diff options
| author | Harald Welte <laforge@gnumonks.org> | 2018-05-14 12:18:14 +0200 |
|---|---|---|
| committer | Harald Welte <laforge@gnumonks.org> | 2018-05-14 12:18:46 +0200 |
| commit | 51fe6da41103e81ee4bf6af7a6170a11755d70ec (patch) | |
| tree | 6e2af6b38c077f1b399b626da64cff4bde3efbe4 /redmine | |
| parent | 196206b159f5cf36e12e5cc8719bdbd1660e88d7 (diff) | |
redmine: Add OpenID Digest::HMAC fix
From Holger:
Digest: This seems a bit of the magic of ruby but I vaguely remember having seen this before. I have
either patched or backported a fix. In newer Ruby versions "Digest" has been deprecated. The diff to
"stock" openid 2.3.0 is:
Change-Id: Idaca479140846481372ad0e1bff741bb09010847
Related: OS#3081
Diffstat (limited to 'redmine')
| -rw-r--r-- | redmine/Dockerfile | 3 | ||||
| -rw-r--r-- | redmine/redmine-openid-hmac-digest.diff | 46 |
2 files changed, 49 insertions, 0 deletions
diff --git a/redmine/Dockerfile b/redmine/Dockerfile index 67b00a8..81976c6 100644 --- a/redmine/Dockerfile +++ b/redmine/Dockerfile @@ -9,3 +9,6 @@ RUN apt-get update && \ COPY redmine-issue-2047-svg-image-support.diff /tmp/redmine-issue-2047-svg-image-support.diff RUN cd app && patch -p1 < /tmp/redmine-issue-2047-svg-image-support.diff + +COPY redmine-openid-hmac-digest.diff /tmp/ +RUN cd /usr/local/bundle/gems/ruby-openid-2.3.0 && patch -p0 < /tmp/redmine-openid-hmac-digest.diff diff --git a/redmine/redmine-openid-hmac-digest.diff b/redmine/redmine-openid-hmac-digest.diff new file mode 100644 index 0000000..e5b22dc --- /dev/null +++ b/redmine/redmine-openid-hmac-digest.diff @@ -0,0 +1,46 @@ +diff -Nurd lib/openid/cryptutil.rb +/usr/local/lib/ruby/gems/2.3/gems/ruby-openid-2.3.0/lib/openid/cryptutil.rb +--- lib/openid/cryptutil.rb 1970-01-01 00:00:00.000000000 +0000 ++++ /usr/local/lib/ruby/gems/2.3/gems/ruby-openid-2.3.0/lib/openid/cryptutil.rb 2017-07-17 +18:25:45.146746571 +0000 +@@ -2,7 +2,7 @@ + require "digest/sha1" + require "digest/sha2" + begin +- require "digest/hmac" ++ require "openssl" + rescue LoadError + begin + # Try loading the ruby-hmac files if they exist +@@ -33,27 +33,19 @@ + end + + def CryptUtil.sha1(text) +- return Digest::SHA1.digest(text) ++ return OpenSSL::Digest.new('sha1').digest(text) + end + + def CryptUtil.hmac_sha1(key, text) +- if Digest.const_defined? :HMAC +- Digest::HMAC.new(key,Digest::SHA1).update(text).digest +- else +- return HMAC::SHA1.digest(key, text) +- end ++ return OpenSSL::HMAC.digest('sha1', key, text) + end + + def CryptUtil.sha256(text) +- return Digest::SHA256.digest(text) ++ return OpenSSL::Digest.new('sha256').digest(text) + end + + def CryptUtil.hmac_sha256(key, text) +- if Digest.const_defined? :HMAC +- Digest::HMAC.new(key,Digest::SHA256).update(text).digest +- else +- return HMAC::SHA256.digest(key, text) +- end ++ return OpenSSL::HMAC.digest('sha256', key, text) + end + + # Generate a random string of the given length, composed of the |