security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

Reworked the estream memory buffer allocation. 

Committed already posted patches for the v2 card.
This commit is contained in:
Werner Koch 2009-06-29 10:43:57 +00:00
parent 19cb96e5d3
commit d8d1ca6151
8 changed files with 111 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
ChangeLog
View File

@ -1,3 +1,12 @@
2009-06-29 Werner Koch <wk@g10code.com>
* configure.ac: Take care of --without-adns. Suggested by
Arfrever Frehtes Taifersar Arahesis.
2009-06-17 Werner Koch <wk@g10code.com>
Released 2.0.12.
2009-06-05 David Shaw <dshaw@jabberwocky.com>
* configure.ac: Remove Camellia restriction.

1
README.maint
View File

@ -25,6 +25,7 @@ Release process:
* Run "make -C po update-po".
* Write NEWS entries and set the release date in NEWS.
* In configure.ac set "my_issvn" to "no".
* Put a "Released <version>" line into the top level ChangeLog.
* Commit all changes to the SVN.
* Update the SVN then (to sync the release number of all files).
* Run "./autogen.sh --force"

3
common/ChangeLog
View File

@ -1,5 +1,8 @@
2009-06-29 Werner Koch <wk@g10code.com>
* estream.c (BUFFER_ROUND_TO_BLOCK): Remove unused macro.
(es_func_mem_write): Rewrite reallocation part.
* estream.c (es_write_sanitized_utf8_buffer): Typo typo fix.
2009-06-25 Werner Koch <wk@g10code.com>

85
common/estream.c
View File

@ -1,5 +1,5 @@
/* estream.c - Extended Stream I/O Library
* Copyright (C) 2004, 2005, 2006, 2007 g10 Code GmbH
* Copyright (C) 2004, 2005, 2006, 2007, 2009 g10 Code GmbH
*
* This file is part of Libestream.
*
@ -91,12 +91,6 @@ typedef void (*func_free_t) (void *mem);
/* Macros. */
#define BUFFER_ROUND_TO_BLOCK(size, block_size) \
/* Locking. */
#ifdef HAVE_PTH
@ -400,11 +394,11 @@ typedef struct estream_cookie_mem
{
unsigned int modeflags; /* Open flags. */
unsigned char *memory; /* Allocated data buffer. */
size_t memory_size; /* Allocated size of memory. */
size_t memory_limit; /* Maximum allowed allocation size or
0 for no limit. */
size_t memory_size; /* Allocated size of MEMORY. */
size_t memory_limit; /* Caller supplied maximum allowed
allocation size or 0 for no limit. */
size_t offset; /* Current offset in MEMORY. */
size_t data_len; /* Length of data in MEMORY. */
size_t data_len; /* Used length of data in MEMORY. */
size_t block_size; /* Block size. */
struct {
unsigned int grow: 1; /* MEMORY is allowed to grow. */
@ -414,7 +408,11 @@ typedef struct estream_cookie_mem
} *estream_cookie_mem_t;
/* Create function for memory objects. */
/* Create function for memory objects. DATA is either NULL or a user
supplied buffer with the initial conetnt of the memory buffer. If
DATA is NULL, DATA_N and DATA_LEN need to be 0 as well. If DATA is
not NULL, DATA_N gives the allocated size of DATA and DATA_LEN the
used length in DATA. */
static int
es_func_mem_create (void *ES__RESTRICT *ES__RESTRICT cookie,
unsigned char *ES__RESTRICT data, size_t data_n,
@ -427,6 +425,12 @@ es_func_mem_create (void *ES__RESTRICT *ES__RESTRICT cookie,
estream_cookie_mem_t mem_cookie;
int err;
if (!data && (data_n || data_len))
{
errno = EINVAL;
return -1;
}
mem_cookie = mem_alloc (sizeof (*mem_cookie));
if (!mem_cookie)
err = -1;
@ -477,6 +481,7 @@ es_func_mem_write (void *cookie, const void *buffer, size_t size)
{
estream_cookie_mem_t mem_cookie = cookie;
ssize_t ret;
size_t nleft;
if (!size)
return 0; /* A flush is a NOP for memory objects. */
@ -486,38 +491,45 @@ es_func_mem_write (void *cookie, const void *buffer, size_t size)
/* Append to data. */
mem_cookie->offset = mem_cookie->data_len;
}
if (!mem_cookie->flags.grow)
{
/* We are not allowed to grow, thus limit the size to the left
space. FIXME: Does the grow flag and its sematics make sense
at all? */
if (size > mem_cookie->memory_size - mem_cookie->offset)
size = mem_cookie->memory_size - mem_cookie->offset;
}
if (size > (mem_cookie->memory_size - mem_cookie->offset))
assert (mem_cookie->memory_size >= mem_cookie->offset);
nleft = mem_cookie->memory_size - mem_cookie->offset;
/* If we are not allowed to grow limit the size to the left space. */
if (!mem_cookie->flags.grow && size > nleft)
size = nleft;
/* Enlarge the memory buffer if needed. */
if (size > nleft)
{
unsigned char *newbuf;
size_t newsize;
newsize = mem_cookie->memory_size + mem_cookie->block_size;
#warning READ the code and see how it should work
newsize = mem_cookie->offset + size;
if (!mem_cookie->memory_size)
newsize = size; /* Not yet allocated. */
else
newsize = mem_cookie->memory_size + (nleft - size);
if (newsize < mem_cookie->offset)
{
errno = EINVAL;
return -1;
}
newsize += mem_cookie->block_size - 1;
if (newsize < mem_cookie->offset)
/* Round up to the next block length. BLOCK_SIZE should always
be set; we check anyway. */
if (mem_cookie->block_size)
{
errno = EINVAL;
return -1;
newsize += mem_cookie->block_size - 1;
if (newsize < mem_cookie->offset)
{
errno = EINVAL;
return -1;
}
newsize /= mem_cookie->block_size;
newsize *= mem_cookie->block_size;
}
newsize /= mem_cookie->block_size;
newsize *= mem_cookie->block_size;
/* Check for a total limit. */
if (mem_cookie->memory_limit && newsize > mem_cookie->memory_limit)
{
errno = ENOSPC;
@ -530,8 +542,11 @@ es_func_mem_write (void *cookie, const void *buffer, size_t size)
mem_cookie->memory = newbuf;
mem_cookie->memory_size = newsize;
assert (mem_cookie->memory_size >= mem_cookie->offset);
nleft = mem_cookie->memory_size - mem_cookie->offset;
assert (!(size > (mem_cookie->memory_size - mem_cookie->offset)));
assert (size <= nleft);
}
memcpy (mem_cookie->memory + mem_cookie->offset, buffer, size);
@ -579,7 +594,6 @@ es_func_mem_seek (void *cookie, off_t *offset, int whence)
{
errno = ENOSPC;
return -1;
}
newsize = pos_new + mem_cookie->block_size - 1;
@ -590,6 +604,7 @@ es_func_mem_seek (void *cookie, off_t *offset, int whence)
}
newsize /= mem_cookie->block_size;
newsize *= mem_cookie->block_size;
if (mem_cookie->memory_limit && newsize > mem_cookie->memory_limit)
{
errno = ENOSPC;

4
configure.ac
View File

@ -820,11 +820,13 @@ AC_ARG_WITH(adns,
CPPFLAGS="${CPPFLAGS} -I$withval/include"
LDFLAGS="${LDFLAGS} -L$withval/lib"
fi])
AC_CHECK_HEADERS(adns.h,
if test "$with_adns" != "no"; then
AC_CHECK_HEADERS(adns.h,
AC_CHECK_LIB(adns, adns_init,
[have_adns=yes],
[CPPFLAGS=${_cppflags} LDFLAGS=${_ldflags}]),
[CPPFLAGS=${_cppflags} LDFLAGS=${_ldflags}])
fi
if test "$have_adns" = "yes"; then
ADNSLIBS="-ladns"
fi

5
scd/ChangeLog
View File

@ -1,3 +1,8 @@
2009-06-18 Werner Koch <wk@g10code.com>
* app-openpgp.c (verify_chv2): Remove special case for v2 cards.
(get_public_key): Use extended mode.
2009-06-17 Werner Koch <wk@g10code.com>
* iso7816.c (iso7816_get_data): Add arg EXTENDED_MODE. Change all

3
scd/apdu.c
View File

@ -671,6 +671,9 @@ readn (int fd, void *buf, size_t buflen, size_t *nread)
while (nleft > 0)
{
#ifdef USE_GNU_PTH
# ifdef HAVE_W32_SYSTEM
# error Cannot use pth_read here because it expects a system HANDLE.
# endif
n = pth_read (fd, buf, nleft);
#else
n = read (fd, buf, nleft);

72
scd/app-openpgp.c
View File

@ -1118,11 +1118,25 @@ get_public_key (app_t app, int keyno)
if (app->card_version > 0x0100)
{
int exmode, le_value;
/* We may simply read the public key out of these cards. */
if (app->app_local->cardcap.ext_lc_le)
{
exmode = 1; /* Use extended length. */
le_value = app->app_local->extcap.max_rsp_data;
}
else
{
exmode = 0;
le_value = 256; /* Use legacy value. */
}
err = iso7816_read_public_key
(app->slot, 0, (const unsigned char*)(keyno == 0? "\xB6" :
keyno == 1? "\xB8" : "\xA4"), 2,
0,
(app->slot, exmode,
(const unsigned char*)(keyno == 0? "\xB6" :
keyno == 1? "\xB8" : "\xA4"), 2,
le_value,
&buffer, &buflen);
if (err)
{
@ -1579,43 +1593,31 @@ verify_chv2 (app_t app,
char *pinvalue;
if (app->did_chv2)
return 0; /* We already verified CHV2 (PW1 for v2 cards). */
return 0; /* We already verified CHV2. */
if (app->app_local->extcap.is_v2)
{
/* Version two cards don't have a CHV2 anymore. We need to
verify CHV1 (now called PW1) instead. */
rc = verify_a_chv (app, pincb, pincb_arg, 1, 0, &pinvalue);
if (rc)
return rc;
app->did_chv2 = 1;
}
else
{
/* Version 1 cards only. */
rc = verify_a_chv (app, pincb, pincb_arg, 2, 0, &pinvalue);
if (rc)
return rc;
app->did_chv2 = 1;
rc = verify_a_chv (app, pincb, pincb_arg, 2, 0, &pinvalue);
if (rc)
return rc;
app->did_chv2 = 1;
if (!app->did_chv1 && !app->force_chv1 && pinvalue)
if (!app->did_chv1 && !app->force_chv1 && pinvalue)
{
/* For convenience we verify CHV1 here too. We do this only if
the card is not configured to require a verification before
each CHV1 controlled operation (force_chv1) and if we are not
using the keypad (PINVALUE == NULL). */
rc = iso7816_verify (app->slot, 0x81, pinvalue, strlen (pinvalue));
if (gpg_err_code (rc) == GPG_ERR_BAD_PIN)
rc = gpg_error (GPG_ERR_PIN_NOT_SYNCED);
if (rc)
{
/* For convenience we verify CHV1 here too. We do this only
if the card is not configured to require a verification
before each CHV1 controlled operation (force_chv1) and if
we are not using the keypad (PINVALUE == NULL). */
rc = iso7816_verify (app->slot, 0x81, pinvalue, strlen (pinvalue));
if (gpg_err_code (rc) == GPG_ERR_BAD_PIN)
rc = gpg_error (GPG_ERR_PIN_NOT_SYNCED);
if (rc)
{
log_error (_("verify CHV%d failed: %s\n"), 1, gpg_strerror (rc));
flush_cache_after_error (app);
}
else
app->did_chv1 = 1;
log_error (_("verify CHV%d failed: %s\n"), 1, gpg_strerror (rc));
flush_cache_after_error (app);
}
else
app->did_chv1 = 1;
}
xfree (pinvalue);
return rc;