4c181ca7aa
changes: many fixes and improvements reviewed by John R. Shannon pkgsrc notes: -since S/MIME support is the biggest difference in functionality over gnupg1, enable it per default -- my tests (with the s/mime plugin of claws-mail) worked -left the build against a private libassuan with GNU-pth support alone for now, just updated libassuan to 1.0.5. We might build pkgsrc/libassuan against pkgsrc/pth at some point, but this needs to be checked for side effects. (As this pkg doesn't export a library which might propagate the pth dependency, the possibility of pthread-pth conflicts should be limited. Other uses of libassuan need to be checked.)
241 lines
7.2 KiB
Text
241 lines
7.2 KiB
Text
$NetBSD: patch-ah,v 1.5 2009/12/15 20:10:41 drochner Exp $
|
|
|
|
--- g10/encr-data.c.orig 2009-06-05 13:58:27.000000000 +0000
|
|
+++ g10/encr-data.c
|
|
@@ -37,35 +37,14 @@ static int mdc_decode_filter ( void *opa
|
|
static int decode_filter ( void *opaque, int control, IOBUF a,
|
|
byte *buf, size_t *ret_len);
|
|
|
|
-typedef struct decode_filter_context_s
|
|
+typedef struct
|
|
{
|
|
gcry_cipher_hd_t cipher_hd;
|
|
gcry_md_hd_t mdc_hash;
|
|
char defer[22];
|
|
int defer_filled;
|
|
int eof_seen;
|
|
- int refcount;
|
|
-} *decode_filter_ctx_t;
|
|
-
|
|
-
|
|
-/* Helper to release the decode context. */
|
|
-static void
|
|
-release_dfx_context (decode_filter_ctx_t dfx)
|
|
-{
|
|
- if (!dfx)
|
|
- return;
|
|
-
|
|
- assert (dfx->refcount);
|
|
- if ( !--dfx->refcount )
|
|
- {
|
|
- gcry_cipher_close (dfx->cipher_hd);
|
|
- dfx->cipher_hd = NULL;
|
|
- gcry_md_close (dfx->mdc_hash);
|
|
- dfx->mdc_hash = NULL;
|
|
- xfree (dfx);
|
|
- }
|
|
-}
|
|
-
|
|
+} decode_filter_ctx_t;
|
|
|
|
|
|
/****************
|
|
@@ -81,11 +60,7 @@ decrypt_data( void *procctx, PKT_encrypt
|
|
unsigned blocksize;
|
|
unsigned nprefix;
|
|
|
|
- dfx = xtrycalloc (1, sizeof *dfx);
|
|
- if (!dfx)
|
|
- return gpg_error_from_syserror ();
|
|
- dfx->refcount = 1;
|
|
-
|
|
+ memset( &dfx, 0, sizeof dfx );
|
|
if ( opt.verbose && !dek->algo_info_printed )
|
|
{
|
|
if (!openpgp_cipher_test_algo (dek->algo))
|
|
@@ -107,13 +82,13 @@ decrypt_data( void *procctx, PKT_encrypt
|
|
|
|
if ( ed->mdc_method )
|
|
{
|
|
- if (gcry_md_open (&dfx->mdc_hash, ed->mdc_method, 0 ))
|
|
+ if (gcry_md_open (&dfx.mdc_hash, ed->mdc_method, 0 ))
|
|
BUG ();
|
|
if ( DBG_HASHING )
|
|
- gcry_md_start_debug (dfx->mdc_hash, "checkmdc");
|
|
+ gcry_md_start_debug (dfx.mdc_hash, "checkmdc");
|
|
}
|
|
|
|
- rc = openpgp_cipher_open (&dfx->cipher_hd, dek->algo,
|
|
+ rc = openpgp_cipher_open (&dfx.cipher_hd, dek->algo,
|
|
GCRY_CIPHER_MODE_CFB,
|
|
(GCRY_CIPHER_SECURE
|
|
| ((ed->mdc_method || dek->algo >= 100)?
|
|
@@ -127,7 +102,7 @@ decrypt_data( void *procctx, PKT_encrypt
|
|
|
|
|
|
/* log_hexdump( "thekey", dek->key, dek->keylen );*/
|
|
- rc = gcry_cipher_setkey (dfx->cipher_hd, dek->key, dek->keylen);
|
|
+ rc = gcry_cipher_setkey (dfx.cipher_hd, dek->key, dek->keylen);
|
|
if ( gpg_err_code (rc) == GPG_ERR_WEAK_KEY )
|
|
{
|
|
log_info(_("WARNING: message was encrypted with"
|
|
@@ -146,7 +121,7 @@ decrypt_data( void *procctx, PKT_encrypt
|
|
goto leave;
|
|
}
|
|
|
|
- gcry_cipher_setiv (dfx->cipher_hd, NULL, 0);
|
|
+ gcry_cipher_setiv (dfx.cipher_hd, NULL, 0);
|
|
|
|
if ( ed->len )
|
|
{
|
|
@@ -167,8 +142,8 @@ decrypt_data( void *procctx, PKT_encrypt
|
|
temp[i] = c;
|
|
}
|
|
|
|
- gcry_cipher_decrypt (dfx->cipher_hd, temp, nprefix+2, NULL, 0);
|
|
- gcry_cipher_sync (dfx->cipher_hd);
|
|
+ gcry_cipher_decrypt (dfx.cipher_hd, temp, nprefix+2, NULL, 0);
|
|
+ gcry_cipher_sync (dfx.cipher_hd);
|
|
p = temp;
|
|
/* log_hexdump( "prefix", temp, nprefix+2 ); */
|
|
if (dek->symmetric
|
|
@@ -178,18 +153,17 @@ decrypt_data( void *procctx, PKT_encrypt
|
|
goto leave;
|
|
}
|
|
|
|
- if ( dfx->mdc_hash )
|
|
- gcry_md_write (dfx->mdc_hash, temp, nprefix+2);
|
|
-
|
|
- dfx->refcount++;
|
|
+ if ( dfx.mdc_hash )
|
|
+ gcry_md_write (dfx.mdc_hash, temp, nprefix+2);
|
|
+
|
|
if ( ed->mdc_method )
|
|
- iobuf_push_filter ( ed->buf, mdc_decode_filter, dfx );
|
|
+ iobuf_push_filter( ed->buf, mdc_decode_filter, &dfx );
|
|
else
|
|
- iobuf_push_filter ( ed->buf, decode_filter, dfx );
|
|
+ iobuf_push_filter( ed->buf, decode_filter, &dfx );
|
|
|
|
proc_packets ( procctx, ed->buf );
|
|
ed->buf = NULL;
|
|
- if ( ed->mdc_method && dfx->eof_seen == 2 )
|
|
+ if ( ed->mdc_method && dfx.eof_seen == 2 )
|
|
rc = gpg_error (GPG_ERR_INV_PACKET);
|
|
else if ( ed->mdc_method )
|
|
{
|
|
@@ -208,28 +182,26 @@ decrypt_data( void *procctx, PKT_encrypt
|
|
bytes are appended. */
|
|
int datalen = gcry_md_get_algo_dlen (ed->mdc_method);
|
|
|
|
- assert (dfx->cipher_hd);
|
|
- assert (dfx->mdc_hash);
|
|
- gcry_cipher_decrypt (dfx->cipher_hd, dfx->defer, 22, NULL, 0);
|
|
- gcry_md_write (dfx->mdc_hash, dfx->defer, 2);
|
|
- gcry_md_final (dfx->mdc_hash);
|
|
+ gcry_cipher_decrypt (dfx.cipher_hd, dfx.defer, 22, NULL, 0);
|
|
+ gcry_md_write (dfx.mdc_hash, dfx.defer, 2);
|
|
+ gcry_md_final (dfx.mdc_hash);
|
|
|
|
- if (dfx->defer[0] != '\xd3' || dfx->defer[1] != '\x14' )
|
|
+ if (dfx.defer[0] != '\xd3' || dfx.defer[1] != '\x14' )
|
|
{
|
|
log_error("mdc_packet with invalid encoding\n");
|
|
rc = gpg_error (GPG_ERR_INV_PACKET);
|
|
}
|
|
else if (datalen != 20
|
|
- || memcmp (gcry_md_read (dfx->mdc_hash, 0),
|
|
- dfx->defer+2,datalen ))
|
|
+ || memcmp (gcry_md_read (dfx.mdc_hash, 0),dfx.defer+2,datalen))
|
|
rc = gpg_error (GPG_ERR_BAD_SIGNATURE);
|
|
- /* log_printhex("MDC message:", dfx->defer, 22); */
|
|
- /* log_printhex("MDC calc:", gcry_md_read (dfx->mdc_hash,0), datalen); */
|
|
+ /* log_printhex("MDC message:", dfx.defer, 22); */
|
|
+ /* log_printhex("MDC calc:", gcry_md_read (dfx.mdc_hash,0), datalen); */
|
|
}
|
|
|
|
|
|
leave:
|
|
- release_dfx_context (dfx);
|
|
+ gcry_cipher_close (dfx.cipher_hd);
|
|
+ gcry_md_close (dfx.mdc_hash);
|
|
return rc;
|
|
}
|
|
|
|
@@ -240,7 +212,7 @@ static int
|
|
mdc_decode_filter (void *opaque, int control, IOBUF a,
|
|
byte *buf, size_t *ret_len)
|
|
{
|
|
- decode_filter_ctx_t dfx = opaque;
|
|
+ decode_filter_ctx_t *dfx = opaque;
|
|
size_t n, size = *ret_len;
|
|
int rc = 0;
|
|
int c;
|
|
@@ -252,11 +224,11 @@ mdc_decode_filter (void *opaque, int con
|
|
}
|
|
else if( control == IOBUFCTRL_UNDERFLOW )
|
|
{
|
|
- assert (a);
|
|
- assert ( size > 44 );
|
|
+ assert(a);
|
|
+ assert( size > 44 );
|
|
|
|
/* Get at least 22 bytes and put it somewhere ahead in the buffer. */
|
|
- for (n=22; n < 44 ; n++ )
|
|
+ for(n=22; n < 44 ; n++ )
|
|
{
|
|
if( (c = iobuf_get(a)) == -1 )
|
|
break;
|
|
@@ -305,10 +277,8 @@ mdc_decode_filter (void *opaque, int con
|
|
|
|
if ( n )
|
|
{
|
|
- if ( dfx->cipher_hd )
|
|
- gcry_cipher_decrypt (dfx->cipher_hd, buf, n, NULL, 0);
|
|
- if ( dfx->mdc_hash )
|
|
- gcry_md_write (dfx->mdc_hash, buf, n);
|
|
+ gcry_cipher_decrypt (dfx->cipher_hd, buf, n, NULL, 0);
|
|
+ gcry_md_write (dfx->mdc_hash, buf, n);
|
|
}
|
|
else
|
|
{
|
|
@@ -317,10 +287,6 @@ mdc_decode_filter (void *opaque, int con
|
|
}
|
|
*ret_len = n;
|
|
}
|
|
- else if ( control == IOBUFCTRL_FREE )
|
|
- {
|
|
- release_dfx_context (dfx);
|
|
- }
|
|
else if ( control == IOBUFCTRL_DESC )
|
|
{
|
|
*(char**)buf = "mdc_decode_filter";
|
|
@@ -332,7 +298,7 @@ mdc_decode_filter (void *opaque, int con
|
|
static int
|
|
decode_filter( void *opaque, int control, IOBUF a, byte *buf, size_t *ret_len)
|
|
{
|
|
- decode_filter_ctx_t fc = opaque;
|
|
+ decode_filter_ctx_t *fc = opaque;
|
|
size_t n, size = *ret_len;
|
|
int rc = 0;
|
|
|
|
@@ -343,18 +309,11 @@ decode_filter( void *opaque, int control
|
|
if ( n == -1 )
|
|
n = 0;
|
|
if ( n )
|
|
- {
|
|
- if (fc->cipher_hd)
|
|
- gcry_cipher_decrypt (fc->cipher_hd, buf, n, NULL, 0);
|
|
- }
|
|
+ gcry_cipher_decrypt (fc->cipher_hd, buf, n, NULL, 0);
|
|
else
|
|
rc = -1; /* EOF */
|
|
*ret_len = n;
|
|
}
|
|
- else if ( control == IOBUFCTRL_FREE )
|
|
- {
|
|
- release_dfx_context (fc);
|
|
- }
|
|
else if ( control == IOBUFCTRL_DESC )
|
|
{
|
|
*(char**)buf = "decode_filter";
|