patch to disable xor at compile time

Wed, 28 Mar 2007 11:14:57 -0800 

The paranoid will appreciate the ability to force RPC2SEC_ONLY at
compile time.  Default behavior is unchanged I think.  My server is
now running with this compilation option.

(patch is against rpc2)


Index: configure.in
===================================================================
RCS file: /coda-src/rpc2/configure.in,v
retrieving revision 1.73
diff -u -r1.73 configure.in
--- configure.in        17 Oct 2006 02:01:31 -0000      1.73
+++ configure.in        28 Mar 2007 17:01:19 -0000
@@ -89,6 +89,17 @@
   AC_MSG_WARN(["Building against pthreaded lwp libraries, *experimental*"])
 fi
 
+AC_ARG_ENABLE([xor],
+  [AS_HELP_STRING([--disable-xor],
+    [disable use of old insecure xor "encryption" method])])
+if test "$enable_xor" = yes ; then
+    with_xor=1;
+    AC_MSG_WARN([XOR enabled])
+else
+    with_xor=0;
+fi
+AC_DEFINE_UNQUOTED([WITH_XOR], [$with_xor], [1 if xor should be used])
+
 dnl Generate output files
 AC_CONFIG_FILES(Makefile pkgs/Makefile pkgs/pkg-bsd.sh pkgs/rpc2.spec 
debian/Makefile debian/changelog include/Makefile include/rpc2/Makefile 
secure/Makefile rpc2-src/Makefile rp2gen/Makefile scripts/Makefile)
 AC_OUTPUT
Index: rpc2-src/rpc2b.c
===================================================================
RCS file: /coda-src/rpc2/rpc2-src/rpc2b.c,v
retrieving revision 4.70
diff -u -r4.70 rpc2b.c
--- rpc2-src/rpc2b.c    13 Oct 2006 02:59:47 -0000      4.70
+++ rpc2-src/rpc2b.c    28 Mar 2007 17:01:19 -0000
@@ -112,6 +112,7 @@
     if (RPC2_Preferred_Keysize > 64)
        RPC2_Preferred_Keysize /= 8;
 
+#if WITH_XOR == 1
     /* Do we accept only secure connections, default is no. This can
      * be enabled by setting the RPC2SEC_ONLY environment variable.
      * (and forced as disabled by setting RPC2SEC_ONLY=0/false/no)
@@ -121,6 +122,13 @@
      * only secure connections. */
     env = getenv("RPC2SEC_ONLY");
     RPC2_secure_only = env && memchr("0fFnN", *env, 5) == NULL;
+#else
+    /*
+     * Compile-time flag said accept only secure.  Set variable
+     * unconditionally without checking environment variable.
+     */
+    RPC2_secure_only = 1;
+#endif
 
     verbose = (Options && (Options->Flags & RPC2_OPTION_VERBOSE_INIT));
     secure_init(verbose);

Reply via email to