0,0 → 1,284 |
#! /bin/sh /usr/share/dpatch/dpatch-run |
## 02_smartlink_rpath.dpatch |
## |
## DP: Patch from CVS to make the Nettle module compile with Nettle 2.0 |
|
@DPATCH@ |
|
diff -urad Pike-v7.8.316/src/post_modules/Nettle/acconfig.h pike-cvs/7.8/src/post_modules/Nettle/acconfig.h |
--- Pike-v7.8.316/src/post_modules/Nettle/acconfig.h 2004-02-21 06:07:35.000000000 +0100 |
+++ pike-cvs/7.8/src/post_modules/Nettle/acconfig.h 2009-07-02 18:35:38.000000000 +0200 |
@@ -1 +1,5 @@ |
+/* Define this if your struct yarrow256_ctx has the field seed_file. */ |
+#undef HAVE_STRUCT_YARROW256_CTX_SEED_FILE |
|
+/* Define this if the nettle_crypt_func typedef is a pointer type. */ |
+#undef HAVE_NETTLE_CRYPT_FUNC_IS_POINTER |
diff -urad Pike-v7.8.316/src/post_modules/Nettle/cipher.cmod pike-cvs/7.8/src/post_modules/Nettle/cipher.cmod |
--- Pike-v7.8.316/src/post_modules/Nettle/cipher.cmod 2008-07-31 16:52:27.000000000 +0200 |
+++ pike-cvs/7.8/src/post_modules/Nettle/cipher.cmod 2009-07-02 18:35:38.000000000 +0200 |
@@ -65,6 +65,13 @@ |
/* Force means to use key even if it is weak */ |
int force); |
|
+#ifdef HAVE_NETTLE_CRYPT_FUNC_IS_POINTER |
+typedef nettle_crypt_func crypt_func; |
+#else |
+/* Nettle 2.0 */ |
+typedef nettle_crypt_func *crypt_func; |
+#endif |
+ |
struct pike_cipher |
{ |
const char *name; |
@@ -79,8 +86,8 @@ |
pike_nettle_set_key_func set_encrypt_key; |
pike_nettle_set_key_func set_decrypt_key; |
|
- nettle_crypt_func encrypt; |
- nettle_crypt_func decrypt; |
+ crypt_func encrypt; |
+ crypt_func decrypt; |
}; |
|
#define _PIKE_CIPHER(name, NAME) { \ |
@@ -90,8 +97,8 @@ |
NAME##_KEY_SIZE, \ |
pike_##name##_set_encrypt_key, \ |
pike_##name##_set_decrypt_key, \ |
- (nettle_crypt_func) name##_encrypt, \ |
- (nettle_crypt_func) name##_decrypt, \ |
+ (crypt_func) name##_encrypt, \ |
+ (crypt_func) name##_decrypt, \ |
} |
|
/*! @class CipherInfo |
@@ -175,7 +182,7 @@ |
PIKECLASS CipherState |
{ |
INHERIT CipherInfo; |
- CVAR nettle_crypt_func crypt; |
+ CVAR crypt_func crypt; |
CVAR void *ctx; |
CVAR int key_size; |
|
diff -urad Pike-v7.8.316/src/post_modules/Nettle/configure.in pike-cvs/7.8/src/post_modules/Nettle/configure.in |
--- Pike-v7.8.316/src/post_modules/Nettle/configure.in 2008-07-17 12:53:20.000000000 +0200 |
+++ pike-cvs/7.8/src/post_modules/Nettle/configure.in 2009-07-02 23:27:56.000000000 +0200 |
@@ -54,6 +54,52 @@ |
AC_MSG_RESULT([no]) |
IDEA_OBJ="" |
fi |
+ |
+ # These might have been purged from the Nettle lib to avoid GPL |
+ # contamination. |
+ AC_CHECK_FUNCS(nettle_blowfish_decrypt nettle_serpent_decrypt) |
+ |
+ # This is the recomended interface in Nettle 2.0. |
+ AC_CHECK_FUNCS(nettle_yarrow256_slow_reseed) |
+ |
+ AC_MSG_CHECKING([for struct yarrow256_ctx.seed_file]) |
+ AC_CACHE_VAL(pike_cv_nettle_struct_yarrow256_ctx_seed_file, [ |
+ pike_cv_nettle_struct_yarrow256_ctx_seed_file=no |
+ AC_TRY_COMPILE([ |
+#include <nettle/yarrow.h> |
+ ], [ |
+ struct yarrow256_ctx ctx; |
+ return !sizeof(ctx.seed_file); |
+ ], [ |
+ pike_cv_nettle_struct_yarrow256_ctx_seed_file=yes |
+ ]) |
+ ]) |
+ AC_MSG_RESULT($pike_cv_nettle_struct_yarrow256_ctx_seed_file); |
+ if test "x$pike_cv_nettle_struct_yarrow256_ctx_seed_file" = "xyes"; then |
+ AC_DEFINE(HAVE_STRUCT_YARROW256_CTX_SEED_FILE) |
+ fi |
+ |
+ AC_MSG_CHECKING([whether nettle_crypt_func is a pointer type]) |
+ AC_CACHE_VAL(pike_cv_nettle_crypt_func_is_pointer, [ |
+ pike_cv_nettle_crypt_func_is_pointer=no |
+ AC_TRY_COMPILE([ |
+/* Note: Old Nettles had the nettle_crypt_func typedef directly |
+ * in <nettle/nettle-meta.h> while more modern have it in |
+ * <nettle/nettle-types.h>. Since <nettle/nettle-meta.h> |
+ * pulls in <nettle/nettle-types.h> it should be sufficient. |
+ */ |
+#include <nettle/nettle-meta.h> |
+ ], [ |
+ nettle_crypt_func foo = (nettle_crypt_func)(void *)0; |
+ return (int)foo; |
+ ], [ |
+ pike_cv_nettle_crypt_func_is_pointer=yes |
+ ]) |
+ ]) |
+ AC_MSG_RESULT($pike_cv_nettle_crypt_func_is_pointer); |
+ if test "x$pike_cv_nettle_crypt_func_is_pointer" = "xyes"; then |
+ AC_DEFINE(HAVE_NETTLE_CRYPT_FUNC_IS_POINTER) |
+ fi |
else |
if test "$ac_cv_lib_gmp_mpz_init:$ac_cv_lib_gmp___mpz_init:$ac_cv_lib_gmp___gmpz_init" = "no:no:no"; then |
# No gmp found; enable it if possible. |
@@ -76,10 +122,6 @@ |
]) |
PIKE_FEATURE_NODEP(Nettle) |
fi |
- |
- # These might have been purged from the Nettle lib to avoid GPL |
- # contamination. |
- AC_CHECK_FUNCS(nettle_blowfish_decrypt nettle_serpent_decrypt) |
fi |
|
AC_OUTPUT(Makefile,echo FOO >stamp-h ) |
diff -urad Pike-v7.8.316/src/post_modules/Nettle/nettle.cmod pike-cvs/7.8/src/post_modules/Nettle/nettle.cmod |
--- Pike-v7.8.316/src/post_modules/Nettle/nettle.cmod 2008-06-29 00:57:14.000000000 +0200 |
+++ pike-cvs/7.8/src/post_modules/Nettle/nettle.cmod 2009-07-05 21:41:58.000000000 +0200 |
@@ -46,6 +46,36 @@ |
CVAR struct yarrow256_ctx ctx; |
CVAR struct yarrow_source *sources; |
|
+#ifndef HAVE_STRUCT_YARROW256_CTX_SEED_FILE |
+ /* NOTE: Nettle 2.0 does not have the automatic seed_file maintenance |
+ * that Nettle 1.x had. This stuff is needed since it affected |
+ * the state emitted by random_string(). When Nettle 2.0 is the |
+ * default, consider implementing this via overloading of the |
+ * various seeding functions instead, since it does have a bit |
+ * of overhead. |
+ * |
+ * /grubba 2009-07-05 |
+ */ |
+ PIKEVAR string seed_file flags ID_PRIVATE|ID_STATIC; |
+#endif |
+ |
+ DECLARE_STORAGE; |
+ |
+#ifndef HAVE_STRUCT_YARROW256_CTX_SEED_FILE |
+ static void pike_generate_seed_file(void) |
+ { |
+ struct pike_string *seed_file = |
+ begin_shared_string(YARROW256_SEED_FILE_SIZE); |
+ yarrow256_random(&THIS->ctx, YARROW256_SEED_FILE_SIZE, STR0(seed_file)); |
+ if (THIS->seed_file) { |
+ free_string(THIS->seed_file); |
+ } |
+ THIS->seed_file = end_shared_string(seed_file); |
+ } |
+#else |
+#define pike_generate_seed_file() |
+#endif |
+ |
/*! @decl void create(void|int sources) |
*! The number of entropy sources that will feed entropy to the |
*! random number generator is given as an argument to Yarrow |
@@ -90,10 +120,12 @@ |
optflags OPT_SIDE_EFFECT; |
{ |
if(data->len < YARROW256_SEED_FILE_SIZE) |
- Pike_error( "Seed must be at least 32 characters.\n" ); |
+ Pike_error("Seed must be at least %d characters.\n", |
+ YARROW256_SEED_FILE_SIZE); |
|
NO_WIDE_STRING(data); |
- yarrow256_seed(&THIS->ctx, data->len, (const uint8_t *)data->str); |
+ yarrow256_seed(&THIS->ctx, data->len, STR0(data)); |
+ pike_generate_seed_file(); |
RETURN this_object(); |
} |
|
@@ -109,19 +141,31 @@ |
RETURN YARROW256_SEED_FILE_SIZE; |
} |
|
- /*! @decl string get_seed() |
- *! Returns part of the internal state so that it can |
- *! be saved for later seeding. |
+ /*! @decl string(0..255) get_seed() |
+ *! Returns part of the internal state so that it can |
+ *! be saved for later seeding. |
+ *! |
*! @seealso |
- *! @[seed] |
+ *! @[seed()], @[random_string()] |
*/ |
PIKEFUN string get_seed() |
optflags OPT_EXTERNAL_DEPEND; |
+ rawtype tDeprecated(tFunc(tNone, tStr8)); |
{ |
if( !yarrow256_is_seeded(&THIS->ctx) ) |
Pike_error("Random generator not seeded.\n"); |
- RETURN make_shared_binary_string((const char *)THIS->ctx.seed_file, |
- YARROW256_SEED_FILE_SIZE); |
+ |
+#ifdef HAVE_STRUCT_YARROW256_CTX_SEED_FILE |
+ RETURN make_shared_binary_string(THIS->ctx.seed_file, |
+ YARROW256_SEED_FILE_SIZE); |
+#else |
+ if (THIS->seed_file) { |
+ REF_RETURN THIS->seed_file; |
+ } else { |
+ struct pike_string *s = begin_shared_string(YARROW256_SEED_FILE_SIZE); |
+ RETURN end_shared_string(s); |
+ } |
+#endif /* HAVE_STRUCT_YARROW256_CTX_SEED_FILE */ |
} |
|
/*! @decl int(0..1) is_seeded() |
@@ -144,7 +188,19 @@ |
PIKEFUN void force_reseed() |
optflags OPT_SIDE_EFFECT; |
{ |
+#ifdef HAVE_NETTLE_YARROW256_SLOW_RESEED |
+ /* From change notes for Nettle 2.0: |
+ * |
+ * * Changes to the yarrow256 interface. The function |
+ * yarrow256_force_reseed has been replaced by the two |
+ * functions yarrow256_fast_reseed and yarrow256_slow_reseed, |
+ * which were previously static. |
+ */ |
+ yarrow256_slow_reseed(&THIS->ctx); |
+#else |
yarrow256_force_reseed(&THIS->ctx); |
+#endif |
+ pike_generate_seed_file(); |
} |
|
/*! @decl int(0..1) update(string data, int source, int entropy) |
@@ -156,6 +212,7 @@ |
PIKEFUN int(0..1) update(string data, int source, int entropy) |
optflags OPT_SIDE_EFFECT; |
{ |
+ int ret; |
/* FIXME: Wide strings could actually be supported here */ |
NO_WIDE_STRING(data); |
if( !THIS->sources ) |
@@ -166,8 +223,11 @@ |
Pike_error("Entropy must be positive.\n"); |
if( entropy>(data->len*8) ) |
Pike_error("Impossibly large entropy value.\n"); |
- RETURN yarrow256_update(&THIS->ctx, source, entropy, data->len, |
- (const uint8_t *)data->str); |
+ ret = yarrow256_update(&THIS->ctx, source, entropy, data->len, |
+ (const uint8_t *)data->str); |
+ if (ret) |
+ pike_generate_seed_file(); |
+ RETURN ret; |
} |
|
/*! @decl int(0..) needed_sources() |
diff -urad Pike-v7.8.316/src/post_modules/Nettle/testsuite.in pike-cvs/7.8/src/post_modules/Nettle/testsuite.in |
--- Pike-v7.8.316/src/post_modules/Nettle/testsuite.in 2007-06-18 02:43:51.000000000 +0200 |
+++ pike-cvs/7.8/src/post_modules/Nettle/testsuite.in 2009-08-05 12:01:45.000000000 +0200 |
@@ -193,4 +193,14 @@ |
} |
) |
]]) |
+ |
+cond_resolv( Nettle.Yarrow, [[ |
+ test_any_equal([[ |
+ object y = Nettle.Yarrow()->seed("What happen? Somebody set up us the bomb."); |
+ return ({ y->get_seed(), y->random_string(20), y->get_seed(), y->random_string(20) }); |
+ ]], [[({String.hex2string("73a35b2f896a8061be0ad434a592a43a82b81b9ed6c018f1c5a51300bbc8d53d"), |
+ String.hex2string("7847458e32fb789ff6b6cd6e1c8cc3712ba532a8"), |
+ String.hex2string("73a35b2f896a8061be0ad434a592a43a82b81b9ed6c018f1c5a51300bbc8d53d"), |
+ String.hex2string("49a090656a6d93782e169994f41005a3616d3cd7")})]]) |
+]]) |
END_MARKER |