diff --git a/ChangeLog b/ChangeLog index fee14a0d7..4cb8a7e4f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,12 @@ +2009-06-29 Werner Koch + + * configure.ac: Take care of --without-adns. Suggested by + Arfrever Frehtes Taifersar Arahesis. + +2009-06-17 Werner Koch + + Released 2.0.12. + 2009-06-05 David Shaw * configure.ac: Remove Camellia restriction. diff --git a/README.maint b/README.maint index fe1f58c49..045c21ccb 100644 --- a/README.maint +++ b/README.maint @@ -25,6 +25,7 @@ Release process: * Run "make -C po update-po". * Write NEWS entries and set the release date in NEWS. * In configure.ac set "my_issvn" to "no". + * Put a "Released " line into the top level ChangeLog. * Commit all changes to the SVN. * Update the SVN then (to sync the release number of all files). * Run "./autogen.sh --force" diff --git a/common/ChangeLog b/common/ChangeLog index 475301784..bd4be4faf 100644 --- a/common/ChangeLog +++ b/common/ChangeLog @@ -1,5 +1,8 @@ 2009-06-29 Werner Koch + * estream.c (BUFFER_ROUND_TO_BLOCK): Remove unused macro. + (es_func_mem_write): Rewrite reallocation part. + * estream.c (es_write_sanitized_utf8_buffer): Typo typo fix. 2009-06-25 Werner Koch diff --git a/common/estream.c b/common/estream.c index 1b9617fe5..c26df6323 100644 --- a/common/estream.c +++ b/common/estream.c @@ -1,5 +1,5 @@ /* estream.c - Extended Stream I/O Library - * Copyright (C) 2004, 2005, 2006, 2007 g10 Code GmbH + * Copyright (C) 2004, 2005, 2006, 2007, 2009 g10 Code GmbH * * This file is part of Libestream. * @@ -91,12 +91,6 @@ typedef void (*func_free_t) (void *mem); -/* Macros. */ - -#define BUFFER_ROUND_TO_BLOCK(size, block_size) \ - - - /* Locking. */ #ifdef HAVE_PTH @@ -400,11 +394,11 @@ typedef struct estream_cookie_mem { unsigned int modeflags; /* Open flags. */ unsigned char *memory; /* Allocated data buffer. */ - size_t memory_size; /* Allocated size of memory. */ - size_t memory_limit; /* Maximum allowed allocation size or - 0 for no limit. */ + size_t memory_size; /* Allocated size of MEMORY. */ + size_t memory_limit; /* Caller supplied maximum allowed + allocation size or 0 for no limit. */ size_t offset; /* Current offset in MEMORY. */ - size_t data_len; /* Length of data in MEMORY. */ + size_t data_len; /* Used length of data in MEMORY. */ size_t block_size; /* Block size. */ struct { unsigned int grow: 1; /* MEMORY is allowed to grow. */ @@ -414,7 +408,11 @@ typedef struct estream_cookie_mem } *estream_cookie_mem_t; -/* Create function for memory objects. */ +/* Create function for memory objects. DATA is either NULL or a user + supplied buffer with the initial conetnt of the memory buffer. If + DATA is NULL, DATA_N and DATA_LEN need to be 0 as well. If DATA is + not NULL, DATA_N gives the allocated size of DATA and DATA_LEN the + used length in DATA. */ static int es_func_mem_create (void *ES__RESTRICT *ES__RESTRICT cookie, unsigned char *ES__RESTRICT data, size_t data_n, @@ -427,6 +425,12 @@ es_func_mem_create (void *ES__RESTRICT *ES__RESTRICT cookie, estream_cookie_mem_t mem_cookie; int err; + if (!data && (data_n || data_len)) + { + errno = EINVAL; + return -1; + } + mem_cookie = mem_alloc (sizeof (*mem_cookie)); if (!mem_cookie) err = -1; @@ -477,6 +481,7 @@ es_func_mem_write (void *cookie, const void *buffer, size_t size) { estream_cookie_mem_t mem_cookie = cookie; ssize_t ret; + size_t nleft; if (!size) return 0; /* A flush is a NOP for memory objects. */ @@ -486,38 +491,45 @@ es_func_mem_write (void *cookie, const void *buffer, size_t size) /* Append to data. */ mem_cookie->offset = mem_cookie->data_len; } - - if (!mem_cookie->flags.grow) - { - /* We are not allowed to grow, thus limit the size to the left - space. FIXME: Does the grow flag and its sematics make sense - at all? */ - if (size > mem_cookie->memory_size - mem_cookie->offset) - size = mem_cookie->memory_size - mem_cookie->offset; - } - if (size > (mem_cookie->memory_size - mem_cookie->offset)) + assert (mem_cookie->memory_size >= mem_cookie->offset); + nleft = mem_cookie->memory_size - mem_cookie->offset; + + /* If we are not allowed to grow limit the size to the left space. */ + if (!mem_cookie->flags.grow && size > nleft) + size = nleft; + + /* Enlarge the memory buffer if needed. */ + if (size > nleft) { unsigned char *newbuf; size_t newsize; - - newsize = mem_cookie->memory_size + mem_cookie->block_size; -#warning READ the code and see how it should work - newsize = mem_cookie->offset + size; + + if (!mem_cookie->memory_size) + newsize = size; /* Not yet allocated. */ + else + newsize = mem_cookie->memory_size + (nleft - size); if (newsize < mem_cookie->offset) { errno = EINVAL; return -1; } - newsize += mem_cookie->block_size - 1; - if (newsize < mem_cookie->offset) + + /* Round up to the next block length. BLOCK_SIZE should always + be set; we check anyway. */ + if (mem_cookie->block_size) { - errno = EINVAL; - return -1; + newsize += mem_cookie->block_size - 1; + if (newsize < mem_cookie->offset) + { + errno = EINVAL; + return -1; + } + newsize /= mem_cookie->block_size; + newsize *= mem_cookie->block_size; } - newsize /= mem_cookie->block_size; - newsize *= mem_cookie->block_size; - + + /* Check for a total limit. */ if (mem_cookie->memory_limit && newsize > mem_cookie->memory_limit) { errno = ENOSPC; @@ -530,8 +542,11 @@ es_func_mem_write (void *cookie, const void *buffer, size_t size) mem_cookie->memory = newbuf; mem_cookie->memory_size = newsize; + + assert (mem_cookie->memory_size >= mem_cookie->offset); + nleft = mem_cookie->memory_size - mem_cookie->offset; - assert (!(size > (mem_cookie->memory_size - mem_cookie->offset))); + assert (size <= nleft); } memcpy (mem_cookie->memory + mem_cookie->offset, buffer, size); @@ -579,7 +594,6 @@ es_func_mem_seek (void *cookie, off_t *offset, int whence) { errno = ENOSPC; return -1; - } newsize = pos_new + mem_cookie->block_size - 1; @@ -590,6 +604,7 @@ es_func_mem_seek (void *cookie, off_t *offset, int whence) } newsize /= mem_cookie->block_size; newsize *= mem_cookie->block_size; + if (mem_cookie->memory_limit && newsize > mem_cookie->memory_limit) { errno = ENOSPC; diff --git a/configure.ac b/configure.ac index 7c6037c2c..bc7ba2095 100644 --- a/configure.ac +++ b/configure.ac @@ -820,11 +820,13 @@ AC_ARG_WITH(adns, CPPFLAGS="${CPPFLAGS} -I$withval/include" LDFLAGS="${LDFLAGS} -L$withval/lib" fi]) -AC_CHECK_HEADERS(adns.h, +if test "$with_adns" != "no"; then + AC_CHECK_HEADERS(adns.h, AC_CHECK_LIB(adns, adns_init, [have_adns=yes], [CPPFLAGS=${_cppflags} LDFLAGS=${_ldflags}]), [CPPFLAGS=${_cppflags} LDFLAGS=${_ldflags}]) +fi if test "$have_adns" = "yes"; then ADNSLIBS="-ladns" fi diff --git a/scd/ChangeLog b/scd/ChangeLog index b7dfda603..105b92583 100644 --- a/scd/ChangeLog +++ b/scd/ChangeLog @@ -1,3 +1,8 @@ +2009-06-18 Werner Koch + + * app-openpgp.c (verify_chv2): Remove special case for v2 cards. + (get_public_key): Use extended mode. + 2009-06-17 Werner Koch * iso7816.c (iso7816_get_data): Add arg EXTENDED_MODE. Change all diff --git a/scd/apdu.c b/scd/apdu.c index c9fe43b2f..156c37eb8 100644 --- a/scd/apdu.c +++ b/scd/apdu.c @@ -671,6 +671,9 @@ readn (int fd, void *buf, size_t buflen, size_t *nread) while (nleft > 0) { #ifdef USE_GNU_PTH +# ifdef HAVE_W32_SYSTEM +# error Cannot use pth_read here because it expects a system HANDLE. +# endif n = pth_read (fd, buf, nleft); #else n = read (fd, buf, nleft); diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c index f9ada2551..3f97d28cf 100644 --- a/scd/app-openpgp.c +++ b/scd/app-openpgp.c @@ -1118,11 +1118,25 @@ get_public_key (app_t app, int keyno) if (app->card_version > 0x0100) { + int exmode, le_value; + /* We may simply read the public key out of these cards. */ + if (app->app_local->cardcap.ext_lc_le) + { + exmode = 1; /* Use extended length. */ + le_value = app->app_local->extcap.max_rsp_data; + } + else + { + exmode = 0; + le_value = 256; /* Use legacy value. */ + } + err = iso7816_read_public_key - (app->slot, 0, (const unsigned char*)(keyno == 0? "\xB6" : - keyno == 1? "\xB8" : "\xA4"), 2, - 0, + (app->slot, exmode, + (const unsigned char*)(keyno == 0? "\xB6" : + keyno == 1? "\xB8" : "\xA4"), 2, + le_value, &buffer, &buflen); if (err) { @@ -1579,43 +1593,31 @@ verify_chv2 (app_t app, char *pinvalue; if (app->did_chv2) - return 0; /* We already verified CHV2 (PW1 for v2 cards). */ + return 0; /* We already verified CHV2. */ - if (app->app_local->extcap.is_v2) - { - /* Version two cards don't have a CHV2 anymore. We need to - verify CHV1 (now called PW1) instead. */ - rc = verify_a_chv (app, pincb, pincb_arg, 1, 0, &pinvalue); - if (rc) - return rc; - app->did_chv2 = 1; - } - else - { - /* Version 1 cards only. */ - rc = verify_a_chv (app, pincb, pincb_arg, 2, 0, &pinvalue); - if (rc) - return rc; - app->did_chv2 = 1; + rc = verify_a_chv (app, pincb, pincb_arg, 2, 0, &pinvalue); + if (rc) + return rc; + app->did_chv2 = 1; - if (!app->did_chv1 && !app->force_chv1 && pinvalue) + if (!app->did_chv1 && !app->force_chv1 && pinvalue) + { + /* For convenience we verify CHV1 here too. We do this only if + the card is not configured to require a verification before + each CHV1 controlled operation (force_chv1) and if we are not + using the keypad (PINVALUE == NULL). */ + rc = iso7816_verify (app->slot, 0x81, pinvalue, strlen (pinvalue)); + if (gpg_err_code (rc) == GPG_ERR_BAD_PIN) + rc = gpg_error (GPG_ERR_PIN_NOT_SYNCED); + if (rc) { - /* For convenience we verify CHV1 here too. We do this only - if the card is not configured to require a verification - before each CHV1 controlled operation (force_chv1) and if - we are not using the keypad (PINVALUE == NULL). */ - rc = iso7816_verify (app->slot, 0x81, pinvalue, strlen (pinvalue)); - if (gpg_err_code (rc) == GPG_ERR_BAD_PIN) - rc = gpg_error (GPG_ERR_PIN_NOT_SYNCED); - if (rc) - { - log_error (_("verify CHV%d failed: %s\n"), 1, gpg_strerror (rc)); - flush_cache_after_error (app); - } - else - app->did_chv1 = 1; + log_error (_("verify CHV%d failed: %s\n"), 1, gpg_strerror (rc)); + flush_cache_after_error (app); } + else + app->did_chv1 = 1; } + xfree (pinvalue); return rc;