_len_for_type(cursum_type);
Powered by cgit, Themed by Ted Yin.