From 9bbbdf372a261a5aa7716830f98d6368db38a2e2 Mon Sep 17 00:00:00 2001
From: Paul <paul@claws-mail.org>
Date: Tue, 15 May 2018 09:59:20 +0100
Subject: [PATCH] require nettle, following removal of libcrypt from glibc

based on the fedora patch, thanks!
---
 configure.ac           |   18 ++----------------
 src/Makefile.am        |    1 +
 src/common/passcrypt.c |   15 +++++++++++----
 3 files changed, 14 insertions(+), 20 deletions(-)

diff --git a/configure.ac b/configure.ac
index 50d6866..5fabeaf 100644
--- a/configure.ac
+++ b/configure.ac
@@ -493,22 +493,8 @@ if test "x$enable_gnutls" != "xno"; then
         AC_SUBST(GNUTLS_CFLAGS)
 fi
 
-dnl password encryption
-OLDLIBS=$LIBS
-LIBS=
-case $host_os in
-	*dragonfly*)
-		AC_SEARCH_LIBS(encrypt, cipher, [], AC_MSG_ERROR(['encrypt'-function not found.]))
-	;;
-	freebsd*)
-	;; # not used
-	*)
-		AC_SEARCH_LIBS(encrypt, crypt, [], AC_MSG_ERROR(['encrypt'-function not found.]))
-	;;
-esac
-CRYPT_LIBS=$LIBS
-AC_SUBST(CRYPT_LIBS)
-LIBS=$OLDLIBS
+PKG_CHECK_MODULES(NETTLE, nettle)
+AC_SUBST(NETTLE_LIBS)
 
 AC_ARG_WITH(passcrypt-key, [  --with-passcrypt-key=KEY     Key used to encode passwords (8 byte string)],
 	    with_passcrypt_key="$withval", with_passcrypt_key="passkey0")
diff --git a/src/Makefile.am b/src/Makefile.am
index 460c182..d2d1548 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -598,6 +598,7 @@ claws_mail_LDADD = \
 	$(GTK_LIBS) \
 	$(LDAP_LIBS) \
 	$(GNUTLS_LIBS) \
+	$(NETTLE_LIBS) \
 	$(COMPFACE_LIBS) \
 	$(JPILOT_LIBS) \
 	$(PTHREAD_LIBS) \
diff --git a/src/common/passcrypt.c b/src/common/passcrypt.c
index 7b125aa..5fceb73 100644
--- a/src/common/passcrypt.c
+++ b/src/common/passcrypt.c
@@ -29,6 +29,7 @@
 #include <ctype.h>
 #include <stdlib.h>
 #include <unistd.h>
+#include <nettle/des.h>
 
 #if defined (__FreeBSD__)
 #include <rpc/des_crypt.h>
@@ -82,11 +83,10 @@ static void
 crypt_cfb_buf(const char key[8], unsigned char *buf, unsigned len,
 	      unsigned chunksize, int decrypt)
 {
+	struct des_ctx ctx;
 	unsigned char temp[64];
 
-	memcpy(temp, key, 8);
-	crypt_unpack(temp);
-	setkey((const char *) temp);
+	des_set_key(&ctx,(const uint8_t*) key);
 	memset(temp, 0, sizeof(temp));
 
 	memset(crypt_cfb_iv, 0, sizeof(crypt_cfb_iv));
@@ -96,7 +96,14 @@ crypt_cfb_buf(const char key[8], unsigned char *buf, unsigned len,
 
 	while (len) {
 		memcpy(temp, crypt_cfb_iv, sizeof(temp));
-		encrypt((char *) temp, 0);
+		/* simulate encrypt() via Nettle */
+		char temp2[8];
+		memset(temp2,0,sizeof(temp2));
+		crypt_cfb_xor(temp2,temp,sizeof(temp)/sizeof(temp2));
+		des_encrypt(&ctx,sizeof(temp2),(uint8_t*)temp2,(uint8_t*)temp2);
+		memcpy(temp,temp2,sizeof(temp2));
+		crypt_unpack(temp);
+		/* */
 		if (chunksize > len)
 			chunksize = len;
 		if (decrypt)
-- 
1.7.10.4