net/netatalk uses a prefix-less API even older than des_ and found at
the end of <openssl/des_old.h>.
configure still checks for -ldes, but this looks like a vestige given
that the automake glue refers to OpenSSL, so I decided that it wasn't
worth trying to maintain compatibility with the 1990s.
ok?
Index: patches/patch-bin_afppasswd_afppasswd_c
===================================================================
RCS file: patches/patch-bin_afppasswd_afppasswd_c
diff -N patches/patch-bin_afppasswd_afppasswd_c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-bin_afppasswd_afppasswd_c 15 Apr 2014 14:40:09 -0000
@@ -0,0 +1,30 @@
+$OpenBSD$
+--- bin/afppasswd/afppasswd.c.orig Tue Jul 23 11:10:55 2013
++++ bin/afppasswd/afppasswd.c Tue Apr 15 16:24:33 2014
+@@ -70,7 +70,7 @@ static char buf[MAXPATHLEN + 1];
+ static void convert_passwd(char *buf, char *newpwd, const int keyfd)
+ {
+ u_int8_t key[HEXPASSWDLEN];
+- Key_schedule schedule;
++ DES_key_schedule schedule;
+ unsigned int i, j;
+
+ if (!newpwd) {
+@@ -89,14 +89,14 @@ static void convert_passwd(char *buf, char *newpwd, co
+ key[j] = (unhex(key[i]) << 4) | unhex(key[i + 1]);
+ if (j <= DES_KEY_SZ)
+ memset(key + j, 0, sizeof(key) - j);
+- key_sched((C_Block *) key, schedule);
++ DES_key_sched((DES_cblock *) key, &schedule);
+ memset(key, 0, sizeof(key));
+ if (newpwd) {
+- ecb_encrypt((C_Block *) newpwd, (C_Block *) newpwd, schedule,
++ DES_ecb_encrypt((DES_cblock *) newpwd, (DES_cblock *) newpwd, &schedule,
+ DES_ENCRYPT);
+ } else {
+ /* decrypt the password */
+- ecb_encrypt((C_Block *) buf, (C_Block *) buf, schedule, DES_DECRYPT);
++ DES_ecb_encrypt((DES_cblock *) buf, (DES_cblock *) buf, &schedule,
DES_DECRYPT);
+ }
+ memset(&schedule, 0, sizeof(schedule));
+ }
Index: patches/patch-etc_uams_uams_randnum_c
===================================================================
RCS file: patches/patch-etc_uams_uams_randnum_c
diff -N patches/patch-etc_uams_uams_randnum_c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-etc_uams_uams_randnum_c 15 Apr 2014 14:40:09 -0000
@@ -0,0 +1,103 @@
+$OpenBSD$
+--- etc/uams/uams_randnum.c.orig Tue Jul 23 11:10:55 2013
++++ etc/uams/uams_randnum.c Tue Apr 15 16:38:15 2014
+@@ -55,8 +55,8 @@ char *strchr (), *strrchr ();
+
+ #define PASSWDLEN 8
+
+-static C_Block seskey;
+-static Key_schedule seskeysched;
++static DES_cblock seskey;
++static DES_key_schedule seskeysched;
+ static struct passwd *randpwd;
+ static u_int8_t randbuf[8];
+
+@@ -146,7 +146,7 @@ static int afppasswd(const struct passwd *pwd,
+ {
+ u_int8_t key[DES_KEY_SZ*2];
+ char buf[MAXPATHLEN + 1], *p;
+- Key_schedule schedule;
++ DES_key_schedule schedule;
+ FILE *fp;
+ unsigned int i, j;
+ int keyfd = -1, err = 0;
+@@ -203,17 +203,17 @@ afppasswd_found:
+ key[j] = (unhex(key[i]) << 4) | unhex(key[i + 1]);
+ if (j <= DES_KEY_SZ)
+ memset(key + j, 0, sizeof(key) - j);
+- key_sched((C_Block *) key, schedule);
++ DES_key_sched((DES_cblock *) key, &schedule);
+ memset(key, 0, sizeof(key));
+
+ if (set) {
+ /* NOTE: this takes advantage of the fact that passwd doesn't
+ * get used after this call if it's being set. */
+- ecb_encrypt((C_Block *) passwd, (C_Block *) passwd, schedule,
++ DES_ecb_encrypt((DES_cblock *) passwd, (DES_cblock *) passwd, &schedule,
+ DES_ENCRYPT);
+ } else {
+ /* decrypt the password */
+- ecb_encrypt((C_Block *) p, (C_Block *) p, schedule, DES_DECRYPT);
++ DES_ecb_encrypt((DES_cblock *) p, (DES_cblock *) p, &schedule,
DES_DECRYPT);
+ }
+ memset(&schedule, 0, sizeof(schedule));
+ }
+@@ -362,10 +362,10 @@ static int randnum_logincont(void *obj, struct passwd
+
+ /* encrypt. this saves a little space by using the fact that
+ * des can encrypt in-place without side-effects. */
+- key_sched((C_Block *) seskey, seskeysched);
++ DES_key_sched((DES_cblock *) seskey, &seskeysched);
+ memset(seskey, 0, sizeof(seskey));
+- ecb_encrypt((C_Block *) randbuf, (C_Block *) randbuf,
+- seskeysched, DES_ENCRYPT);
++ DES_ecb_encrypt((DES_cblock *) randbuf, (DES_cblock *) randbuf,
++ &seskeysched, DES_ENCRYPT);
+ memset(&seskeysched, 0, sizeof(seskeysched));
+
+ /* test against what the client sent */
+@@ -406,10 +406,10 @@ static int rand2num_logincont(void *obj, struct passwd
+ seskey[i] <<= 1;
+
+ /* encrypt randbuf */
+- key_sched((C_Block *) seskey, seskeysched);
++ DES_key_sched((DES_cblock *) seskey, &seskeysched);
+ memset(seskey, 0, sizeof(seskey));
+- ecb_encrypt( (C_Block *) randbuf, (C_Block *) randbuf,
+- seskeysched, DES_ENCRYPT);
++ DES_ecb_encrypt( (DES_cblock *) randbuf, (DES_cblock *) randbuf,
++ &seskeysched, DES_ENCRYPT);
+
+ /* test against client's reply */
+ if (memcmp(randbuf, ibuf, sizeof(randbuf))) { /* != */
+@@ -421,8 +421,8 @@ static int rand2num_logincont(void *obj, struct passwd
+ memset(randbuf, 0, sizeof(randbuf));
+
+ /* encrypt client's challenge and send back */
+- ecb_encrypt( (C_Block *) ibuf, (C_Block *) rbuf,
+- seskeysched, DES_ENCRYPT);
++ DES_ecb_encrypt( (DES_cblock *) ibuf, (DES_cblock *) rbuf,
++ &seskeysched, DES_ENCRYPT);
+ memset(&seskeysched, 0, sizeof(seskeysched));
+ *rbuflen = sizeof(randbuf);
+
+@@ -457,15 +457,15 @@ static int randnum_changepw(void *obj, const char *use
+ return err;
+
+ /* use old passwd to decrypt new passwd */
+- key_sched((C_Block *) seskey, seskeysched);
++ DES_key_sched((DES_cblock *) seskey, &seskeysched);
+ ibuf += PASSWDLEN; /* new passwd */
+ ibuf[PASSWDLEN] = '\0';
+- ecb_encrypt( (C_Block *) ibuf, (C_Block *) ibuf, seskeysched,
DES_DECRYPT);
++ DES_ecb_encrypt( (DES_cblock *) ibuf, (DES_cblock *) ibuf, &seskeysched,
DES_DECRYPT);
+
+ /* now use new passwd to decrypt old passwd */
+- key_sched((C_Block *) ibuf, seskeysched);
++ DES_key_sched((DES_cblock *) ibuf, &seskeysched);
+ ibuf -= PASSWDLEN; /* old passwd */
+- ecb_encrypt((C_Block *) ibuf, (C_Block *) ibuf, seskeysched, DES_DECRYPT);
++ DES_ecb_encrypt((DES_cblock *) ibuf, (DES_cblock *) ibuf, &seskeysched,
DES_DECRYPT);
+ if (memcmp(seskey, ibuf, sizeof(seskey)))
+ err = AFPERR_NOTAUTH;
+ else if (memcmp(seskey, ibuf + PASSWDLEN, sizeof(seskey)) == 0)
--
Christian "naddy" Weisgerber na...@mips.inka.de
