[svn] gcry - r1311 - in trunk: . random src
svn author wk
cvs at cvs.gnupg.org
Mon Sep 1 10:18:49 CEST 2008
Author: wk
Date: 2008-09-01 10:18:46 +0200 (Mon, 01 Sep 2008)
New Revision: 1311
Modified:
trunk/ChangeLog
trunk/README
trunk/configure.ac
trunk/random/ChangeLog
trunk/random/random-fips.c
trunk/src/ChangeLog
trunk/src/secmem.c
trunk/src/stdmem.c
trunk/src/versioninfo.rc.in
Log:
Prepare a release candidate
Modified: trunk/ChangeLog
===================================================================
--- trunk/ChangeLog 2008-08-29 15:40:24 UTC (rev 1310)
+++ trunk/ChangeLog 2008-09-01 08:18:46 UTC (rev 1311)
@@ -1,3 +1,9 @@
+2008-09-01 Werner Koch <wk at g10code.com>
+
+ Release 1.4.2rc2.
+
+ * configure.ac: Update svn_revision macro.
+
2008-08-22 Werner Koch <wk at g10code.com>
* configure.ac: Add option --enable-hmac-binary-check.
Modified: trunk/random/ChangeLog
===================================================================
--- trunk/random/ChangeLog 2008-08-29 15:40:24 UTC (rev 1310)
+++ trunk/random/ChangeLog 2008-09-01 08:18:46 UTC (rev 1311)
@@ -1,3 +1,11 @@
+2008-09-01 Werner Koch <wk at g10code.com>
+
+ * random-fips.c (x931_get_dt) [W32]: Do not use getppid.
+ (get_entropy): Prepare for use under Windows.
+ (_gcry_rngfips_selftest): Ditto.
+ (entropy_collect_cb): Make sure that the gatherer never overflows
+ the buffers.
+
2008-08-29 Werner Koch <wk at g10code.com>
* random-fips.c (SEED_TTL): New.
Modified: trunk/src/ChangeLog
===================================================================
--- trunk/src/ChangeLog 2008-08-29 15:40:24 UTC (rev 1310)
+++ trunk/src/ChangeLog 2008-09-01 08:18:46 UTC (rev 1311)
@@ -1,3 +1,7 @@
+2008-09-01 Werner Koch <wk at g10code.com>
+
+ * stdmem.c: Re-indented.
+
2008-08-29 Werner Koch <wk at g10code.com>
* fips.c (_gcry_initialize_fips_mode): Changed /proc file to test
Modified: trunk/README
===================================================================
--- trunk/README 2008-08-29 15:40:24 UTC (rev 1310)
+++ trunk/README 2008-09-01 08:18:46 UTC (rev 1311)
@@ -1,8 +1,7 @@
libgcrypt - The GNU crypto library
------------------------------------
- Version 1.4.2rc1
+ Version 1.4.2rc2
- *** Warning: RELEASE CANDIDATE ***
Copyright 2000, 2002, 2003, 2004, 2007,
2008 Free Software Foundation, Inc.
Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac 2008-08-29 15:40:24 UTC (rev 1310)
+++ trunk/configure.ac 2008-09-01 08:18:46 UTC (rev 1311)
@@ -26,11 +26,11 @@
# Remember to change the version number immediately *after* a release.
# Set my_issvn to "yes" for non-released code. Remember to run an
# "svn up" and "autogen.sh" right before creating a distribution.
-m4_define([my_version], [1.4.2])
-m4_define([my_issvn], [yes])
+m4_define([my_version], [1.4.2rc2])
+m4_define([my_issvn], [no])
-m4_define([svn_revision], m4_esyscmd([echo -n $( (svn info 2>/dev/null \
- || echo 'Revision: 0')|sed -n '/^Revision:/ {s/[^0-9]//gp;q;}')]))
+m4_define([svn_revision], m4_esyscmd([printf "%d" $(svn info 2>/dev/null \
+ | sed -n '/^Revision:/ s/[^0-9]//gp'|head -1)]))
AC_INIT([libgcrypt],
[my_version[]m4_if(my_issvn,[yes],[-svn[]svn_revision])],
[bug-libgcrypt at gnupg.org])
Modified: trunk/random/random-fips.c
===================================================================
--- trunk/random/random-fips.c 2008-08-29 15:40:24 UTC (rev 1310)
+++ trunk/random/random-fips.c 2008-09-01 08:18:46 UTC (rev 1311)
@@ -304,7 +304,9 @@
to an not so easy predictable value to avoid always
starting at 0. Not really needed but it doesn't harm. */
counter1 = (u32)getpid ();
+#ifndef HAVE_W32_SYSTEM
counter0 = (u32)getppid ();
+#endif
}
@@ -513,10 +515,11 @@
gcry_assert (fips_rng_is_locked);
gcry_assert (entropy_collect_buffer);
-
- while (length--)
+
+ /* Note that we need to protect against gatherers returning more
+ than the requested bytes (e.g. rndw32). */
+ while (length-- && entropy_collect_buffer_len < entropy_collect_buffer_size)
{
- gcry_assert (entropy_collect_buffer_len < entropy_collect_buffer_size);
entropy_collect_buffer[entropy_collect_buffer_len++] ^= *p++;
}
}
@@ -528,18 +531,32 @@
static void *
get_entropy (size_t nbytes)
{
-#if USE_RNDLINUX
void *result;
+ int rc;
gcry_assert (!entropy_collect_buffer);
entropy_collect_buffer = gcry_xmalloc_secure (nbytes);
entropy_collect_buffer_size = nbytes;
entropy_collect_buffer_len = 0;
- if (_gcry_rndlinux_gather_random (entropy_collect_cb, 0,
- X931_AES_KEYLEN,
- GCRY_VERY_STRONG_RANDOM) < 0
- || entropy_collect_buffer_len != entropy_collect_buffer_size)
+
+#if USE_RNDLINUX
+ rc = _gcry_rndlinux_gather_random (entropy_collect_cb, 0,
+ X931_AES_KEYLEN,
+ GCRY_VERY_STRONG_RANDOM);
+#elif USE_RNDW32
+ do
{
+ rc = _gcry_rndw32_gather_random (entropy_collect_cb, 0,
+ X931_AES_KEYLEN,
+ GCRY_VERY_STRONG_RANDOM);
+ }
+ while (rc >= 0 && entropy_collect_buffer_len < entropy_collect_buffer_size);
+#else
+ rc = -1;
+#endif
+
+ if (rc < 0 || entropy_collect_buffer_len != entropy_collect_buffer_size)
+ {
gcry_free (entropy_collect_buffer);
entropy_collect_buffer = NULL;
log_fatal ("error getting entropy data\n");
@@ -547,10 +564,6 @@
result = entropy_collect_buffer;
entropy_collect_buffer = NULL;
return result;
-#else
- log_fatal ("/dev/random support is not compiled in\n");
- return NULL; /* NOTREACHED */
-#endif
}
@@ -953,7 +966,7 @@
{
gcry_err_code_t ec;
-#if USE_RNDLINUX
+#if defined(USE_RNDLINUX) || defined(USE_RNDW32)
{
char buffer[8];
@@ -966,8 +979,8 @@
ec = selftest_kat (report);
-#else /*!USE_RNDLINUX*/
- report ("random", 0, "setup", "no support for /dev/random");
+#else /*!(USE_RNDLINUX||USE_RNDW32)*/
+ report ("random", 0, "setup", "no entropy gathering module");
ec = GPG_ERR_SELFTEST_FAILED;
#endif
return gpg_error (ec);
Modified: trunk/src/secmem.c
===================================================================
--- trunk/src/secmem.c 2008-08-29 15:40:24 UTC (rev 1310)
+++ trunk/src/secmem.c 2008-09-01 08:18:46 UTC (rev 1311)
@@ -15,8 +15,7 @@
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
- * License along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ * License along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
#include <config.h>
Modified: trunk/src/stdmem.c
===================================================================
--- trunk/src/stdmem.c 2008-08-29 15:40:24 UTC (rev 1310)
+++ trunk/src/stdmem.c 2008-09-01 08:18:46 UTC (rev 1311)
@@ -1,5 +1,5 @@
/* stdmem.c - private memory allocator
- * Copyright (C) 1998, 2000, 2002, 2005 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 2000, 2002, 2005, 2008 Free Software Foundation, Inc.
*
* This file is part of Libgcrypt.
*
@@ -14,21 +14,20 @@
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
- * License along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ * License along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
/*
* Description of the layered memory management in Libgcrypt:
*
- * [User]
- * |
- * |
- * \ /
- * global.c: [MM entrance points] -----> [user callbacks]
- * | |
- * | |
- * \ / \ /
+ * [User]
+ * |
+ * |
+ * \ /
+ * global.c: [MM entrance points] -----> [user callbacks]
+ * | |
+ * | |
+ * \ / \ /
*
* stdmem.c: [non-secure handlers] [secure handlers]
*
@@ -75,149 +74,162 @@
* here have been used.
*/
void
-_gcry_private_enable_m_guard(void)
+_gcry_private_enable_m_guard (void)
{
- use_m_guard = 1;
+ use_m_guard = 1;
}
-/****************
+
+/*
* Allocate memory of size n.
* Return NULL if we are out of memory.
*/
void *
-_gcry_private_malloc( size_t n)
+_gcry_private_malloc (size_t n)
{
- if(!n)
- return NULL; /* allocating 0 bytes is undefined - better return
- an error */
- if( use_m_guard ) {
- char *p;
-
- if( !(p = malloc( n + EXTRA_ALIGN+5 )) )
- return NULL;
- ((byte*)p)[EXTRA_ALIGN+0] = n;
- ((byte*)p)[EXTRA_ALIGN+1] = n >> 8 ;
- ((byte*)p)[EXTRA_ALIGN+2] = n >> 16 ;
- ((byte*)p)[EXTRA_ALIGN+3] = MAGIC_NOR_BYTE;
- p[4+EXTRA_ALIGN+n] = MAGIC_END_BYTE;
- return p+EXTRA_ALIGN+4;
+ if (!n)
+ return NULL; /* Allocating 0 bytes is undefined - we better return
+ an error to detect such coding errors. */
+ if (use_m_guard)
+ {
+ char *p;
+
+ if ( !(p = malloc (n + EXTRA_ALIGN+5)) )
+ return NULL;
+ ((byte*)p)[EXTRA_ALIGN+0] = n;
+ ((byte*)p)[EXTRA_ALIGN+1] = n >> 8 ;
+ ((byte*)p)[EXTRA_ALIGN+2] = n >> 16 ;
+ ((byte*)p)[EXTRA_ALIGN+3] = MAGIC_NOR_BYTE;
+ p[4+EXTRA_ALIGN+n] = MAGIC_END_BYTE;
+ return p+EXTRA_ALIGN+4;
}
- else {
- return malloc( n );
+ else
+ {
+ return malloc( n );
}
}
-/****************
- * Allocate memory of size n from the secure memory pool.
- * Return NULL if we are out of memory.
+
+/*
+ * Allocate memory of size N from the secure memory pool. Return NULL
+ * if we are out of memory.
*/
void *
-_gcry_private_malloc_secure( size_t n)
+_gcry_private_malloc_secure (size_t n)
{
- if(!n)
- return NULL; /* allocating 0 bytes is undefined - better return
- an error */
- if( use_m_guard ) {
- char *p;
-
- if( !(p = _gcry_secmem_malloc( n +EXTRA_ALIGN+ 5 )) )
- return NULL;
- ((byte*)p)[EXTRA_ALIGN+0] = n;
- ((byte*)p)[EXTRA_ALIGN+1] = n >> 8 ;
- ((byte*)p)[EXTRA_ALIGN+2] = n >> 16 ;
- ((byte*)p)[EXTRA_ALIGN+3] = MAGIC_SEC_BYTE;
- p[4+EXTRA_ALIGN+n] = MAGIC_END_BYTE;
- return p+EXTRA_ALIGN+4;
+ if (!n)
+ return NULL; /* Allocating 0 bytes is undefined - better return an
+ error to detect such coding errors. */
+ if (use_m_guard)
+ {
+ char *p;
+
+ if ( !(p = _gcry_secmem_malloc (n +EXTRA_ALIGN+ 5)) )
+ return NULL;
+ ((byte*)p)[EXTRA_ALIGN+0] = n;
+ ((byte*)p)[EXTRA_ALIGN+1] = n >> 8 ;
+ ((byte*)p)[EXTRA_ALIGN+2] = n >> 16 ;
+ ((byte*)p)[EXTRA_ALIGN+3] = MAGIC_SEC_BYTE;
+ p[4+EXTRA_ALIGN+n] = MAGIC_END_BYTE;
+ return p+EXTRA_ALIGN+4;
}
- else {
- return _gcry_secmem_malloc( n );
+ else
+ {
+ return _gcry_secmem_malloc( n );
}
}
-/****************
+/*
* Realloc and clear the old space
* Return NULL if there is not enough memory.
*/
void *
-_gcry_private_realloc( void *a, size_t n )
+_gcry_private_realloc ( void *a, size_t n )
{
- if( use_m_guard ) {
- unsigned char *p = a;
- char *b;
- size_t len;
-
- if (!a)
- return _gcry_private_malloc(n);
+ if (use_m_guard)
+ {
+ unsigned char *p = a;
+ char *b;
+ size_t len;
+
+ if (!a)
+ return _gcry_private_malloc(n);
- _gcry_private_check_heap(p);
- len = p[-4];
- len |= p[-3] << 8;
- len |= p[-2] << 16;
- if( len >= n ) /* we don't shrink for now */
- return a;
- if( p[-1] == MAGIC_SEC_BYTE )
- b = _gcry_private_malloc_secure(n);
- else
- b = _gcry_private_malloc(n);
- if( !b )
- return NULL;
- memcpy(b, a, len );
- memset(b+len, 0, n-len );
- _gcry_private_free( p );
- return b;
+ _gcry_private_check_heap(p);
+ len = p[-4];
+ len |= p[-3] << 8;
+ len |= p[-2] << 16;
+ if( len >= n ) /* We don't shrink for now. */
+ return a;
+ if (p[-1] == MAGIC_SEC_BYTE)
+ b = _gcry_private_malloc_secure(n);
+ else
+ b = _gcry_private_malloc(n);
+ if (!b)
+ return NULL;
+ memcpy (b, a, len);
+ memset (b+len, 0, n-len);
+ _gcry_private_free (p);
+ return b;
}
- else if( _gcry_private_is_secure(a) ) {
- return _gcry_secmem_realloc( a, n );
+ else if ( _gcry_private_is_secure(a) )
+ {
+ return _gcry_secmem_realloc( a, n );
}
- else {
- return realloc( a, n );
+ else
+ {
+ return realloc( a, n );
}
}
void
-_gcry_private_check_heap( const void *a )
+_gcry_private_check_heap (const void *a)
{
- if( use_m_guard ) {
- const byte *p = a;
- size_t len;
-
- if( !p )
- return;
-
- if( !(p[-1] == MAGIC_NOR_BYTE || p[-1] == MAGIC_SEC_BYTE) )
- _gcry_log_fatal("memory at %p corrupted (underflow=%02x)\n", p, p[-1] );
- len = p[-4];
- len |= p[-3] << 8;
- len |= p[-2] << 16;
- if( p[len] != MAGIC_END_BYTE )
- _gcry_log_fatal("memory at %p corrupted (overflow=%02x)\n", p, p[-1] );
+ if (use_m_guard)
+ {
+ const byte *p = a;
+ size_t len;
+
+ if (!p)
+ return;
+
+ if ( !(p[-1] == MAGIC_NOR_BYTE || p[-1] == MAGIC_SEC_BYTE) )
+ _gcry_log_fatal ("memory at %p corrupted (underflow=%02x)\n", p, p[-1]);
+ len = p[-4];
+ len |= p[-3] << 8;
+ len |= p[-2] << 16;
+ if ( p[len] != MAGIC_END_BYTE )
+ _gcry_log_fatal ("memory at %p corrupted (overflow=%02x)\n", p, p[-1]);
}
}
-/****************
+
+/*
* Free a memory block allocated by this opr the secmem module
*/
void
-_gcry_private_free( void *a )
+_gcry_private_free (void *a)
{
- byte *p = a;
+ byte *p = a;
- if( !p )
- return;
- if( use_m_guard ) {
- _gcry_private_check_heap(p);
- if( _gcry_private_is_secure(a) )
- _gcry_secmem_free(p-EXTRA_ALIGN-4);
- else {
- free(p-EXTRA_ALIGN-4);
+ if (!p)
+ return;
+ if (use_m_guard )
+ {
+ _gcry_private_check_heap(p);
+ if ( _gcry_private_is_secure(a) )
+ _gcry_secmem_free(p-EXTRA_ALIGN-4);
+ else
+ {
+ free(p-EXTRA_ALIGN-4);
}
}
- else if( _gcry_private_is_secure(a) )
- _gcry_secmem_free(p);
- else
- free(p);
+ else if ( _gcry_private_is_secure(a) )
+ _gcry_secmem_free(p);
+ else
+ free(p);
}
Modified: trunk/src/versioninfo.rc.in
===================================================================
--- trunk/src/versioninfo.rc.in 2008-08-29 15:40:24 UTC (rev 1310)
+++ trunk/src/versioninfo.rc.in 2008-09-01 08:18:46 UTC (rev 1311)
@@ -39,7 +39,7 @@
VALUE "FileDescription", "Libgcrypt - The GNU Crypto Library\0"
VALUE "FileVersion", "@LIBGCRYPT_LT_CURRENT at .@LIBGCRYPT_LT_AGE at .@LIBGCRYPT_LT_REVISION at .@BUILD_REVISION@\0"
VALUE "InternalName", "libgcrypt\0"
- VALUE "LegalCopyright", "Copyright © 2007 Free Software Foundation, Inc.\0"
+ VALUE "LegalCopyright", "Copyright © 2008 Free Software Foundation, Inc.\0"
VALUE "LegalTrademarks", "\0"
VALUE "OriginalFilename", "libgcrypt.dll\0"
VALUE "PrivateBuild", "\0"
More information about the Gnupg-commits
mailing list