diff options
-rw-r--r-- | security/cfs/Makefile | 1 | ||||
-rw-r--r-- | security/cfs/files/patch-cfs_fh.c | 83 |
2 files changed, 70 insertions, 14 deletions
diff --git a/security/cfs/Makefile b/security/cfs/Makefile index cc13db23ddfe..261478ad8183 100644 --- a/security/cfs/Makefile +++ b/security/cfs/Makefile @@ -7,6 +7,7 @@ PORTNAME= cfs PORTVERSION= 1.4.1 +PORTREVESION= 1 CATEGORIES= security MASTER_SITES= http://www.crypto.com/software/ diff --git a/security/cfs/files/patch-cfs_fh.c b/security/cfs/files/patch-cfs_fh.c index f474d23b7100..f2fcf64686bf 100644 --- a/security/cfs/files/patch-cfs_fh.c +++ b/security/cfs/files/patch-cfs_fh.c @@ -1,16 +1,71 @@ ---- cfs_fh.c.orig Mon Aug 27 01:47:52 2001 -+++ cfs_fh.c Mon Aug 27 01:48:41 2001 -@@ -177,6 +177,13 @@ - perror("write"); - return -1; - } -+ /* due to the way the file is padded we may actually have to -+ truncate it here. This happens when the write is at the end of -+ the file, is shorter than CFSBLOCK and brings the file to a length -+ which is evenly dividable by CFSBLOCK */ -+ if (offset+len > dtov(sb.st_size) && vtod(offset+len) < sb.st_size) { -+ ftruncate(fd, vtod(offset+len)); +--- cfs_fh.c.orig Sat Apr 17 20:44:41 2004 ++++ cfs_fh.c Sat Apr 17 23:01:11 2004 +@@ -225,7 +225,9 @@ + } + + /* +- * set high order bits ++ * Carefully frob the high order bits of s in a way that is both easily ++ * reversible (see unchksum) and backwards-compatible (at least for 7-bit ++ * characters). + */ + chksum(s,l) + char *s; +@@ -236,16 +238,44 @@ + u_char bits[8]; + + acc=0; +- for (i=0; s[i]!='\0'; i++) +- acc += s[i]*((i%6)+1); ++ /* Everything we do here must be reproducible without knowledge of ++ bit 7 because unchksum won't have that information. Therefore, ++ only accumulate the lower 7 bits of each char and stop at the ++ first occurrence of either 0x00 or 0x80. Note that, for inputs ++ with bit 7 constantly zero, this is equivalent to looking at the ++ whole string. */ ++ for (i=0; (s[i]&0x7f) != '\0'; i++) ++ acc += (s[i]&0x7f)*((i%6)+1); ++ for (; s[i]!='\0'; i++) /* advance i if we stopped at a 0x80 */ ++ ; + for (i++; i<l; i++) /* fill up the end */ + s[i] = s[i%8]; + for (i=0; i<8; i++) + bits[i] = (acc<<(i%8))&0x80; + for (i=0; i<l; i++) +- s[i] |= bits[i%8]; ++ s[i] ^= bits[i%8]; + } + ++unchksum(s,l) ++ char *s; ++ long l; ++{ ++ u_long acc; ++ int i; ++ u_char bits[8]; ++ ++ acc=0; ++ for (i=0; (s[i]&0x7f) != '\0'; i++) ++ acc += (s[i]&0x7f)*((i%6)+1); ++ for (i=0; i<8; i++) ++ bits[i] = (acc<<(i%8))&0x80; ++ for (i=0; i<l; i++) { ++ s[i] ^= bits[i%8]; ++ /* not sure whether this actually buys any performance */ ++ if(s[i]=='\0') ++ break; /* found end of filename, can stop here */ + } - /* iolen may contain CFSBLOCK extra chars */ - return(dtov(iolen)-fronterr); ++} + + /* + * decrypt path component +@@ -286,8 +316,7 @@ + if (l%CFSBLOCK) + return NULL; + dodecrypt(key,clearstring,l,10241,zerovect); +- for (i=0; (clearstring[i]&0x7f) !='\0'; i++) +- clearstring[i] &= 0x7f; ++ unchksum(clearstring,l); + clearstring[i]='\0'; + return clearstring; } |