diff options
author | luis <luis@370017ae-e619-0410-ac65-c121f96126d4> | 2007-02-03 21:18:46 +0000 |
---|---|---|
committer | luis <luis@370017ae-e619-0410-ac65-c121f96126d4> | 2007-02-03 21:18:46 +0000 |
commit | 2078e42ce849b3bc344c2b11c0677e1c68259f34 (patch) | |
tree | d62965c2793491002daded586f21a3413cf997b0 /app/crypt | |
parent | bb5eb05d9a626d87066f0716ad3f7d5893f3c4f0 (diff) | |
download | slackbuilds-2078e42ce849b3bc344c2b11c0677e1c68259f34.tar.gz slackbuilds-2078e42ce849b3bc344c2b11c0677e1c68259f34.tar.bz2 |
Updated $VERSION: gnupg2 (2.0.2), libgcrypt (1.2.4). Also removed patch from gnupg2 directory (now part of 2.0.2).
git-svn-id: svn+slack://slack.fluxo.info/var/svn/slackbuilds@997 370017ae-e619-0410-ac65-c121f96126d4
Diffstat (limited to 'app/crypt')
-rw-r--r-- | app/crypt/gnupg2/filter-context-20-small.diff | 260 | ||||
-rwxr-xr-x | app/crypt/gnupg2/gnupg2.SlackBuild | 4 |
2 files changed, 1 insertions, 263 deletions
diff --git a/app/crypt/gnupg2/filter-context-20-small.diff b/app/crypt/gnupg2/filter-context-20-small.diff deleted file mode 100644 index c7a7f5ce..00000000 --- a/app/crypt/gnupg2/filter-context-20-small.diff +++ /dev/null @@ -1,260 +0,0 @@ -This is a patch against GnuPG 2.0.1. Change the directory to g10/ and -apply this patch. - -2006-12-02 Werner Koch <wk@g10code.com> - - * encr-data.c: Allocate DFX context on the heap and not on the - stack. Changes at several places. Fixes CVE-2006-6235. - - -Index: encr-data.c -=================================================================== ---- encr-data.c (revision 4352) -+++ encr-data.c (working copy) -@@ -39,16 +39,37 @@ - static int decode_filter ( void *opaque, int control, IOBUF a, - byte *buf, size_t *ret_len); - --typedef struct -+typedef struct decode_filter_context_s - { - gcry_cipher_hd_t cipher_hd; - gcry_md_hd_t mdc_hash; - char defer[22]; - int defer_filled; - int eof_seen; --} decode_filter_ctx_t; -+ int refcount; -+} *decode_filter_ctx_t; - - -+/* Helper to release the decode context. */ -+static void -+release_dfx_context (decode_filter_ctx_t dfx) -+{ -+ if (!dfx) -+ return; -+ -+ assert (dfx->refcount); -+ if ( !--dfx->refcount ) -+ { -+ gcry_cipher_close (dfx->cipher_hd); -+ dfx->cipher_hd = NULL; -+ gcry_md_close (dfx->mdc_hash); -+ dfx->mdc_hash = NULL; -+ xfree (dfx); -+ } -+} -+ -+ -+ - /**************** - * Decrypt the data, specified by ED with the key DEK. - */ -@@ -62,7 +83,11 @@ - unsigned blocksize; - unsigned nprefix; - -- memset( &dfx, 0, sizeof dfx ); -+ dfx = xtrycalloc (1, sizeof *dfx); -+ if (!dfx) -+ return gpg_error_from_syserror (); -+ dfx->refcount = 1; -+ - if ( opt.verbose && !dek->algo_info_printed ) - { - const char *s = gcry_cipher_algo_name (dek->algo); -@@ -77,20 +102,20 @@ - goto leave; - blocksize = gcry_cipher_get_algo_blklen (dek->algo); - if ( !blocksize || blocksize > 16 ) -- log_fatal("unsupported blocksize %u\n", blocksize ); -+ log_fatal ("unsupported blocksize %u\n", blocksize ); - nprefix = blocksize; - if ( ed->len && ed->len < (nprefix+2) ) - BUG(); - - if ( ed->mdc_method ) - { -- if (gcry_md_open (&dfx.mdc_hash, ed->mdc_method, 0 )) -+ if (gcry_md_open (&dfx->mdc_hash, ed->mdc_method, 0 )) - BUG (); - if ( DBG_HASHING ) -- gcry_md_start_debug (dfx.mdc_hash, "checkmdc"); -+ gcry_md_start_debug (dfx->mdc_hash, "checkmdc"); - } - -- rc = gcry_cipher_open (&dfx.cipher_hd, dek->algo, -+ rc = gcry_cipher_open (&dfx->cipher_hd, dek->algo, - GCRY_CIPHER_MODE_CFB, - (GCRY_CIPHER_SECURE - | ((ed->mdc_method || dek->algo >= 100)? -@@ -104,7 +129,7 @@ - - - /* log_hexdump( "thekey", dek->key, dek->keylen );*/ -- rc = gcry_cipher_setkey (dfx.cipher_hd, dek->key, dek->keylen); -+ rc = gcry_cipher_setkey (dfx->cipher_hd, dek->key, dek->keylen); - if ( gpg_err_code (rc) == GPG_ERR_WEAK_KEY ) - { - log_info(_("WARNING: message was encrypted with" -@@ -123,7 +148,7 @@ - goto leave; - } - -- gcry_cipher_setiv (dfx.cipher_hd, NULL, 0); -+ gcry_cipher_setiv (dfx->cipher_hd, NULL, 0); - - if ( ed->len ) - { -@@ -144,8 +169,8 @@ - temp[i] = c; - } - -- gcry_cipher_decrypt (dfx.cipher_hd, temp, nprefix+2, NULL, 0); -- gcry_cipher_sync (dfx.cipher_hd); -+ gcry_cipher_decrypt (dfx->cipher_hd, temp, nprefix+2, NULL, 0); -+ gcry_cipher_sync (dfx->cipher_hd); - p = temp; - /* log_hexdump( "prefix", temp, nprefix+2 ); */ - if (dek->symmetric -@@ -155,17 +180,18 @@ - goto leave; - } - -- if ( dfx.mdc_hash ) -- gcry_md_write (dfx.mdc_hash, temp, nprefix+2); -- -+ if ( dfx->mdc_hash ) -+ gcry_md_write (dfx->mdc_hash, temp, nprefix+2); -+ -+ dfx->refcount++; - if ( ed->mdc_method ) -- iobuf_push_filter( ed->buf, mdc_decode_filter, &dfx ); -+ iobuf_push_filter ( ed->buf, mdc_decode_filter, dfx ); - else -- iobuf_push_filter( ed->buf, decode_filter, &dfx ); -+ iobuf_push_filter ( ed->buf, decode_filter, dfx ); - - proc_packets ( procctx, ed->buf ); - ed->buf = NULL; -- if ( ed->mdc_method && dfx.eof_seen == 2 ) -+ if ( ed->mdc_method && dfx->eof_seen == 2 ) - rc = gpg_error (GPG_ERR_INV_PACKET); - else if ( ed->mdc_method ) - { -@@ -184,26 +210,28 @@ - bytes are appended. */ - int datalen = gcry_md_get_algo_dlen (ed->mdc_method); - -- gcry_cipher_decrypt (dfx.cipher_hd, dfx.defer, 22, NULL, 0); -- gcry_md_write (dfx.mdc_hash, dfx.defer, 2); -- gcry_md_final (dfx.mdc_hash); -+ assert (dfx->cipher_hd); -+ assert (dfx->mdc_hash); -+ gcry_cipher_decrypt (dfx->cipher_hd, dfx->defer, 22, NULL, 0); -+ gcry_md_write (dfx->mdc_hash, dfx->defer, 2); -+ gcry_md_final (dfx->mdc_hash); - -- if (dfx.defer[0] != '\xd3' || dfx.defer[1] != '\x14' ) -+ if (dfx->defer[0] != '\xd3' || dfx->defer[1] != '\x14' ) - { - log_error("mdc_packet with invalid encoding\n"); - rc = gpg_error (GPG_ERR_INV_PACKET); - } - else if (datalen != 20 -- || memcmp (gcry_md_read (dfx.mdc_hash, 0),dfx.defer+2,datalen)) -+ || memcmp (gcry_md_read (dfx->mdc_hash, 0), -+ dfx->defer+2,datalen )) - rc = gpg_error (GPG_ERR_BAD_SIGNATURE); -- /* log_printhex("MDC message:", dfx.defer, 22); */ -- /* log_printhex("MDC calc:", gcry_md_read (dfx.mdc_hash,0), datalen); */ -+ /* log_printhex("MDC message:", dfx->defer, 22); */ -+ /* log_printhex("MDC calc:", gcry_md_read (dfx->mdc_hash,0), datalen); */ - } - - - leave: -- gcry_cipher_close (dfx.cipher_hd); -- gcry_md_close (dfx.mdc_hash); -+ release_dfx_context (dfx); - return rc; - } - -@@ -214,7 +242,7 @@ - mdc_decode_filter (void *opaque, int control, IOBUF a, - byte *buf, size_t *ret_len) - { -- decode_filter_ctx_t *dfx = opaque; -+ decode_filter_ctx_t dfx = opaque; - size_t n, size = *ret_len; - int rc = 0; - int c; -@@ -226,11 +254,11 @@ - } - else if( control == IOBUFCTRL_UNDERFLOW ) - { -- assert(a); -- assert( size > 44 ); -+ assert (a); -+ assert ( size > 44 ); - - /* Get at least 22 bytes and put it somewhere ahead in the buffer. */ -- for(n=22; n < 44 ; n++ ) -+ for (n=22; n < 44 ; n++ ) - { - if( (c = iobuf_get(a)) == -1 ) - break; -@@ -279,8 +307,10 @@ - - if ( n ) - { -- gcry_cipher_decrypt (dfx->cipher_hd, buf, n, NULL, 0); -- gcry_md_write (dfx->mdc_hash, buf, n); -+ if ( dfx->cipher_hd ) -+ gcry_cipher_decrypt (dfx->cipher_hd, buf, n, NULL, 0); -+ if ( dfx->mdc_hash ) -+ gcry_md_write (dfx->mdc_hash, buf, n); - } - else - { -@@ -289,6 +319,10 @@ - } - *ret_len = n; - } -+ else if ( control == IOBUFCTRL_FREE ) -+ { -+ release_dfx_context (dfx); -+ } - else if ( control == IOBUFCTRL_DESC ) - { - *(char**)buf = "mdc_decode_filter"; -@@ -300,7 +334,7 @@ - static int - decode_filter( void *opaque, int control, IOBUF a, byte *buf, size_t *ret_len) - { -- decode_filter_ctx_t *fc = opaque; -+ decode_filter_ctx_t fc = opaque; - size_t n, size = *ret_len; - int rc = 0; - -@@ -311,11 +345,18 @@ - if ( n == -1 ) - n = 0; - if ( n ) -- gcry_cipher_decrypt (fc->cipher_hd, buf, n, NULL, 0); -+ { -+ if (fc->cipher_hd) -+ gcry_cipher_decrypt (fc->cipher_hd, buf, n, NULL, 0); -+ } - else - rc = -1; /* EOF */ - *ret_len = n; - } -+ else if ( control == IOBUFCTRL_FREE ) -+ { -+ release_dfx_context (fc); -+ } - else if ( control == IOBUFCTRL_DESC ) - { - *(char**)buf = "decode_filter"; diff --git a/app/crypt/gnupg2/gnupg2.SlackBuild b/app/crypt/gnupg2/gnupg2.SlackBuild index 2e7a17fa..2c854a6c 100755 --- a/app/crypt/gnupg2/gnupg2.SlackBuild +++ b/app/crypt/gnupg2/gnupg2.SlackBuild @@ -19,7 +19,7 @@ fi SRC_NAME="gnupg" PKG_NAME="gnupg2" ARCH=${ARCH:=i486} -VERSION=${VERSION:=2.0.1} +VERSION=${VERSION:=2.0.2} BUILD=${BUILD:=1ls} SRC_DIR=${SRC_DIR:=$CWD} TMP=${TMP:=/tmp} @@ -93,8 +93,6 @@ gpg --verify "$SRC_DIR/$SRC.sig" "$SRC_DIR/$SRC" || exit $ERROR_GPG # Untar, patch, configure, compile and install cd "$SRC_DIR" tar --no-same-owner --no-same-permissions -xvf "$SRC_DIR/$SRC" || exit $ERROR_TAR -cd "$PKG_SRC/g10" -patch -Np0 < "$CWD/filter-context-20-small.diff" || exit $ERROR_PATCH cd "$PKG_SRC" CFLAGS="$SLKCFLAGS" \ CXXFLAGS="$SLKCFLAGS" \ |