commit: 128e87dc2b3fd3cd715ff4c79291595135ce1641 Author: Johannes Huber <johu <AT> gentoo <DOT> org> AuthorDate: Fri Jul 8 21:02:03 2016 +0000 Commit: Johannes Huber <johu <AT> gentoo <DOT> org> CommitDate: Fri Jul 8 21:02:18 2016 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=128e87dc
kde-apps/kwalletd: Remove unused patches Package-Manager: portage-2.3.0 .../files/kwalletd-4.14.3-CVE-2013-7252.patch | 777 --------------------- .../files/kwalletd-4.14.3-fix-random-open.patch | 152 ---- 2 files changed, 929 deletions(-) diff --git a/kde-apps/kwalletd/files/kwalletd-4.14.3-CVE-2013-7252.patch b/kde-apps/kwalletd/files/kwalletd-4.14.3-CVE-2013-7252.patch deleted file mode 100644 index 9019e17..0000000 --- a/kde-apps/kwalletd/files/kwalletd-4.14.3-CVE-2013-7252.patch +++ /dev/null @@ -1,777 +0,0 @@ -From 466859302095a4ee4a9214ab24144eab7697224f Mon Sep 17 00:00:00 2001 -From: Valentin Rusu <[email protected]> -Date: Mon, 5 Jan 2015 23:00:58 +0100 -Subject: [PATCH] Backporting CBC algorithm fix from frameworks/kwallet - -The CBC algorithm was not enrcrypting in CBC but in ECB, despite it being -named CBC. This problem was found by Itay Duvdevani who let us know it on the -security mailing list. His mail eventually got forwarded to me and here is the -fix. I also fixed the test program which was incorrectly checking the -expected bytes. - -This commit corresponds to the following commits from: -frameworks/kwallet - 88bc1ff01e5fdf59a13fe012aa03e31e9eb8a3b1 - 6e588d795e6631c3c9d84d85fd3884a159b45849 ---- - kwalletd/backend/backendpersisthandler.cpp | 67 ++++--- - kwalletd/backend/backendpersisthandler.h | 4 +- - kwalletd/backend/cbc.cc | 273 ++++++++++++++++++----------- - kwalletd/backend/cbc.h | 44 ++--- - kwalletd/backend/tests/testbf.cpp | 96 +++++----- - 5 files changed, 279 insertions(+), 205 deletions(-) - -diff --git a/kwalletd/backend/backendpersisthandler.cpp b/kwalletd/backend/backendpersisthandler.cpp -index 126210a..5c321c9 100644 ---- a/kwalletd/backend/backendpersisthandler.cpp -+++ b/kwalletd/backend/backendpersisthandler.cpp -@@ -40,14 +40,15 @@ - #include "sha1.h" - #include "cbc.h" - --#ifdef Q_OS_WIN -+#ifdef Q_OS_WIN - #include <windows.h> - #include <wincrypt.h> - #endif - --#define KWALLET_CIPHER_BLOWFISH_CBC 0 -+#define KWALLET_CIPHER_BLOWFISH_ECB 0 // this was the old KWALLET_CIPHER_BLOWFISH_CBC - #define KWALLET_CIPHER_3DES_CBC 1 // unsupported - #define KWALLET_CIPHER_GPG 2 -+#define KWALLET_CIPHER_BLOWFISH_CBC 3 - - #define KWALLET_HASH_SHA1 0 - #define KWALLET_HASH_MD5 1 // unsupported -@@ -164,13 +165,18 @@ BackendPersistHandler *BackendPersistHandler::getPersistHandler(BackendCipherTyp - return 0; - } - } -- -+ - BackendPersistHandler *BackendPersistHandler::getPersistHandler(char magicBuf[12]) - { -- if (magicBuf[2] == KWALLET_CIPHER_BLOWFISH_CBC && -+ if ((magicBuf[2] == KWALLET_CIPHER_BLOWFISH_ECB || magicBuf[2] == KWALLET_CIPHER_BLOWFISH_CBC) && - (magicBuf[3] == KWALLET_HASH_SHA1 || magicBuf[3] == KWALLET_HASH_PBKDF2_SHA512)) { -- if (0 == blowfishHandler) -- blowfishHandler = new BlowfishPersistHandler; -+ if (0 == blowfishHandler) { -+ bool useECBforReading = magicBuf[2] == KWALLET_CIPHER_BLOWFISH_ECB; -+ if (useECBforReading) { -+ qDebug() << "this wallet uses ECB encryption. It'll be converted to CBC on next save."; -+ } -+ blowfishHandler = new BlowfishPersistHandler(useECBforReading); -+ } - return blowfishHandler; - } - #ifdef HAVE_QGPGME -@@ -183,11 +189,16 @@ BackendPersistHandler *BackendPersistHandler::getPersistHandler(char magicBuf[12 - #endif // HAVE_QGPGME - return 0; // unknown cipher or hash - } -- -+ - int BlowfishPersistHandler::write(Backend* wb, KSaveFile& sf, QByteArray& version, WId) - { - assert(wb->_cipherType == BACKEND_CIPHER_BLOWFISH); - -+ if (_useECBforReading) { -+ qDebug() << "This wallet used ECB and is now saved using CBC"; -+ _useECBforReading = false; -+ } -+ - version[2] = KWALLET_CIPHER_BLOWFISH_CBC; - if(!wb->_useNewHash) { - version[3] = KWALLET_HASH_SHA1; -@@ -358,7 +369,7 @@ int BlowfishPersistHandler::read(Backend* wb, QFile& db, WId) - assert(encrypted.size() < db.size()); - - BlowFish _bf; -- CipherBlockChain bf(&_bf); -+ CipherBlockChain bf(&_bf, _useECBforReading); - int blksz = bf.blockSize(); - if ((encrypted.size() % blksz) != 0) { - return -5; // invalid file structure -@@ -502,7 +513,7 @@ int GpgPersistHandler::write(Backend* wb, KSaveFile& sf, QByteArray& version, WI - sf.abort(); - return -5; - } -- -+ - boost::shared_ptr< GpgME::Context > ctx( GpgME::Context::createForProtocol(GpgME::OpenPGP) ); - if (0 == ctx) { - kDebug() << "Cannot setup OpenPGP context!"; -@@ -511,7 +522,7 @@ int GpgPersistHandler::write(Backend* wb, KSaveFile& sf, QByteArray& version, WI - } - - assert(wb->_cipherType == BACKEND_CIPHER_GPG); -- -+ - QByteArray hashes; - QDataStream hashStream(&hashes, QIODevice::WriteOnly); - KMD5 md5; -@@ -549,7 +560,7 @@ int GpgPersistHandler::write(Backend* wb, KSaveFile& sf, QByteArray& version, WI - dataStream << keyID; - dataStream << hashes; - dataStream << values; -- -+ - GpgME::Data decryptedData(dataBuffer.data(), dataBuffer.size(), false); - GpgME::Data encryptedData; - std::vector< GpgME::Key > keys; -@@ -574,7 +585,7 @@ int GpgPersistHandler::write(Backend* wb, KSaveFile& sf, QByteArray& version, WI - return -4; // write error - } - } -- -+ - return 0; - } - -@@ -596,7 +607,7 @@ int GpgPersistHandler::read(Backend* wb, QFile& sf, WId w) - while (bytes = sf.read(buffer, sizeof(buffer)/sizeof(buffer[0]))){ - encryptedData.write(buffer, bytes); - } -- -+ - retry_label: - boost::shared_ptr< GpgME::Context > ctx( GpgME::Context::createForProtocol(GpgME::OpenPGP) ); - if (0 == ctx) { -@@ -620,13 +631,13 @@ int GpgPersistHandler::read(Backend* wb, QFile& sf, WId w) - } - return -1; - } -- -+ - decryptedData.seek(0, SEEK_SET); - QByteArray dataBuffer; - while (bytes = decryptedData.read(buffer, sizeof(buffer)/sizeof(buffer[0]))){ - dataBuffer.append(buffer, bytes); - } -- -+ - // load the wallet from the decrypted data - QDataStream dataStream(dataBuffer); - QString keyID; -@@ -661,10 +672,10 @@ int GpgPersistHandler::read(Backend* wb, QFile& sf, WId w) - return -1; - } - -- -+ - QDataStream hashStream(hashes); - QDataStream valueStream(values); -- -+ - quint32 hashCount; - hashStream >> hashCount; - if (hashCount > 0xFFFF) { -@@ -675,10 +686,10 @@ int GpgPersistHandler::read(Backend* wb, QFile& sf, WId w) - while (hashCount--){ - KMD5::Digest d; - hashStream.readRawData(reinterpret_cast<char *>(d), 16); -- -+ - quint32 folderSize; - hashStream >> folderSize; -- -+ - MD5Digest ba = MD5Digest(reinterpret_cast<char *>(d)); - QMap<MD5Digest, QList<MD5Digest> >::iterator it = wb->_hashes.insert(ba, QList<MD5Digest>()); - while (folderSize--){ -@@ -688,27 +699,27 @@ int GpgPersistHandler::read(Backend* wb, QFile& sf, WId w) - (*it).append(ba); - } - } -- -+ - while (folderCount--){ - QString folder; - valueStream >> folder; -- -+ - quint32 entryCount; - valueStream >> entryCount; -- -+ - wb->_entries[folder].clear(); -- -+ - while (entryCount--){ - KWallet::Wallet::EntryType et = KWallet::Wallet::Unknown; - Entry *e = new Entry; -- -+ - QString key; - valueStream >> key; -- -+ - qint32 x =0; // necessary to read properly - valueStream >> x; - et = static_cast<KWallet::Wallet::EntryType>(x); -- -+ - switch (et) { - case KWallet::Wallet::Password: - case KWallet::Wallet::Stream: -@@ -718,7 +729,7 @@ int GpgPersistHandler::read(Backend* wb, QFile& sf, WId w) - delete e; - continue; - } -- -+ - QByteArray a; - valueStream >> a; - e->setValue(a); -@@ -727,7 +738,7 @@ int GpgPersistHandler::read(Backend* wb, QFile& sf, WId w) - wb->_entries[folder][key] = e; - } - } -- -+ - wb->_open = true; - - return 0; -diff --git a/kwalletd/backend/backendpersisthandler.h b/kwalletd/backend/backendpersisthandler.h -index a33db48..11d67f2 100644 ---- a/kwalletd/backend/backendpersisthandler.h -+++ b/kwalletd/backend/backendpersisthandler.h -@@ -60,11 +60,13 @@ public: - - class BlowfishPersistHandler : public BackendPersistHandler { - public: -- BlowfishPersistHandler() {} -+ explicit BlowfishPersistHandler(bool useECBforReading =false) : _useECBforReading(useECBforReading) {} - virtual ~BlowfishPersistHandler() {} - - virtual int write(Backend* wb, KSaveFile& sf, QByteArray& version, WId w); - virtual int read(Backend* wb, QFile& sf, WId w); -+private: -+ bool _useECBforReading; - }; - - #ifdef HAVE_QGPGME -diff --git a/kwalletd/backend/cbc.cc b/kwalletd/backend/cbc.cc -index 7bc5f38..772f3de 100644 ---- a/kwalletd/backend/cbc.cc -+++ b/kwalletd/backend/cbc.cc -@@ -1,149 +1,212 @@ - /* This file is part of the KDE project - Copyright (C) 2001 George Staikos <[email protected]> -- -+ - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Library General Public - License as published by the Free Software Foundation; either - version 2 of the License, or (at your option) any later version. -- -+ - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Library General Public License for more details. -- -+ - You should have received a copy of the GNU Library General Public License - along with this library; see the file COPYING.LIB. If not, write to - the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, - Boston, MA 02110-1301, USA. - */ - -- - #include "cbc.h" - #include <string.h> -- -- -- --CipherBlockChain::CipherBlockChain(BlockCipher *cipher) : _cipher(cipher) { -- _next = 0L; -- _register = 0L; -- _len = -1; -- _reader = _writer = 0L; -- if (cipher) { -- _blksz = cipher->blockSize(); -- } -+#include <kdebug.h> -+ -+CipherBlockChain::CipherBlockChain(BlockCipher *cipher, bool useECBforReading) : -+ _cipher(cipher) -+ , _useECBforReading(useECBforReading) -+{ -+ _next = 0L; -+ _register = 0L; -+ _len = -1; -+ _reader = _writer = 0L; -+ if (cipher) { -+ _blksz = cipher->blockSize(); -+ } - } - -- --CipherBlockChain::~CipherBlockChain() { -- delete[] (char *)_register; -- _register = 0L; -- delete[] (char *)_next; -- _next = 0L; -+CipherBlockChain::~CipherBlockChain() -+{ -+ delete[](char *)_register; -+ _register = 0L; -+ delete[](char *)_next; -+ _next = 0L; - } - -- --bool CipherBlockChain::setKey(void *key, int bitlength) { -- if (_cipher) { -- return _cipher->setKey(key, bitlength); -- } -- return false; -+bool CipherBlockChain::setKey(void *key, int bitlength) -+{ -+ if (_cipher) { -+ return _cipher->setKey(key, bitlength); -+ } -+ return false; - } - -- --int CipherBlockChain::keyLen() const { -- if (_cipher) { -- return _cipher->keyLen(); -- } -- return -1; -+int CipherBlockChain::keyLen() const -+{ -+ if (_cipher) { -+ return _cipher->keyLen(); -+ } -+ return -1; - } - -- --bool CipherBlockChain::variableKeyLen() const { -- if (_cipher) { -- return _cipher->variableKeyLen(); -- } -- return false; -+bool CipherBlockChain::variableKeyLen() const -+{ -+ if (_cipher) { -+ return _cipher->variableKeyLen(); -+ } -+ return false; - } - -- --bool CipherBlockChain::readyToGo() const { -- if (_cipher) { -- return _cipher->readyToGo(); -- } -- return false; -+bool CipherBlockChain::readyToGo() const -+{ -+ if (_cipher) { -+ return _cipher->readyToGo(); -+ } -+ return false; - } - -- --int CipherBlockChain::encrypt(void *block, int len) { -- if (_cipher && !_reader) { -- int rc; -- -- _writer |= 1; -- -- if (!_register) { -- _register = new unsigned char[len]; -- _len = len; -- memset(_register, 0, len); -- } else if (len > _len) { -- return -1; -- } -- -- // This might be optimizable -- char *tb = (char *)block; -- for (int i = 0; i < len; i++) { -- tb[i] ^= ((char *)_register)[i]; -- } -- -- rc = _cipher->encrypt(block, len); -- -- if (rc != -1) { -- memcpy(_register, block, len); -- } -- -- return rc; -- } -- return -1; -+void CipherBlockChain::initRegister() { -+ if (_register == 0L) { -+ size_t registerLen = _cipher->blockSize(); -+ _register = new unsigned char[registerLen]; -+ _len = registerLen; -+ } -+ memset(_register, 0, _len); - } - -+int CipherBlockChain::encrypt(void *block, int len) -+{ -+ if (_cipher && !_reader) { -+ int rc; - --int CipherBlockChain::decrypt(void *block, int len) { -- if (_cipher && !_writer) { -- int rc; -+ _writer |= 1; - -- _reader |= 1; -+ initRegister(); - -- if (!_register) { -- _register = new unsigned char[len]; -- _len = len; -- memset(_register, 0, len); -- } else if (len > _len) { -- return -1; -- } -+ if ((len % _len) >0) { -+ kDebug() << "Block length given encrypt (" << len << ") is not a multiple of " << _len; -+ return -1; -+ } - -- if (!_next) -- _next = new unsigned char[_len]; -- memcpy(_next, block, _len); -+ char *elemBlock = static_cast<char*>(block); -+ for (int b = 0; b < len/_len; b++) { - -- rc = _cipher->decrypt(block, len); -+ // This might be optimizable -+ char *tb = static_cast<char*>(elemBlock); -+ for (int i = 0; i < _len; i++) { -+ *tb++ ^= ((char *)_register)[i]; -+ } - -- if (rc != -1) { -- // This might be optimizable -- char *tb = (char *)block; -- for (int i = 0; i < len; i++) { -- tb[i] ^= ((char *)_register)[i]; -- } -- } -+ rc = _cipher->encrypt(elemBlock, _len); - -- void *temp; -- temp = _next; -- _next = _register; -- _register = temp; -+ if (rc != -1) { -+ memcpy(_register, elemBlock, _len); -+ } -+ elemBlock += _len; -+ } - -- return rc; -- } -- return -1; -+ return rc; -+ } -+ return -1; - } - -+// This is the old decrypt method, that was decrypting using ECB -+// instead of CBC -+int CipherBlockChain::decryptECB(void *block, int len) { -+ if (_cipher && !_writer) { -+ int rc; -+ -+ _reader |= 1; -+ -+ if (!_register) { -+ _register = new unsigned char[len]; -+ _len = len; -+ memset(_register, 0, len); -+ } else if (len > _len) { -+ return -1; -+ } -+ -+ if (!_next) { -+ _next = new unsigned char[_len]; -+ } -+ memcpy(_next, block, _len); -+ -+ rc = _cipher->decrypt(block, len); -+ -+ if (rc != -1) { -+ // This might be optimizable -+ char *tb = (char *)block; -+ for (int i = 0; i < len; i++) { -+ tb[i] ^= ((char *)_register)[i]; -+ } -+ } -+ -+ void *temp; -+ temp = _next; -+ _next = _register; -+ _register = temp; -+ -+ return rc; -+ } -+ return -1; -+} - -- -+int CipherBlockChain::decrypt(void *block, int len) -+{ -+ if (_useECBforReading) { -+ kDebug() << "decrypting using ECB!"; -+ return decryptECB(block, len); -+ } -+ -+ if (_cipher && !_writer) { -+ int rc = 0; -+ -+ _reader |= 1; -+ -+ initRegister(); -+ -+ if ((len % _len) >0) { -+ kDebug() << "Block length given for decrypt (" << len << ") is not a multiple of " << _len; -+ return -1; -+ } -+ -+ char *elemBlock = static_cast<char*>(block); -+ for (int b = 0; b < len/_len; b++) { -+ if (_next == 0L) { -+ _next = new unsigned char[_len]; -+ } -+ memcpy(_next, elemBlock, _len); -+ -+ int bytesDecrypted = _cipher->decrypt(elemBlock, _len); -+ -+ if (bytesDecrypted != -1) { -+ rc += bytesDecrypted; -+ // This might be optimizable -+ char *tb = (char *)elemBlock; -+ for (int i = 0; i < _len; i++) { -+ *tb++ ^= ((char *)_register)[i]; -+ } -+ } -+ -+ void *temp; -+ temp = _next; -+ _next = _register; -+ _register = temp; -+ -+ elemBlock += _len; -+ } -+ -+ return rc; -+ } -+ return -1; -+} - -diff --git a/kwalletd/backend/cbc.h b/kwalletd/backend/cbc.h -index 1ce971a..8750785 100644 ---- a/kwalletd/backend/cbc.h -+++ b/kwalletd/backend/cbc.h -@@ -1,24 +1,22 @@ - /* This file is part of the KDE project - Copyright (C) 2001 George Staikos <[email protected]> -- -+ - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Library General Public - License as published by the Free Software Foundation; either - version 2 of the License, or (at your option) any later version. -- -+ - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Library General Public License for more details. -- -+ - You should have received a copy of the GNU Library General Public License - along with this library; see the file COPYING.LIB. If not, write to - the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, - Boston, MA 02110-1301, USA. - */ - -- -- - #ifndef __CBC__KO__H - #define __CBC__KO__H - -@@ -33,30 +31,34 @@ - * calls to the other will fail in this instance. - */ - --class CipherBlockChain : public BlockCipher { -- public: -- CipherBlockChain(BlockCipher *cipher); -- virtual ~CipherBlockChain(); -+class CipherBlockChain : public BlockCipher -+{ -+public: -+ CipherBlockChain(BlockCipher *cipher, bool useECBforReading =false); -+ virtual ~CipherBlockChain(); - -- virtual bool setKey(void *key, int bitlength); -+ virtual bool setKey(void *key, int bitlength); - -- virtual int keyLen() const; -+ virtual int keyLen() const; - -- virtual bool variableKeyLen() const; -+ virtual bool variableKeyLen() const; - -- virtual bool readyToGo() const; -+ virtual bool readyToGo() const; - -- virtual int encrypt(void *block, int len); -+ virtual int encrypt(void *block, int len); - -- virtual int decrypt(void *block, int len); -+ virtual int decrypt(void *block, int len); - -- private: -- BlockCipher *_cipher; -- void *_register; -- void *_next; -- int _len; -- int _reader, _writer; -+private: -+ void initRegister(); -+ int decryptECB(void *block, int len); - -+ BlockCipher *_cipher; -+ void *_register; -+ void *_next; -+ int _len; -+ int _reader, _writer; -+ bool _useECBforReading; - }; - - #endif -diff --git a/kwalletd/backend/tests/testbf.cpp b/kwalletd/backend/tests/testbf.cpp -index 12dc746..b3d554a 100644 ---- a/kwalletd/backend/tests/testbf.cpp -+++ b/kwalletd/backend/tests/testbf.cpp -@@ -4,64 +4,60 @@ - #include "blowfish.h" - #include "cbc.h" - -- --int main() { --BlockCipher *bf; --char data[] = "This is a test."; --char expect[] = "\x22\x30\x7e\x2f\x42\x28\x44\x01\xda\xdf\x5a\x81\xd7\xe5\x7c\xd0"; --char key[] = "testkey"; --unsigned long et[] = {0x11223344}; -- -- printf("%d: 0x11 == %d and 0x44 == %d\n", ((unsigned char *)et)[0], -- 0x11, 0x44); -- bf = new BlowFish(); -+int main() -+{ -+ BlockCipher *bf; -+ char data[] = "This is a test."; -+ char expect[] = "\x3f\x3c\x2d\xae\x8c\x7\x84\xf2\xa7\x6d\x28\xbd\xd\xb\xb8\x79"; -+ char key[] = "testkey"; -+ unsigned long et[] = {0x11223344}; -+ -+ printf("%d: 0x11 == %d and 0x44 == %d\n", ((unsigned char *)et)[0], -+ 0x11, 0x44); -+ bf = new BlowFish(); - // bf = new CipherBlockChain(new BlowFish()); - -- bf->setKey((void *)key, 7*8); -- -- if (!bf->readyToGo()) { -- printf("Error: not ready to go!\n"); -- return -1; -- } -+ bf->setKey((void *)key, 7 * 8); - -- printf("About to encrypt...\n"); fflush(stdout); -- if (-1 == bf->encrypt((void *)data, 8)) { -- printf("Error: encrypt failed!\n"); -- return -1; -- } -- printf("About to encrypt part 2...\n"); fflush(stdout); -- bf->encrypt((void *)(data+8), 8); -- -- printf("Encryption done. data[] is now: "); -- for (int i = 0; i < 16; i++) { -- printf("0x%x ", data[i]&0xff); -- if ((data[i]&0xff) != (expect[i]&0xff)) { -- printf("Error. This byte failed the comparison. It should have been 0x%x.\n", expect[i]&0xff); -+ if (!bf->readyToGo()) { -+ printf("Error: not ready to go!\n"); - return -1; -- } -- } -- printf("\n"); -+ } - -- delete bf; -- bf = new BlowFish(); -+ printf("About to encrypt...\n"); fflush(stdout); -+ if (-1 == bf->encrypt((void *)data, 16)) { -+ printf("Error: encrypt failed!\n"); -+ return -1; -+ } -+ -+ printf("Encryption done. data[] is now: "); -+ for (int i = 0; i < 16; i++) { -+ printf("0x%x ", data[i] & 0xff); -+ if ((data[i] & 0xff) != (expect[i] & 0xff)) { -+ printf("Error. This byte failed the comparison. It should have been 0x%x.\n", expect[i] & 0xff); -+ break; -+ } -+ } -+ printf("\n"); -+ -+ delete bf; -+ bf = new BlowFish(); - // bf = new CipherBlockChain(new BlowFish()); -- bf->setKey((void *)key, 7*8); -+ bf->setKey((void *)key, 7 * 8); - -- printf("About to decrypt...\n"); fflush(stdout); -- if (-1 == bf->decrypt((void *)data, 16)) { -- printf("Error: decrypt failed!\n"); -- return -1; -- } -- //bf->decrypt((void *)(data+8), 8); -+ printf("About to decrypt...\n"); fflush(stdout); -+ if (-1 == bf->decrypt((void *)data, 16)) { -+ printf("Error: decrypt failed!\n"); -+ return -1; -+ } -+ //bf->decrypt((void *)(data+8), 8); - -- printf("All done! Result... data[] = \"%s\"\n", data); -- if (strcmp(data, "This is a test.")) { -- printf("ERROR. Decryption failed.\n"); -- return -1; -- } -+ printf("All done! Result... data[] = \"%s\"\n", data); -+ if (strcmp(data, "This is a test.")) { -+ printf("ERROR. Decryption failed.\n"); -+ return -1; -+ } - -- delete bf; -+ delete bf; - } - -- -- --- -2.2.1 - diff --git a/kde-apps/kwalletd/files/kwalletd-4.14.3-fix-random-open.patch b/kde-apps/kwalletd/files/kwalletd-4.14.3-fix-random-open.patch deleted file mode 100644 index 7443e3f..0000000 --- a/kde-apps/kwalletd/files/kwalletd-4.14.3-fix-random-open.patch +++ /dev/null @@ -1,152 +0,0 @@ -commit 33a17ba0104cd94f2e33a3ac007b300553cdb417 -Author: Valentin Rusu <[email protected]> -Date: Mon Feb 16 22:44:07 2015 +0100 - - Fix for the random wallet open failure when updating - - The problem seems to be caused by the use of BackendPersistHandler - singleton when the user has several wallets on his system and not - all of them have been updated to the new schema. - - BUG: 343718 - -diff --git a/kwalletd/backend/backendpersisthandler.cpp b/kwalletd/backend/backendpersisthandler.cpp -index 5c321c9..b7f63f8 100644 ---- a/kwalletd/backend/backendpersisthandler.cpp -+++ b/kwalletd/backend/backendpersisthandler.cpp -@@ -140,25 +140,14 @@ static int getRandomBlock(QByteArray& randBlock) { - #endif - } - -- -- --static BlowfishPersistHandler *blowfishHandler =0; --#ifdef HAVE_QGPGME --static GpgPersistHandler *gpgHandler =0; --#endif // HAVE_QGPGME -- - BackendPersistHandler *BackendPersistHandler::getPersistHandler(BackendCipherType cipherType) - { - switch (cipherType){ - case BACKEND_CIPHER_BLOWFISH: -- if (0 == blowfishHandler) -- blowfishHandler = new BlowfishPersistHandler; -- return blowfishHandler; -+ return new BlowfishPersistHandler; - #ifdef HAVE_QGPGME - case BACKEND_CIPHER_GPG: -- if (0 == gpgHandler) -- gpgHandler = new GpgPersistHandler; -- return gpgHandler; -+ return new GpgPersistHandler; - #endif // HAVE_QGPGME - default: - Q_ASSERT(0); -@@ -170,21 +159,16 @@ BackendPersistHandler *BackendPersistHandler::getPersistHandler(char magicBuf[12 - { - if ((magicBuf[2] == KWALLET_CIPHER_BLOWFISH_ECB || magicBuf[2] == KWALLET_CIPHER_BLOWFISH_CBC) && - (magicBuf[3] == KWALLET_HASH_SHA1 || magicBuf[3] == KWALLET_HASH_PBKDF2_SHA512)) { -- if (0 == blowfishHandler) { -- bool useECBforReading = magicBuf[2] == KWALLET_CIPHER_BLOWFISH_ECB; -- if (useECBforReading) { -- qDebug() << "this wallet uses ECB encryption. It'll be converted to CBC on next save."; -- } -- blowfishHandler = new BlowfishPersistHandler(useECBforReading); -+ bool useECBforReading = magicBuf[2] == KWALLET_CIPHER_BLOWFISH_ECB; -+ if (useECBforReading) { -+ qDebug() << "this wallet uses ECB encryption. It'll be converted to CBC on next save."; - } -- return blowfishHandler; -+ return new BlowfishPersistHandler(useECBforReading); - } - #ifdef HAVE_QGPGME - if (magicBuf[2] == KWALLET_CIPHER_GPG && - magicBuf[3] == 0) { -- if (0 == gpgHandler) -- gpgHandler = new GpgPersistHandler; -- return gpgHandler; -+ return new GpgPersistHandler; - } - #endif // HAVE_QGPGME - return 0; // unknown cipher or hash -diff --git a/kwalletd/backend/kwalletbackend.cc b/kwalletd/backend/kwalletbackend.cc -index 7d439e3..9240103 100644 ---- a/kwalletd/backend/kwalletbackend.cc -+++ b/kwalletd/backend/kwalletbackend.cc -@@ -266,7 +266,7 @@ int Backend::open(const QByteArray& password, WId w) { - if (_open) { - return -255; // already open - } -- -+ - setPassword(password); - return openInternal(w); - } -@@ -287,20 +287,20 @@ int Backend::openPreHashed(const QByteArray &passwordHash) - if (_open) { - return -255; // already open - } -- -+ - // check the password hash for correct size (currently fixed) - if (passwordHash.size() != 20 && passwordHash.size() != 40 && - passwordHash.size() != 56) { - return -42; // unsupported encryption scheme - } -- -+ - _passhash = passwordHash; - _newPassHash = passwordHash; - _useNewHash = true;//Only new hash is supported - - return openInternal(); - } -- -+ - int Backend::openInternal(WId w) - { - // No wallet existed. Let's create it. -@@ -350,7 +350,9 @@ int Backend::openInternal(WId w) - if (0 == phandler){ - return 42; // unknown cipher or hash - } -- return phandler->read(this, db, w); -+ int result = phandler->read(this, db, w); -+ delete phandler; -+ return result; - } - - void Backend::swapToNewHash() -@@ -427,6 +429,7 @@ int Backend::sync(WId w) { - notification->setText( i18n("Failed to sync wallet <b>%1</b> to disk. Error codes are:\nRC <b>%2</b>\nSF <b>%3</b>. Please file a BUG report using this information to bugs.kde.org").arg(_name).arg(rc).arg(sf.errorString()) ); - notification->sendEvent(); - } -+ delete phandler; - return rc; - } - -@@ -439,7 +442,7 @@ int Backend::close(bool save) { - return rc; - } - } -- -+ - // do the actual close - for (FolderMap::ConstIterator i = _entries.constBegin(); i != _entries.constEnd(); ++i) { - for (EntryMap::ConstIterator j = i.value().constBegin(); j != i.value().constEnd(); ++j) { -@@ -447,13 +450,13 @@ int Backend::close(bool save) { - } - } - _entries.clear(); -- -+ - // empty the password hash - _passhash.fill(0); - _newPassHash.fill(0); - - _open = false; -- -+ - return 0; - } -
