[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_2_11_6-394-g6c5e215
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_2_11_6-394-g6c5e215 |
|
Date: |
Thu, 07 Apr 2011 22:07:15 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=6c5e215e3b7f00bdbcbf26fa47ac45839099d270
The branch, master has been updated
via 6c5e215e3b7f00bdbcbf26fa47ac45839099d270 (commit)
via fb895794b6ea63bc803440db59d23eda7959086f (commit)
via b5028e7963fb39d4ec785804f490d740e03193c1 (commit)
via f783a67348ea424c285a169e34ed65ad35932ed0 (commit)
via 2855740765b99b9b4c4288a13133b30ec84a64c0 (commit)
via 8abdca2c4b57e2eabcfd3e508975ec34d9dd33cd (commit)
via 5c6409196ed1ec61f1e218f7779086699e83d896 (commit)
via 78afba3179df3ea699a2ab98dd3eafce64404877 (commit)
via 93886329b827485e27e046eae2a8b35531b76e6c (commit)
via d829409d4d23e975388b7783dc221ba7643d4c45 (commit)
via 4abebddcd6f01958c078080c5e6303fca68349cf (commit)
via e9b678665b6714501f0bd771b311ec300562465e (commit)
via dfeb46a91e7eba6c3582c7ad8104d9cfa03c68a5 (commit)
via 0c0cb963ea97c665239239eb9671a149eb7c34e3 (commit)
via 1ee5ab49bbb14723be3959cd61a2a5082891b53d (commit)
via 9199ce3b583aef36b6cec12767068c0ad3f3105c (commit)
via bc1d7d9e33e0f8d6e6697e4131832f08e7562a74 (commit)
via f623bca3f822eec97a638c1e6bb5626ec72f130e (commit)
via 317ee3971bbcf96a320b05ed4611672350ad78c6 (commit)
via f3e5d6a8117b839f8df073f0dd5aa7f49f1450db (commit)
via 77f764d65f2cf5e9dcc71b5bf06298940c4a0027 (commit)
via 73238bbce08ab0e2d1844262bc78eb2f5d866972 (commit)
via c44731248d8a32f1dddc08086e496f5f874c6bea (commit)
via 4c06446716ba2dc2f1f37cdaf47526113ade806b (commit)
via 076fede74666ece2ee688aff355c30852b4e49b7 (commit)
via efa50b4f4457496bb6ad7c15d9d9945612a72499 (commit)
via 065fd9d64cb790c1c129c776dcdb83f62db374c9 (commit)
via 7c0b2d5685cec15827c47ff38f3e75a56dec846e (commit)
via 440494eab57635f83c7189d0970ea6868fdf769f (commit)
from ef11a5ad23c899f1b739b02aabe983238a9773f2 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 6c5e215e3b7f00bdbcbf26fa47ac45839099d270
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri Apr 8 00:06:03 2011 +0200
removed unneeded variable.
commit fb895794b6ea63bc803440db59d23eda7959086f
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri Apr 8 00:05:26 2011 +0200
Corrected check for an unknown sign algorithm. Patch by LRN.
commit b5028e7963fb39d4ec785804f490d740e03193c1
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri Apr 8 00:02:59 2011 +0200
Do not use %e in strftime. Use %d instead which is identically available in
windows as well.
Based on patch by LRN.
commit f783a67348ea424c285a169e34ed65ad35932ed0
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri Apr 8 00:00:45 2011 +0200
Fixed mismatch in size_t size. Patch by LRN.
commit 2855740765b99b9b4c4288a13133b30ec84a64c0
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Apr 7 23:50:01 2011 +0200
Correctly set errno in win32 using gnutls_transport_set_global_errno().
Based on patch by LRN.
commit 8abdca2c4b57e2eabcfd3e508975ec34d9dd33cd
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Apr 7 23:40:21 2011 +0200
Avoid using gnutls_transport_set_global_errno() and use
gnutls_transport_set_errno() instead.
commit 5c6409196ed1ec61f1e218f7779086699e83d896
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Apr 7 23:35:54 2011 +0200
win32 fixes for set_global_errno(). Suggested by LRN.
commit 78afba3179df3ea699a2ab98dd3eafce64404877
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Apr 7 23:32:39 2011 +0200
Win32 changes for benchmark. Patch by LRN.
commit 93886329b827485e27e046eae2a8b35531b76e6c
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Apr 7 23:18:01 2011 +0200
win32 fixes. Patch by LRN.
commit d829409d4d23e975388b7783dc221ba7643d4c45
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Apr 7 23:16:58 2011 +0200
minor modification in write_emu().
commit 4abebddcd6f01958c078080c5e6303fca68349cf
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Apr 7 01:14:25 2011 +0200
simplified cdk_trim_string() to make it safer to use.
commit e9b678665b6714501f0bd771b311ec300562465e
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Apr 7 00:58:42 2011 +0200
correctly reset params.
commit dfeb46a91e7eba6c3582c7ad8104d9cfa03c68a5
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Apr 7 00:57:36 2011 +0200
use correct pointer size.
commit 0c0cb963ea97c665239239eb9671a149eb7c34e3
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Apr 7 00:54:34 2011 +0200
correctly compare sign algorithm_st.
commit 1ee5ab49bbb14723be3959cd61a2a5082891b53d
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Apr 7 00:48:46 2011 +0200
removed unused code
commit 9199ce3b583aef36b6cec12767068c0ad3f3105c
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Apr 7 00:37:20 2011 +0200
null terminate the armored string
commit bc1d7d9e33e0f8d6e6697e4131832f08e7562a74
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Apr 7 00:31:01 2011 +0200
properly null terminate string.
commit f623bca3f822eec97a638c1e6bb5626ec72f130e
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Apr 7 00:18:01 2011 +0200
check PIN size.
commit 317ee3971bbcf96a320b05ed4611672350ad78c6
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Apr 7 00:16:21 2011 +0200
check salt size.
commit f3e5d6a8117b839f8df073f0dd5aa7f49f1450db
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Apr 7 00:11:44 2011 +0200
more clear bounds checking
commit 77f764d65f2cf5e9dcc71b5bf06298940c4a0027
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Apr 6 00:18:16 2011 +0200
initialize e and d.
commit 73238bbce08ab0e2d1844262bc78eb2f5d866972
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Apr 6 00:16:50 2011 +0200
deinitialize pks variable only when needed.
commit c44731248d8a32f1dddc08086e496f5f874c6bea
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Apr 6 00:12:45 2011 +0200
Initialize verify.
commit 4c06446716ba2dc2f1f37cdaf47526113ade806b
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Apr 6 00:10:37 2011 +0200
initialize session_id_size.
commit 076fede74666ece2ee688aff355c30852b4e49b7
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Apr 6 00:08:30 2011 +0200
removed unneeded function.
commit efa50b4f4457496bb6ad7c15d9d9945612a72499
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Apr 6 00:03:49 2011 +0200
correctly traverse slots
commit 065fd9d64cb790c1c129c776dcdb83f62db374c9
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Apr 5 23:59:06 2011 +0200
avoid using a freed pointer.
commit 7c0b2d5685cec15827c47ff38f3e75a56dec846e
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Apr 5 23:53:40 2011 +0200
Initialize tinfo using the initially available information.
commit 440494eab57635f83c7189d0970ea6868fdf769f
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Apr 5 19:41:48 2011 +0200
corrected debugging info.
-----------------------------------------------------------------------
Summary of changes:
guile/src/core.c | 6 +-
lib/auth_cert.c | 2 +-
lib/gnutls_algorithms.c | 2 +-
lib/gnutls_buffers.c | 5 +-
lib/gnutls_dtls.c | 5 +-
lib/opencdk/Makefile.am | 2 +-
lib/opencdk/armor.c | 12 +-
lib/opencdk/context.h | 4 -
lib/opencdk/literal.c | 8 +-
lib/opencdk/main.c | 16 ---
lib/opencdk/main.h | 6 +-
lib/opencdk/misc.c | 39 +-----
lib/opencdk/opencdk.h | 48 -------
lib/opencdk/read-packet.c | 2 +-
lib/opencdk/verify.c | 319 ---------------------------------------------
lib/openpgp/output.c | 4 +-
lib/openpgp/pgpverify.c | 2 +
lib/pakchois/pakchois.c | 1 +
lib/pkcs11.c | 2 +
lib/pkcs11_write.c | 5 +-
lib/system.c | 4 +-
lib/system_override.c | 24 +++-
lib/x509/crl.c | 4 +-
lib/x509/output.c | 2 +-
lib/x509/privkey.c | 5 +-
lib/x509/privkey_pkcs8.c | 6 +-
lib/x509/x509.c | 4 +-
src/benchmark.c | 65 +++++++++-
src/cli.c | 3 +-
src/common.c | 6 +
src/pkcs11.c | 17 ++-
src/srptool.c | 6 +
tests/anonself.c | 2 +
tests/certuniqueid.c | 2 +-
tests/dhepskself.c | 2 +
tests/eagain-common.h | 14 +-
tests/mini-eagain-dtls.c | 2 +
tests/mini-eagain.c | 2 +
tests/mini.c | 2 +
tests/openpgpself.c | 2 +
tests/pskself.c | 2 +
tests/resume.c | 2 +
tests/rng-fork.c | 10 ++
tests/x509dn.c | 2 +
tests/x509self.c | 2 +
45 files changed, 206 insertions(+), 476 deletions(-)
delete mode 100644 lib/opencdk/verify.c
diff --git a/guile/src/core.c b/guile/src/core.c
index afdbd93..4e0f340 100644
--- a/guile/src/core.c
+++ b/guile/src/core.c
@@ -550,11 +550,15 @@ SCM_DEFINE (scm_gnutls_set_session_priorities_x,
char *c_priorities;
const char *err_pos;
gnutls_session_t c_session;
+ size_t pos;
c_session = scm_to_gnutls_session (session, 1, FUNC_NAME);
c_priorities = scm_to_locale_string (priorities); /* XXX: to_latin1_string */
err = gnutls_priority_set_direct (c_session, c_priorities, &err_pos);
+ if (err == GNUTLS_E_INVALID_REQUEST)
+ pos = err_pos - c_priorities;
+
free (c_priorities);
switch (err)
@@ -563,8 +567,6 @@ SCM_DEFINE (scm_gnutls_set_session_priorities_x,
break;
case GNUTLS_E_INVALID_REQUEST:
{
- size_t pos;
- pos = err_pos - c_priorities;
scm_gnutls_error_with_args (err, FUNC_NAME,
scm_list_1 (scm_from_size_t (pos)));
break;
diff --git a/lib/auth_cert.c b/lib/auth_cert.c
index c08213b..e6b2eee 100644
--- a/lib/auth_cert.c
+++ b/lib/auth_cert.c
@@ -1629,7 +1629,7 @@ _gnutls_proc_cert_client_cert_vrfy (gnutls_session_t
session,
aid.sign_algorithm = pdata[1];
sign_algo = _gnutls_tls_aid_to_sign (&aid);
- if (sign_algo == GNUTLS_PK_UNKNOWN)
+ if (sign_algo == GNUTLS_SIGN_UNKNOWN)
{
gnutls_assert ();
return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM;
diff --git a/lib/gnutls_algorithms.c b/lib/gnutls_algorithms.c
index fff8a12..8f3b687 100644
--- a/lib/gnutls_algorithms.c
+++ b/lib/gnutls_algorithms.c
@@ -2146,7 +2146,7 @@ _gnutls_tls_aid_to_sign (const sign_algorithm_st * aid)
{
gnutls_sign_algorithm_t ret = GNUTLS_SIGN_UNKNOWN;
- if (memcmp(aid, &unknown_tls_aid, sizeof(aid))==0)
+ if (memcmp(aid, &unknown_tls_aid, sizeof(*aid))==0)
return ret;
GNUTLS_SIGN_LOOP (if (p->aid.hash_algorithm == aid->hash_algorithm
diff --git a/lib/gnutls_buffers.c b/lib/gnutls_buffers.c
index 39657a0..d105460 100644
--- a/lib/gnutls_buffers.c
+++ b/lib/gnutls_buffers.c
@@ -319,11 +319,10 @@ _gnutls_read (gnutls_session_t session, mbuffer_st
**bufel,
}
static ssize_t
-_gnutls_writev_emu (gnutls_session_t session, const giovec_t * giovec,
+_gnutls_writev_emu (gnutls_session_t session, gnutls_transport_ptr_t fd, const
giovec_t * giovec,
int giovec_cnt)
{
int ret, j = 0;
- gnutls_transport_ptr_t fd = session->internals.transport_send_ptr;
size_t total = 0;
for (j = 0; j < giovec_cnt; j++)
@@ -352,7 +351,7 @@ _gnutls_writev (gnutls_session_t session, const giovec_t *
giovec,
reset_errno (session);
if (session->internals.push_func != NULL)
- i = _gnutls_writev_emu (session, giovec, giovec_cnt);
+ i = _gnutls_writev_emu (session, fd, giovec, giovec_cnt);
else
i = session->internals.vec_push_func (fd, giovec, giovec_cnt);
diff --git a/lib/gnutls_dtls.c b/lib/gnutls_dtls.c
index 89dc066..0f37484 100644
--- a/lib/gnutls_dtls.c
+++ b/lib/gnutls_dtls.c
@@ -51,11 +51,10 @@ transmit_message (gnutls_session_t session,
if (bufel->type == GNUTLS_CHANGE_CIPHER_SPEC)
{
- _gnutls_dtls_log ("DTLS[%p]: Sending Packet[%u] fragment %s(%d) with "
- "length: %u, offset: %u, fragment length: %u\n",
+ _gnutls_dtls_log ("DTLS[%p]: Sending Packet[%u] fragment %s(%d)\n",
session, bufel->handshake_sequence,
_gnutls_handshake2str (bufel->htype),
- bufel->htype, data_size, offset, frag_len);
+ bufel->htype);
return _gnutls_send_int (session, bufel->type, -1,
bufel->epoch,
diff --git a/lib/opencdk/Makefile.am b/lib/opencdk/Makefile.am
index 16c7707..5728d8b 100644
--- a/lib/opencdk/Makefile.am
+++ b/lib/opencdk/Makefile.am
@@ -35,7 +35,7 @@ endif
noinst_LTLIBRARIES = libminiopencdk.la
libminiopencdk_la_SOURCES = armor.c filters.h keydb.h main.c types.h \
- kbnode.c main.h packet.h dummy.c sig-check.c verify.c hash.c \
+ kbnode.c main.h packet.h dummy.c sig-check.c hash.c \
keydb.c pubkey.c stream.c write-packet.c misc.c seskey.c \
context.h literal.c new-packet.c read-packet.c stream.h opencdk.h
diff --git a/lib/opencdk/armor.c b/lib/opencdk/armor.c
index b731226..2928182 100644
--- a/lib/opencdk/armor.c
+++ b/lib/opencdk/armor.c
@@ -746,7 +746,9 @@ _cdk_filter_armor (void *data, int ctl, FILE * in, FILE *
out)
* @nwritten: actual length of the base64 data
* @type: the base64 file type.
*
- * Encode the given buffer into base64 format.
+ * Encode the given buffer into base64 format. The base64
+ * string will be null terminated but the null will
+ * not be contained in the size.
**/
cdk_error_t
cdk_armor_encode_buffer (const byte * inbuf, size_t inlen,
@@ -772,13 +774,14 @@ cdk_armor_encode_buffer (const byte * inbuf, size_t inlen,
head = armor_begin[type];
tail = armor_end[type];
le = _cdk_armor_get_lineend ();
- pos = strlen (head) + 10 + 2 + 2 + strlen (tail) + 10 + 2 + 5 + 2;
+ pos = strlen (head) + 10 + 2 + 2 + strlen (tail) + 10 + 2 + 5 + 2 + 1;
/* The output data is 4/3 times larger, plus a line end for each line. */
- pos += (4 * inlen / 3) + 2 * (4 * inlen / 3 / 64);
+ pos += (4 * inlen / 3) + 2 * (4 * inlen / 3 / 64) + 1;
if (outbuf && outlen < pos)
{
gnutls_assert ();
+ *nwritten = pos;
return CDK_Too_Short;
}
@@ -832,6 +835,7 @@ cdk_armor_encode_buffer (const byte * inbuf, size_t inlen,
pos += 5;
memcpy (outbuf + pos, le, strlen (le));
pos += strlen (le);
- *nwritten = pos;
+ outbuf[pos] = 0;
+ *nwritten = pos - 1;
return 0;
}
diff --git a/lib/opencdk/context.h b/lib/opencdk/context.h
index 7c32ea7..35ffc97 100644
--- a/lib/opencdk/context.h
+++ b/lib/opencdk/context.h
@@ -77,10 +77,6 @@ struct cdk_ctx_s
} opt;
struct
{
- cdk_verify_result_t verify;
- } result;
- struct
- {
cdk_pkt_seckey_t sk;
unsigned on:1;
} cache;
diff --git a/lib/opencdk/literal.c b/lib/opencdk/literal.c
index 4c8f966..a36921c 100644
--- a/lib/opencdk/literal.c
+++ b/lib/opencdk/literal.c
@@ -262,10 +262,12 @@ text_encode (void *data, FILE * in, FILE * out)
/* FIXME: This code does not work for very long lines. */
while (!feof (in))
{
- s = fgets (buf, DIM (buf) - 1, in);
+ /* give space for trim_string \r\n */
+ s = fgets (buf, DIM (buf) - 3, in);
if (!s)
break;
- _cdk_trim_string (buf, 1);
+ _cdk_trim_string (buf);
+ strcat (buf, "\r\n");
fwrite (buf, 1, strlen (buf), out);
}
@@ -288,7 +290,7 @@ text_decode (void *data, FILE * in, FILE * out)
s = fgets (buf, DIM (buf) - 1, in);
if (!s)
break;
- _cdk_trim_string (buf, 0);
+ _cdk_trim_string (buf);
fwrite (buf, 1, strlen (buf), out);
fwrite (tfx->lf, 1, strlen (tfx->lf), out);
}
diff --git a/lib/opencdk/main.c b/lib/opencdk/main.c
index 1dd0ea2..5478a8b 100644
--- a/lib/opencdk/main.c
+++ b/lib/opencdk/main.c
@@ -318,21 +318,6 @@ cdk_handle_set_passphrase_cb (cdk_ctx_t hd,
hd->passphrase_cb_value = cb_value;
}
-
-/**
- * cdk_handle_verify_get_result:
- * @hd: the session handle
- *
- * Return the verify result for the current session.
- * Do not free the pointer.
- **/
-cdk_verify_result_t
-cdk_handle_verify_get_result (cdk_ctx_t hd)
-{
- return hd->result.verify;
-}
-
-
/**
* cdk_handle_free:
* @hd: the handle
@@ -344,7 +329,6 @@ cdk_handle_free (cdk_ctx_t hd)
{
if (!hd)
return;
- _cdk_result_verify_free (hd->result.verify);
/* If cdk_handle_set_keyring() were used, we need to free the key db
handles here because the handles are not controlled by the user. */
diff --git a/lib/opencdk/main.h b/lib/opencdk/main.h
index b11a3c4..8b785f9 100644
--- a/lib/opencdk/main.h
+++ b/lib/opencdk/main.h
@@ -158,7 +158,7 @@ cdk_error_t _cdk_keydb_check_userid (cdk_keydb_hd_t hd, u32
* keyid,
/*-- sign.c --*/
int _cdk_sig_hash_for (cdk_pkt_pubkey_t pk);
-void _cdk_trim_string (char *s, int canon);
+void _cdk_trim_string (char *s);
cdk_error_t _cdk_sig_create (cdk_pkt_pubkey_t pk, cdk_pkt_signature_t sig);
cdk_error_t _cdk_sig_complete (cdk_pkt_signature_t sig, cdk_pkt_seckey_t sk,
digest_hd_st * hd);
@@ -179,10 +179,6 @@ int _cdk_stream_puts (cdk_stream_t s, const char *buf);
cdk_error_t _cdk_stream_fpopen (FILE * fp, unsigned write_mode,
cdk_stream_t * ret_out);
-/*-- verify.c --*/
-void _cdk_result_verify_free (cdk_verify_result_t res);
-cdk_verify_result_t _cdk_result_verify_new (void);
-
/*-- read-packet.c --*/
size_t _cdk_pkt_read_len (FILE * inp, size_t * ret_partial);
diff --git a/lib/opencdk/misc.c b/lib/opencdk/misc.c
index a2608ad..d6a89ae 100644
--- a/lib/opencdk/misc.c
+++ b/lib/opencdk/misc.c
@@ -105,32 +105,6 @@ cdk_strlist_add (cdk_strlist_t * list, const char *string)
return sl;
}
-
-/**
- * cdk_strlist_next:
- * @root: the opaque string list.
- * @r_str: optional argument to store the string data.
- *
- * Return the next string list node from @root. The optional
- * argument @r_str return the data of the current (!) node.
- **/
-cdk_strlist_t
-cdk_strlist_next (cdk_strlist_t root, const char **r_str)
-{
- cdk_strlist_t node;
-
- if (!root)
- return NULL;
-
- if (r_str)
- *r_str = root->d;
- for (node = root->next; node; node = node->next)
- return node;
-
- return NULL;
-}
-
-
const char *
_cdk_memistr (const char *buf, size_t buflen, const char *sub)
{
@@ -172,15 +146,14 @@ _cdk_map_gnutls_error (int err)
/* Remove all trailing white spaces from the string. */
void
-_cdk_trim_string (char *s, int canon)
+_cdk_trim_string (char *s)
{
+int len = strlen(s);
while (s && *s &&
- (s[strlen (s) - 1] == '\t' ||
- s[strlen (s) - 1] == '\r' ||
- s[strlen (s) - 1] == '\n' || s[strlen (s) - 1] == ' '))
- s[strlen (s) - 1] = '\0';
- if (canon)
- strcat (s, "\r\n");
+ (s[len - 1] == '\t' ||
+ s[len - 1] == '\r' ||
+ s[len - 1] == '\n' || s[len - 1] == ' '))
+ s[len - 1] = '\0';
}
diff --git a/lib/opencdk/opencdk.h b/lib/opencdk/opencdk.h
index 6516824..859920a 100644
--- a/lib/opencdk/opencdk.h
+++ b/lib/opencdk/opencdk.h
@@ -625,29 +625,6 @@ extern "C"
/* Set the mode and the digest for the S2K operation. */
#define cdk_handle_set_s2k(a, val1, val2) \
cdk_handle_control ((a), CDK_CTLF_SET, CDK_CTL_S2K, (val1), (val2))
-
-
-/* This context holds all information of the verification process. */
- struct cdk_verify_result_s
- {
- int sig_ver; /* Version of the signature. */
- int sig_status; /* The status (GOOD, BAD) of the signature */
- int sig_flags; /* May contain expired or revoked flags */
- unsigned int keyid[2]; /* The issuer key ID */
- unsigned int created; /* Timestamp when the sig was created. */
- unsigned int expires;
- int pubkey_algo;
- int digest_algo;
- char *user_id; /* NULL or user ID which issued the signature.
*/
- char *policy_url; /* If set, the policy the sig was created
under. */
- size_t sig_len; /* Size of the signature data inbits. */
- unsigned char *sig_data; /* Raw signature data. */
- };
- typedef struct cdk_verify_result_s *cdk_verify_result_t;
-
-/* Return the verify result. Do not free the data. */
- cdk_verify_result_t cdk_handle_verify_get_result (cdk_ctx_t hd);
-
/* Raw packet routines. */
/* Allocate a new packet or a new packet with the given packet type. */
@@ -1032,30 +1009,6 @@ extern "C"
unsigned char **outbuf, size_t * outsize,
int modval);
-/* Sign the stream @INP. Optionally, the output will be encrypted
- if @REMUSR is not NULL and the @ENCRYPTFLAG is set.
- The output will be written to @OUT.
- @LOCUSR contains one ore more pattern for the secret key(s) to use. */
- cdk_error_t cdk_stream_sign (cdk_ctx_t hd, cdk_stream_t inp,
- cdk_stream_t out, cdk_strlist_t locusr,
- cdk_strlist_t remusr, int encryptflag,
- int sigmode);
-
-/* Same as the function above but it works on files. */
- cdk_error_t cdk_file_sign (cdk_ctx_t hd, cdk_strlist_t locusr,
- cdk_strlist_t remusr,
- const char *file, const char *output,
- int sigmode, int encryptflag);
-
- cdk_error_t cdk_stream_verify (cdk_ctx_t hd, cdk_stream_t inp,
- cdk_stream_t data, cdk_stream_t out);
-
-/* Verify the given file @FILE. For a detached signature, @DATA_FILE
- contains the actual file data and @FILE is only the signature.
- If the @OUTPUT is not NULL, the plaintext will be written to this file. */
- cdk_error_t cdk_file_verify (cdk_ctx_t hd, const char *file,
- const char *data_file, const char *output);
-
int cdk_trustdb_get_validity (cdk_stream_t inp, cdk_pkt_userid_t id,
int *r_val);
int cdk_trustdb_get_ownertrust (cdk_stream_t inp, cdk_pubkey_t pk,
@@ -1063,7 +1016,6 @@ extern "C"
void cdk_strlist_free (cdk_strlist_t sl);
cdk_strlist_t cdk_strlist_add (cdk_strlist_t * list, const char *string);
- cdk_strlist_t cdk_strlist_next (cdk_strlist_t root, const char **r_str);
const char *cdk_check_version (const char *req_version);
/* UTF8 */
char *cdk_utf8_encode (const char *string);
diff --git a/lib/opencdk/read-packet.c b/lib/opencdk/read-packet.c
index 313e779..03395b3 100644
--- a/lib/opencdk/read-packet.c
+++ b/lib/opencdk/read-packet.c
@@ -527,7 +527,7 @@ read_attribute (cdk_stream_t inp, size_t pktlen,
cdk_pkt_userid_t attr)
p++;
len--;
- if (pktlen - (len + 1) > 0)
+ if (len >= pktlen)
return CDK_Inv_Packet;
attr->attrib_img = cdk_calloc (1, len);
if (!attr->attrib_img)
diff --git a/lib/opencdk/verify.c b/lib/opencdk/verify.c
deleted file mode 100644
index 397b3ed..0000000
--- a/lib/opencdk/verify.c
+++ /dev/null
@@ -1,319 +0,0 @@
-/* verify.c - Verify signatures
- * Copyright (C) 2001, 2002, 2003, 2007, 2008, 2010 Free Software
- * Foundation, Inc.
- *
- * Author: Timo Schulz
- *
- * This file is part of OpenCDK.
- *
- * The OpenCDK library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
- * USA
- *
- */
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-#include <stdio.h>
-#include <string.h>
-#include <sys/stat.h>
-
-#include "opencdk.h"
-#include "main.h"
-#include "filters.h"
-#include "packet.h"
-
-
-/* Table of all supported digest algorithms and their names. */
-struct
-{
- const char *name;
- int algo;
-} digest_table[] =
-{
- {
- "MD5", GNUTLS_DIG_MD5},
- {
- "SHA1", GNUTLS_DIG_SHA1},
- {
- "RIPEMD160", GNUTLS_DIG_RMD160},
- {
- "SHA256", GNUTLS_DIG_SHA256},
- {
- "SHA384", GNUTLS_DIG_SHA384},
- {
- "SHA512", GNUTLS_DIG_SHA512},
- {
- NULL, 0}
-};
-
-
-static cdk_error_t file_verify_clearsign (cdk_ctx_t, const char *,
- const char *);
-
-
-/**
- * cdk_stream_verify:
- * @hd: session handle
- * @inp: the input stream
- * @data: for detached signatures, this is the data stream @inp is the sig
- * @out: where the output shall be written.
- *
- * Verify a signature in stream.
- */
-cdk_error_t
-cdk_stream_verify (cdk_ctx_t hd, cdk_stream_t inp, cdk_stream_t data,
- cdk_stream_t out)
-{
- /* FIXME: out is not currently used. */
- if (cdk_armor_filter_use (inp))
- cdk_stream_set_armor_flag (inp, 0);
- return _cdk_proc_packets (hd, inp, data, NULL, NULL, NULL);
-}
-
-/**
- * cdk_file_verify:
- * @hd: the session handle
- * @file: the input file
- * @data_file: for detached signature this is the data file and @file is the
sig.
- * @output: the output file
- *
- * Verify a signature.
- **/
-cdk_error_t
-cdk_file_verify (cdk_ctx_t hd, const char *file, const char *data_file,
- const char *output)
-{
- struct stat stbuf;
- cdk_stream_t inp, data;
- char buf[4096];
- int n;
- cdk_error_t rc;
-
- if (!hd || !file)
- return CDK_Inv_Value;
- if (output && !hd->opt.overwrite && !stat (output, &stbuf))
- return CDK_Inv_Mode;
-
- rc = cdk_stream_open (file, &inp);
- if (rc)
- return rc;
- if (cdk_armor_filter_use (inp))
- {
- n = cdk_stream_peek (inp, (byte *) buf, DIM (buf) - 1);
- if (!n || n == -1)
- return CDK_EOF;
- buf[n] = '\0';
- if (strstr (buf, "BEGIN PGP SIGNED MESSAGE"))
- {
- cdk_stream_close (inp);
- return file_verify_clearsign (hd, file, output);
- }
- cdk_stream_set_armor_flag (inp, 0);
- }
-
- if (data_file)
- {
- rc = cdk_stream_open (data_file, &data);
- if (rc)
- {
- cdk_stream_close (inp);
- return rc;
- }
- }
- else
- data = NULL;
-
- rc = _cdk_proc_packets (hd, inp, data, NULL, NULL, NULL);
-
- if (data != NULL)
- cdk_stream_close (data);
- cdk_stream_close (inp);
- return rc;
-}
-
-
-void
-_cdk_result_verify_free (cdk_verify_result_t res)
-{
- if (!res)
- return;
- cdk_free (res->policy_url);
- cdk_free (res->sig_data);
- cdk_free (res);
-}
-
-
-cdk_verify_result_t
-_cdk_result_verify_new (void)
-{
- cdk_verify_result_t res;
-
- res = cdk_calloc (1, sizeof *res);
- if (!res)
- return NULL;
- return res;
-}
-
-
-static cdk_error_t
-file_verify_clearsign (cdk_ctx_t hd, const char *file, const char *output)
-{
- cdk_stream_t inp = NULL, out = NULL, tmp = NULL;
- digest_hd_st md;
- char buf[512], chk[512];
- const char *s;
- int i, is_signed = 0, nbytes;
- int digest_algo = 0;
- int err;
- cdk_error_t rc;
-
- memset(&md, 0, sizeof(md));
-
- if (output)
- {
- rc = cdk_stream_create (output, &out);
- if (rc)
- return rc;
- }
-
- rc = cdk_stream_open (file, &inp);
- if (rc)
- {
- if (output)
- cdk_stream_close (out);
- return rc;
- }
-
- s = "-----BEGIN PGP SIGNED MESSAGE-----";
- while (!cdk_stream_eof (inp))
- {
- nbytes = _cdk_stream_gets (inp, buf, DIM (buf) - 1);
- if (!nbytes || nbytes == -1)
- break;
- if (!strncmp (buf, s, strlen (s)))
- {
- is_signed = 1;
- break;
- }
- }
-
- if (cdk_stream_eof (inp) && !is_signed)
- {
- rc = CDK_Armor_Error;
- goto leave;
- }
-
- while (!cdk_stream_eof (inp))
- {
- nbytes = _cdk_stream_gets (inp, buf, DIM (buf) - 1);
- if (!nbytes || nbytes == -1)
- break;
- if (nbytes == 1) /* Empty line */
- break;
- else if (!strncmp (buf, "Hash: ", 6))
- {
- for (i = 0; digest_table[i].name; i++)
- {
- if (!strcmp (buf + 6, digest_table[i].name))
- {
- digest_algo = digest_table[i].algo;
- break;
- }
- }
- }
- }
-
- if (digest_algo && _gnutls_hash_get_algo_len (digest_algo) <= 0)
- {
- rc = CDK_Inv_Algo;
- goto leave;
- }
-
- if (!digest_algo)
- digest_algo = GNUTLS_DIG_MD5;
-
- err = _gnutls_hash_init (&md, digest_algo);
- if (err < 0)
- {
- gnutls_assert ();
- rc = map_gnutls_error (err);
- goto leave;
- }
-
- s = "-----BEGIN PGP SIGNATURE-----";
- while (!cdk_stream_eof (inp))
- {
- nbytes = _cdk_stream_gets (inp, buf, DIM (buf) - 1);
- if (!nbytes || nbytes == -1)
- break;
- if (!strncmp (buf, s, strlen (s)))
- break;
- else
- {
- cdk_stream_peek (inp, (byte *) chk, DIM (chk) - 1);
- i = strncmp (chk, s, strlen (s));
- if (strlen (buf) == 0 && i == 0)
- continue; /* skip last '\n' */
- _cdk_trim_string (buf, i == 0 ? 0 : 1);
- _gnutls_hash (&md, buf, strlen (buf));
- }
- if (!strncmp (buf, "- ", 2)) /* FIXME: handle it recursive. */
- memmove (buf, buf + 2, nbytes - 2);
- if (out)
- {
- if (strstr (buf, "\r\n"))
- buf[strlen (buf) - 2] = '\0';
- cdk_stream_write (out, buf, strlen (buf));
- _cdk_stream_puts (out, _cdk_armor_get_lineend ());
- }
- }
-
- /* We create a temporary stream object to store the
- signature data in there. */
- rc = cdk_stream_tmp_new (&tmp);
- if (rc)
- goto leave;
-
- s = "-----BEGIN PGP SIGNATURE-----\n";
- _cdk_stream_puts (tmp, s);
- while (!cdk_stream_eof (inp))
- {
- nbytes = _cdk_stream_gets (inp, buf, DIM (buf) - 1);
- if (!nbytes || nbytes == -1)
- break;
- if (nbytes < (int) (DIM (buf) - 3))
- {
- buf[nbytes - 1] = '\n';
- buf[nbytes] = '\0';
- }
- cdk_stream_write (tmp, buf, nbytes);
- }
-
- /* FIXME: This code is not very elegant. */
- cdk_stream_tmp_set_mode (tmp, STREAMCTL_READ);
- cdk_stream_seek (tmp, 0);
- cdk_stream_set_armor_flag (tmp, 0);
- cdk_stream_read (tmp, NULL, 0);
-
- /* the digest handle will be closed there. */
- rc = _cdk_proc_packets (hd, tmp, NULL, NULL, NULL, &md);
-
-leave:
- _gnutls_hash_deinit (&md, NULL);
- cdk_stream_close (out);
- cdk_stream_close (tmp);
- cdk_stream_close (inp);
- return rc;
-}
diff --git a/lib/openpgp/output.c b/lib/openpgp/output.c
index b832253..ab146e5 100644
--- a/lib/openpgp/output.c
+++ b/lib/openpgp/output.c
@@ -187,7 +187,7 @@ print_key_times (gnutls_buffer_st * str,
gnutls_openpgp_crt_t cert, int idx)
if (gmtime_r (&tim, &t) == NULL)
addf (str, "error: gmtime_r (%ld)\n", (unsigned long) tim);
- else if (strftime (s, max, "%a %b %e %H:%M:%S UTC %Y", &t) == 0)
+ else if (strftime (s, max, "%a %b %d %H:%M:%S UTC %Y", &t) == 0)
addf (str, "error: strftime (%ld)\n", (unsigned long) tim);
else
addf (str, _("\t\tCreation: %s\n"), s);
@@ -210,7 +210,7 @@ print_key_times (gnutls_buffer_st * str,
gnutls_openpgp_crt_t cert, int idx)
{
if (gmtime_r (&tim, &t) == NULL)
addf (str, "error: gmtime_r (%ld)\n", (unsigned long) tim);
- else if (strftime (s, max, "%a %b %e %H:%M:%S UTC %Y", &t) == 0)
+ else if (strftime (s, max, "%a %b %d %H:%M:%S UTC %Y", &t) == 0)
addf (str, "error: strftime (%ld)\n", (unsigned long) tim);
else
addf (str, _("\t\tExpiration: %s\n"), s);
diff --git a/lib/openpgp/pgpverify.c b/lib/openpgp/pgpverify.c
index 7e27b7c..4a2ca4e 100644
--- a/lib/openpgp/pgpverify.c
+++ b/lib/openpgp/pgpverify.c
@@ -137,6 +137,8 @@ gnutls_openpgp_crt_verify_self (gnutls_openpgp_crt_t key,
int status;
cdk_error_t rc;
+ *verify = 0;
+
rc = cdk_pk_check_self_sig (key->knode, &status);
if (rc || status != CDK_KEY_VALID)
*verify |= GNUTLS_CERT_INVALID;
diff --git a/lib/pakchois/pakchois.c b/lib/pakchois/pakchois.c
index 0c2a86a..e2ffe0f 100644
--- a/lib/pakchois/pakchois.c
+++ b/lib/pakchois/pakchois.c
@@ -812,6 +812,7 @@ pakchois_close_all_sessions (pakchois_module_t * mod,
ck_slot_id_t slot_id)
{
frv = rv;
}
+ slot = slot->next;
}
return frv;
diff --git a/lib/pkcs11.c b/lib/pkcs11.c
index 3b7bdee..2285ce8 100644
--- a/lib/pkcs11.c
+++ b/lib/pkcs11.c
@@ -2093,6 +2093,8 @@ pkcs11_login (pakchois_session_t * pks, const struct
token_info *info, int so)
char pin[GNUTLS_PKCS11_MAX_PIN_LEN];
unsigned int flags;
+ memcpy(&tinfo, &info->tinfo, sizeof(tinfo));
+
/* If login has been attempted once already, check the token
* status again, the flags might change. */
if (attempt)
diff --git a/lib/pkcs11_write.c b/lib/pkcs11_write.c
index de319f6..8ab3aa3 100644
--- a/lib/pkcs11_write.c
+++ b/lib/pkcs11_write.c
@@ -186,7 +186,7 @@ gnutls_pkcs11_copy_x509_privkey (const char *token_url,
unsigned int key_usage, unsigned int flags)
{
int ret;
- pakchois_session_t *pks;
+ pakchois_session_t *pks = NULL;
struct pkcs11_url_info info;
ck_rv_t rv;
size_t id_size;
@@ -406,7 +406,8 @@ gnutls_pkcs11_copy_x509_privkey (const char *token_url,
ret = 0;
cleanup:
- pakchois_close_session (pks);
+ if (pks != NULL)
+ pakchois_close_session (pks);
return ret;
diff --git a/lib/system.c b/lib/system.c
index f9db0fb..379f5d1 100644
--- a/lib/system.c
+++ b/lib/system.c
@@ -59,6 +59,9 @@ system_errno (gnutls_transport_ptr p)
case WSAEWOULDBLOCK:
ret = EAGAIN;
break;
+ case NO_ERROR:
+ ret = 0;
+ break;
case WSAEINTR:
ret = EINTR;
break;
@@ -145,7 +148,6 @@ static int
gnutls_system_mutex_init (void **priv)
{
CRITICAL_SECTION *lock = malloc (sizeof (CRITICAL_SECTION));
- int ret;
if (lock == NULL)
return GNUTLS_E_MEMORY_ERROR;
diff --git a/lib/system_override.c b/lib/system_override.c
index 3822189..e2a284c 100644
--- a/lib/system_override.c
+++ b/lib/system_override.c
@@ -38,6 +38,9 @@
#include <system.h>
#include <errno.h>
+#ifdef _WIN32
+# include <windows.h>
+#endif
/**
* gnutls_transport_set_errno:
@@ -88,7 +91,24 @@ gnutls_transport_set_errno (gnutls_session_t session, int
err)
void
gnutls_transport_set_global_errno (int err)
{
+#ifdef _WIN32
+ /* Keep this in sync with system_errno */
+ switch (err)
+ {
+ case EAGAIN:
+ SetLastError (WSAEWOULDBLOCK);
+ break;
+ case EINTR:
+ SetLastError (WSAEINTR);
+ break;
+ default:
+ /* We don't care about anything else */
+ SetLastError (NO_ERROR);
+ break;
+ }
+#else
errno = err;
+#endif
}
/**
@@ -133,7 +153,7 @@ gnutls_transport_set_pull_function (gnutls_session_t
session,
**/
void
gnutls_transport_set_pull_timeout_function (gnutls_session_t session,
- gnutls_pull_timeout_func func)
+ gnutls_pull_timeout_func func)
{
session->internals.pull_timeout_func = func;
}
@@ -180,7 +200,7 @@ gnutls_transport_set_push_function (gnutls_session_t
session,
**/
void
gnutls_transport_set_vec_push_function (gnutls_session_t session,
- gnutls_vec_push_func vec_func)
+ gnutls_vec_push_func vec_func)
{
session->internals.push_func = NULL;
session->internals.vec_push_func = vec_func;
diff --git a/lib/x509/crl.c b/lib/x509/crl.c
index 7e9f23c..5408261 100644
--- a/lib/x509/crl.c
+++ b/lib/x509/crl.c
@@ -1053,7 +1053,7 @@ gnutls_x509_crl_list_import2 (gnutls_x509_crl_t ** crls,
unsigned int init = 1024;
int ret;
- *crls = gnutls_malloc(sizeof(gnutls_x509_crl_t*)*init);
+ *crls = gnutls_malloc(sizeof(gnutls_x509_crl_t)*init);
if (*crls == NULL)
{
gnutls_assert();
@@ -1063,7 +1063,7 @@ int ret;
ret = gnutls_x509_crl_list_import(*crls, &init, data, format,
GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED);
if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER)
{
- *crls = gnutls_realloc_fast(*crls, sizeof(gnutls_x509_crl_t*)*init);
+ *crls = gnutls_realloc_fast(*crls, sizeof(gnutls_x509_crl_t)*init);
if (*crls == NULL)
{
gnutls_assert();
diff --git a/lib/x509/output.c b/lib/x509/output.c
index a3e62f2..a49ae95 100644
--- a/lib/x509/output.c
+++ b/lib/x509/output.c
@@ -742,7 +742,7 @@ print_unique_ids (gnutls_buffer_st * str, const
gnutls_x509_crt_t cert)
{
int result;
char buf[256]; /* if its longer, we won't bother to print it
*/
- ssize_t buf_size = 256;
+ size_t buf_size = 256;
result = gnutls_x509_crt_get_issuer_unique_id (cert, buf, &buf_size);
if (result >= 0)
diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c
index 8443e3f..66f3290 100644
--- a/lib/x509/privkey.c
+++ b/lib/x509/privkey.c
@@ -1141,11 +1141,12 @@ _gnutls_asn1_encode_rsa (ASN1_TYPE * c2, bigint_t *
params)
memset (&pk_params, 0, sizeof (pk_params));
memset (&m, 0, sizeof (m));
- memset (&p, 0, sizeof (e));
- memset (&q, 0, sizeof (d));
memset (&p, 0, sizeof (p));
memset (&q, 0, sizeof (q));
+ memset (&p, 0, sizeof (p));
memset (&u, 0, sizeof (u));
+ memset (&e, 0, sizeof (e));
+ memset (&d, 0, sizeof (d));
memset (&exp1, 0, sizeof (exp1));
memset (&exp2, 0, sizeof (exp2));
diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c
index 09e858e..2659eeb 100644
--- a/lib/x509/privkey_pkcs8.c
+++ b/lib/x509/privkey_pkcs8.c
@@ -1256,7 +1256,7 @@ read_pbkdf2_params (ASN1_TYPE pbes2_asn,
ASN1_TYPE pbkdf2_asn = ASN1_TYPE_EMPTY;
char oid[64];
- memset (params, 0, sizeof (params));
+ memset (params, 0, sizeof (*params));
/* Check the key derivation algorithm
*/
@@ -1364,7 +1364,7 @@ read_pkcs12_kdf_params (ASN1_TYPE pbes2_asn, struct
pbkdf2_params *params)
{
int result;
- memset (params, 0, sizeof (params));
+ memset (params, 0, sizeof (*params));
/* read the salt */
params->salt_size = sizeof (params->salt);
@@ -1490,7 +1490,7 @@ read_pbe_enc_params (ASN1_TYPE pbes2_asn,
char oid[64];
const char *eparams;
- memset (params, 0, sizeof (params));
+ memset (params, 0, sizeof (*params));
/* Check the encryption algorithm
*/
diff --git a/lib/x509/x509.c b/lib/x509/x509.c
index 300ee8e..f6d3e90 100644
--- a/lib/x509/x509.c
+++ b/lib/x509/x509.c
@@ -3104,7 +3104,7 @@ gnutls_x509_crt_list_import2 (gnutls_x509_crt_t ** certs,
unsigned int init = 1024;
int ret;
- *certs = gnutls_malloc(sizeof(gnutls_x509_crt_t*)*init);
+ *certs = gnutls_malloc(sizeof(gnutls_x509_crt_t)*init);
if (*certs == NULL)
{
gnutls_assert();
@@ -3114,7 +3114,7 @@ int ret;
ret = gnutls_x509_crt_list_import(*certs, &init, data, format,
GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED);
if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER)
{
- *certs = gnutls_realloc_fast(*certs, sizeof(gnutls_x509_crt_t*)*init);
+ *certs = gnutls_realloc_fast(*certs, sizeof(gnutls_x509_crt_t)*init);
if (*certs == NULL)
{
gnutls_assert();
diff --git a/src/benchmark.c b/src/benchmark.c
index 1bc0dd8..00d572a 100644
--- a/src/benchmark.c
+++ b/src/benchmark.c
@@ -35,11 +35,51 @@ static unsigned char data[64 * 1024];
static int must_finish = 0;
+#if !defined(_WIN32)
static void
alarm_handler (int signo)
{
must_finish = 1;
}
+#else
+#include <windows.h>
+DWORD WINAPI
+alarm_handler (LPVOID lpParameter)
+{
+ HANDLE wtimer = *((HANDLE *) lpParameter);
+ WaitForSingleObject (wtimer, INFINITE);
+ must_finish = 1;
+ return 0;
+}
+
+#define W32_ALARM_VARIABLES HANDLE wtimer = NULL, wthread = NULL; \
+ LARGE_INTEGER alarm_timeout = { 0 , 0 }
+#define W32_ALARM_TRIGGER(timeout, leave) { \
+ wtimer = CreateWaitableTimer (NULL, TRUE, NULL); \
+ if (wtimer == NULL) \
+ { \
+ fprintf (stderr, "error: CreateWaitableTimer %u\n", GetLastError ()); \
+ leave; \
+ } \
+ wthread = CreateThread (NULL, 0, alarm_handler, &wtimer, 0, NULL); \
+ if (wthread == NULL) \
+ { \
+ fprintf (stderr, "error: CreateThread %u\n", GetLastError ()); \
+ leave; \
+ } \
+ alarm_timeout.QuadPart = timeout * 10000000; \
+ if (SetWaitableTimer (wtimer, &alarm_timeout, 0, NULL, NULL, FALSE) == 0) \
+ { \
+ fprintf (stderr, "error: SetWaitableTimer %u\n", GetLastError ()); \
+ leave; \
+ } \
+ }
+#define W32_ALARM_CLEANUP { \
+ if (wtimer != NULL) \
+ CloseHandle (wtimer); \
+ if (wthread != NULL) \
+ CloseHandle (wthread);}
+#endif
static void
tls_log_func (int level, const char *str)
@@ -97,6 +137,9 @@ cipher_mac_bench (int algo, int mac_algo, int size)
int keysize = gnutls_cipher_get_key_size (algo);
char metric[16];
int step = size*1024;
+#if defined(_WIN32)
+ W32_ALARM_VARIABLES;
+#endif
_key = malloc (keysize);
if (_key == NULL)
@@ -119,7 +162,11 @@ cipher_mac_bench (int algo, int mac_algo, int size)
fflush (stdout);
must_finish = 0;
+#if !defined(_WIN32)
alarm (5);
+#else
+ W32_ALARM_TRIGGER(5, goto leave);
+#endif
gettime (&start);
@@ -182,6 +229,9 @@ cipher_bench (int algo, int size, int aead)
int keysize = gnutls_cipher_get_key_size (algo);
char metric[16];
int step = size*1024;
+#if defined(_WIN32)
+ W32_ALARM_VARIABLES;
+#endif
_key = malloc (keysize);
if (_key == NULL)
@@ -241,7 +291,9 @@ cipher_bench (int algo, int size, int aead)
leave:
free (_key);
free (_iv);
-
+#if defined(_WIN32)
+ W32_ALARM_CLEANUP;
+#endif
}
static void
@@ -265,7 +317,11 @@ mac_bench (int algo, int size)
fflush (stdout);
must_finish = 0;
+#if !defined(_WIN32)
alarm (5);
+#else
+ W32_ALARM_TRIGGER(5, goto leave);
+#endif
gettime (&start);
@@ -287,7 +343,10 @@ mac_bench (int algo, int size)
printf ("Hashed %.2f %s in %.2f secs: ", ddata, metric, secs);
printf ("%.2f %s/sec\n", dspeed, metric);
-
+#if defined(_WIN32)
+leave:
+ W32_ALARM_CLEANUP;
+#endif
free (_key);
}
@@ -299,7 +358,9 @@ main (int argc, char **argv)
if (argc > 1)
debug_level = 2;
+#if !defined(_WIN32)
signal (SIGALRM, alarm_handler);
+#endif
gnutls_global_set_log_function (tls_log_func);
gnutls_global_set_log_level (debug_level);
diff --git a/src/cli.c b/src/cli.c
index 5ef6b09..be4907f 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -684,7 +684,7 @@ main (int argc, char **argv)
char *session_data = NULL;
char *session_id = NULL;
size_t session_data_size;
- size_t session_id_size;
+ size_t session_id_size = 0;
fd_set rset;
int maxfd;
struct timeval tv;
@@ -918,6 +918,7 @@ after_handshake:
continue;
}
+ buffer[bytes] = 0;
if (crlf != 0)
{
char *b = strchr (buffer, '\n');
diff --git a/src/common.c b/src/common.c
index 7971c7b..286b956 100644
--- a/src/common.c
+++ b/src/common.c
@@ -748,6 +748,12 @@ pin_callback (void *user, int attempt, const char
*token_url,
{
if (strcmp (cached_url, token_url) == 0)
{
+ if (strlen(pin) >= sizeof(cached_pin))
+ {
+ fprintf (stderr, "Too long PIN given\n");
+ exit (1);
+ }
+
strcpy (pin, cached_pin);
return 0;
}
diff --git a/src/pkcs11.c b/src/pkcs11.c
index 6244637..cab837a 100644
--- a/src/pkcs11.c
+++ b/src/pkcs11.c
@@ -60,10 +60,10 @@ pin_callback (void *user, int attempt, const char
*token_url,
}
}
- password = getpass ("Enter pin: ");
+ password = getpass ("Enter PIN: ");
if (password == NULL || password[0] == 0)
{
- fprintf (stderr, "No password given\n");
+ fprintf (stderr, "No PIN given\n");
exit (1);
}
@@ -72,6 +72,12 @@ pin_callback (void *user, int attempt, const char *token_url,
pin[len] = 0;
/* cache */
+ if (strlen(pin) >= sizeof(cached_pin))
+ {
+ fprintf (stderr, "Too long PIN given\n");
+ exit (1);
+ }
+
strcpy (cached_pin, pin);
free (cached_url);
cached_url = strdup (token_url);
@@ -609,13 +615,16 @@ pkcs11_init (FILE * outfile, const char *url, const char
*label,
pin = getpass ("Enter Security Officer's PIN: ");
if (pin == NULL)
- exit (0);
+ exit (1);
+
+ if (strlen(pin) >= sizeof(so_pin))
+ exit (1);
strcpy (so_pin, pin);
pin = getpass ("Enter new User's PIN: ");
if (pin == NULL)
- exit (0);
+ exit (1);
ret = gnutls_pkcs11_token_init (url, so_pin, label);
if (ret < 0)
diff --git a/src/srptool.c b/src/srptool.c
index 37e2804..614cbec 100644
--- a/src/srptool.c
+++ b/src/srptool.c
@@ -161,6 +161,12 @@ _verify_passwd_int (const char *username, const char
*passwd,
if (salt == NULL || verifier == NULL)
return -1;
+ if (strlen(salt) >= sizeof(_salt))
+ {
+ fprintf (stderr, "Too long salt.\n");
+ return -1;
+ }
+
/* copy salt, and null terminate after the ':' */
strcpy (_salt, salt);
pos = strchr (_salt, ':');
diff --git a/tests/anonself.c b/tests/anonself.c
index 134b88b..2e30f57 100644
--- a/tests/anonself.c
+++ b/tests/anonself.c
@@ -33,8 +33,10 @@
#include <sys/types.h>
#include <netinet/in.h>
#include <sys/socket.h>
+#if !defined(_WIN32)
#include <sys/wait.h>
#include <arpa/inet.h>
+#endif
#include <unistd.h>
#include <gnutls/gnutls.h>
diff --git a/tests/certuniqueid.c b/tests/certuniqueid.c
index 96a363e..cf41751 100644
--- a/tests/certuniqueid.c
+++ b/tests/certuniqueid.c
@@ -145,7 +145,7 @@ doit (void)
};
char buf[17];
- ssize_t buf_size;
+ size_t buf_size;
ret = gnutls_global_init ();
if (ret < 0)
diff --git a/tests/dhepskself.c b/tests/dhepskself.c
index 9319624..9f0540e 100644
--- a/tests/dhepskself.c
+++ b/tests/dhepskself.c
@@ -32,9 +32,11 @@
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
+#if !defined(_WIN32)
#include <sys/wait.h>
#include <netinet/in.h>
#include <arpa/inet.h>
+#endif
#include <unistd.h>
#include <gnutls/gnutls.h>
diff --git a/tests/eagain-common.h b/tests/eagain-common.h
index 0cb76ee..473e236 100644
--- a/tests/eagain-common.h
+++ b/tests/eagain-common.h
@@ -93,22 +93,22 @@ static char to_client[64*1024];
static size_t to_client_len = 0;
#ifdef RANDOMIZE
-#define RETURN_RND_EAGAIN() \
+#define RETURN_RND_EAGAIN(session) \
static unsigned char rnd = 0; \
if (rnd++ % 2 == 0) \
{ \
- gnutls_transport_set_global_errno (EAGAIN); \
+ gnutls_transport_set_errno (session, EAGAIN); \
return -1; \
}
#else
-#define RETURN_RND_EAGAIN()
+#define RETURN_RND_EAGAIN(session)
#endif
static ssize_t
client_push (gnutls_transport_ptr_t tr, const void *data, size_t len)
{
size_t newlen;
- RETURN_RND_EAGAIN();
+ RETURN_RND_EAGAIN(tr);
len = min(len, sizeof(to_server)-to_server_len);
@@ -124,7 +124,7 @@ client_push (gnutls_transport_ptr_t tr, const void *data,
size_t len)
static ssize_t
client_pull (gnutls_transport_ptr_t tr, void *data, size_t len)
{
- RETURN_RND_EAGAIN();
+ RETURN_RND_EAGAIN(tr);
if (to_client_len == 0)
{
@@ -151,7 +151,7 @@ static ssize_t
server_pull (gnutls_transport_ptr_t tr, void *data, size_t len)
{
//success ("server_pull len %d has %d\n", len, to_server_len);
- RETURN_RND_EAGAIN();
+ RETURN_RND_EAGAIN(tr);
if (to_server_len == 0)
{
@@ -178,7 +178,7 @@ static ssize_t
server_push (gnutls_transport_ptr_t tr, const void *data, size_t len)
{
size_t newlen;
- RETURN_RND_EAGAIN();
+ RETURN_RND_EAGAIN(tr);
// hexprint (data, len);
diff --git a/tests/mini-eagain-dtls.c b/tests/mini-eagain-dtls.c
index 9c20837..775fe0e 100644
--- a/tests/mini-eagain-dtls.c
+++ b/tests/mini-eagain-dtls.c
@@ -82,6 +82,7 @@ doit (void)
gnutls_transport_set_push_function (server, server_push);
gnutls_transport_set_pull_function (server, server_pull);
gnutls_transport_set_pull_timeout_function (server,
server_pull_timeout_func);
+ gnutls_transport_set_ptr (server, (gnutls_transport_ptr_t)server);
/* Init client */
gnutls_anon_allocate_client_credentials (&c_anoncred);
@@ -93,6 +94,7 @@ doit (void)
gnutls_transport_set_push_function (client, client_push);
gnutls_transport_set_pull_function (client, client_pull);
gnutls_transport_set_pull_timeout_function (client,
client_pull_timeout_func);
+ gnutls_transport_set_ptr (client, (gnutls_transport_ptr_t)client);
handshake = 1;
HANDSHAKE(client, server);
diff --git a/tests/mini-eagain.c b/tests/mini-eagain.c
index 78314f0..274e158 100644
--- a/tests/mini-eagain.c
+++ b/tests/mini-eagain.c
@@ -82,6 +82,7 @@ doit (void)
gnutls_dh_set_prime_bits (server, 1024);
gnutls_transport_set_push_function (server, server_push);
gnutls_transport_set_pull_function (server, server_pull);
+ gnutls_transport_set_ptr (server, (gnutls_transport_ptr_t)server);
/* Init client */
gnutls_anon_allocate_client_credentials (&c_anoncred);
@@ -92,6 +93,7 @@ doit (void)
gnutls_credentials_set (client, GNUTLS_CRD_ANON, c_anoncred);
gnutls_transport_set_push_function (client, client_push);
gnutls_transport_set_pull_function (client, client_pull);
+ gnutls_transport_set_ptr (client, (gnutls_transport_ptr_t)client);
handshake = 1;
HANDSHAKE(client, server);
diff --git a/tests/mini.c b/tests/mini.c
index c43552a..2955461 100644
--- a/tests/mini.c
+++ b/tests/mini.c
@@ -77,6 +77,7 @@ doit (void)
gnutls_dh_set_prime_bits (server, 1024);
gnutls_transport_set_push_function (server, server_push);
gnutls_transport_set_pull_function (server, server_pull);
+ gnutls_transport_set_ptr (server, (gnutls_transport_ptr_t)server);
/* Init client */
gnutls_anon_allocate_client_credentials (&c_anoncred);
@@ -85,6 +86,7 @@ doit (void)
gnutls_credentials_set (client, GNUTLS_CRD_ANON, c_anoncred);
gnutls_transport_set_push_function (client, client_push);
gnutls_transport_set_pull_function (client, client_pull);
+ gnutls_transport_set_ptr (client, (gnutls_transport_ptr_t)client);
HANDSHAKE(client, server);
diff --git a/tests/openpgpself.c b/tests/openpgpself.c
index 8d2a48f..388385c 100644
--- a/tests/openpgpself.c
+++ b/tests/openpgpself.c
@@ -31,10 +31,12 @@
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
+#if !defined(_WIN32)
#include <netinet/in.h>
#include <sys/socket.h>
#include <sys/wait.h>
#include <arpa/inet.h>
+#endif
#include <unistd.h>
#include <gnutls/gnutls.h>
#include <gnutls/openpgp.h>
diff --git a/tests/pskself.c b/tests/pskself.c
index 09001ff..b04bd19 100644
--- a/tests/pskself.c
+++ b/tests/pskself.c
@@ -30,10 +30,12 @@
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
+#if !defined(_WIN32)
#include <sys/socket.h>
#include <sys/wait.h>
#include <netinet/in.h>
#include <arpa/inet.h>
+#endif
#include <unistd.h>
#include <gnutls/gnutls.h>
diff --git a/tests/resume.c b/tests/resume.c
index f016c9a..6037989 100644
--- a/tests/resume.c
+++ b/tests/resume.c
@@ -31,10 +31,12 @@
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
+#if !defined(_WIN32)
#include <sys/socket.h>
#include <sys/wait.h>
#include <netinet/in.h>
#include <arpa/inet.h>
+#endif
#include <unistd.h>
#include <gnutls/gnutls.h>
diff --git a/tests/rng-fork.c b/tests/rng-fork.c
index 1e4b5e5..c7fc189 100644
--- a/tests/rng-fork.c
+++ b/tests/rng-fork.c
@@ -27,13 +27,16 @@
#include <stdio.h>
#include <unistd.h>
#include <sys/types.h>
+#if !defined(_WIN32)
#include <sys/wait.h>
+#endif
#include "utils.h"
#include <gnutls/gnutls.h>
#include <gnutls/crypto.h>
#include "../lib/random.h"
+#if !defined(_WIN32)
static void dump(const char* name, unsigned char* buf, int buf_size)
{
int i;
@@ -98,3 +101,10 @@ doit (void)
success("success");
}
}
+#else
+void
+doit (void)
+{
+ exit (77);
+}
+#endif
diff --git a/tests/x509dn.c b/tests/x509dn.c
index f151895..cf6cc2b 100644
--- a/tests/x509dn.c
+++ b/tests/x509dn.c
@@ -31,10 +31,12 @@
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
+#if !defined(_WIN32)
#include <netinet/in.h>
#include <sys/socket.h>
#include <sys/wait.h>
#include <arpa/inet.h>
+#endif
#include <unistd.h>
#include <gnutls/gnutls.h>
diff --git a/tests/x509self.c b/tests/x509self.c
index a25b31f..5cc9157 100644
--- a/tests/x509self.c
+++ b/tests/x509self.c
@@ -31,10 +31,12 @@
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
+#if !defined(_WIN32)
#include <netinet/in.h>
#include <sys/socket.h>
#include <sys/wait.h>
#include <arpa/inet.h>
+#endif
#include <unistd.h>
#include <gnutls/gnutls.h>
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_2_11_6-394-g6c5e215,
Nikos Mavrogiannopoulos <=