summaryrefslogtreecommitdiff
path: root/app-crypt/mit-krb5/files
diff options
context:
space:
mode:
Diffstat (limited to 'app-crypt/mit-krb5/files')
-rw-r--r--app-crypt/mit-krb5/files/CVE-2020-28196.patch71
-rw-r--r--app-crypt/mit-krb5/files/mit-krb5-1.18.2-autoconf-2.70.patch35
-rw-r--r--app-crypt/mit-krb5/files/mit-krb5_dont_create_run.patch10
3 files changed, 0 insertions, 116 deletions
diff --git a/app-crypt/mit-krb5/files/CVE-2020-28196.patch b/app-crypt/mit-krb5/files/CVE-2020-28196.patch
deleted file mode 100644
index 486078437e89..000000000000
--- a/app-crypt/mit-krb5/files/CVE-2020-28196.patch
+++ /dev/null
@@ -1,71 +0,0 @@
-diff --git a/src/lib/krb5/asn.1/asn1_encode.c b/src/lib/krb5/asn.1/asn1_encode.c
-index a160cf4fe8..cd6b879f77 100644
---- a/lib/krb5/asn.1/asn1_encode.c
-+++ b/lib/krb5/asn.1/asn1_encode.c
-@@ -356,7 +356,7 @@ make_tag(asn1buf *buf, const taginfo *t, size_t len)
- static krb5_error_code
- get_tag(const uint8_t *asn1, size_t len, taginfo *tag_out,
- const uint8_t **contents_out, size_t *clen_out,
-- const uint8_t **remainder_out, size_t *rlen_out)
-+ const uint8_t **remainder_out, size_t *rlen_out, int recursion)
- {
- krb5_error_code ret;
- uint8_t o;
-@@ -394,9 +394,11 @@ get_tag(const uint8_t *asn1, size_t len, taginfo *tag_out,
- /* Indefinite form (should not be present in DER, but we accept it). */
- if (tag_out->construction != CONSTRUCTED)
- return ASN1_MISMATCH_INDEF;
-+ if (recursion >= 32)
-+ return ASN1_OVERFLOW;
- p = asn1;
- while (!(len >= 2 && p[0] == 0 && p[1] == 0)) {
-- ret = get_tag(p, len, &t, &c, &clen, &p, &len);
-+ ret = get_tag(p, len, &t, &c, &clen, &p, &len, recursion + 1);
- if (ret)
- return ret;
- }
-@@ -613,7 +615,7 @@ split_der(asn1buf *buf, uint8_t *const *der, size_t len, taginfo *tag_out)
- const uint8_t *contents, *remainder;
- size_t clen, rlen;
-
-- ret = get_tag(*der, len, tag_out, &contents, &clen, &remainder, &rlen);
-+ ret = get_tag(*der, len, tag_out, &contents, &clen, &remainder, &rlen, 0);
- if (ret)
- return ret;
- if (rlen != 0)
-@@ -1199,7 +1201,7 @@ decode_atype(const taginfo *t, const uint8_t *asn1, size_t len,
- const uint8_t *rem;
- size_t rlen;
- if (!tag->implicit) {
-- ret = get_tag(asn1, len, &inner_tag, &asn1, &len, &rem, &rlen);
-+ ret = get_tag(asn1, len, &inner_tag, &asn1, &len, &rem, &rlen, 0);
- if (ret)
- return ret;
- /* Note: we don't check rlen (it should be 0). */
-@@ -1420,7 +1422,7 @@ decode_sequence(const uint8_t *asn1, size_t len, const struct seq_info *seq,
- for (i = 0; i < seq->n_fields; i++) {
- if (len == 0)
- break;
-- ret = get_tag(asn1, len, &t, &contents, &clen, &asn1, &len);
-+ ret = get_tag(asn1, len, &t, &contents, &clen, &asn1, &len, 0);
- if (ret)
- goto error;
- /*
-@@ -1478,7 +1480,7 @@ decode_sequence_of(const uint8_t *asn1, size_t len,
- *seq_out = NULL;
- *count_out = 0;
- while (len > 0) {
-- ret = get_tag(asn1, len, &t, &contents, &clen, &asn1, &len);
-+ ret = get_tag(asn1, len, &t, &contents, &clen, &asn1, &len, 0);
- if (ret)
- goto error;
- if (!check_atype_tag(elemtype, &t)) {
-@@ -1584,7 +1586,7 @@ k5_asn1_full_decode(const krb5_data *code, const struct atype_info *a,
-
- *retrep = NULL;
- ret = get_tag((uint8_t *)code->data, code->length, &t, &contents,
-- &clen, &remainder, &rlen);
-+ &clen, &remainder, &rlen, 0);
- if (ret)
- return ret;
- /* rlen should be 0, but we don't check it (and due to padding in
diff --git a/app-crypt/mit-krb5/files/mit-krb5-1.18.2-autoconf-2.70.patch b/app-crypt/mit-krb5/files/mit-krb5-1.18.2-autoconf-2.70.patch
deleted file mode 100644
index 6741c47e0d13..000000000000
--- a/app-crypt/mit-krb5/files/mit-krb5-1.18.2-autoconf-2.70.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-https://bugs.gentoo.org/778167
-
-From f78edbe30816f049e1360cb6e203fabfdf7b98df Mon Sep 17 00:00:00 2001
-From: Sergei Trofimovich <slyfox@gentoo.org>
-Date: Fri, 6 Nov 2020 08:14:57 +0000
-Subject: [PATCH] Fix compatibility with upcoming autoconf 2.70
-
-Mainline autoconf generates no shell code for AC_CONFIG_AUX_DIR().
-Call it unconditionally to avoid a syntax error.
-
-[ghudson@mit.edu: rewrote commit message]
-
-ticket: 8960 (new)
-tags: pullup
-target_version: 1.18-next
-target_version: 1.17-next
----
- src/aclocal.m4 | 6 +-----
- 1 file changed, 1 insertion(+), 5 deletions(-)
-
---- src/aclocal.m4
-+++ src/aclocal.m4
-@@ -13,11 +13,7 @@ fi
- ac_topdir=$srcdir/$ac_reltopdir
- ac_config_fragdir=$ac_reltopdir/config
- # echo "Looking for $srcdir/$ac_config_fragdir"
--if test -d "$srcdir/$ac_config_fragdir"; then
-- AC_CONFIG_AUX_DIR(K5_TOPDIR/config)
--else
-- AC_MSG_ERROR([can not find config/ directory in $ac_reltopdir])
--fi
-+AC_CONFIG_AUX_DIR(K5_TOPDIR/config)
- ])dnl
- dnl
- dnl Version info.
diff --git a/app-crypt/mit-krb5/files/mit-krb5_dont_create_run.patch b/app-crypt/mit-krb5/files/mit-krb5_dont_create_run.patch
deleted file mode 100644
index d68e13b0675c..000000000000
--- a/app-crypt/mit-krb5/files/mit-krb5_dont_create_run.patch
+++ /dev/null
@@ -1,10 +0,0 @@
---- src/Makefile.in 2019-12-12 10:15:51.674552983 +0300
-+++ src/Makefile.in 2019-12-12 10:16:33.205543490 +0300
-@@ -71,7 +71,6 @@
- $(KRB5_AD_MODULE_DIR) \
- $(KRB5_LIBKRB5_MODULE_DIR) $(KRB5_TLS_MODULE_DIR) \
- @localstatedir@ @localstatedir@/krb5kdc \
-- @runstatedir@ @runstatedir@/krb5kdc \
- $(KRB5_INCSUBDIRS) $(datadir) $(EXAMPLEDIR) \
- $(PKGCONFIG_DIR)
-
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-15 18:51:18 +0000