GNU bug report logs - #69275
[PATCH] gnu: ecryptfs-utils: Add the openssl key module.

Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.
Package: guix-patches; Reported by: Brian Kubisiak <brian@HIDDEN>; Keywords: patch; dated Mon, 19 Feb 2024 16:17:01 UTC; Maintainer for guix-patches is guix-patches@HIDDEN.

Message received at 69275 <at> debbugs.gnu.org:


Received: (at 69275) by debbugs.gnu.org; 2 Nov 2024 12:00:32 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sat Nov 02 08:00:32 2024
Received: from localhost ([127.0.0.1]:53386 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1t7Cnw-0000Q6-44
	for submit <at> debbugs.gnu.org; Sat, 02 Nov 2024 08:00:32 -0400
Received: from mailtransmit05.runbox.com ([185.226.149.38]:32964)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <steve@HIDDEN>) id 1t7Cnt-0000Py-28
 for 69275 <at> debbugs.gnu.org; Sat, 02 Nov 2024 08:00:30 -0400
Received: from mailtransmit02.runbox ([10.9.9.162] helo=aibo.runbox.com)
 by mailtransmit05.runbox.com with esmtps (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.93)
 (envelope-from <steve@HIDDEN>) id 1t7Clh-002IJI-2Q
 for 69275 <at> debbugs.gnu.org; Sat, 02 Nov 2024 12:58:13 +0100
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=futurile.net; s=selector1; h=Content-Type:MIME-Version:Message-ID:Subject:
 To:From:Date; bh=MvQtyJCSWKbYEp3RFNDCisQNzXG9rE4Tpm8ab8NdcnM=; b=XjKX0TIV+0CW
 ilvPvMj3ccXS5v4ZJ26DqDZBBmPBwcCeCu2cJqaqAiqCTJmNt6tXXj1JNRu75asFQ+XmYmgbCSB0j
 TuIBWYG4iuPJOH71NW163OiEDZCrBlVFdjRQnnqO8+E55zt8B1JhnucP3gNkqR/6E23uPJCZ73UYT
 HfmxHsMUPNUim9bOwc2cUCy92Y+ayebBdCp+euJzF6oOaQ4+82gw1mFAb0jIBw0E+n2dJh1QlvT8x
 8/owm848r2X4hXhScgzdjJFuHEUGOYbQFENqWT9bKCZowufU5Ry2w8Sgz/xvW1H/qFmheFlYuL+O/
 rO9OReMAaiJk2nFXti46jQ==;
Received: from [10.9.9.74] (helo=submission03.runbox)
 by mailtransmit02.runbox with esmtp (Exim 4.86_2)
 (envelope-from <steve@HIDDEN>) id 1t7Clg-0008VF-Md
 for 69275 <at> debbugs.gnu.org; Sat, 02 Nov 2024 12:58:12 +0100
Received: by submission03.runbox with esmtpsa [Authenticated ID (641962)]
 (TLS1.2:ECDHE_SECP256R1__RSA_SHA256__AES_256_GCM:256) (Exim 4.93)
 id 1t7ClY-008tfZ-Vc
 for 69275 <at> debbugs.gnu.org; Sat, 02 Nov 2024 12:58:05 +0100
Date: Sat, 2 Nov 2024 11:58:04 +0000
From: Steve George <steve@HIDDEN>
To: 69275 <at> debbugs.gnu.org
Subject: RE: ecryptfs-utils: Add the openssl key module
Message-ID: <ZyYTzPH7YCr-YXbl@dragon2>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 69275
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hi Brian,

You sent through a patch for adding the openssl module, your commit message doesn't say why it's required?

As I don't use ecryptfs-utils I was wondering if you have a small example test of how it's used?

Also, there's a bunch of pre-requisite patches, are these still needed?

Thanks so much!

Steve / Futurile
Information forwarded to guix-patches@HIDDEN:
bug#69275; Package guix-patches. Full text available.

Message received at submit <at> debbugs.gnu.org:


Received: (at submit) by debbugs.gnu.org; 19 Feb 2024 16:16:26 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon Feb 19 11:16:26 2024
Received: from localhost ([127.0.0.1]:43268 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1rc6JZ-0002J7-9r
	for submit <at> debbugs.gnu.org; Mon, 19 Feb 2024 11:16:26 -0500
Received: from lists.gnu.org ([209.51.188.17]:49344)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <brian@HIDDEN>) id 1rc6JW-0002Ix-9y
 for submit <at> debbugs.gnu.org; Mon, 19 Feb 2024 11:16:20 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <brian@HIDDEN>)
 id 1rc6JA-0003ls-1h
 for guix-patches@HIDDEN; Mon, 19 Feb 2024 11:15:56 -0500
Received: from [75.171.8.149] (helo=mail.kubisiak.com)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <brian@HIDDEN>)
 id 1rc6Is-0006Tx-1A
 for guix-patches@HIDDEN; Mon, 19 Feb 2024 11:15:55 -0500
dkim-signature: v=1; a=rsa-sha256; d=kubisiak.com; s=s1;
 c=relaxed/relaxed; q=dns/txt;
 h=From:Subject:Date:Message-ID:To:MIME-Version:Content-Type; 
 bh=zaa7kVHkNZDaW1fhoMjMCz8yDO6dVT6WmeJJPhzKft4=;
 b=ntYF5uFMHLy9g9Q10zo5+InVoBnYIJskckQ3NLW3vHVzhD9l3gJSro9e/oqwWuKKR9EH2QRM/VuZvESyiJdU7bFXo6sP6BYd/Y/xGlhOPFlgLj/jXbkZr5yJR2ivkEsK1h2zZLBVNSTXT8ocI56qsHdxAhBKSjUONCX7d7sqzi+5N7j8hcxzulFG6Ka6Y/0mB4ZrxPb4tx2QYo2C9MVevNGwUgrvfLbWMfnUuwpJf+k0+1JSXtY3e7U8o4
 9BKmVj+wBMt7PZo2fqB3uruQJss5zF1BPyA2/1PUVleFFvys0MiAvzDmjQr+5aRo5jcFuXur2ZP82yUI5Rh8ydtt9KRg==
Received: from peregrine (192-184-148-161.fiber.dynamic.sonic.net
 [192.184.148.161]) by mail.kubisiak.com with ESMTPSA
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256)
 ; Mon, 19 Feb 2024 09:15:07 -0600
Date: Mon, 19 Feb 2024 07:15:08 -0800
From: Brian Kubisiak <brian@HIDDEN>
To: guix-patches@HIDDEN
Subject: [PATCH] gnu: ecryptfs-utils: Add the openssl key module.
Message-ID: <cfe83bc19e6b7a5f2a63d742c3647dac7256d26e.1708355625.git.brian@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Host-Lookup-Failed: Reverse DNS lookup failed for 75.171.8.149 (failed)
Received-SPF: pass client-ip=75.171.8.149; envelope-from=brian@HIDDEN;
 helo=mail.kubisiak.com
X-Spam_score_int: -12
X-Spam_score: -1.3
X-Spam_bar: -
X-Spam_report: (-1.3 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RDNS_NONE=0.793,
 SPF_HELO_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01,
 T_SPF_TEMPERROR=0.01 autolearn=no autolearn_force=no
X-Spam_action: no action
X-Spam-Score: -4.2 (----)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -5.2 (-----)

* gnu/packages/patches/ecryptfs-utils-openssl-1.1.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add the patch.
* gnu/packages/linux.scm (ecryptfs-utils)[source]: Apply the patch.
[inputs]: Add openssl-1.1.

Change-Id: I89cc15534e93cf20f2b5084157cbefaec5084ec8
---
 gnu/local.mk                                  |  1 +
 gnu/packages/linux.scm                        |  4 +-
 .../patches/ecryptfs-utils-openssl-1.1.patch  | 52 +++++++++++++++++++
 3 files changed, 56 insertions(+), 1 deletion(-)
 create mode 100644 gnu/packages/patches/ecryptfs-utils-openssl-1.1.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 58011d1149..cb5741dc60 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1107,6 +1107,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/dvd+rw-tools-add-include.patch 		\
   %D%/packages/patches/dynaconf-unvendor-deps.patch		\
   %D%/packages/patches/dyninst-fix-glibc-compatibility.patch	\
+  %D%/packages/patches/ecryptfs-utils-openssl-1.1.patch	\
   %D%/packages/patches/efivar-211.patch			\
   %D%/packages/patches/eigen-fix-strict-aliasing-bug.patch	\
   %D%/packages/patches/einstein-build.patch			\
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index d798c44a8f..100f322afd 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -7024,7 +7024,8 @@ (define-public ecryptfs-utils
                            version ".orig.tar.gz"))
        (sha256
         (base32
-         "0zwq19siiwf09h7lwa7n7mgmrr8cxifp45lmwgcfr8c1gviv6b0i"))))
+         "0zwq19siiwf09h7lwa7n7mgmrr8cxifp45lmwgcfr8c1gviv6b0i"))
+       (patches (search-patches "ecryptfs-utils-openssl-1.1.patch"))))
     (build-system gnu-build-system)
     (arguments
      `(#:configure-flags (list "--disable-pywrap")
@@ -7106,6 +7107,7 @@ (define-public ecryptfs-utils
            linux-pam
            lsof
            lvm2
+           openssl-1.1
            nss
            rsync
            sed
diff --git a/gnu/packages/patches/ecryptfs-utils-openssl-1.1.patch b/gnu/packages/patches/ecryptfs-utils-openssl-1.1.patch
new file mode 100644
index 0000000000..87b24829b4
--- /dev/null
+++ b/gnu/packages/patches/ecryptfs-utils-openssl-1.1.patch
@@ -0,0 +1,52 @@
+diff --git a/src/key_mod/ecryptfs_key_mod_openssl.c b/src/key_mod/ecryptfs_key_mod_openssl.c
+index 56ebe2d..3959974 100644
+--- a/src/key_mod/ecryptfs_key_mod_openssl.c
++++ b/src/key_mod/ecryptfs_key_mod_openssl.c
+@@ -141,6 +141,7 @@ ecryptfs_openssl_destroy_subgraph_ctx(struct ecryptfs_subgraph_ctx *ctx)
+ static int ecryptfs_openssl_generate_signature(char *sig, RSA *key)
+ {
+ 	int len, nbits, ebits, i;
++	const BIGNUM *n, *e;
+ 	int nbytes, ebytes;
+ 	unsigned char *hash;
+ 	unsigned char *data = NULL;
+@@ -152,11 +153,14 @@ static int ecryptfs_openssl_generate_signature(char *sig, RSA *key)
+ 		rc = -ENOMEM;
+ 		goto out;
+ 	}
+-	nbits = BN_num_bits(key->n);
++
++	RSA_get0_key(key, &n, &e, NULL);
++
++	nbits = BN_num_bits(n);
+ 	nbytes = nbits / 8;
+ 	if (nbits % 8)
+ 		nbytes++;
+-	ebits = BN_num_bits(key->e);
++	ebits = BN_num_bits(e);
+ 	ebytes = ebits / 8;
+ 	if (ebits % 8)
+ 		ebytes++;
+@@ -179,11 +183,11 @@ static int ecryptfs_openssl_generate_signature(char *sig, RSA *key)
+ 	data[i++] = '\02';
+ 	data[i++] = (nbits >> 8);
+ 	data[i++] = nbits;
+-	BN_bn2bin(key->n, &(data[i]));
++	BN_bn2bin(n, &(data[i]));
+ 	i += nbytes;
+ 	data[i++] = (ebits >> 8);
+ 	data[i++] = ebits;
+-	BN_bn2bin(key->e, &(data[i]));
++	BN_bn2bin(e, &(data[i]));
+ 	i += ebytes;
+ 	SHA1(data, len + 3, hash);
+ 	to_hex(sig, (char *)hash, ECRYPTFS_SIG_SIZE);
+@@ -278,7 +282,7 @@ static int ecryptfs_openssl_read_key(RSA **rsa, unsigned char *blob)
+ 	BIO *in = NULL;
+ 	int rc;
+ 
+-	CRYPTO_malloc_init();
++	OPENSSL_malloc_init();
+ 	ERR_load_crypto_strings();
+ 	OpenSSL_add_all_algorithms();
+ 	ENGINE_load_builtin_engines();

base-commit: a35372cc0b9525b401c9a8b8c5eea6c3a83c9f4b
prerequisite-patch-id: 22abd79e623712e121f73c89488a47c1b5b9cd7d
prerequisite-patch-id: ebb44601cec0b6a5cf73e980522a864b2aae824e
prerequisite-patch-id: 56702abf84319ed57932ea9a895700eb87954a20
prerequisite-patch-id: 26b2a4d0d2d944a4e8c9b5277781daa080836c03
prerequisite-patch-id: 3b30c17f33cfe426c2643be26bb5b8ff83ae7c0c
-- 
2.41.0
Acknowledgement sent to Brian Kubisiak <brian@HIDDEN>:
New bug report received and forwarded. Copy sent to guix-patches@HIDDEN. Full text available.
Report forwarded to guix-patches@HIDDEN:
bug#69275; Package guix-patches. Full text available.
Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.
Last modified: Sun, 12 Jan 2025 05:45:02 UTC

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.