CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
Module Name:src Committed By: rillig Date: Mon Oct 3 05:34:31 UTC 2022 Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: keyring.c Log Message: netpgp: fix build with Clang (since 2022-10-01) error: passing 'char [1]' to parameter of type 'const uint8_t *' (aka 'const unsigned char *') converts between pointers to integer types where one is of the unique plain 'char' type and the other is not [-Werror,-Wpointer-sign] To generate a diff of this commit: cvs rdiff -u -r1.59 -r1.60 \ src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
Module Name:src Committed By: rillig Date: Mon Oct 3 05:34:31 UTC 2022 Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: keyring.c Log Message: netpgp: fix build with Clang (since 2022-10-01) error: passing 'char [1]' to parameter of type 'const uint8_t *' (aka 'const unsigned char *') converts between pointers to integer types where one is of the unique plain 'char' type and the other is not [-Werror,-Wpointer-sign] To generate a diff of this commit: cvs rdiff -u -r1.59 -r1.60 \ src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c:1.59 src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c:1.60 --- src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c:1.59 Sat Oct 1 22:21:31 2022 +++ src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c Mon Oct 3 05:34:31 2022 @@ -57,7 +57,7 @@ #if defined(__NetBSD__) __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved."); -__RCSID("$NetBSD: keyring.c,v 1.59 2022/10/01 22:21:31 rillig Exp $"); +__RCSID("$NetBSD: keyring.c,v 1.60 2022/10/03 05:34:31 rillig Exp $"); #endif #ifdef HAVE_FCNTL_H @@ -1159,7 +1159,7 @@ pgp_export_key(pgp_io_t *io, const pgp_k pgp_write_xfer_seckey(output, keydata, passphrase, strlen((char *)passphrase), 1); } - pgp_memory_add(mem, "", 1); + pgp_memory_add(mem, (uint8_t[]){0}, 1); cp = netpgp_strdup(pgp_mem_data(mem)); pgp_teardown_memory_write(output, mem); return cp;
CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
Module Name:src Committed By: rillig Date: Sat Oct 1 22:21:31 UTC 2022 Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: keyring.c Log Message: netpgpkeys: properly terminate string before calling strdup $ MALLOC_CONF=junk:true netpgpkeys \ --export-key \ --keyring=/usr/pkg/etc/gnupg/pkgsrc.gpg \ b5952cabdd765a20 The above command printed "-END PGP PUBLIC KEY BLOCK-\r\n" followed by "\xA5\xA5\xA5...". To generate a diff of this commit: cvs rdiff -u -r1.58 -r1.59 \ src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c:1.58 src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c:1.59 --- src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c:1.58 Sat Aug 27 08:58:32 2022 +++ src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c Sat Oct 1 22:21:31 2022 @@ -57,7 +57,7 @@ #if defined(__NetBSD__) __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved."); -__RCSID("$NetBSD: keyring.c,v 1.58 2022/08/27 08:58:32 rillig Exp $"); +__RCSID("$NetBSD: keyring.c,v 1.59 2022/10/01 22:21:31 rillig Exp $"); #endif #ifdef HAVE_FCNTL_H @@ -1159,6 +1159,7 @@ pgp_export_key(pgp_io_t *io, const pgp_k pgp_write_xfer_seckey(output, keydata, passphrase, strlen((char *)passphrase), 1); } + pgp_memory_add(mem, "", 1); cp = netpgp_strdup(pgp_mem_data(mem)); pgp_teardown_memory_write(output, mem); return cp;
CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
Module Name:src Committed By: rillig Date: Sat Oct 1 22:21:31 UTC 2022 Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: keyring.c Log Message: netpgpkeys: properly terminate string before calling strdup $ MALLOC_CONF=junk:true netpgpkeys \ --export-key \ --keyring=/usr/pkg/etc/gnupg/pkgsrc.gpg \ b5952cabdd765a20 The above command printed "-END PGP PUBLIC KEY BLOCK-\r\n" followed by "\xA5\xA5\xA5...". To generate a diff of this commit: cvs rdiff -u -r1.58 -r1.59 \ src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
Module Name:src Committed By: rillig Date: Sat Aug 27 08:35:01 UTC 2022 Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: netpgp.c Log Message: netpgp: fix use after free when writing keyring Same pattern as in the previous commit. To generate a diff of this commit: cvs rdiff -u -r1.104 -r1.105 \ src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.104 src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.105 --- src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.104 Sat Aug 27 08:30:06 2022 +++ src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c Sat Aug 27 08:35:01 2022 @@ -34,7 +34,7 @@ #if defined(__NetBSD__) __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved."); -__RCSID("$NetBSD: netpgp.c,v 1.104 2022/08/27 08:30:06 rillig Exp $"); +__RCSID("$NetBSD: netpgp.c,v 1.105 2022/08/27 08:35:01 rillig Exp $"); #endif #include @@ -317,8 +317,8 @@ writekeyring(netpgp_t *netpgp, const cha filename = keyringfile(netpgp, name); if (!pgp_keyring_filewrite(keyring, noarmor, filename, passphrase)) { - free(filename); (void) fprintf(stderr, "Can't write %s %s\n", name, filename); + free(filename); return 0; } netpgp_setvar(netpgp, name, filename);
CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
Module Name:src Committed By: rillig Date: Sat Aug 27 08:35:01 UTC 2022 Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: netpgp.c Log Message: netpgp: fix use after free when writing keyring Same pattern as in the previous commit. To generate a diff of this commit: cvs rdiff -u -r1.104 -r1.105 \ src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
Module Name:src Committed By: rillig Date: Sat Aug 27 08:30:06 UTC 2022 Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: netpgp.c Log Message: netpgp: fix use after free when reading pubkey To reproduce: srcdir=... objdir=... cd "$srcdir"/crypto/external/bsd/netpgp/dist/bindings/lua cp "$objdir"/crypto/external/bsd/netpgp/bindings/lua/netpgp.so \ ./libluanetpgp.so LD_LIBRARY_PATH="." MALLOC_CONF=junk:true lua netpgp.lua > $HOME/.gnupg/pubring.gpg: No such file or directory > Can't read pubring To generate a diff of this commit: cvs rdiff -u -r1.103 -r1.104 \ src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.103 src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.104 --- src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.103 Sat Mar 21 01:07:21 2020 +++ src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c Sat Aug 27 08:30:06 2022 @@ -34,7 +34,7 @@ #if defined(__NetBSD__) __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved."); -__RCSID("$NetBSD: netpgp.c,v 1.103 2020/03/21 01:07:21 jhigh Exp $"); +__RCSID("$NetBSD: netpgp.c,v 1.104 2022/08/27 08:30:06 rillig Exp $"); #endif #include @@ -297,9 +297,9 @@ readkeyring(netpgp_t *netpgp, const char filename = keyringfile(netpgp, name); if (!pgp_keyring_fileread(keyring, noarmor, filename)) { + (void) fprintf(stderr, "Can't read %s %s\n", name, filename); free(filename); free(keyring); - (void) fprintf(stderr, "Can't read %s %s\n", name, filename); return NULL; } netpgp_setvar(netpgp, name, filename);
CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
Module Name:src Committed By: rillig Date: Sat Aug 27 08:30:06 UTC 2022 Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: netpgp.c Log Message: netpgp: fix use after free when reading pubkey To reproduce: srcdir=... objdir=... cd "$srcdir"/crypto/external/bsd/netpgp/dist/bindings/lua cp "$objdir"/crypto/external/bsd/netpgp/bindings/lua/netpgp.so \ ./libluanetpgp.so LD_LIBRARY_PATH="." MALLOC_CONF=junk:true lua netpgp.lua > $HOME/.gnupg/pubring.gpg: No such file or directory > Can't read pubring To generate a diff of this commit: cvs rdiff -u -r1.103 -r1.104 \ src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
Module Name:src Committed By: jhigh Date: Fri Aug 26 19:18:38 UTC 2022 Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: create.c crypto.h misc.c netpgpsdk.h openssl_crypto.c packet-parse.c packet-print.c packet-show.c packet.h signature.c version.h Log Message: adding initial support for ECDSA (19) to netpgp. tested using p256/sha256, p384/sha384, and p521/sha512 To generate a diff of this commit: cvs rdiff -u -r1.38 -r1.39 \ src/crypto/external/bsd/netpgp/dist/src/lib/create.c \ src/crypto/external/bsd/netpgp/dist/src/lib/signature.c cvs rdiff -u -r1.30 -r1.31 \ src/crypto/external/bsd/netpgp/dist/src/lib/crypto.h cvs rdiff -u -r1.43 -r1.44 src/crypto/external/bsd/netpgp/dist/src/lib/misc.c \ src/crypto/external/bsd/netpgp/dist/src/lib/packet-print.c cvs rdiff -u -r1.12 -r1.13 \ src/crypto/external/bsd/netpgp/dist/src/lib/netpgpsdk.h cvs rdiff -u -r1.34 -r1.35 \ src/crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c cvs rdiff -u -r1.53 -r1.54 \ src/crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c cvs rdiff -u -r1.22 -r1.23 \ src/crypto/external/bsd/netpgp/dist/src/lib/packet-show.c cvs rdiff -u -r1.32 -r1.33 \ src/crypto/external/bsd/netpgp/dist/src/lib/packet.h cvs rdiff -u -r1.47 -r1.48 \ src/crypto/external/bsd/netpgp/dist/src/lib/version.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/netpgp/dist/src/lib/create.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/create.c:1.38 src/crypto/external/bsd/netpgp/dist/src/lib/create.c:1.39 --- src/crypto/external/bsd/netpgp/dist/src/lib/create.c:1.38 Mon Nov 15 08:03:39 2010 +++ src/crypto/external/bsd/netpgp/dist/src/lib/create.c Fri Aug 26 19:18:38 2022 @@ -57,7 +57,7 @@ #if defined(__NetBSD__) __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved."); -__RCSID("$NetBSD: create.c,v 1.38 2010/11/15 08:03:39 agc Exp $"); +__RCSID("$NetBSD: create.c,v 1.39 2022/08/26 19:18:38 jhigh Exp $"); #endif #include @@ -250,6 +250,11 @@ write_pubkey_body(const pgp_pubkey_t *ke pgp_write_mpi(output, key->key.dsa.g) && pgp_write_mpi(output, key->key.dsa.y); + case PGP_PKA_ECDSA: + return pgp_write(output, >key.ecdsa.len, 1) && + pgp_write(output, key->key.ecdsa.oid, key->key.ecdsa.len) && + pgp_write_mpi(output, key->key.ecdsa.p); + case PGP_PKA_RSA: case PGP_PKA_RSA_ENCRYPT_ONLY: case PGP_PKA_RSA_SIGN_ONLY: Index: src/crypto/external/bsd/netpgp/dist/src/lib/signature.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/signature.c:1.38 src/crypto/external/bsd/netpgp/dist/src/lib/signature.c:1.39 --- src/crypto/external/bsd/netpgp/dist/src/lib/signature.c:1.38 Mon Feb 5 23:56:01 2018 +++ src/crypto/external/bsd/netpgp/dist/src/lib/signature.c Fri Aug 26 19:18:38 2022 @@ -57,7 +57,7 @@ #if defined(__NetBSD__) __COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved."); -__RCSID("$NetBSD: signature.c,v 1.38 2018/02/05 23:56:01 christos Exp $"); +__RCSID("$NetBSD: signature.c,v 1.39 2022/08/26 19:18:38 jhigh Exp $"); #endif #include @@ -265,6 +265,56 @@ dsa_sign(pgp_hash_t *hash, return 1; } +static int +ecdsa_sign(pgp_hash_t *hash, + const pgp_ecdsa_pubkey_t *ecdsa, + const pgp_ecdsa_seckey_t *secdsa, + pgp_output_t *output) +{ + unsignedhashsize; + unsignedt; + uint8_t hashbuf[NETPGP_BUFSIZ]; + ECDSA_SIG*ecdsasig; + const BIGNUM *r, *s; + + hashsize = ecdsa_hashsize(ecdsa); + + if (hashsize == -1) { + return 0; + } + + t = hash->finish(hash, [0]); + + if (t != hashsize) { + (void) fprintf(stderr, "ecdsa_sign: hashfinish %d not %d\n", t, hashsize); + return 0; + } + + pgp_write(output, [0], 2); + + /* write signature to buf */ + ecdsasig = pgp_ecdsa_sign(hashbuf, hashsize, secdsa, ecdsa); + + if (ecdsasig == NULL) { + (void) fprintf(stderr, "ecdsa_sign: invalid ecdsa sig\n"); + return 0; + } + + /* convert and write the sig out to memory */ +#if OPENSSL_VERSION_NUMBER >= 0x1010 + ECDSA_SIG_get0(ecdsasig, , ); +#else + r = ecdsasig->r; + s = ecdsasig->s; +#endif + pgp_write_mpi(output, r); + pgp_write_mpi(output, s); + + ECDSA_SIG_free(ecdsasig); + + return 1; +} + static unsigned rsa_verify(pgp_hash_alg_t type, const uint8_t *hash, @@ -430,6 +480,12 @@ pgp_check_sig(const uint8_t *hash, unsig >key.dsa); break; + case PGP_PKA_ECDSA: + ret = pgp_ecdsa_verify(hash, length, +>info.sig.ecdsa, +>key.ecdsa); + break; + case PGP_PKA_RSA: ret = rsa_verify(sig->info.hash_alg, hash, length, >info.sig.rsa, @@ -764,6 +820,14 @@ pgp_write_sig(pgp_output_t *output, } break; + case PGP_PKA_ECDSA: + if (seckey->key.ecdsa.x == NULL) { + (void) fprintf(stderr, "pgp_write_sig: null ecdsa.x\n"); + return 0; + } + + break; + default: (void)
CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
Module Name:src Committed By: jhigh Date: Fri Aug 26 19:18:38 UTC 2022 Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: create.c crypto.h misc.c netpgpsdk.h openssl_crypto.c packet-parse.c packet-print.c packet-show.c packet.h signature.c version.h Log Message: adding initial support for ECDSA (19) to netpgp. tested using p256/sha256, p384/sha384, and p521/sha512 To generate a diff of this commit: cvs rdiff -u -r1.38 -r1.39 \ src/crypto/external/bsd/netpgp/dist/src/lib/create.c \ src/crypto/external/bsd/netpgp/dist/src/lib/signature.c cvs rdiff -u -r1.30 -r1.31 \ src/crypto/external/bsd/netpgp/dist/src/lib/crypto.h cvs rdiff -u -r1.43 -r1.44 src/crypto/external/bsd/netpgp/dist/src/lib/misc.c \ src/crypto/external/bsd/netpgp/dist/src/lib/packet-print.c cvs rdiff -u -r1.12 -r1.13 \ src/crypto/external/bsd/netpgp/dist/src/lib/netpgpsdk.h cvs rdiff -u -r1.34 -r1.35 \ src/crypto/external/bsd/netpgp/dist/src/lib/openssl_crypto.c cvs rdiff -u -r1.53 -r1.54 \ src/crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c cvs rdiff -u -r1.22 -r1.23 \ src/crypto/external/bsd/netpgp/dist/src/lib/packet-show.c cvs rdiff -u -r1.32 -r1.33 \ src/crypto/external/bsd/netpgp/dist/src/lib/packet.h cvs rdiff -u -r1.47 -r1.48 \ src/crypto/external/bsd/netpgp/dist/src/lib/version.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/netpgp/dist/src/netpgpverify
Module Name:src Committed By: christos Date: Tue Oct 8 18:47:11 UTC 2019 Modified Files: src/crypto/external/bsd/netpgp/dist/src/netpgpverify: libverify.c Log Message: grow the buffer a little. To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/netpgp/dist/src/netpgpverify
Module Name:src Committed By: christos Date: Tue Oct 8 18:47:11 UTC 2019 Modified Files: src/crypto/external/bsd/netpgp/dist/src/netpgpverify: libverify.c Log Message: grow the buffer a little. To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 \ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c diff -u src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c:1.13 src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c:1.14 --- src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c:1.13 Mon Apr 17 15:50:28 2017 +++ src/crypto/external/bsd/netpgp/dist/src/netpgpverify/libverify.c Tue Oct 8 14:47:10 2019 @@ -2622,7 +2622,7 @@ read_ssh_file(pgpv_t *pgp, pgpv_primaryk int64_t off; va_list args; char hostname[256]; - char owner[256]; + char owner[2 * 256]; char *space; char *buf; char *bin;
Re: CVS commit: src/crypto/external/bsd/netpgp/dist/src
In article <20180403220010.ga5...@britannica.bec.de>, Joerg Sonnenbergerwrote: >On Tue, Apr 03, 2018 at 09:57:15PM +, Sevan Janiyan wrote: >> Module Name: src >> Committed By:sevan >> Date:Tue Apr 3 21:57:15 UTC 2018 >> >> Modified Files: >> src/crypto/external/bsd/netpgp/dist/src/lib: libnetpgp.3 >> src/crypto/external/bsd/netpgp/dist/src/libbn: libnetpgpbn.3 >> src/crypto/external/bsd/netpgp/dist/src/libmj: libmj.3 >> src/crypto/external/bsd/netpgp/dist/src/netpgpverify: netpgpverify.1 >> >> Log Message: >> Some further changes from PR bin/48395. > >This is not a very useful commit message... I was typing the same thing :-) christos
Re: CVS commit: src/crypto/external/bsd/netpgp/dist/src
On Tue, Apr 03, 2018 at 09:57:15PM +, Sevan Janiyan wrote: > Module Name: src > Committed By: sevan > Date: Tue Apr 3 21:57:15 UTC 2018 > > Modified Files: > src/crypto/external/bsd/netpgp/dist/src/lib: libnetpgp.3 > src/crypto/external/bsd/netpgp/dist/src/libbn: libnetpgpbn.3 > src/crypto/external/bsd/netpgp/dist/src/libmj: libmj.3 > src/crypto/external/bsd/netpgp/dist/src/netpgpverify: netpgpverify.1 > > Log Message: > Some further changes from PR bin/48395. This is not a very useful commit message... Joerg
Re: CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
In article <20180401232528.1e523f...@cvs.netbsd.org>, Sevan Janiyanwrote: >-=-=-=-=-=- > >Module Name: src >Committed By: sevan >Date: Sun Apr 1 23:25:28 UTC 2018 > >Modified Files: > src/crypto/external/bsd/netpgp/dist/src/lib: libnetpgp.3 > >Log Message: >netpgp_t is a structure Yes, it is a struct tag, but also a type as the _t indicates. So the man page was correct before (and it is correct now, but this was not the intention of the typedef). It should be backed out... christos
Re: CVS commit: src/crypto/external/bsd/netpgp/dist/src
Thanks, but I'd really like it if netpgp would work the same on all pkgsrc platforms: The linux man page for getpass(3) (https://linux.die.net/man/3/getpass) says: The function *getpass*() returns a pointer to a static buffer containing (the first *PASS_MAX* bytes of) the password without the trailing newline, terminated by a null byte ('\0'). This buffer may be overwritten by a following call. On error, the terminal state is restored, *errno* is set appropriately, and NULL is returned. On 19 February 2017 at 17:38, Pierre Proncherywrote: > Module Name:src > Committed By: khorben > Date: Mon Feb 20 01:38:28 UTC 2017 > > Modified Files: > src/crypto/external/bsd/netpgp/dist/src/lib: netpgp.c > src/crypto/external/bsd/netpgp/dist/src/librsa: rsastubs.c > > Log Message: > Remove a useless loop around getpass() > > According to getpass(3), this library function cannot return NULL. > Verified with a source code inspection. > > > To generate a diff of this commit: > cvs rdiff -u -r1.98 -r1.99 \ > src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c > cvs rdiff -u -r1.2 -r1.3 \ > src/crypto/external/bsd/netpgp/dist/src/librsa/rsastubs.c > > Please note that diffs are not public domain; they are subject to the > copyright notices on the relevant files. > >
Re: CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
In article 20100815163624.8645d17...@cvs.netbsd.org, Alistair G. Crooks source-changes-d@NetBSD.org wrote: -=-=-=-=-=- Module Name: src Committed By: agc Date: Sun Aug 15 16:36:24 UTC 2010 Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: misc.c packet-parse.c packet-show.c reader.c signature.c validate.c writer.c Log Message: get rid of more 64-bit lint some of this can be fixed in a better way, for example making cc ssize_t, len size_t etc. and avoiding casts. christos
Re: CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
On Sun, Aug 15, 2010 at 05:16:47PM +, Christos Zoulas wrote: In article 20100815163624.8645d17...@cvs.netbsd.org, Alistair G. Crooks source-changes-d@NetBSD.org wrote: -=-=-=-=-=- Module Name: src Committed By:agc Date:Sun Aug 15 16:36:24 UTC 2010 Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: misc.c packet-parse.c packet-show.c reader.c signature.c validate.c writer.c Log Message: get rid of more 64-bit lint some of this can be fixed in a better way, for example making cc ssize_t, len size_t etc. and avoiding casts. Yes, it can, but I'm concerned about the portability of doing things that way. Probably just me being overly conservative, but whatever. I'm not particularly happy with the way this code looks now, but I have it in a state that I can work with :-) I'll re-address this when I get a chance, I wanted to get this in and cleaned up now. Best, Al
Re: CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: keyring.h packet-print.c Added Files: src/crypto/external/bsd/netpgp/dist/src/lib: mj.c mj.h Log Message: add a minimalist JSON implementation, and add a new function to access the data, and serialise it using JSON. Alas, this fails to build on pretty much all 64-bit arches: /src/nbsrc/crypto/external/bsd/netpgp/lib/../dist/src/lib/mj.c: In function 'mj_parse': /src/nbsrc/crypto/external/bsd/netpgp/lib/../dist/src/lib/mj.c:278: warning: cast from pointer to integer of different size
Re: CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
On Mon, Jul 26, 2010 at 03:56:07AM -0700, Tom Spindler wrote: Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: keyring.h packet-print.c Added Files: src/crypto/external/bsd/netpgp/dist/src/lib: mj.c mj.h Log Message: add a minimalist JSON implementation, and add a new function to access the data, and serialise it using JSON. Alas, this fails to build on pretty much all 64-bit arches: /src/nbsrc/crypto/external/bsd/netpgp/lib/../dist/src/lib/mj.c: In function 'mj_parse': /src/nbsrc/crypto/external/bsd/netpgp/lib/../dist/src/lib/mj.c:278: warning: cast from pointer to integer of different size Fixed now, sorry about that. Thanks, Alistair
Re: CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
On Sat, 26 Jun 2010, David Holland wrote: I suppose the best available comprehensive solution is to use PRIu*** garble in the code and then if necessary have autoconf figure out what the garble should expand to based on SIZE_MAX. Yes. --apb (Alan Barrett)
Re: CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
On Sun, Jun 27, 2010 at 08:10:41PM +0200, Joerg Sonnenberger wrote: Compromising the autoconfiguration not work properly in the name of cross-compilation, though, is misguided. Can't you have it run the test if it's not a cross-compiler and only if it is fall back to the platform test? Or is this one of the things where autoconf falls apart because it's not written in a programming language? You can by using AC_RUN_IFELSE directly. The fourth argument is the cross-compiling test. That seems like a better approach then, especially in this context. I suppose the best available comprehensive solution is to use PRIu*** garble in the code and then if necessary have autoconf figure out what the garble should expand to based on SIZE_MAX. The trivial example was FreeBSD 4.x, but I would expect platforms with %zu to fall into this category too. ...huh? What you wrote doesn't relate to what you quoted, and also isn't an answer to what I asked, which was: : Are there non-theoretical platforms that are missing both SIZE_MAX and : SIZE_T_MAX defines where it isn't either 0x or : 0x? which certainly does not include FreeBSD 4.x unless they grew a PDP-10 port or something while we weren't looking. You can easily distinguish the 32-bit vs. 64-bit case by trying to compile something like typedef char foo[((size_t)0xUL)+1]; If size_t is 32 bits it'll fail trying to declare a zero-length array type. It might conceivably also fail for other reasons but again I don't think there are non-theoretical platforms where this is an issue, except for 16-bit DOS which we explicitly do not care about. (not counting where it might technically be 0x7fff because someone was unclear on it being unsigned -- that doesn't affect printf) SSIZE_MAX is surprisingly a lot better supported... Since ssize_t is required to be the same size as size_t, why not leverage that? I still don't understand why autoconf is passing C pre-processor directives down. #if sizeof(size_t) == sizeof(int) ... #elif sizeof(size_t) == sizeof(long) ... #endif directly in the code is much more readable. It would be nice if that worked... it did in Borland's compiler back in the day. I suppose someone on the standards committee thought it was OK to have to teach the preprocessor the entire expression syntax but not the type name syntax... The problem is that you can't really evuluate the above with interpreting all of the C code before. size_t is not a keyword type in the sense that it is hard-coded into the compiler. Doing so would violate the layering design of the preprocessor. As it's a standard type, however, it could be made known to the preprocessor via some other mechanism. (And you'll find that it is actually hard-coded into the compiler in gcc anyway; if your libc headers don't agree with gcc on what it should be you'll get assorted static on stderr.) That won't work in general, but I suspect most or all of the cases where #if sizeof would actually be useful involve standard types. -- David A. Holland dholl...@netbsd.org
Re: CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
On Sat, Jun 26, 2010 at 06:25:23AM +0200, Joerg Sonnenberger wrote: It would be better to make this a check which is size_t dependent, rather than platform-dependent. The idea is to black list platforms that don't do %zu and there is no way to do that without breaking cross-compilation. It is still preferable to use that if it is available, e.g. to help format string checks. Compromising the autoconfiguration not work properly in the name of cross-compilation, though, is misguided. Can't you have it run the test if it's not a cross-compiler and only if it is fall back to the platform test? Or is this one of the things where autoconf falls apart because it's not written in a programming language? I suppose the best available comprehensive solution is to use PRIu*** garble in the code and then if necessary have autoconf figure out what the garble should expand to based on SIZE_MAX. Are there non-theoretical platforms that are missing both SIZE_MAX and SIZE_T_MAX defines where it isn't either 0x or 0x? (not counting where it might technically be 0x7fff because someone was unclear on it being unsigned -- that doesn't affect printf) I still don't understand why autoconf is passing C pre-processor directives down. #if sizeof(size_t) == sizeof(int) ... #elif sizeof(size_t) == sizeof(long) ... #endif directly in the code is much more readable. It would be nice if that worked... it did in Borland's compiler back in the day. I suppose someone on the standards committee thought it was OK to have to teach the preprocessor the entire expression syntax but not the type name syntax... -- David A. Holland dholl...@netbsd.org
Re: CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
In article 20100625183016.ac0be17...@cvs.netbsd.org, Alistair G. Crooks source-changes-d@NetBSD.org wrote: -=-=-=-=-=- Module Name: src Committed By: agc Date: Fri Jun 25 18:30:16 UTC 2010 Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: misc.c Log Message: Fix build problems on LP64 platforms - thanks to Paul Goyette for the nudge. That should be %zu really; it is more readable. christos
Re: CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
On Fri, Jun 25, 2010 at 08:40:26PM +, Christos Zoulas wrote: In article 20100625183016.ac0be17...@cvs.netbsd.org, Alistair G. Crooks source-changes-d@NetBSD.org wrote: -=-=-=-=-=- Module Name: src Committed By:agc Date:Fri Jun 25 18:30:16 UTC 2010 Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: misc.c Log Message: Fix build problems on LP64 platforms - thanks to Paul Goyette for the nudge. That should be %zu really; it is more readable. %zu is more readble, but it's C99, and even some C99 implementations don't define it (I have in my mind Microsoft from the time that I brought up the iSCSI target on Windows, but I may be wrong there) The following quote is apt: C99 adds a 'z' modifier specifically for size_t: printf(Total buffer size: %zu bytes\n, buffer_size); but many printf implementations don't support it. (Even if your compiler supports C99 and defines __STDC_VERSION__ appropriately, that's not, practically speaking, a guarantee that the library also conforms to C99.) Even in C99, the %lu method will work unless size_t is bigger than unsigned long *and* the value being printed exceeds ULONG_MAX, which is unlikely to happen in practice. -- Keith Thompson (The_Other_Keith) ks...@mib.org http://www.ghoti.net/~kst San Diego Supercomputer Center * http://users.sdsc.edu/~kst referenced in: http://bytes.com/topic/c/answers/221867-portable-way-printf-size_t-instance Oh, and yes, this is not a we need to conform to c89 as LCD post - this is 2010 after all - it's an I want netpgp to be as portable as possible post. Regards, Alistair
Re: CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
On Fri, Jun 25, 2010 at 11:54:32PM +0200, Alistair Crooks wrote: Even in C99, the %lu method will work unless size_t is bigger than unsigned long *and* the value being printed exceeds ULONG_MAX, which is unlikely to happen in practice. Actually, it doesn't. This method breaks as soon as size_t != u_long and might only work in a few edge cases like the size_t being the last argument and the byte order is Little Endian. This is worse because IIRC Microsoft decided to use IL32LLP64 or something similarly fancy. A more portable approach with autoconf can be found in pkg_install, look for MISSING_SIZE_T_SUPPORT and the corresponding AC_CHECK_SIZEOF calls in configure.ac. Joerg
Re: CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
On Sat, Jun 26, 2010 at 01:32:05AM +0200, Joerg Sonnenberger wrote: On Fri, Jun 25, 2010 at 11:54:32PM +0200, Alistair Crooks wrote: Even in C99, the %lu method will work unless size_t is bigger than unsigned long *and* the value being printed exceeds ULONG_MAX, which is unlikely to happen in practice. Please get the attributions right - I was quoting that text. Actually, it doesn't. This method breaks as soon as size_t != u_long and might only work in a few edge cases like the size_t being the last argument and the byte order is Little Endian. This is worse because IIRC Microsoft decided to use IL32LLP64 or something similarly fancy. Can you give us a reference to this, please? A more portable approach with autoconf can be found in pkg_install, look for MISSING_SIZE_T_SUPPORT and the corresponding AC_CHECK_SIZEOF calls in configure.ac. Hmmm, I see this in configure.ac - AC_CHECK_SIZEOF(int) AC_CHECK_SIZEOF(long) AC_CHECK_SIZEOF(long long) AC_CHECK_SIZEOF(size_t, [#include stdlib.h]) and case $host in *-*-hpux*) AC_DEFINE(MISSING_SIZE_T_SUPPORT) AH_TEMPLATE([MISSING_SIZE_T_SUPPORT], [ Define to 1 if the `z' modifider for printf is missing. ]) ;; esac and #ifndef MISSING_SIZE_T_SUPPORT # define PRIzu zu #elif SIZEOF_SIZE_T == SIZEOF_INT # define PRIzu u #elif SIZEOF_SIZE_T == SIZEOF_LONG # define PRIzu lu #elif SIZEOF_SIZE_T == SIZEOF_LONG_LONG # define PRIzu llu #else # errror Unknown size_t size #endif Not quite what I'd been expecting, though, from the glowing description above. Am I missing a revision of that file or something? It took me ages to find it, since I was looking under src/external first of all - and cvs status does say it's up to date. Thanks, Alistair
Re: CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
In message: 20100626032531.ga14...@britannica.bec.de Joerg Sonnenberger jo...@britannica.bec.de writes: : On Sat, Jun 26, 2010 at 05:11:39AM +0200, Alistair Crooks wrote: : On Sat, Jun 26, 2010 at 01:32:05AM +0200, Joerg Sonnenberger wrote: : On Fri, Jun 25, 2010 at 11:54:32PM +0200, Alistair Crooks wrote: :Even in C99, the %lu method will work unless size_t is bigger than :unsigned long *and* the value being printed exceeds ULONG_MAX, which :is unlikely to happen in practice. : : Please get the attributions right - I was quoting that text. : : Actually, it doesn't. This method breaks as soon as size_t != u_long and : might only work in a few edge cases like the size_t being the last : argument and the byte order is Little Endian. This is worse because IIRC : Microsoft decided to use IL32LLP64 or something similarly fancy. : : Can you give us a reference to this, please? : : E.g. : http://stackoverflow.com/questions/384502/what-is-the-bit-size-of-long-on-64-bit-windows : and the MSDN reference inside. : : A more portable approach with autoconf can be found in pkg_install, look : for MISSING_SIZE_T_SUPPORT and the corresponding AC_CHECK_SIZEOF calls : in configure.ac. : : Hmmm, I see this in configure.ac - : : AC_CHECK_SIZEOF(int) : AC_CHECK_SIZEOF(long) : AC_CHECK_SIZEOF(long long) : AC_CHECK_SIZEOF(size_t, [#include stdlib.h]) : : ...compute the sizes to not depend on SIZE_MAX (which would simplify the : logic a lot). : : and : : case $host in : *-*-hpux*) : AC_DEFINE(MISSING_SIZE_T_SUPPORT) : AH_TEMPLATE([MISSING_SIZE_T_SUPPORT], [ : Define to 1 if the `z' modifider for printf is missing. : ]) : ;; : esac : : The only platform for pkgsrc purposes ATM which lacks the %z support. : : and : : #ifndef MISSING_SIZE_T_SUPPORT : # define PRIzu zu : #elif SIZEOF_SIZE_T == SIZEOF_INT : # define PRIzu u : #elif SIZEOF_SIZE_T == SIZEOF_LONG : # define PRIzu lu : #elif SIZEOF_SIZE_T == SIZEOF_LONG_LONG : # define PRIzu llu : #else : # errror Unknown size_t size : #endif : : Not quite what I'd been expecting, though, from the glowing description : above. : : It would be simpler if SIZE_MAX support can be assumed. In that case it : would boil down to : #if SIZE_MAX == INT_MAX : #define PRIzu u : #elif SIZE_MAX == LONG_MAX : #define PRIzu lu : #else SIZE_MAX == LLONG_MAX : #define PRIzu llu : #endif You could easily enough have something like the following in autoconf to generate that: #include stdlib.h #include stdio.h int main(int argc, char **argv) { size_t foo = ~0; printf(#ifndef SIZE_MAX\n#define SIZE_MAX %llu\n#endif\n, (unsigned long long)foo); return (0); } Warner
CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
Module Name:src Committed By: agc Date: Mon Mar 8 08:56:03 UTC 2010 Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: keyring.c Log Message: ensure that we have an element in the array before we try to store a value in it. To generate a diff of this commit: cvs rdiff -u -r1.30 -r1.31 \ src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
Module Name:src Committed By: agc Date: Fri Mar 5 16:30:05 UTC 2010 Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: keyring.c netpgp.c Log Message: clean up some lint that crept in. To generate a diff of this commit: cvs rdiff -u -r1.28 -r1.29 \ src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c cvs rdiff -u -r1.41 -r1.42 \ src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Re: CVS commit: src/crypto/external/bsd/netpgp/dist/src/hkpd
Why do we want to have another ad-hoc HTTP implementation? Wouldn't a small *CGI script be good enough? Joerg On Mon, Mar 01, 2010 at 07:41:57AM +, Alistair G. Crooks wrote: Module Name: src Committed By: agc Date: Mon Mar 1 07:41:57 UTC 2010 Added Files: src/crypto/external/bsd/netpgp/dist/src/hkpd: Makefile hkpd.c hkpd.h main.c Log Message: add an embryonic httpd key server (hkpd) to netpgp. this is based on the discontinued draft for hkp servers, in lieu of any official rfc. the post method for adding keys to the server has not been implemented. not until i've gone through all of the implications, anyway. hkp servers serve up pgp public keys over http. the default port is 11371, but it can be any port, specifiable at run time. whilst this hkpd will return valid html to browsers, it is aimed at the ''machine readable'' side, using the ''options=mr'' option to the http get string. this hkpd server will get hooked into the build at a later date. To generate a diff of this commit: cvs rdiff -u -r0 -r1.1 src/crypto/external/bsd/netpgp/dist/src/hkpd/Makefile \ src/crypto/external/bsd/netpgp/dist/src/hkpd/hkpd.c \ src/crypto/external/bsd/netpgp/dist/src/hkpd/hkpd.h \ src/crypto/external/bsd/netpgp/dist/src/hkpd/main.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Re: CVS commit: src/crypto/external/bsd/netpgp/dist/src/hkpd
not really, i tried to shoehorn all of this into bozo, and it wasn't willing to do it, and its cgi subsystem doesn't lend itself to this kind of thing. i'm fairly intimate with most of bozo's internals, too. the server itself is not that large. if there's a common server-side library that can be used, great, show me it, and i'll convert the hkpd to use it. libfetch certainly isn't up to the task. regards, alistair On Mon, Mar 01, 2010 at 10:35:20PM +0100, Joerg Sonnenberger wrote: Why do we want to have another ad-hoc HTTP implementation? Wouldn't a small *CGI script be good enough? Joerg On Mon, Mar 01, 2010 at 07:41:57AM +, Alistair G. Crooks wrote: Module Name:src Committed By: agc Date: Mon Mar 1 07:41:57 UTC 2010 Added Files: src/crypto/external/bsd/netpgp/dist/src/hkpd: Makefile hkpd.c hkpd.h main.c Log Message: add an embryonic httpd key server (hkpd) to netpgp. this is based on the discontinued draft for hkp servers, in lieu of any official rfc. the post method for adding keys to the server has not been implemented. not until i've gone through all of the implications, anyway. hkp servers serve up pgp public keys over http. the default port is 11371, but it can be any port, specifiable at run time. whilst this hkpd will return valid html to browsers, it is aimed at the ''machine readable'' side, using the ''options=mr'' option to the http get string. this hkpd server will get hooked into the build at a later date. To generate a diff of this commit: cvs rdiff -u -r0 -r1.1 src/crypto/external/bsd/netpgp/dist/src/hkpd/Makefile \ src/crypto/external/bsd/netpgp/dist/src/hkpd/hkpd.c \ src/crypto/external/bsd/netpgp/dist/src/hkpd/hkpd.h \ src/crypto/external/bsd/netpgp/dist/src/hkpd/main.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Re: CVS commit: src/crypto/external/bsd/netpgp/dist/src/hkpd
Joerg Sonnenberger wrote: Why do we want to have another ad-hoc HTTP implementation? Wouldn't a small *CGI script be good enough? Argument for a separate implementation: it runs as a standalone daemon on a different port than the default for HTTP, as a decoupled service from your normal httpd. Argument against: a CGI script would allow you too hook it into your favourite httpd, which could do all sorts of advanced stuff to requests before they hit the CGI script, like aliasing, rewriting, filtering, caching, etc.. Personally, I'd prefer a CGI script; though I do not at present desire to run a HKP server. I am satisfied with the various SKS servers out there. Cheers, -- Thomas E. Spanjaard t...@netphreax.net t...@deepbone.net signature.asc Description: OpenPGP digital signature
CVS commit: src/crypto/external/bsd/netpgp/dist/src/hkpd
Module Name:src Committed By: agc Date: Mon Mar 1 07:41:57 UTC 2010 Added Files: src/crypto/external/bsd/netpgp/dist/src/hkpd: Makefile hkpd.c hkpd.h main.c Log Message: add an embryonic httpd key server (hkpd) to netpgp. this is based on the discontinued draft for hkp servers, in lieu of any official rfc. the post method for adding keys to the server has not been implemented. not until i've gone through all of the implications, anyway. hkp servers serve up pgp public keys over http. the default port is 11371, but it can be any port, specifiable at run time. whilst this hkpd will return valid html to browsers, it is aimed at the ''machine readable'' side, using the ''options=mr'' option to the http get string. this hkpd server will get hooked into the build at a later date. To generate a diff of this commit: cvs rdiff -u -r0 -r1.1 src/crypto/external/bsd/netpgp/dist/src/hkpd/Makefile \ src/crypto/external/bsd/netpgp/dist/src/hkpd/hkpd.c \ src/crypto/external/bsd/netpgp/dist/src/hkpd/hkpd.h \ src/crypto/external/bsd/netpgp/dist/src/hkpd/main.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Added files: Index: src/crypto/external/bsd/netpgp/dist/src/hkpd/Makefile diff -u /dev/null src/crypto/external/bsd/netpgp/dist/src/hkpd/Makefile:1.1 --- /dev/null Mon Mar 1 07:41:57 2010 +++ src/crypto/external/bsd/netpgp/dist/src/hkpd/Makefile Mon Mar 1 07:41:56 2010 @@ -0,0 +1,11 @@ +# $NetBSD: Makefile,v 1.1 2010/03/01 07:41:56 agc Exp $ + +PROG=hkpd +SRCS=hkpd.c main.c +CPPFLAGS+=-g # -DHAVE_CONFIG_H=1 +LDFLAGS+=-g +LDADD+= -lnetpgp +MKMAN=no +WARNS=0 # anything over 0 will fail at the link stage with IDEA errors + +.include bsd.prog.mk Index: src/crypto/external/bsd/netpgp/dist/src/hkpd/hkpd.c diff -u /dev/null src/crypto/external/bsd/netpgp/dist/src/hkpd/hkpd.c:1.1 --- /dev/null Mon Mar 1 07:41:57 2010 +++ src/crypto/external/bsd/netpgp/dist/src/hkpd/hkpd.c Mon Mar 1 07:41:56 2010 @@ -0,0 +1,275 @@ +/*- + * Copyright (c) 2009,2010 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Alistair Crooks (a...@netbsd.org) + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include sys/types.h +#include sys/param.h +#include sys/socket.h +#include sys/stat.h +#include sys/param.h + +#include netinet/in.h + +#include errno.h +#include netdb.h +#include netpgp.h +#include regex.h +#include stdio.h +#include stdlib.h +#include string.h +#include unistd.h + +#include hkpd.h + +/* make the string have %xx - %c */ +static size_t +frompercent(char *in, size_t insize, char *out, size_t outsize) +{ + size_t outcc; + char *next; + char *pc; + + outcc = 0; + for (pc = in ; (next = strchr(pc, '%')) != NULL ; pc = next + 3) { + (void) memcpy(out[outcc], pc, (size_t)(next - pc)); + outcc += (size_t)(next - pc); + out[outcc++] = (char)strtol(next + 1, NULL, 16); + } + (void) memcpy(out[outcc], pc, insize - (int)(pc - in)); + outcc += insize - (int)(pc - in); + out[outcc] = 0x0; + return outcc; +} + +#define HKP_HTTP_LEVEL HTTP/1.0 +#define HKP_NAME hkpd +#define HKP_MIME_GET application/pgp-keys +#define HKP_MIME_INDEX text/plain +#define HKP_MACHREAD info:1:1\r\n + +#define HKP_SUCCESS 200 +#define HKP_NOT_FOUND 404 + +/* make into html */ +static int +htmlify(char *buf, size_t size, const int code, const int get, const char *title, const int mr, const char *body) +{ + return snprintf(buf, size, + %s %d %s\r\n + Server: %s/%d\r\n + Content-type: %s\r\n + \r\n + %s + %s, + HKP_HTTP_LEVEL, code, (code == HKP_SUCCESS) ? OK : not found, + HKP_NAME,
CVS commit: src/crypto/external/bsd/netpgp/dist/src/hkpd
Module Name:src Committed By: agc Date: Mon Mar 1 07:41:57 UTC 2010 Added Files: src/crypto/external/bsd/netpgp/dist/src/hkpd: Makefile hkpd.c hkpd.h main.c Log Message: add an embryonic httpd key server (hkpd) to netpgp. this is based on the discontinued draft for hkp servers, in lieu of any official rfc. the post method for adding keys to the server has not been implemented. not until i've gone through all of the implications, anyway. hkp servers serve up pgp public keys over http. the default port is 11371, but it can be any port, specifiable at run time. whilst this hkpd will return valid html to browsers, it is aimed at the ''machine readable'' side, using the ''options=mr'' option to the http get string. this hkpd server will get hooked into the build at a later date. To generate a diff of this commit: cvs rdiff -u -r0 -r1.1 src/crypto/external/bsd/netpgp/dist/src/hkpd/Makefile \ src/crypto/external/bsd/netpgp/dist/src/hkpd/hkpd.c \ src/crypto/external/bsd/netpgp/dist/src/hkpd/hkpd.h \ src/crypto/external/bsd/netpgp/dist/src/hkpd/main.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/netpgp/dist/src/hkpclient
Module Name:src Committed By: agc Date: Mon Mar 1 07:52:21 UTC 2010 Added Files: src/crypto/external/bsd/netpgp/dist/src/hkpclient: hkpclient.lua optparse.lua tst Log Message: add the scripts used to test the hkpd. fwiw, the hkp client script is - essentially - 7 lines of lua, using libcurl for the http transport. To generate a diff of this commit: cvs rdiff -u -r0 -r1.1 \ src/crypto/external/bsd/netpgp/dist/src/hkpclient/hkpclient.lua \ src/crypto/external/bsd/netpgp/dist/src/hkpclient/optparse.lua \ src/crypto/external/bsd/netpgp/dist/src/hkpclient/tst Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Added files: Index: src/crypto/external/bsd/netpgp/dist/src/hkpclient/hkpclient.lua diff -u /dev/null src/crypto/external/bsd/netpgp/dist/src/hkpclient/hkpclient.lua:1.1 --- /dev/null Mon Mar 1 07:52:21 2010 +++ src/crypto/external/bsd/netpgp/dist/src/hkpclient/hkpclient.lua Mon Mar 1 07:52:21 2010 @@ -0,0 +1,74 @@ +#! /usr/bin/env lua + +-- +-- Copyright (c) 2010 The NetBSD Foundation, Inc. +-- All rights reserved. +-- +-- This code is derived from software contributed to The NetBSD Foundation +-- by Alistair Crooks (a...@netbsd.org) +-- +-- Redistribution and use in source and binary forms, with or without +-- modification, are permitted provided that the following conditions +-- are met: +-- 1. Redistributions of source code must retain the above copyright +--notice, this list of conditions and the following disclaimer. +-- 2. Redistributions in binary form must reproduce the above copyright +--notice, this list of conditions and the following disclaimer in the +--documentation and/or other materials provided with the distribution. +-- +-- THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS +-- ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +-- TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +-- PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS +-- BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +-- CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +-- SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +-- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +-- CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +-- ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +-- POSSIBILITY OF SUCH DAMAGE. +-- + +-- a short HKP client + +require(cURL) + +-- command line args +dofile optparse.lua + +opt = OptionParser{usage=%prog [options] file, version=20100226} + +opt.add_option{-V, --version, action=store_true, dest=version, + help=--version} +opt.add_option{-m, --mr, action=store_true, dest=mr, help=-m} +opt.add_option{-o, --op, action=store, dest=op, help=-o op} +opt.add_option{-p, --port, action=store, dest=port, help=-p port} +opt.add_option{-s, --server, action=store, dest=server, help=-s server} + +-- parse command line args +options,args = opt.parse_args() + +-- set defaults +local server = options.server or pgp.mit.edu +local port = options.port or 11371 +local op = options.op or get +local mr = +if options.mr then mr = options=mr end + +-- get output stream +f = io.output() + +c = cURL.easy_init() + +-- setup url +c:setopt_url(http://; .. server .. : .. port .. + /pks/lookup?op= .. op .. search= .. args[1] .. mr) + +-- perform, invokes callbacks +c:perform({writefunction = function(str) +f:write(str) + end}) + +-- close output file +f:close() + Index: src/crypto/external/bsd/netpgp/dist/src/hkpclient/optparse.lua diff -u /dev/null src/crypto/external/bsd/netpgp/dist/src/hkpclient/optparse.lua:1.1 --- /dev/null Mon Mar 1 07:52:21 2010 +++ src/crypto/external/bsd/netpgp/dist/src/hkpclient/optparse.lua Mon Mar 1 07:52:21 2010 @@ -0,0 +1,123 @@ +-- Lua command line option parser. +-- Interface based on Pythons optparse. +-- http://docs.python.org/lib/module-optparse.html +-- (c) 2008 David Manura, Licensed under the same terms as Lua (MIT license) +-- +-- To be used like this: +-- t={usage=some usage message, version=version string} +-- op=OptionParser(t) +-- op=add_option{opt, action=action, dest=dest, help=help message for this option} +-- +-- with : +-- opt the option string to be used (can be anything, if one letter opt, then should be -x val, more letters: -xy=val ) +-- action one of +-- - store: store in options as key, val +-- - store_true: stores key, true +-- - store_false: stores key, false +-- dest is the key under which the option is saved +--
CVS commit: src/crypto/external/bsd/netpgp/dist/src/hkpclient
Module Name:src Committed By: agc Date: Mon Mar 1 07:52:21 UTC 2010 Added Files: src/crypto/external/bsd/netpgp/dist/src/hkpclient: hkpclient.lua optparse.lua tst Log Message: add the scripts used to test the hkpd. fwiw, the hkp client script is - essentially - 7 lines of lua, using libcurl for the http transport. To generate a diff of this commit: cvs rdiff -u -r0 -r1.1 \ src/crypto/external/bsd/netpgp/dist/src/hkpclient/hkpclient.lua \ src/crypto/external/bsd/netpgp/dist/src/hkpclient/optparse.lua \ src/crypto/external/bsd/netpgp/dist/src/hkpclient/tst Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/netpgp/dist/src/netpgp
Module Name:src Committed By: wiz Date: Wed Feb 24 08:22:59 UTC 2010 Modified Files: src/crypto/external/bsd/netpgp/dist/src/netpgp: netpgp.1 Log Message: New sentence, new line; remove trailing whitespace. To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 \ src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/netpgp/dist/src
Module Name:src Committed By: agc Date: Tue Feb 23 01:24:45 UTC 2010 Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: netpgp.c validate.c src/crypto/external/bsd/netpgp/dist/src/netpgp: netpgp.1 Log Message: fix a bug in verifying memory. add two examples to the netpgp(1) manual page outlining how to sign and encrypt via a pipeline, and how to decrypt and verify/cat using a pipeline. To generate a diff of this commit: cvs rdiff -u -r1.39 -r1.40 \ src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c cvs rdiff -u -r1.29 -r1.30 \ src/crypto/external/bsd/netpgp/dist/src/lib/validate.c cvs rdiff -u -r1.7 -r1.8 \ src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.39 src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.40 --- src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c:1.39 Fri Feb 12 03:38:48 2010 +++ src/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c Tue Feb 23 01:24:44 2010 @@ -34,7 +34,7 @@ #if defined(__NetBSD__) __COPYRIGHT(@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.); -__RCSID($NetBSD: netpgp.c,v 1.39 2010/02/12 03:38:48 agc Exp $); +__RCSID($NetBSD: netpgp.c,v 1.40 2010/02/23 01:24:44 agc Exp $); #endif #include sys/types.h @@ -1014,6 +1014,9 @@ } signedmem = __ops_memory_new(); __ops_memory_add(signedmem, in, size); + if (out) { + cat = __ops_memory_new(); + } ret = __ops_validate_mem(io, result, signedmem, (out) ? cat : NULL, armored, netpgp-pubring); Index: src/crypto/external/bsd/netpgp/dist/src/lib/validate.c diff -u src/crypto/external/bsd/netpgp/dist/src/lib/validate.c:1.29 src/crypto/external/bsd/netpgp/dist/src/lib/validate.c:1.30 --- src/crypto/external/bsd/netpgp/dist/src/lib/validate.c:1.29 Fri Feb 12 03:38:48 2010 +++ src/crypto/external/bsd/netpgp/dist/src/lib/validate.c Tue Feb 23 01:24:44 2010 @@ -54,7 +54,7 @@ #if defined(__NetBSD__) __COPYRIGHT(@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.); -__RCSID($NetBSD: validate.c,v 1.29 2010/02/12 03:38:48 agc Exp $); +__RCSID($NetBSD: validate.c,v 1.30 2010/02/23 01:24:44 agc Exp $); #endif #include sys/types.h @@ -949,7 +949,7 @@ __ops_teardown_memory_read(stream, mem); /* this is triggered only for --cat output */ - if (*cat) { + if (cat) { /* need to send validated output somewhere */ *cat = validation.mem; } else { Index: src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1 diff -u src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1:1.7 src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1:1.8 --- src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1:1.7 Sat Feb 6 02:24:34 2010 +++ src/crypto/external/bsd/netpgp/dist/src/netpgp/netpgp.1 Tue Feb 23 01:24:45 2010 @@ -1,4 +1,4 @@ -.\ $NetBSD: netpgp.1,v 1.7 2010/02/06 02:24:34 agc Exp $ +.\ $NetBSD: netpgp.1,v 1.8 2010/02/23 01:24:45 agc Exp $ .\ .\ Copyright (c) 2009 The NetBSD Foundation, Inc. .\ All rights reserved. @@ -406,6 +406,10 @@ netpgp passphrase: % .Ed +.Pp +This simple (and contrived) example shows that +.Nm +commands can be used together in a pipeline to produce the desired effect. .Bd -literal % netpgp --sign \*[Lt] a | netpgp --cat \*[Gt] b netpgp: default key set to C0596823 @@ -428,6 +432,43 @@ uid Alistair Crooks (Yahoo!) \*[lt]agcro...@yahoo-inc.com\*[gt] % .Ed +.Pp +For operations like signing and encrypting a file at the same time, +the best way is to make use of pipelines: +.Bd -literal +% netpgp --sign \*[Lt] example | netpgp --encrypt --userid=c0596823 \*[Gt] example.gpg +netpgp: default key set to C0596823 +pub 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12 +Key fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823 +uid Alistair Crooks \*[lt]alist...@hockley-crooks.com\*[gt] +uid Alistair Crooks \*[lt]...@pkgsrc.org\*[gt] +uid Alistair Crooks \*[lt]...@netbsd.org\*[gt] +uid Alistair Crooks \*[lt]...@alistaircrooks.com\*[gt] +uid Alistair Crooks (Yahoo!) \*[lt]agcro...@yahoo-inc.com\*[gt] +netpgp passphrase: +% netpgp --decrypt \*[Lt] example.gpg | netpgp --cat +netpgp: default key set to C0596823 +netpgp: default key set to C0596823 +pub 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12 +Key fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823 +uid Alistair Crooks \*[lt]alist...@hockley-crooks.com\*[gt] +uid Alistair Crooks \*[lt]...@pkgsrc.org\*[gt] +uid Alistair Crooks \*[lt]...@netbsd.org\*[gt] +uid Alistair Crooks \*[lt]...@alistaircrooks.com\*[gt] +uid Alistair Crooks (Yahoo!) \*[lt]agcro...@yahoo-inc.com\*[gt] +netpgp passphrase: +Good
CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
Module Name:src Committed By: agc Date: Sat Feb 13 00:14:00 UTC 2010 Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: signature.h Log Message: let's get modern int types defined so that netpgp will build on mac os x To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 \ src/crypto/external/bsd/netpgp/dist/src/lib/signature.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/crypto/external/bsd/netpgp/dist/src/lib
Module Name:src Committed By: dsl Date: Sat Feb 6 10:50:52 UTC 2010 Modified Files: src/crypto/external/bsd/netpgp/dist/src/lib: packet-parse.c validate.c Log Message: Fix printf formats on amd64 (and probably other 64bit systems). To generate a diff of this commit: cvs rdiff -u -r1.28 -r1.29 \ src/crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c cvs rdiff -u -r1.26 -r1.27 \ src/crypto/external/bsd/netpgp/dist/src/lib/validate.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.