Module Name: src
Committed By: agc
Date: Thu May 28 01:52:43 UTC 2009
Modified Files:
src/crypto/external/bsd/netpgp/dist: TODO
src/crypto/external/bsd/netpgp/dist/src/lib: compress.c crypto.c
keyring.c misc.c packet-parse.c packet-print.c reader.c signature.c
validate.c version.h
Log Message:
CHANGES 1.99.6 -> 1.99.7
+ added to the regression tests
+ get rid of some magic constants, replace with more obvious names
+ zero out the memory used for a passphrase before freeing it in one place
To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/netpgp/dist/TODO
cvs rdiff -u -r1.9 -r1.10 \
src/crypto/external/bsd/netpgp/dist/src/lib/compress.c
cvs rdiff -u -r1.13 -r1.14 \
src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c \
src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c \
src/crypto/external/bsd/netpgp/dist/src/lib/misc.c \
src/crypto/external/bsd/netpgp/dist/src/lib/version.h
cvs rdiff -u -r1.16 -r1.17 \
src/crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c \
src/crypto/external/bsd/netpgp/dist/src/lib/signature.c
cvs rdiff -u -r1.14 -r1.15 \
src/crypto/external/bsd/netpgp/dist/src/lib/packet-print.c
cvs rdiff -u -r1.15 -r1.16 \
src/crypto/external/bsd/netpgp/dist/src/lib/reader.c \
src/crypto/external/bsd/netpgp/dist/src/lib/validate.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/netpgp/dist/TODO
diff -u src/crypto/external/bsd/netpgp/dist/TODO:1.13 src/crypto/external/bsd/netpgp/dist/TODO:1.14
--- src/crypto/external/bsd/netpgp/dist/TODO:1.13 Wed May 27 00:38:26 2009
+++ src/crypto/external/bsd/netpgp/dist/TODO Thu May 28 01:52:42 2009
@@ -1,6 +1,7 @@
To Do
=====
separate verify program
+separate key management program
separate from libcrypto?
64-bit offsets
default compression when signing?
Index: src/crypto/external/bsd/netpgp/dist/src/lib/compress.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/compress.c:1.9 src/crypto/external/bsd/netpgp/dist/src/lib/compress.c:1.10
--- src/crypto/external/bsd/netpgp/dist/src/lib/compress.c:1.9 Sat May 16 06:30:38 2009
+++ src/crypto/external/bsd/netpgp/dist/src/lib/compress.c Thu May 28 01:52:43 2009
@@ -57,7 +57,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: compress.c,v 1.9 2009/05/16 06:30:38 agc Exp $");
+__RCSID("$NetBSD: compress.c,v 1.10 2009/05/28 01:52:43 agc Exp $");
#endif
#ifdef HAVE_ZLIB_H
@@ -300,6 +300,7 @@
{
z_decompress_t z;
bz_decompress_t bz;
+ const int printerrors = 1;
int ret;
switch (type) {
@@ -394,7 +395,7 @@
return 0;
}
- ret = __ops_parse(parse_info, 0);
+ ret = __ops_parse(parse_info, !printerrors);
__ops_reader_pop(parse_info);
Index: src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c:1.13 src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c:1.14
--- src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c:1.13 Mon May 25 06:43:32 2009
+++ src/crypto/external/bsd/netpgp/dist/src/lib/crypto.c Thu May 28 01:52:43 2009
@@ -54,7 +54,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: crypto.c,v 1.13 2009/05/25 06:43:32 agc Exp $");
+__RCSID("$NetBSD: crypto.c,v 1.14 2009/05/28 01:52:43 agc Exp $");
#endif
#include <sys/types.h>
@@ -290,6 +290,7 @@
__ops_cbfunc_t *cb_get_passphrase)
{
__ops_parseinfo_t *parse = NULL;
+ const int printerrors = 1;
char *filename = NULL;
int fd_in = 0;
int fd_out = 0;
@@ -353,7 +354,7 @@
}
/* Do it */
- __ops_parse(parse, 1);
+ __ops_parse(parse, printerrors);
/* Unsetup */
if (use_armour) {
Index: src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c:1.13 src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c:1.14
--- src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c:1.13 Wed May 27 00:38:27 2009
+++ src/crypto/external/bsd/netpgp/dist/src/lib/keyring.c Thu May 28 01:52:43 2009
@@ -57,7 +57,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: keyring.c,v 1.13 2009/05/27 00:38:27 agc Exp $");
+__RCSID("$NetBSD: keyring.c,v 1.14 2009/05/28 01:52:43 agc Exp $");
#endif
#ifdef HAVE_FCNTL_H
@@ -218,7 +218,7 @@
typedef struct {
const __ops_keydata_t *key;
- char *pphrase;
+ char *passphrase;
__ops_seckey_t *seckey;
} decrypt_t;
@@ -229,7 +229,6 @@
decrypt_t *decrypt;
decrypt = __ops_parse_cb_get_arg(cbinfo);
-
switch (pkt->tag) {
case OPS_PARSER_PTAG:
case OPS_PTAG_CT_USER_ID:
@@ -240,7 +239,7 @@
break;
case OPS_GET_PASSPHRASE:
- *content->skey_passphrase.passphrase = decrypt->pphrase;
+ *content->skey_passphrase.passphrase = decrypt->passphrase;
return OPS_KEEP_MEMORY;
case OPS_PARSER_ERRCODE:
@@ -287,27 +286,26 @@
\ingroup Core_Keys
\brief Decrypts secret key from given keydata with given passphrase
\param key Key from which to get secret key
-\param pphrase Passphrase to use to decrypt secret key
+\param passphrase Passphrase to use to decrypt secret key
\return secret key
*/
__ops_seckey_t *
-__ops_decrypt_seckey(const __ops_keydata_t *key, const char *pphrase)
+__ops_decrypt_seckey(const __ops_keydata_t *key, const char *passphrase)
{
- __ops_parseinfo_t *pinfo;
- decrypt_t decrypt;
+ __ops_parseinfo_t *parse;
+ const int printerrors = 1;
+ decrypt_t decrypt;
(void) memset(&decrypt, 0x0, sizeof(decrypt));
decrypt.key = key;
- decrypt.pphrase = strdup(pphrase);
-
- pinfo = __ops_parseinfo_new();
-
- __ops_keydata_reader_set(pinfo, key);
- __ops_set_callback(pinfo, decrypt_cb, &decrypt);
- pinfo->readinfo.accumulate = 1;
-
- __ops_parse(pinfo, 0);
-
+ decrypt.passphrase = strdup(passphrase);
+ parse = __ops_parseinfo_new();
+ __ops_keydata_reader_set(parse, key);
+ __ops_set_callback(parse, decrypt_cb, &decrypt);
+ parse->readinfo.accumulate = 1;
+ __ops_parse(parse, !printerrors);
+ (void) memset(decrypt.passphrase, 0x0, strlen(decrypt.passphrase));
+ (void) free(decrypt.passphrase);
return decrypt.seckey;
}
@@ -632,11 +630,11 @@
const unsigned armour,
const char *filename)
{
- __ops_parseinfo_t *pinfo;
+ __ops_parseinfo_t *parse;
unsigned res = 1;
int fd;
- pinfo = __ops_parseinfo_new();
+ parse = __ops_parseinfo_new();
/* add this for the moment, */
/*
@@ -644,8 +642,8 @@
* later
*/
- /* __ops_parse_options(pinfo,OPS_PTAG_SS_ALL,OPS_PARSE_RAW); */
- __ops_parse_options(pinfo, OPS_PTAG_SS_ALL, OPS_PARSE_PARSED);
+ /* __ops_parse_options(parse,OPS_PTAG_SS_ALL,OPS_PARSE_RAW); */
+ __ops_parse_options(parse, OPS_PTAG_SS_ALL, OPS_PARSE_PARSED);
#ifdef O_BINARY
fd = open(filename, O_RDONLY | O_BINARY);
@@ -653,34 +651,34 @@
fd = open(filename, O_RDONLY);
#endif
if (fd < 0) {
- __ops_parseinfo_delete(pinfo);
+ __ops_parseinfo_delete(parse);
perror(filename);
return 0;
}
#ifdef USE_MMAP_FOR_FILES
- __ops_reader_set_mmap(pinfo, fd);
+ __ops_reader_set_mmap(parse, fd);
#else
- __ops_reader_set_fd(pinfo, fd);
+ __ops_reader_set_fd(parse, fd);
#endif
- __ops_set_callback(pinfo, cb_keyring_read, NULL);
+ __ops_set_callback(parse, cb_keyring_read, NULL);
if (armour) {
- __ops_reader_push_dearmour(pinfo);
+ __ops_reader_push_dearmour(parse);
}
- if (__ops_parse_and_accumulate(keyring, pinfo) == 0) {
+ if (__ops_parse_and_accumulate(keyring, parse) == 0) {
res = 0;
} else {
res = 1;
}
- __ops_print_errors(__ops_parseinfo_get_errors(pinfo));
+ __ops_print_errors(__ops_parseinfo_get_errors(parse));
if (armour)
- __ops_reader_pop_dearmour(pinfo);
+ __ops_reader_pop_dearmour(parse);
close(fd);
- __ops_parseinfo_delete(pinfo);
+ __ops_parseinfo_delete(parse);
return res;
}
@@ -713,27 +711,23 @@
const unsigned armour,
__ops_memory_t *mem)
{
- __ops_parseinfo_t *pinfo = NULL;
+ __ops_parseinfo_t *parse = NULL;
+ const unsigned noaccum = 0;
unsigned res = 1;
- pinfo = __ops_parseinfo_new();
- __ops_parse_options(pinfo, OPS_PTAG_SS_ALL, OPS_PARSE_PARSED);
-
- __ops_setup_memory_read(&pinfo, mem, NULL, cb_keyring_read, 0);
-
+ parse = __ops_parseinfo_new();
+ __ops_parse_options(parse, OPS_PTAG_SS_ALL, OPS_PARSE_PARSED);
+ __ops_setup_memory_read(&parse, mem, NULL, cb_keyring_read, noaccum);
if (armour) {
- __ops_reader_push_dearmour(pinfo);
+ __ops_reader_push_dearmour(parse);
}
- res = __ops_parse_and_accumulate(keyring, pinfo);
- __ops_print_errors(__ops_parseinfo_get_errors(pinfo));
-
+ res = __ops_parse_and_accumulate(keyring, parse);
+ __ops_print_errors(__ops_parseinfo_get_errors(parse));
if (armour) {
- __ops_reader_pop_dearmour(pinfo);
+ __ops_reader_pop_dearmour(parse);
}
-
/* don't call teardown_memory_read because memory was passed in */
- __ops_parseinfo_delete(pinfo);
-
+ __ops_parseinfo_delete(parse);
return res;
}
@@ -749,7 +743,7 @@
void
__ops_keyring_free(__ops_keyring_t *keyring)
{
- free(keyring->keys);
+ (void)free(keyring->keys);
keyring->keys = NULL;
keyring->nkeys = 0;
keyring->nkeys_allocated = 0;
Index: src/crypto/external/bsd/netpgp/dist/src/lib/misc.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/misc.c:1.13 src/crypto/external/bsd/netpgp/dist/src/lib/misc.c:1.14
--- src/crypto/external/bsd/netpgp/dist/src/lib/misc.c:1.13 Wed May 27 00:38:27 2009
+++ src/crypto/external/bsd/netpgp/dist/src/lib/misc.c Thu May 28 01:52:43 2009
@@ -57,7 +57,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: misc.c,v 1.13 2009/05/27 00:38:27 agc Exp $");
+__RCSID("$NetBSD: misc.c,v 1.14 2009/05/28 01:52:43 agc Exp $");
#endif
#include <sys/types.h>
@@ -194,6 +194,7 @@
__ops_parse_and_accumulate(__ops_keyring_t *keyring, __ops_parseinfo_t *parse)
{
accumulate_t accumulate;
+ const int printerrors = 1;
int ret;
if (parse->readinfo.accumulate) {
@@ -210,7 +211,7 @@
__ops_parse_cb_push(parse, accumulate_cb, &accumulate);
parse->readinfo.accumulate = 1;
- ret = __ops_parse(parse, 0);
+ ret = __ops_parse(parse, !printerrors);
keyring->nkeys += 1;
Index: src/crypto/external/bsd/netpgp/dist/src/lib/version.h
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/version.h:1.13 src/crypto/external/bsd/netpgp/dist/src/lib/version.h:1.14
--- src/crypto/external/bsd/netpgp/dist/src/lib/version.h:1.13 Wed May 27 05:42:25 2009
+++ src/crypto/external/bsd/netpgp/dist/src/lib/version.h Thu May 28 01:52:43 2009
@@ -58,7 +58,7 @@
#endif
/* development versions have .99 suffix */
-#define NETPGP_BASE_VERSION "1.99.6"
+#define NETPGP_BASE_VERSION "1.99.7"
#define NETPGP_VERSION_CAT(a, b) "NetPGP portable " a "/[" b "]"
#define NETPGP_VERSION_STRING \
Index: src/crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c:1.16 src/crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c:1.17
--- src/crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c:1.16 Wed May 27 00:38:27 2009
+++ src/crypto/external/bsd/netpgp/dist/src/lib/packet-parse.c Thu May 28 01:52:43 2009
@@ -58,7 +58,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: packet-parse.c,v 1.16 2009/05/27 00:38:27 agc Exp $");
+__RCSID("$NetBSD: packet-parse.c,v 1.17 2009/05/28 01:52:43 agc Exp $");
#endif
#ifdef HAVE_OPENSSL_CAST_H
@@ -2930,6 +2930,7 @@
__ops_parseinfo_t *pinfo)
{
__ops_crypt_t *decrypt = __ops_parse_get_decrypt(pinfo);
+ const int printerrors = 1;
int r = 1;
if (decrypt) {
@@ -2960,7 +2961,7 @@
decrypt->block_encrypt(decrypt, decrypt->civ,
decrypt->civ);
}
- r = __ops_parse(pinfo, 0);
+ r = __ops_parse(pinfo, !printerrors);
__ops_reader_pop_decrypt(pinfo);
} else {
@@ -2990,13 +2991,14 @@
__ops_parseinfo_t *pinfo)
{
__ops_crypt_t *decrypt = __ops_parse_get_decrypt(pinfo);
+ const int printerrors = 1;
int r = 1;
if (decrypt) {
__ops_reader_push_decrypt(pinfo, decrypt, region);
__ops_reader_push_se_ip_data(pinfo, decrypt, region);
- r = __ops_parse(pinfo, 0);
+ r = __ops_parse(pinfo, !printerrors);
__ops_reader_pop_se_ip_data(pinfo);
__ops_reader_pop_decrypt(pinfo);
Index: src/crypto/external/bsd/netpgp/dist/src/lib/signature.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/signature.c:1.16 src/crypto/external/bsd/netpgp/dist/src/lib/signature.c:1.17
--- src/crypto/external/bsd/netpgp/dist/src/lib/signature.c:1.16 Wed May 27 00:38:27 2009
+++ src/crypto/external/bsd/netpgp/dist/src/lib/signature.c Thu May 28 01:52:43 2009
@@ -57,7 +57,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: signature.c,v 1.16 2009/05/27 00:38:27 agc Exp $");
+__RCSID("$NetBSD: signature.c,v 1.17 2009/05/28 01:52:43 agc Exp $");
#endif
#include <sys/types.h>
@@ -363,9 +363,10 @@
hash_add_key(__ops_hash_t *hash, const __ops_pubkey_t *key)
{
__ops_memory_t *mem = __ops_memory_new();
+ const unsigned dontmakepacket = 0;
size_t len;
- __ops_build_pubkey(mem, key, 0);
+ __ops_build_pubkey(mem, key, dontmakepacket);
len = __ops_mem_len(mem);
__ops_hash_add_int(hash, 0x99, 1);
__ops_hash_add_int(hash, len, 2);
Index: src/crypto/external/bsd/netpgp/dist/src/lib/packet-print.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/packet-print.c:1.14 src/crypto/external/bsd/netpgp/dist/src/lib/packet-print.c:1.15
--- src/crypto/external/bsd/netpgp/dist/src/lib/packet-print.c:1.14 Wed May 27 00:38:27 2009
+++ src/crypto/external/bsd/netpgp/dist/src/lib/packet-print.c Thu May 28 01:52:43 2009
@@ -58,7 +58,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: packet-print.c,v 1.14 2009/05/27 00:38:27 agc Exp $");
+__RCSID("$NetBSD: packet-print.c,v 1.15 2009/05/28 01:52:43 agc Exp $");
#endif
#include <string.h>
@@ -1191,6 +1191,7 @@
{
__ops_parseinfo_t *pinfo = NULL;
const unsigned accumulate = 1;
+ const int printerrors = 1;
int fd = 0;
fd = __ops_setup_file_read(&pinfo, filename, NULL, cb_list_packets,
@@ -1201,7 +1202,7 @@
if (armour) {
__ops_reader_push_dearmour(pinfo);
}
- __ops_parse(pinfo, 1);
+ __ops_parse(pinfo, printerrors);
__ops_teardown_file_read(pinfo, fd);
return 1;
}
Index: src/crypto/external/bsd/netpgp/dist/src/lib/reader.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/reader.c:1.15 src/crypto/external/bsd/netpgp/dist/src/lib/reader.c:1.16
--- src/crypto/external/bsd/netpgp/dist/src/lib/reader.c:1.15 Wed May 27 00:38:27 2009
+++ src/crypto/external/bsd/netpgp/dist/src/lib/reader.c Thu May 28 01:52:43 2009
@@ -54,7 +54,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: reader.c,v 1.15 2009/05/27 00:38:27 agc Exp $");
+__RCSID("$NetBSD: reader.c,v 1.16 2009/05/28 01:52:43 agc Exp $");
#endif
#include <sys/types.h>
@@ -1607,9 +1607,9 @@
fprintf(stderr, "\n");
}
__ops_calc_mdc_hash(preamble, sz_preamble, plaintext,
- sz_plaintext, &hashed[0]);
+ sz_plaintext, hashed);
- if (memcmp(mdc_hash, hashed, OPS_SHA1_HASH_SIZE)) {
+ if (memcmp(mdc_hash, hashed, OPS_SHA1_HASH_SIZE) != 0) {
OPS_ERROR(errors, OPS_E_V_BAD_HASH,
"Bad hash in MDC packet");
(void) free(buf);
Index: src/crypto/external/bsd/netpgp/dist/src/lib/validate.c
diff -u src/crypto/external/bsd/netpgp/dist/src/lib/validate.c:1.15 src/crypto/external/bsd/netpgp/dist/src/lib/validate.c:1.16
--- src/crypto/external/bsd/netpgp/dist/src/lib/validate.c:1.15 Wed May 27 00:38:27 2009
+++ src/crypto/external/bsd/netpgp/dist/src/lib/validate.c Thu May 28 01:52:43 2009
@@ -54,7 +54,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: validate.c,v 1.15 2009/05/27 00:38:27 agc Exp $");
+__RCSID("$NetBSD: validate.c,v 1.16 2009/05/28 01:52:43 agc Exp $");
#endif
#include <sys/types.h>
@@ -542,6 +542,7 @@
{
__ops_parseinfo_t *pinfo;
validate_key_cb_t keysigs;
+ const int printerrors = 1;
(void) memset(&keysigs, 0x0, sizeof(keysigs));
keysigs.result = result;
@@ -560,7 +561,7 @@
/* is never used. */
keysigs.reader = pinfo->readinfo.arg;
- __ops_parse(pinfo, 0);
+ __ops_parse(pinfo, !printerrors);
__ops_pubkey_free(&keysigs.pubkey);
if (keysigs.subkey.version) {
@@ -646,6 +647,7 @@
validate_data_cb_t validation;
__ops_parseinfo_t *parse = NULL;
struct stat st;
+ const int printerrors = 1;
unsigned ret;
int64_t sigsize;
char origfile[MAXPATHLEN];
@@ -695,7 +697,7 @@
}
/* Do the verification */
- __ops_parse(parse, 0);
+ __ops_parse(parse, !printerrors);
/* Tidy up */
if (armoured) {
@@ -765,6 +767,7 @@
{
validate_data_cb_t validation;
__ops_parseinfo_t *pinfo = NULL;
+ const int printerrors = 1;
__ops_setup_memory_read(&pinfo, mem, &validation, validate_data_cb, 1);
@@ -783,7 +786,7 @@
}
/* Do the verification */
- __ops_parse(pinfo, 0);
+ __ops_parse(pinfo, !printerrors);
/* Tidy up */
if (armoured) {
