by Martin von Gagern:
https://code.monotone.ca/p/monotone/issues/182/
============================================================
--- src/database.cc 4c259f963c440fc95564dfec99b2f832f0bad643
+++ src/database.cc 87efeeff2d3263ba98af684a4022f1897434ed2d
@@ -3425,9 +3425,8 @@ database::encrypt_rsa(key_id const & pub
rsa_pub_key pub;
get_key(pub_id, pub);
- SecureVector<Botan::byte> pub_block;
- pub_block.set(reinterpret_cast<Botan::byte const *>(pub().data()),
- pub().size());
+ SecureVector<Botan::byte> pub_block
+ (reinterpret_cast<Botan::byte const *>(pub().data()), pub().size());
shared_ptr<X509_PublicKey> x509_key(Botan::X509::load_key(pub_block));
shared_ptr<RSA_PublicKey> pub_key
@@ -3471,14 +3470,13 @@ database::check_signature(key_id const &
else
{
rsa_pub_key pub;
- SecureVector<Botan::byte> pub_block;
if (!public_key_exists(id))
return cert_unknown;
get_key(id, pub);
- pub_block.set(reinterpret_cast<Botan::byte const *>(pub().data()),
- pub().size());
+ SecureVector<Botan::byte> pub_block
+ (reinterpret_cast<Botan::byte const *>(pub().data()), pub().size());
L(FL("building verifier for %d-byte pub key") % pub_block.size());
shared_ptr<X509_PublicKey> x509_key(Botan::X509::load_key(pub_block));
============================================================
--- src/gzip.cc e7c19bee910e3d421fd073933810ec52092b1d9b
+++ src/gzip.cc bab290412cff6031b2d3bf9d1439a08499d39640
@@ -137,7 +137,7 @@ void Gzip_Compression::start_msg()
/*************************************************
* Compress Input with Gzip *
*************************************************/
-void Gzip_Compression::write(const byte input[], u32bit length)
+void Gzip_Compression::write(const byte input[], filter_length_t length)
{
count += length;
@@ -267,7 +267,7 @@ void Gzip_Decompression::start_msg()
/*************************************************
* Decompress Input with Gzip *
*************************************************/
-void Gzip_Decompression::write(const byte input[], u32bit length)
+void Gzip_Decompression::write(const byte input[], filter_length_t length)
{
if(length) no_writes = false;
@@ -284,8 +284,8 @@ void Gzip_Decompression::write(const byt
// Check the gzip header
if (pos < sizeof(GZIP::GZIP_HEADER))
{
- u32bit len = std::min((u32bit)sizeof(GZIP::GZIP_HEADER)-pos, length);
- u32bit cmplen = len;
+ filter_length_t len = std::min((filter_length_t)sizeof(GZIP::GZIP_HEADER)-pos, length);
+ filter_length_t cmplen = len;
// The last byte is the OS flag - we don't care about that
if (pos + len - 1 >= GZIP::HEADER_POS_OS)
cmplen--;
@@ -346,8 +346,14 @@ u32bit Gzip_Decompression::eat_footer(co
if (footer.size() >= GZIP::FOOTER_LENGTH)
throw Decoding_Error("Gzip_Decompression: Data integrity error in footer");
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
+ size_t eat_len = std::min(GZIP::FOOTER_LENGTH-footer.size(),
+ static_cast<size_t>(length));
+ footer += std::make_pair(input, eat_len);
+#else
u32bit eat_len = std::min(GZIP::FOOTER_LENGTH-footer.size(), length);
footer.append(input, eat_len);
+#endif
if (footer.size() == GZIP::FOOTER_LENGTH)
{
@@ -377,7 +383,12 @@ void Gzip_Decompression::check_footer()
for (int i = 0; i < 4; i++)
buf[3-i] = tmpbuf[i];
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
+ tmpbuf.resize(4);
+ tmpbuf.copy(footer.begin(), 4);
+#else
tmpbuf.set(footer.begin(), 4);
+#endif
if (buf != tmpbuf)
throw Decoding_Error("Gzip_Decompression: Data integrity error - CRC32 error");
@@ -412,7 +423,11 @@ void Gzip_Decompression::clear()
no_writes = true;
inflateReset(&(zlib->stream));
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
+ footer.clear();
+#else
footer.destroy();
+#endif
pos = 0;
datacount = 0;
}
============================================================
--- src/gzip.hh 649dfc0b250954f39c0f73870f8bec3f32f7fa43
+++ src/gzip.hh f462dfc1df71ae1e9a8203606fd29d9e0eda9b2a
@@ -7,6 +7,7 @@
#ifndef BOTAN_EXT_GZIP_H__
#define BOTAN_EXT_GZIP_H__
+#include <botan/version.h>
#include <botan/filter.h>
#include <botan/pipe.h>
@@ -30,13 +31,19 @@ namespace GZIP {
}
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
+ typedef size_t filter_length_t;
+#else
+ typedef u32bit filter_length_t;
+#endif
+
/*************************************************
* Gzip Compression Filter *
*************************************************/
class Gzip_Compression : public Filter
{
public:
- void write(const byte input[], u32bit length);
+ void write(const byte input[], filter_length_t length);
void start_msg();
void end_msg();
std::string name() const { return "Gzip_Compression"; }
@@ -60,7 +67,7 @@ class Gzip_Decompression : public Filter
class Gzip_Decompression : public Filter
{
public:
- void write(const byte input[], u32bit length);
+ void write(const byte input[], filter_length_t length);
void start_msg();
void end_msg();
std::string name() const { return "Gzip_Decompression"; }
============================================================
--- src/key_packet.cc d1306df89dd684badac02c03744cd446381c07d3
+++ src/key_packet.cc c97262d161b23c9640972188979669b3e95afe7b
@@ -106,8 +106,8 @@ namespace
void validate_public_key_data(string const & name, string const & keydata) const
{
string decoded = decode_base64_as<string>(keydata, origin::user);
- Botan::SecureVector<Botan::byte> key_block;
- key_block.set(reinterpret_cast<Botan::byte const *>(decoded.c_str()), decoded.size());
+ Botan::SecureVector<Botan::byte> key_block
+ (reinterpret_cast<Botan::byte const *>(decoded.c_str()), decoded.size());
try
{
Botan::X509::load_key(key_block);
============================================================
--- src/key_store.cc 64c4c4bed1fadc26b51207b9f61343f9dd7d3c6e
+++ src/key_store.cc 1b1f1a989c21ee0dc69c540783ffb1fe4bceabf5
@@ -572,13 +572,19 @@ key_store_state::decrypt_private_key(key
try // with empty passphrase
{
Botan::DataSource_Memory ds(kp.priv());
-#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,7,7)
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
+ pkcs8_key.reset(Botan::PKCS8::load_key(ds, lazy_rng::get(), Dummy_UI()));
+#elif BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,7,7)
pkcs8_key.reset(Botan::PKCS8::load_key(ds, lazy_rng::get(), ""));
#else
pkcs8_key.reset(Botan::PKCS8::load_key(ds, ""));
#endif
}
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
+ catch (Passphrase_Required & e)
+#else
catch (Botan::Exception & e)
+#endif
{
L(FL("failed to load key with no passphrase: %s") % e.what());
@@ -856,9 +862,9 @@ key_store::make_signature(database & db,
{
if (agent.connected()) {
//grab the monotone public key as an RSA_PublicKey
- SecureVector<Botan::byte> pub_block;
- pub_block.set(reinterpret_cast<Botan::byte const *>(key.pub().data()),
- key.pub().size());
+ SecureVector<Botan::byte> pub_block
+ (reinterpret_cast<Botan::byte const *>(key.pub().data()),
+ key.pub().size());
L(FL("make_signature: building %d-byte pub key") % pub_block.size());
shared_ptr<X509_PublicKey> x509_key =
shared_ptr<X509_PublicKey>(Botan::X509::load_key(pub_block));
@@ -1031,8 +1037,14 @@ key_store_state::migrate_old_key_pair
for (;;)
try
{
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
+ arc4_key.resize(phrase().size());
+ arc4_key.copy(reinterpret_cast<Botan::byte const *>(phrase().data()),
+ phrase().size());
+#else
arc4_key.set(reinterpret_cast<Botan::byte const *>(phrase().data()),
phrase().size());
+#endif
Pipe arc4_decryptor(get_cipher("ARC4", arc4_key, Botan::DECRYPTION));
============================================================
--- src/monotone.cc a25ecdd170a601db798b63a60add7681609a34c4
+++ src/monotone.cc 2c5f57762bc687a90f75e732f39d2181fc50bd6d
@@ -170,11 +170,16 @@ cpp_main(int argc, char ** argv)
// versions, including all of the stable branch 1.8.x.
E(linked_botan_version < BOTAN_VERSION_CODE_FOR(1,9,0), origin::system,
F("this monotone binary does not work with Botan 1.9.x"));
-#else
+#elif BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(1,9,11)
E(linked_botan_version > BOTAN_VERSION_CODE_FOR(1,7,22), origin::system,
F("this monotone binary requires Botan 1.7.22 or newer"));
E(linked_botan_version < BOTAN_VERSION_CODE_FOR(1,9,0), origin::system,
F("this monotone binary does not work with Botan 1.9.x"));
+#else
+ E(linked_botan_version > BOTAN_VERSION_CODE_FOR(1,9,11), origin::system,
+ F("this monotone binary requires Botan 1.9.11 or newer"));
+ E(linked_botan_version < BOTAN_VERSION_CODE_FOR(1,11,0), origin::system,
+ F("this monotone binary does not work with Botan 1.11.x"));
#endif
app_state app;
============================================================
--- src/packet.cc f61360ed2524fdf53411bd24d022a2a3c9e6e9c7
+++ src/packet.cc 6f6739c4756933843a2d865dc6790de9013626b7
@@ -156,8 +156,8 @@ namespace
void validate_public_key_data(string const & name, string const & keydata) const
{
string decoded = decode_base64_as<string>(keydata, origin::user);
- Botan::SecureVector<Botan::byte> key_block;
- key_block.set(reinterpret_cast<Botan::byte const *>(decoded.c_str()), decoded.size());
+ Botan::SecureVector<Botan::byte> key_block
+ (reinterpret_cast<Botan::byte const *>(decoded.c_str()), decoded.size());
try
{
Botan::X509::load_key(key_block);
@@ -175,7 +175,9 @@ namespace
Botan::DataSource_Memory ds(decoded);
try
{
-#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,7,7)
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
+ Botan::PKCS8::load_key(ds, lazy_rng::get(), Dummy_UI());
+#elif BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,7,7)
Botan::PKCS8::load_key(ds, lazy_rng::get(), string());
#else
Botan::PKCS8::load_key(ds, string());
@@ -189,7 +191,11 @@ namespace
}
// since we do not want to prompt for a password to decode it finally,
// we ignore all other exceptions
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
+ catch (Passphrase_Required) {}
+#else
catch (Botan::Invalid_Argument) {}
+#endif
}
void validate_certname(string const & cn) const
{
@@ -460,8 +466,14 @@ read_packets(istream & in, packet_consum
return count;
}
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
+std::string Dummy_UI::get_passphrase(const std::string&,
+ const std::string&,
+ Botan::User_Interface::UI_Result&) const {
+ throw Passphrase_Required();
+}
+#endif
-
// Local Variables:
// mode: C++
// fill-column: 76
============================================================
--- src/packet.hh 0a224e6e92f244e2c3e9a5cdb935eb8613d7e85b
+++ src/packet.hh 6c7d90e0bd9abe1e2e97da8ed40808fe438ea34b
@@ -84,8 +84,26 @@ size_t read_packets(std::istream & in, p
size_t read_packets(std::istream & in, packet_consumer & cons);
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
+// work around botan commit 2d09d7d0cd4bd0e7155d001dd65a4f29103b158c
+#include <botan/ui.h>
+class Dummy_UI : public Botan::User_Interface
+{
+public:
+ virtual std::string get_passphrase(const std::string&,
+ const std::string&,
+ Botan::User_Interface::UI_Result&) const;
+};
+class Passphrase_Required : public Botan::Exception {
+public:
+ Passphrase_Required(const std::string& m = "Passphrase required") :
+ Botan::Exception(m)
+ {}
+};
#endif
+#endif
+
// Local Variables:
// mode: C++
// fill-column: 76
============================================================
--- src/sha1.cc 5e1aa972d7c7d66e06320b039989652b830dcd75
+++ src/sha1.cc 42e48b22fd88b25e0d38d4f91e1f13f8a83c7120
@@ -50,9 +50,12 @@ CMD_HIDDEN(benchmark_sha1, "benchmark_sh
Botan::Default_Benchmark_Timer timer;
std::map<std::string, double> results =
Botan::algorithm_benchmark("SHA-1", milliseconds, timer, rng, af);
+#elif BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(1,9,11)
+ std::map<std::string, double> results =
+ Botan::algorithm_benchmark("SHA-1", milliseconds, rng, af);
#else
std::map<std::string, double> results =
- Botan::algorithm_benchmark("SHA-1", milliseconds, rng, af);
+ Botan::algorithm_benchmark("SHA-1", af, rng, milliseconds, 16);
#endif
for(std::map<std::string, double>::const_iterator i = results.begin();
============================================================
--- src/ssh_agent.cc 6d188e7012a0b82f782563b09bbd7adf3f70cf75
+++ src/ssh_agent.cc 4a0dcab873559e934e41c5f220b5434d35600d9b
@@ -385,9 +385,9 @@ ssh_agent::has_key(const keypair & key)
ssh_agent::has_key(const keypair & key)
{
//grab the monotone public key as an RSA_PublicKey
- SecureVector<Botan::byte> pub_block;
- pub_block.set(reinterpret_cast<Botan::byte const *>((key.pub)().data()),
- (key.pub)().size());
+ SecureVector<Botan::byte> pub_block
+ (reinterpret_cast<Botan::byte const *>((key.pub)().data()),
+ (key.pub)().size());
L(FL("has_key: building %d-byte pub key") % pub_block.size());
shared_ptr<X509_PublicKey> x509_key =
shared_ptr<X509_PublicKey>(Botan::X509::load_key(pub_block));
============================================================
--- src/transforms.cc cdfb6854ef4992faba21074145f3c8269b845b11
+++ src/transforms.cc 789e01bbff42020d04d8dba8f6b97588fbe4ca3d
@@ -53,10 +53,10 @@ using Botan::Hash_Filter;
// paradigm "must" be used. this program is intended for source code
// control and I make no bones about it.
-NORETURN(static inline void error_in_transform(Botan::Exception & e));
+NORETURN(static inline void error_in_transform(std::exception & e));
static inline void
-error_in_transform(Botan::Exception & e, origin::type caused_by)
+error_in_transform(std::exception & e, origin::type caused_by)
{
// these classes can all indicate data corruption
if (typeid(e) == typeid(Botan::Encoding_Error)
@@ -107,7 +107,7 @@ error_in_transform(Botan::Exception & e,
pipe->process_msg(in); \
out = pipe->read_all_as_string(Pipe::LAST_MESSAGE); \
} \
- catch (Botan::Exception & e) \
+ catch (std::exception & e) \
{ \
pipe.reset(new Pipe(new T(carg))); \
error_in_transform(e, made_from); \
@@ -173,7 +173,7 @@ template<> string xform<Botan::Hex_Decod
{
throw Botan::Decoding_Error(string("invalid hex character '") + (char)c + "'");
}
- catch(Botan::Exception & e)
+ catch(std::exception & e)
{
error_in_transform(e, made_from);
}
@@ -219,7 +219,7 @@ void pack(T const & in, base64< gzip<T>
tmp = pipe->read_all_as_string(Pipe::LAST_MESSAGE);
out = base64< gzip<T> >(tmp, in.made_from);
}
- catch (Botan::Exception & e)
+ catch (std::exception & e)
{
pipe.reset(new Pipe(new Gzip_Compression,
new Base64_Encoder));
@@ -237,7 +237,7 @@ void unpack(base64< gzip<T> > const & in
pipe->process_msg(in());
out = T(pipe->read_all_as_string(Pipe::LAST_MESSAGE), in.made_from);
}
- catch (Botan::Exception & e)
+ catch (std::exception & e)
{
pipe.reset(new Pipe(new Base64_Decoder,
new Gzip_Decompression));
@@ -264,7 +264,7 @@ calculate_ident(data const & dat,
p->process_msg(dat());
ident = id(p->read_all_as_string(Pipe::LAST_MESSAGE), dat.made_from);
}
- catch (Botan::Exception & e)
+ catch (std::exception & e)
{
p.reset(new Pipe(new Hash_Filter("SHA-160")));
error_in_transform(e, dat.made_from);
|
