[Git][debian-proftpd-team/proftpd][bullseye] Cherry pick patch for issue #1111 (Closes: #992920).

Hilmar Preuße (@hilmar-guest) gitlab at salsa.debian.org
Sun Aug 29 16:17:39 BST 2021



Hilmar Preuße pushed to branch bullseye at Debian ProFTPD Team / proftpd


Commits:
29a17e0f by Hilmar Preusse at 2021-08-28T23:49:37+02:00
Cherry pick patch for issue #1111 (Closes: #992920).

- - - - -


3 changed files:

- debian/changelog
- debian/patches/series
- + debian/patches/upstream_1181


Changes:

=====================================
debian/changelog
=====================================
@@ -1,6 +1,7 @@
 proftpd-dfsg (1.3.7a+dfsg-12+deb11u1) UNRELEASED; urgency=medium
 
   * Add patch for upstream issue #1284 (Closes: #993173).
+  * Cherry pick patch for issue #1111 (Closes: #992920).
 
  -- Hilmar Preusse <hille42 at web.de>  Sat, 28 Aug 2021 23:08:48 +0200
 


=====================================
debian/patches/series
=====================================
@@ -18,3 +18,4 @@ upstream_1061
 pr_1094.diff
 2eadd82f392573235432a9cb60266f6472d08884.diff
 upstream_1284
+upstream_1181


=====================================
debian/patches/upstream_1181
=====================================
@@ -0,0 +1,395 @@
+From 48e1f46753b3c347d48ecbf38734feac72ff6d40 Mon Sep 17 00:00:00 2001
+From: TJ Saunders <tj at castaglia.org>
+Date: Wed, 3 Mar 2021 19:44:13 -0800
+Subject: [PATCH] Issue #1111: Update our implementation of UMAC algorithm with
+ upstream.
+
+At the same time, ensure the use of the `-fno-strict-aliasing` compiler option,
+where supported.
+
+We found that, with this combination of changes, even with the "buggy"
+gcc-10 versions, the `umac-64 at openssh.com` SFTP algorithm works once more
+as expected.
+---
+ configure               | 25 +++++++++++++-
+ configure.in            |  9 ++++-
+ contrib/mod_sftp/umac.c | 73 +++++++++++++++++++++++++----------------
+ contrib/mod_sftp/umac.h | 16 ++++-----
+ 4 files changed, 85 insertions(+), 38 deletions(-)
+
+Index: proftpd/configure
+===================================================================
+--- proftpd.orig/configure	2021-08-28 23:46:01.447624275 +0200
++++ proftpd/configure	2021-08-28 23:46:01.435624275 +0200
+@@ -15024,6 +15024,29 @@
+ fi
+ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ 
++    { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler accepts -fno-strict-aliasing" >&5
++$as_echo_n "checking whether the C compiler accepts -fno-strict-aliasing... " >&6; }
++  CFLAGS="-fno-strict-aliasing"
++  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
++/* end confdefs.h.  */
++
++int
++main ()
++{
++
++  ;
++  return 0;
++}
++_ACEOF
++if ac_fn_c_try_compile "$LINENO"; then :
++  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
++$as_echo "yes" >&6; }; fullCFLAGS="$fullCFLAGS $CFLAGS"
++else
++  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
++$as_echo "no" >&6; }
++fi
++rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
++
+   CFLAGS="-g2 $fullCFLAGS"
+ fi
+ 
+@@ -16285,7 +16308,7 @@
+   lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
+   lt_status=$lt_dlunknown
+   cat > conftest.$ac_ext <<_LT_EOF
+-#line 16288 "configure"
++#line 16319 "configure"
+ #include "confdefs.h"
+ 
+ #if HAVE_DLFCN_H
+Index: proftpd/configure.in
+===================================================================
+--- proftpd.orig/configure.in	2021-08-28 23:46:01.447624275 +0200
++++ proftpd/configure.in	2021-08-28 23:46:01.435624275 +0200
+@@ -1,7 +1,7 @@
+ dnl ProFTPD - FTP server daemon
+ dnl Copyright (c) 1997, 1998 Public Flood Software
+ dnl Copyright (c) 1999, 2000 MacGyver aka Habeeb J. Dihu <macgyver at tos.net>
+-dnl Copyright (c) 2001-2020 The ProFTPD Project team
++dnl Copyright (c) 2001-2021 The ProFTPD Project team
+ dnl
+ dnl This program is free software; you can redistribute it and/or modify
+ dnl it under the terms of the GNU General Public License as published by
+@@ -132,6 +132,13 @@
+   AC_TRY_COMPILE(,,
+     AC_MSG_RESULT(yes); fullCFLAGS="$fullCFLAGS $CFLAGS",
+     AC_MSG_RESULT(no))
++
++  dnl test for -fno-strict-aliasing
++  AC_MSG_CHECKING([whether the C compiler accepts -fno-strict-aliasing])
++  CFLAGS="-fno-strict-aliasing"
++  AC_TRY_COMPILE(,,
++    AC_MSG_RESULT(yes); fullCFLAGS="$fullCFLAGS $CFLAGS",
++    AC_MSG_RESULT(no))
+ 
+   CFLAGS="-g2 $fullCFLAGS"
+ fi
+Index: proftpd/contrib/mod_sftp/umac.c
+===================================================================
+--- proftpd.orig/contrib/mod_sftp/umac.c	2021-08-28 23:46:01.447624275 +0200
++++ proftpd/contrib/mod_sftp/umac.c	2021-08-28 23:46:01.435624275 +0200
+@@ -208,6 +208,11 @@
+         aes_encryption(in_buf, out_buf, key);
+         memcpy(dst_buf,out_buf,nbytes);
+     }
++
++#if defined(HAVE_MEMSET_S)
++    memset_s(in_buf, sizeof(in_buf), 0, sizeof(in_buf));
++    memset_s(out_buf, sizeof(out_buf), 0, sizeof(out_buf));
++#endif /* HAVE_MEMSET_S */
+ }
+ 
+ /* The final UHASH result is XOR'd with the output of a pseudorandom
+@@ -232,9 +237,13 @@
+     /* Initialize pdf and cache */
+     memset(pc->nonce, 0, sizeof(pc->nonce));
+     aes_encryption(pc->nonce, pc->cache, pc->prf_key);
++
++#if defined(HAVE_MEMSET_S)
++    memset_s(buf, sizeof(buf), 0, sizeof(buf));
++#endif /* HAVE_MEMSET_S */
+ }
+ 
+-static void pdf_gen_xor(pdf_ctx *pc, UINT8 nonce[8], UINT8 buf[8])
++static void pdf_gen_xor(pdf_ctx *pc, const UINT8 nonce[8], UINT8 buf[8])
+ {
+     /* 'ndx' indicates that we'll be using the 0th or 1st eight bytes
+      * of the AES output. If last time around we returned the ndx-1st
+@@ -249,26 +258,30 @@
+ #define LOW_BIT_MASK 0
+ #endif
+ 
+-    UINT8 tmp_nonce_lo[4];
++    union {
++        UINT8 tmp_nonce_lo[4];
++        UINT32 align;
++    } t;
+ #if LOW_BIT_MASK != 0
+     int ndx = nonce[7] & LOW_BIT_MASK;
+ #endif
+-    memcpy(tmp_nonce_lo, &(nonce[4]), sizeof(UINT32));
+-    tmp_nonce_lo[3] &= ~LOW_BIT_MASK; /* zero last bit */
+ 
+     /* ProFTPD Note: We've changed the original code where, which used explicit
+      * typecasting to treat the nonce[8] as a UINT32, to memcpy(3)/memcmp(3),
+      * to avoid strict aliasing gcc warnings when -O2 or higher is used..
+      */
+ 
+-    if ( (memcmp(tmp_nonce_lo, &(pc->nonce[4]), sizeof(UINT32)) != 0) ||
++    memcpy(t.tmp_nonce_lo, &(nonce[4]), sizeof(UINT32));
++    t.tmp_nonce_lo[3] &= ~LOW_BIT_MASK; /* zero last bit */
++
++    if ( (memcmp(t.tmp_nonce_lo, &(pc->nonce[4]), sizeof(UINT32)) != 0) ||
+          (memcmp(nonce, pc->nonce, sizeof(UINT32)) != 0) )
+     {
+         memmove(pc->nonce, nonce, sizeof(UINT32));
+-        memmove(&(pc->nonce[4]), tmp_nonce_lo, sizeof(UINT32));
++        memmove(&(pc->nonce[4]), t.tmp_nonce_lo, sizeof(UINT32));
+         aes_encryption(pc->nonce, pc->cache, pc->prf_key);
+     }
+-    
++
+ #if (UMAC_OUTPUT_LEN == 4)
+     *((UINT32 *)buf) ^= ((UINT32 *)pc->cache)[ndx];
+ #elif (UMAC_OUTPUT_LEN == 8)
+@@ -332,7 +345,7 @@
+ 
+ #if (UMAC_OUTPUT_LEN == 4)
+ 
+-static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen)
++static void nh_aux(void *kp, const void *dp, void *hp, UINT32 dlen)
+ /* NH hashing primitive. Previous (partial) hash result is loaded and     
+ * then stored via hp pointer. The length of the data pointed at by "dp",
+ * "dlen", is guaranteed to be divisible by L1_PAD_BOUNDARY (32).  Key
+@@ -342,7 +355,7 @@
+     UINT64 h;
+     UWORD c = dlen / 32;
+     UINT32 *k = (UINT32 *)kp;
+-    UINT32 *d = (UINT32 *)dp;
++    const UINT32 *d = (const UINT32 *)dp;
+     UINT32 d0,d1,d2,d3,d4,d5,d6,d7;
+     UINT32 k0,k1,k2,k3,k4,k5,k6,k7;
+     
+@@ -367,7 +380,7 @@
+ 
+ #elif (UMAC_OUTPUT_LEN == 8)
+ 
+-static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen)
++static void nh_aux(void *kp, const void *dp, void *hp, UINT32 dlen)
+ /* Same as previous nh_aux, but two streams are handled in one pass,
+  * reading and writing 16 bytes of hash-state per call.
+  */
+@@ -375,7 +388,7 @@
+   UINT64 h1,h2;
+   UWORD c = dlen / 32;
+   UINT32 *k = (UINT32 *)kp;
+-  UINT32 *d = (UINT32 *)dp;
++  const UINT32 *d = (const UINT32 *)dp;
+   UINT32 d0,d1,d2,d3,d4,d5,d6,d7;
+   UINT32 k0,k1,k2,k3,k4,k5,k6,k7,
+         k8,k9,k10,k11;
+@@ -414,7 +427,7 @@
+ 
+ #elif (UMAC_OUTPUT_LEN == 12)
+ 
+-static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen)
++static void nh_aux(void *kp, const void *dp, void *hp, UINT32 dlen)
+ /* Same as previous nh_aux, but two streams are handled in one pass,
+  * reading and writing 24 bytes of hash-state per call.
+ */
+@@ -422,7 +435,7 @@
+     UINT64 h1,h2,h3;
+     UWORD c = dlen / 32;
+     UINT32 *k = (UINT32 *)kp;
+-    UINT32 *d = (UINT32 *)dp;
++    const UINT32 *d = (const UINT32 *)dp;
+     UINT32 d0,d1,d2,d3,d4,d5,d6,d7;
+     UINT32 k0,k1,k2,k3,k4,k5,k6,k7,
+         k8,k9,k10,k11,k12,k13,k14,k15;
+@@ -469,7 +482,7 @@
+ 
+ #elif (UMAC_OUTPUT_LEN == 16)
+ 
+-static void nh_aux(void *kp, void *dp, void *hp, UINT32 dlen)
++static void nh_aux(void *kp, const void *dp, void *hp, UINT32 dlen)
+ /* Same as previous nh_aux, but two streams are handled in one pass,
+  * reading and writing 24 bytes of hash-state per call.
+ */
+@@ -477,7 +490,7 @@
+     UINT64 h1,h2,h3,h4;
+     UWORD c = dlen / 32;
+     UINT32 *k = (UINT32 *)kp;
+-    UINT32 *d = (UINT32 *)dp;
++    const UINT32 *d = (const UINT32 *)dp;
+     UINT32 d0,d1,d2,d3,d4,d5,d6,d7;
+     UINT32 k0,k1,k2,k3,k4,k5,k6,k7,
+         k8,k9,k10,k11,k12,k13,k14,k15,
+@@ -538,7 +551,7 @@
+ 
+ /* ---------------------------------------------------------------------- */
+ 
+-static void nh_transform(nh_ctx *hc, UINT8 *buf, UINT32 nbytes)
++static void nh_transform(nh_ctx *hc, const UINT8 *buf, UINT32 nbytes)
+ /* This function is a wrapper for the primitive NH hash functions. It takes
+  * as argument "hc" the current hash context and a buffer which must be a
+  * multiple of L1_PAD_BOUNDARY. The key passed to nh_aux is offset
+@@ -613,7 +626,7 @@
+ 
+ /* ---------------------------------------------------------------------- */
+ 
+-static void nh_update(nh_ctx *hc, UINT8 *buf, UINT32 nbytes)
++static void nh_update(nh_ctx *hc, const UINT8 *buf, UINT32 nbytes)
+ /* Incorporate nbytes of data into a nh_ctx, buffer whatever is not an    */
+ /* even multiple of HASH_BUF_BYTES.                                       */
+ {
+@@ -708,7 +721,7 @@
+ 
+ /* ---------------------------------------------------------------------- */
+ 
+-static void nh(nh_ctx *hc, UINT8 *buf, UINT32 padded_len,
++static void nh(nh_ctx *hc, const UINT8 *buf, UINT32 padded_len,
+                UINT32 unpadded_len, UINT8 *result)
+ /* All-in-one nh_update() and nh_final() equivalent.
+  * Assumes that padded_len is divisible by L1_PAD_BOUNDARY and result is
+@@ -999,11 +1012,15 @@
+     kdf(ahc->ip_trans, prf_key, 4, STREAMS * sizeof(UINT32));
+     endian_convert_if_le(ahc->ip_trans, sizeof(UINT32),
+                          STREAMS * sizeof(UINT32));
++
++#if defined(HAVE_MEMSET_S)
++    memset_s(buf, sizeof(buf), 0, sizeof(buf));
++#endif /* HAVE_MEMSET_S */
+ }
+ 
+ /* ---------------------------------------------------------------------- */
+ 
+-static int uhash_update(uhash_ctx_t ctx, unsigned char *input, long len)
++static int uhash_update(uhash_ctx_t ctx, const unsigned char *input, long len)
+ /* Given len bytes of data, we parse it into L1_KEY_LEN chunks and
+  * hash each one with NH, calling the polyhash on each NH output.
+  */
+@@ -1013,7 +1030,7 @@
+     UINT8 *nh_result = (UINT8 *)&result_buf;
+     
+     if (ctx->msg_len + len <= L1_KEY_LEN) {
+-        nh_update(&ctx->hash, (UINT8 *)input, len);
++        nh_update(&ctx->hash, (const UINT8 *)input, len);
+         ctx->msg_len += len;
+     } else {
+     
+@@ -1028,7 +1045,7 @@
+              /* bytes to complete the current nh_block.                  */
+              if (bytes_hashed) {
+                  bytes_remaining = (L1_KEY_LEN - bytes_hashed);
+-                 nh_update(&ctx->hash, (UINT8 *)input, bytes_remaining);
++                 nh_update(&ctx->hash, (const UINT8 *)input, bytes_remaining);
+                  nh_final(&ctx->hash, nh_result);
+                  ctx->msg_len += bytes_remaining;
+                  poly_hash(ctx,(UINT32 *)nh_result);
+@@ -1038,7 +1055,7 @@
+ 
+              /* Hash directly from input stream if enough bytes */
+              while (len >= L1_KEY_LEN) {
+-                 nh(&ctx->hash, (UINT8 *)input, L1_KEY_LEN,
++                 nh(&ctx->hash, (const UINT8 *)input, L1_KEY_LEN,
+                                    L1_KEY_LEN, nh_result);
+                  ctx->msg_len += L1_KEY_LEN;
+                  len -= L1_KEY_LEN;
+@@ -1049,7 +1066,7 @@
+ 
+          /* pass remaining < L1_KEY_LEN bytes of input data to NH */
+          if (len) {
+-             nh_update(&ctx->hash, (UINT8 *)input, len);
++             nh_update(&ctx->hash, (const UINT8 *)input, len);
+              ctx->msg_len += len;
+          }
+      }
+@@ -1138,7 +1155,7 @@
+     return (ctx);
+ }
+ 
+-void umac_init(struct umac_ctx *ctx, unsigned char key[]) {
++void umac_init(struct umac_ctx *ctx, const unsigned char key[]) {
+     aes_int_key prf_key;
+ 
+     aes_key_setup(key, prf_key);
+@@ -1146,7 +1163,7 @@
+     uhash_init(&ctx->hash, prf_key);
+ }
+ 
+-struct umac_ctx *umac_new(unsigned char key[])
++struct umac_ctx *umac_new(const unsigned char key[])
+ /* Dynamically allocate a umac_ctx struct, initialize variables, 
+  * generate subkeys from key. Align to 16-byte boundary.
+  */
+@@ -1163,18 +1180,18 @@
+ 
+ /* ---------------------------------------------------------------------- */
+ 
+-int umac_final(struct umac_ctx *ctx, unsigned char tag[], unsigned char nonce[8])
++int umac_final(struct umac_ctx *ctx, unsigned char tag[], const unsigned char nonce[8])
+ /* Incorporate any pending data, pad, and generate tag */
+ {
+     uhash_final(&ctx->hash, (unsigned char *)tag);
+-    pdf_gen_xor(&ctx->pdf, (UINT8 *)nonce, (UINT8 *)tag);
++    pdf_gen_xor(&ctx->pdf, (const UINT8 *)nonce, (UINT8 *)tag);
+     
+     return (1);
+ }
+ 
+ /* ---------------------------------------------------------------------- */
+ 
+-int umac_update(struct umac_ctx *ctx, unsigned char *input, long len)
++int umac_update(struct umac_ctx *ctx, const unsigned char *input, long len)
+ /* Given len bytes of data, we parse it into L1_KEY_LEN chunks and   */
+ /* hash each one, calling the PDF on the hashed output whenever the hash- */
+ /* output buffer is full.                                                 */
+Index: proftpd/contrib/mod_sftp/umac.h
+===================================================================
+--- proftpd.orig/contrib/mod_sftp/umac.h	2021-08-28 23:46:01.447624275 +0200
++++ proftpd/contrib/mod_sftp/umac.h	2021-08-28 23:46:01.435624275 +0200
+@@ -53,21 +53,21 @@
+ struct umac_ctx *umac_alloc(void);
+ /* Dynamically allocate a umac_ctx struct. */
+ 
+-struct umac_ctx *umac_new(unsigned char key[]);
++struct umac_ctx *umac_new(const unsigned char key[]);
+ /* Dynamically allocate a umac_ctx struct, initialize variables, 
+  * generate subkeys from key.
+  */
+ 
+-void umac_init(struct umac_ctx *ctx, unsigned char key[]);
++void umac_init(struct umac_ctx *ctx, const unsigned char key[]);
+ /* Initialize a previously allocated umac_ctx struct. */
+ 
+ int umac_reset(struct umac_ctx *ctx);
+ /* Reset a umac_ctx to begin authenticating a new message */
+ 
+-int umac_update(struct umac_ctx *ctx, unsigned char *input, long len);
++int umac_update(struct umac_ctx *ctx, const unsigned char *input, long len);
+ /* Incorporate len bytes pointed to by input into context ctx */
+ 
+-int umac_final(struct umac_ctx *ctx, unsigned char tag[], unsigned char nonce[8]);
++int umac_final(struct umac_ctx *ctx, unsigned char tag[], const unsigned char nonce[8]);
+ /* Incorporate any pending data and the ctr value, and return tag. 
+  * This function returns error code if ctr < 0. 
+  */
+@@ -80,11 +80,11 @@
+  * preprocessor macros to get the umac-128 implementation.
+  */
+ struct umac_ctx *umac128_alloc(void);
+-struct umac_ctx *umac128_new(unsigned char key[]);
+-void umac128_init(struct umac_ctx *ctx, unsigned char key[]);
++struct umac_ctx *umac128_new(const unsigned char key[]);
++void umac128_init(struct umac_ctx *ctx, const unsigned char key[]);
+ int umac128_reset(struct umac_ctx *ctx);
+-int umac128_update(struct umac_ctx *ctx, unsigned char *input, long len);
+-int umac128_final(struct umac_ctx *ctx, unsigned char tag[], unsigned char nonce[8]);
++int umac128_update(struct umac_ctx *ctx, const unsigned char *input, long len);
++int umac128_final(struct umac_ctx *ctx, unsigned char tag[], const unsigned char nonce[8]);
+ int umac128_delete(struct umac_ctx *ctx);
+ 
+ #ifdef __cplusplus



View it on GitLab: https://salsa.debian.org/debian-proftpd-team/proftpd/-/commit/29a17e0f98e9803085e30e1fb0a73b2ec74ec50a

-- 
View it on GitLab: https://salsa.debian.org/debian-proftpd-team/proftpd/-/commit/29a17e0f98e9803085e30e1fb0a73b2ec74ec50a
You're receiving this email because of your account on salsa.debian.org.




More information about the Pkg-proftpd-maintainers mailing list