aboutsummaryrefslogtreecommitdiff
path: root/misc
diff options
context:
space:
mode:
Diffstat (limited to 'misc')
-rw-r--r--misc/chntpw/chntpw.SlackBuild30
-rw-r--r--misc/chntpw/chntpw.info6
-rw-r--r--misc/chntpw/defaultarch.patch.gzbin323 -> 0 bytes
-rw-r--r--misc/chntpw/patches/chntpw-080526-correct-test-for-failing-open-syscall.patch75
-rw-r--r--misc/chntpw/patches/chntpw-110511-detect-failure-to-write-key.patch19
-rw-r--r--misc/chntpw/patches/chntpw-110511-reged-no-deref-null.patch15
-rw-r--r--misc/chntpw/patches/chntpw-110511-robustness.patch39
-rw-r--r--misc/chntpw/patches/chntpw-140201-fix-bogus-errno-use.patch34
-rw-r--r--misc/chntpw/patches/chntpw-140201-get_abs_path.patch10
-rw-r--r--misc/chntpw/patches/chntpw-140201-port-to-gcrypt-debian.patch195
10 files changed, 403 insertions, 20 deletions
diff --git a/misc/chntpw/chntpw.SlackBuild b/misc/chntpw/chntpw.SlackBuild
index 796ac11cdeaec..1c7d8a9a9a335 100644
--- a/misc/chntpw/chntpw.SlackBuild
+++ b/misc/chntpw/chntpw.SlackBuild
@@ -25,13 +25,13 @@
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
PRGNAM=chntpw
-VERSION=${VERSION:-110511}
+VERSION=${VERSION:-140201}
BUILD=${BUILD:-1}
TAG=${TAG:-_SBo}
if [ -z "$ARCH" ]; then
case "$( uname -m )" in
- i?86) ARCH=i486 ;;
+ i?86) ARCH=i586 ;;
arm*) ARCH=arm ;;
*) ARCH=$( uname -m ) ;;
esac
@@ -42,8 +42,8 @@ TMP=${TMP:-/tmp/SBo}
PKG=$TMP/package-$PRGNAM
OUTPUT=${OUTPUT:-/tmp}
-if [ "$ARCH" = "i486" ]; then
- SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+if [ "$ARCH" = "i586" ]; then
+ SLKCFLAGS="-O2 -march=i586 -mtune=i686"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "i686" ]; then
SLKCFLAGS="-O2 -march=i686 -mtune=i686"
@@ -66,27 +66,23 @@ unzip $CWD/$PRGNAM-source-$VERSION.zip
cd $PRGNAM-$VERSION
chown -R root:root .
find -L . \
- \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 -o -perm 511 \) \
- -exec chmod 755 {} \; -o \
- \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
- -exec chmod 644 {} \;
+ \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \
+ -o -perm 511 \) -exec chmod 755 {} \; -o \
+ \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
+ -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \;
-# Disable forcing 32 bit
-zcat $CWD/defaultarch.patch.gz | patch -p0 --verbose || exit 1
+for i in $CWD/patches/* ; do patch -p1 < $i ; done
-make \
- OSSLPATH=/usr \
- OSSLLIB=/usr/lib${LIBDIRSUFFIX}
+make EXTRA_CFLAGS="$SLKCFLAGS"
# No automatic install available, manual installation (easy)
mkdir -p $PKG/usr/bin
-for i in chntpw chntpw.static cpnt reged reged.static
+for i in chntpw cpnt reged
do
- echo cp $i $PKG/usr/bin/.
- cp $i $PKG/usr/bin/.
+ install -m 0755 $i $PKG/usr/bin/$i
done
-find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
+find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \
| cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
diff --git a/misc/chntpw/chntpw.info b/misc/chntpw/chntpw.info
index 31b27a1715fc8..22f3756df2971 100644
--- a/misc/chntpw/chntpw.info
+++ b/misc/chntpw/chntpw.info
@@ -1,8 +1,8 @@
PRGNAM="chntpw"
-VERSION="110511"
+VERSION="140201"
HOMEPAGE="http://pogostick.net/~pnh/ntpasswd/"
-DOWNLOAD="http://pogostick.net/~pnh/ntpasswd/chntpw-source-110511.zip"
-MD5SUM="a3fb358d1adec589cd6bc8dedf68896c"
+DOWNLOAD="http://pogostick.net/~pnh/ntpasswd/chntpw-source-140201.zip"
+MD5SUM="d60bc657206b07ad84d926649d6417dc"
DOWNLOAD_x86_64=""
MD5SUM_x86_64=""
REQUIRES=""
diff --git a/misc/chntpw/defaultarch.patch.gz b/misc/chntpw/defaultarch.patch.gz
deleted file mode 100644
index e28e7afed1a06..0000000000000
--- a/misc/chntpw/defaultarch.patch.gz
+++ /dev/null
Binary files differ
diff --git a/misc/chntpw/patches/chntpw-080526-correct-test-for-failing-open-syscall.patch b/misc/chntpw/patches/chntpw-080526-correct-test-for-failing-open-syscall.patch
new file mode 100644
index 0000000000000..3c68146b094ec
--- /dev/null
+++ b/misc/chntpw/patches/chntpw-080526-correct-test-for-failing-open-syscall.patch
@@ -0,0 +1,75 @@
+From jim@meyering.net Mon Jul 20 20:05:55 2009
+Return-Path: jim@meyering.net
+X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on amd.home.annexia.org
+X-Spam-Level:
+X-Spam-Status: No, score=-2.2 required=5.0 tests=AWL,BAYES_00,
+ UNPARSEABLE_RELAY autolearn=ham version=3.2.5
+Received: from mail.corp.redhat.com [10.5.5.51]
+ by amd.home.annexia.org with IMAP (fetchmail-6.3.8)
+ for <rjones@localhost> (single-drop); Mon, 20 Jul 2009 20:05:55 +0100 (BST)
+Received: from zmta03.collab.prod.int.phx2.redhat.com (LHLO
+ zmta03.collab.prod.int.phx2.redhat.com) (10.5.5.33) by
+ mail06.corp.redhat.com with LMTP; Mon, 20 Jul 2009 15:05:47 -0400 (EDT)
+Received: from localhost (localhost.localdomain [127.0.0.1])
+ by zmta03.collab.prod.int.phx2.redhat.com (Postfix) with ESMTP id 2C1134E4EB
+ for <rjones@redhat.com>; Mon, 20 Jul 2009 15:05:47 -0400 (EDT)
+Received: from zmta03.collab.prod.int.phx2.redhat.com ([127.0.0.1])
+ by localhost (zmta03.collab.prod.int.phx2.redhat.com [127.0.0.1]) (amavisd-new, port 10024)
+ with ESMTP id a7N9dvNRkYQB for <rjones@redhat.com>;
+ Mon, 20 Jul 2009 15:05:47 -0400 (EDT)
+Received: from int-mx2.corp.redhat.com (int-mx2.corp.redhat.com [172.16.27.26])
+ by zmta03.collab.prod.int.phx2.redhat.com (Postfix) with ESMTP id 034384E4D6
+ for <rjones@mail.corp.redhat.com>; Mon, 20 Jul 2009 15:05:46 -0400 (EDT)
+Received: from ns3.rdu.redhat.com (ns3.rdu.redhat.com [10.11.255.199])
+ by int-mx2.corp.redhat.com (8.13.1/8.13.1) with ESMTP id n6KJ5kIt032703
+ for <rjones@int-mx2.corp.redhat.com>; Mon, 20 Jul 2009 15:05:46 -0400
+Received: from mx.meyering.net (sebastian-int.corp.redhat.com [172.16.52.221])
+ by ns3.rdu.redhat.com (8.13.8/8.13.8) with ESMTP id n6KJ5jf3021050
+ for <rjones@redhat.com>; Mon, 20 Jul 2009 15:05:45 -0400
+Received: by rho.meyering.net (Acme Bit-Twister, from userid 1000)
+ id D674638154; Mon, 20 Jul 2009 21:05:44 +0200 (CEST)
+From: Jim Meyering <jim@meyering.net>
+To: "Richard W. M. Jones" <rjones@redhat.com>
+Subject: chntpw [PATCH] correct test for failing "open" syscall
+Date: Mon, 20 Jul 2009 21:05:44 +0200
+Message-ID: <878wij899z.fsf@meyering.net>
+MIME-Version: 1.0
+Content-Type: text/plain; charset=us-ascii
+X-Scanned-By: MIMEDefang 2.58 on 172.16.27.26
+Status: RO
+Content-Length: 1103
+Lines: 33
+
+This one is weird.
+It must be code that is never exercised,
+since the existing code is totally bogus.
+The condition, !open(...), will almost always be true.
+(sole exception is when starting a program with stdin
+initially closed)
+
+>From bc4cddb06cf13c189fbdc93e6962cad072779097 Mon Sep 17 00:00:00 2001
+From: Jim Meyering <meyering@redhat.com>
+Date: Mon, 20 Jul 2009 14:59:19 -0400
+Subject: [PATCH] correct test for failing "open" syscall
+
+* ntreg.c (writeHive): Test open() < 0, not !open().
+---
+ ntreg.c | 2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/ntreg.c b/ntreg.c
+index be6b680..21cd3e3 100644
+--- a/ntreg.c
++++ b/ntreg.c
+@@ -2765,7 +2765,7 @@ int writeHive(struct hive *hdesc)
+ if ( !(hdesc->state & HMODE_DIRTY)) return(0);
+
+ if ( !(hdesc->state & HMODE_OPEN)) { /* File has been closed */
+- if (!(hdesc->filedesc = open(hdesc->filename,O_RDWR))) {
++ if ((hdesc->filedesc = open(hdesc->filename,O_RDWR)) < 0) {
+ fprintf(stderr,"writeHive: open(%s) failed: %s, FILE NOT WRITTEN!\n",hdesc->filename,strerror(errno));
+ return(1);
+ }
+--
+1.6.2.5
+
diff --git a/misc/chntpw/patches/chntpw-110511-detect-failure-to-write-key.patch b/misc/chntpw/patches/chntpw-110511-detect-failure-to-write-key.patch
new file mode 100644
index 0000000000000..818639d83a09f
--- /dev/null
+++ b/misc/chntpw/patches/chntpw-110511-detect-failure-to-write-key.patch
@@ -0,0 +1,19 @@
+diff -ur chntpw-110511.orig/ntreg.c chntpw-110511/ntreg.c
+--- chntpw-110511.orig/ntreg.c 2011-05-11 12:33:56.000000000 -0700
++++ chntpw-110511/ntreg.c 2011-11-01 13:45:02.550421729 -0700
+@@ -3389,7 +3389,14 @@
+
+ fprintf(file,"\r\n"); /* Must end file with an empty line, windows does that */
+
+- fclose(file);
++ if (ferror (file)) {
++ printf("failed to write file '%s'\n", filename);
++ fclose (file);
++ return;
++ }
++ if (fclose(file))
++ printf("failed to write file '%s': %s\n", filename,
++ strerror(errno));
+ }
+
+ /* ================================================================ */
diff --git a/misc/chntpw/patches/chntpw-110511-reged-no-deref-null.patch b/misc/chntpw/patches/chntpw-110511-reged-no-deref-null.patch
new file mode 100644
index 0000000000000..0193cd4937024
--- /dev/null
+++ b/misc/chntpw/patches/chntpw-110511-reged-no-deref-null.patch
@@ -0,0 +1,15 @@
+diff -ur chntpw-110511.orig/reged.c chntpw-110511/reged.c
+--- chntpw-110511.orig/reged.c 2011-05-11 12:33:56.000000000 -0700
++++ chntpw-110511/reged.c 2011-11-01 13:46:55.569625286 -0700
+@@ -167,6 +167,11 @@
+
+ if (edit) { /* Call editor. Rest of arguments are considered hives to load */
+ hivename = argv[optind+no_hives];
++ if (!hivename) {
++ fprintf(stderr,"with -e you must specify at least one hive file name\n");
++ usage();
++ exit(1);
++ }
+ do {
+ if (!(hive[no_hives] = openHive(hivename,
+ HMODE_RW|mode))) {
diff --git a/misc/chntpw/patches/chntpw-110511-robustness.patch b/misc/chntpw/patches/chntpw-110511-robustness.patch
new file mode 100644
index 0000000000000..ea2363f343516
--- /dev/null
+++ b/misc/chntpw/patches/chntpw-110511-robustness.patch
@@ -0,0 +1,39 @@
+--- chntpw-110511.orig/ntreg.c 2011-05-11 12:33:56.000000000 -0700
++++ chntpw-110511/ntreg.c 2011-12-18 17:09:06.290818997 -0800
+@@ -190,14 +190,18 @@
+
+ int fmyinput(char *prmpt, char *ibuf, int maxlen)
+ {
+-
++ int len;
+ printf("%s",prmpt);
+
+ fgets(ibuf,maxlen+1,stdin);
++ len = strlen(ibuf);
+
+- ibuf[strlen(ibuf)-1] = 0;
++ if (len) {
++ ibuf[len-1] = 0;
++ --len;
++ }
+
+- return(strlen(ibuf));
++ return len;
+ }
+
+ /* Print len number of hexbytes */
+@@ -4119,6 +4123,14 @@
+ closeHive(hdesc);
+ return(NULL);
+ }
++
++ if (r < sizeof (*hdesc)) {
++ fprintf(stderr,
++ "file is too small; got %d bytes while expecting %d or more\n",
++ r, sizeof (*hdesc));
++ closeHive(hdesc);
++ return(NULL);
++ }
+
+ /* Now run through file, tallying all pages */
+ /* NOTE/KLUDGE: Assume first page starts at offset 0x1000 */
diff --git a/misc/chntpw/patches/chntpw-140201-fix-bogus-errno-use.patch b/misc/chntpw/patches/chntpw-140201-fix-bogus-errno-use.patch
new file mode 100644
index 0000000000000..ff7c8467b721b
--- /dev/null
+++ b/misc/chntpw/patches/chntpw-140201-fix-bogus-errno-use.patch
@@ -0,0 +1,34 @@
+diff -u chntpw-140201.orig/ntreg.c chntpw-140201/ntreg.c
+--- chntpw-140201.orig/ntreg.c 2019-06-22 13:09:59.583717369 -0700
++++ chntpw-140201/ntreg.c 2019-06-22 13:16:26.714726148 -0700
+@@ -4241,10 +4241,13 @@
+ do { /* On some platforms read may not block, and read in chunks. handle that */
+ r = read(hdesc->filedesc, hdesc->buffer + rt, hdesc->size - rt);
+ rt += r;
+- } while ( !errno && (rt < hdesc->size) );
++ } while ( r > 0 && (rt < hdesc->size) );
+
+- if (errno) {
+- perror("openHive(): read error: ");
++ if (r <= 0) {
++ if (r < 0)
++ perror("openHive(): read error");
++ else
++ fprintf(stderr, "openHive(): read error: unexpected EOF\n");
+ closeHive(hdesc);
+ return(NULL);
+ }
+@@ -4255,10 +4258,10 @@
+ return(NULL);
+ }
+
+- if (r < sizeof (*hdesc)) {
++ if (rt < sizeof (*hdesc)) {
+ fprintf(stderr,
+- "file is too small; got %d bytes while expecting %d or more\n",
+- r, sizeof (*hdesc));
++ "file is too small; got %d bytes while expecting %zu or more\n",
++ rt, sizeof (*hdesc));
+ closeHive(hdesc);
+ return(NULL);
+ }
diff --git a/misc/chntpw/patches/chntpw-140201-get_abs_path.patch b/misc/chntpw/patches/chntpw-140201-get_abs_path.patch
new file mode 100644
index 0000000000000..c9f1a3deccae9
--- /dev/null
+++ b/misc/chntpw/patches/chntpw-140201-get_abs_path.patch
@@ -0,0 +1,10 @@
+--- chntpw-140201/ntreg.c.orig 2014-02-01 08:54:37.000000000 -0800
++++ chntpw-140201/ntreg.c 2018-07-02 16:10:39.625152640 -0700
+@@ -1511,6 +1511,7 @@
+ }
+
+ strncpy(tmp,path,ABSPATHLEN-1);
++ tmp[ABSPATHLEN-1] = '\0';
+
+ if (key->type & 0x20)
+ keyname = mem_str(key->keyname, key->len_name);
diff --git a/misc/chntpw/patches/chntpw-140201-port-to-gcrypt-debian.patch b/misc/chntpw/patches/chntpw-140201-port-to-gcrypt-debian.patch
new file mode 100644
index 0000000000000..305cd780bd06a
--- /dev/null
+++ b/misc/chntpw/patches/chntpw-140201-port-to-gcrypt-debian.patch
@@ -0,0 +1,195 @@
+diff -Naur chntpw-140201.orig/Makefile chntpw-140201/Makefile
+--- chntpw-140201.orig/Makefile 2014-02-01 17:54:37.000000000 +0100
++++ chntpw-140201/Makefile 2021-04-04 19:25:52.517404000 +0200
+@@ -1,32 +1,14 @@
+ #
+ # Makefile for the Offline NT Password Editor
+ #
+-#
+-# Change here to point to the needed OpenSSL libraries & .h files
+-# See INSTALL for more info.
+-#
+-
+-#SSLPATH=/usr/local/ssl
+-OSSLPATH=/usr
+-OSSLINC=$(OSSLPATH)/include
+
+ CC=gcc
++CFLAGS=-DUSELIBGCRYPT -g -I. $(shell libgcrypt-config --cflags) -Wall $(EXTRA_CFLAGS)
+
+-# Force 32 bit
+-CFLAGS= -DUSEOPENSSL -g -I. -I$(OSSLINC) -Wall -m32
+-OSSLLIB=$(OSSLPATH)/lib
+-
+-# 64 bit if default for compiler setup
+-#CFLAGS= -DUSEOPENSSL -g -I. -I$(OSSLINC) -Wall
+-#OSSLLIB=$(OSSLPATH)/lib64
+-
+-
+-# This is to link with whatever we have, SSL crypto lib we put in static
+-#LIBS=-L$(OSSLLIB) $(OSSLLIB)/libcrypto.a
+-LIBS=-L$(OSSLLIB)
++LIBS=$(shell libgcrypt-config --libs)
+
+
+-all: chntpw chntpw.static cpnt reged reged.static samusrgrp samusrgrp.static sampasswd sampasswd.static
++all: chntpw cpnt reged samusrgrp sampasswd
+
+ chntpw: chntpw.o ntreg.o edlib.o libsam.o
+ $(CC) $(CFLAGS) -o chntpw chntpw.o ntreg.o edlib.o libsam.o $(LIBS)
+diff -Naur chntpw-140201.orig/chntpw.c chntpw-140201/chntpw.c
+--- chntpw-140201.orig/chntpw.c 2014-02-01 17:54:37.000000000 +0100
++++ chntpw-140201/chntpw.c 2021-04-04 19:24:37.185404000 +0200
+@@ -16,6 +16,7 @@
+ * 2010-jun: Syskey not visible in menu, but is selectable (2)
+ * 2010-apr: Interactive menu adapts to show most relevant
+ * selections based on what is loaded
++ * 2008-may: port to libgcrypt to avoid GPL/OpenSSL incompatibility [Debian]
+ * 2008-mar: Minor other tweaks
+ * 2008-mar: Interactive reg ed moved out of this file, into edlib.c
+ * 2008-mar: 64 bit compatible patch by Mike Doty, via Alon Bar-Lev
+@@ -79,8 +80,14 @@
+ */
+
+ #ifdef DOCRYPTO
++#if defined(USEOPENSSL)
+ #include <openssl/des.h>
+ #include <openssl/md4.h>
++#elif defined(USELIBGCRYPT)
++ #include <gcrypt.h>
++#else
++ #error No DES encryption and MD4 hashing library found
++#endif
+ #endif
+
+ #define uchar u_char
+@@ -155,7 +162,9 @@
+ for (i=0;i<8;i++) {
+ key[i] = (key[i]<<1);
+ }
++#if defined(USEOPENSSL)
+ DES_set_odd_parity((des_cblock *)key);
++#endif
+ }
+
+ /*
+@@ -200,6 +209,7 @@
+
+ void E1(uchar *k, uchar *d, uchar *out)
+ {
++#if defined(USEOPENSSL)
+ des_key_schedule ks;
+ des_cblock deskey;
+
+@@ -210,6 +220,15 @@
+ des_set_key((des_cblock *)deskey,ks);
+ #endif /* __FreeBsd__ */
+ des_ecb_encrypt((des_cblock *)d,(des_cblock *)out, ks, DES_ENCRYPT);
++#elif defined(USELIBGCRYPT)
++ gcry_cipher_hd_t ks;
++ uchar deskey[8];
++ str_to_key(k,deskey);
++ gcry_cipher_open(&ks, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0);
++ gcry_cipher_setkey(ks, deskey, 8);
++ gcry_cipher_encrypt(ks, out, 8, d, 8);
++ gcry_cipher_close(ks);
++#endif
+ }
+
+ #endif /* DOCRYPTO */
+@@ -343,9 +362,16 @@
+ int i;
+ char md4[32],lanman[32];
+ char newunipw[34], despw[20], newlanpw[16], newlandes[20];
++#ifdef USEOPENSSL
+ des_key_schedule ks1, ks2;
+ des_cblock deskey1, deskey2;
+ MD4_CTX context;
++#elif defined(USELIBGCRYPT)
++ gcry_cipher_hd_t ks1, ks2;
++ uchar deskey1[8], deskey2[8];
++ unsigned char *p;
++ gcry_md_hd_t context;
++#endif
+ unsigned char digest[16];
+ uchar x1[] = {0x4B,0x47,0x53,0x21,0x40,0x23,0x24,0x25};
+ #endif
+@@ -460,6 +486,7 @@
+ }
+
+ #ifdef DOCRYPTO
++#if defined(USEOPENSSL)
+ /* Get the two decrpt keys. */
+ sid_to_key1(rid,(unsigned char *)deskey1);
+ des_set_key((des_cblock *)deskey1,ks1);
+@@ -477,6 +504,25 @@
+ (des_cblock *)lanman, ks1, DES_DECRYPT);
+ des_ecb_encrypt((des_cblock *)(vp+lmpw_offs + 8),
+ (des_cblock *)&lanman[8], ks2, DES_DECRYPT);
++#elif defined(USELIBGCRYPT)
++ /* Start the keys */
++ gcry_cipher_open(&ks1, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0);
++ gcry_cipher_open(&ks2, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0);
++
++ /* Get the two decrpt keys. */
++ sid_to_key1(rid,deskey1);
++ gcry_cipher_setkey(ks1, deskey1, 8);
++ sid_to_key2(rid,deskey2);
++ gcry_cipher_setkey(ks2, deskey2, 8);
++
++ /* Decrypt the NT md4 password hash as two 8 byte blocks. */
++ gcry_cipher_decrypt(ks1, md4, 8, vp+ntpw_offs, 8);
++ gcry_cipher_decrypt(ks2, &md4[8], 8, vp+ntpw_offs+8, 8);
++
++ /* Decrypt the lanman password hash as two 8 byte blocks. */
++ gcry_cipher_decrypt(ks1, lanman, 8, vp+lmpw_offs, 8);
++ gcry_cipher_decrypt(ks2, &lanman[8], 8, vp+lmpw_offs+8, 8);
++#endif
+
+ if (gverbose) {
+ hexprnt("MD4 hash : ",(unsigned char *)md4,16);
+@@ -544,9 +590,17 @@
+
+ /* printf("Ucase Lanman: %s\n",newlanpw); */
+
++#if defined(USEOPENSSL)
+ MD4Init (&context);
+ MD4Update (&context, newunipw, pl<<1);
+ MD4Final (digest, &context);
++#elif defined(USELIBGCRYPT)
++ gcry_md_open(&context, GCRY_MD_MD4, 0);
++ gcry_md_write(context, newunipw, pl<<1);
++ p = gcry_md_read(context, GCRY_MD_MD4);
++ if(p) memcpy(digest, p, gcry_md_get_algo_dlen(GCRY_MD_MD4));
++ gcry_md_close(context);
++#endif
+
+ if (gverbose) hexprnt("\nNEW MD4 hash : ",digest,16);
+
+@@ -555,6 +609,7 @@
+
+ if (gverbose) hexprnt("NEW LANMAN hash : ",(unsigned char *)lanman,16);
+
++#if defined(USEOPENSSL)
+ /* Encrypt the NT md4 password hash as two 8 byte blocks. */
+ des_ecb_encrypt((des_cblock *)digest,
+ (des_cblock *)despw, ks1, DES_ENCRYPT);
+@@ -565,6 +620,18 @@
+ (des_cblock *)newlandes, ks1, DES_ENCRYPT);
+ des_ecb_encrypt((des_cblock *)(lanman+8),
+ (des_cblock *)&newlandes[8], ks2, DES_ENCRYPT);
++#elif defined(USELIBGCRYPT)
++ /* Encrypt the NT md4 password hash as two 8 byte blocks. */
++ gcry_cipher_encrypt(ks1, despw, 8, digest, 8);
++ gcry_cipher_encrypt(ks2, &despw[8], 8, digest+8, 8);
++
++ gcry_cipher_encrypt(ks1, newlandes, 8, lanman, 8);
++ gcry_cipher_encrypt(ks2, &newlandes[8], 8, lanman+8, 8);
++
++ /* Close keys, not needed after this */
++ gcry_cipher_close(ks1);
++ gcry_cipher_close(ks2);
++#endif
+
+ if (gverbose) {
+ hexprnt("NEW DES crypt : ",(unsigned char *)despw,16);