gnu: opensmtpd: Fix crash on table authentication.

* gnu/packages/patches/opensmtpd-fix-crash.patch: New patch.
* gnu/packages/mail.scm (opensmtpd)[source]: Use it.
* gnu/local.mk (dist_patch_DATA): Add it.

Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>
This commit is contained in:
Adam Zimmerman 2018-06-06 14:47:46 -07:00 committed by Tobias Geerinckx-Rice
parent 6acc671bef
commit d6dd64af37
No known key found for this signature in database
GPG Key ID: 0DB0FF884F556D79
3 changed files with 48 additions and 1 deletions

View File

@ -967,6 +967,7 @@ dist_patch_DATA = \
%D%/packages/patches/openldap-CVE-2017-9287.patch \
%D%/packages/patches/openocd-nrf52.patch \
%D%/packages/patches/openscenegraph-ffmpeg3.patch \
%D%/packages/patches/opensmtpd-fix-crash.patch \
%D%/packages/patches/openssl-runpath.patch \
%D%/packages/patches/openssl-1.1.0-c-rehash-in.patch \
%D%/packages/patches/openssl-c-rehash-in.patch \

View File

@ -1995,7 +1995,9 @@ transfer protocols.")
name "-" version ".tar.gz"))
(sha256
(base32
"10bsfsnlg9d9i6l2izdnxp05s3ri8fvwzqxvx1jmarc852382619"))))
"10bsfsnlg9d9i6l2izdnxp05s3ri8fvwzqxvx1jmarc852382619"))
;; Fixed upstream: <github.com/OpenSMTPD/OpenSMTPD/pull/835>.
(patches (search-patches "opensmtpd-fix-crash.patch"))))
(build-system gnu-build-system)
(inputs
`(("bdb" ,bdb)

View File

@ -0,0 +1,44 @@
From 9b5f70b93e038df5446bd37a4adac5a0380748e7 Mon Sep 17 00:00:00 2001
From: johannes <johannes.brechtmann@gmail.com>
Date: Wed, 21 Feb 2018 23:57:11 +0100
Subject: [PATCH] crypt_checkpass: include HAVE_CRYPT_H definition, add NULL
check
---
openbsd-compat/crypt_checkpass.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/openbsd-compat/crypt_checkpass.c b/openbsd-compat/crypt_checkpass.c
index dafd2dae..d10b3a57 100644
--- a/openbsd-compat/crypt_checkpass.c
+++ b/openbsd-compat/crypt_checkpass.c
@@ -1,5 +1,6 @@
/* OPENBSD ORIGINAL: lib/libc/crypt/cryptutil.c */
+#include "includes.h"
#include <errno.h>
#ifdef HAVE_CRYPT_H
#include <crypt.h>
@@ -10,6 +11,8 @@
int
crypt_checkpass(const char *pass, const char *goodhash)
{
+ char *c;
+
if (goodhash == NULL)
goto fail;
@@ -17,7 +20,11 @@ crypt_checkpass(const char *pass, const char *goodhash)
if (strlen(goodhash) == 0 && strlen(pass) == 0)
return 0;
- if (strcmp(crypt(pass, goodhash), goodhash) == 0)
+ c = crypt(pass, goodhash);
+ if (c == NULL)
+ goto fail;
+
+ if (strcmp(c, goodhash) == 0)
return 0;
fail: