summaryrefslogtreecommitdiff
path: root/development/monotone/patches/monotone-1.0-botan-1.10.patch
blob: daf73ca833a84b6a85b4b86a662d38e55bfe1f26 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
by Martin von Gagern:
https://code.monotone.ca/p/monotone/issues/182/

============================================================
--- src/database.cc	4c259f963c440fc95564dfec99b2f832f0bad643
+++ src/database.cc	87efeeff2d3263ba98af684a4022f1897434ed2d
@@ -3425,9 +3425,8 @@ database::encrypt_rsa(key_id const & pub
   rsa_pub_key pub;
   get_key(pub_id, pub);
 
-  SecureVector<Botan::byte> pub_block;
-  pub_block.set(reinterpret_cast<Botan::byte const *>(pub().data()),
-                pub().size());
+  SecureVector<Botan::byte> pub_block
+    (reinterpret_cast<Botan::byte const *>(pub().data()), pub().size());
 
   shared_ptr<X509_PublicKey> x509_key(Botan::X509::load_key(pub_block));
   shared_ptr<RSA_PublicKey> pub_key
@@ -3471,14 +3470,13 @@ database::check_signature(key_id const &
   else
     {
       rsa_pub_key pub;
-      SecureVector<Botan::byte> pub_block;
 
       if (!public_key_exists(id))
         return cert_unknown;
 
       get_key(id, pub);
-      pub_block.set(reinterpret_cast<Botan::byte const *>(pub().data()),
-                    pub().size());
+      SecureVector<Botan::byte> pub_block
+        (reinterpret_cast<Botan::byte const *>(pub().data()), pub().size());
 
       L(FL("building verifier for %d-byte pub key") % pub_block.size());
       shared_ptr<X509_PublicKey> x509_key(Botan::X509::load_key(pub_block));
============================================================
--- src/gzip.cc	e7c19bee910e3d421fd073933810ec52092b1d9b
+++ src/gzip.cc	bab290412cff6031b2d3bf9d1439a08499d39640
@@ -137,7 +137,7 @@ void Gzip_Compression::start_msg()
 /*************************************************
 * Compress Input with Gzip                       *
 *************************************************/
-void Gzip_Compression::write(const byte input[], u32bit length)
+void Gzip_Compression::write(const byte input[], filter_length_t length)
    {
 
    count += length;
@@ -267,7 +267,7 @@ void Gzip_Decompression::start_msg()
 /*************************************************
 * Decompress Input with Gzip                     *
 *************************************************/
-void Gzip_Decompression::write(const byte input[], u32bit length)
+void Gzip_Decompression::write(const byte input[], filter_length_t length)
    {
    if(length) no_writes = false;
 
@@ -284,8 +284,8 @@ void Gzip_Decompression::write(const byt
    // Check the gzip header
    if (pos < sizeof(GZIP::GZIP_HEADER))
       {
-      u32bit len = std::min((u32bit)sizeof(GZIP::GZIP_HEADER)-pos, length);
-      u32bit cmplen = len;
+      filter_length_t len = std::min((filter_length_t)sizeof(GZIP::GZIP_HEADER)-pos, length);
+      filter_length_t cmplen = len;
       // The last byte is the OS flag - we don't care about that
       if (pos + len - 1 >= GZIP::HEADER_POS_OS)
          cmplen--;
@@ -346,8 +346,14 @@ u32bit Gzip_Decompression::eat_footer(co
       if (footer.size() >= GZIP::FOOTER_LENGTH)
          throw Decoding_Error("Gzip_Decompression: Data integrity error in footer");
 
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
+      size_t eat_len = std::min(GZIP::FOOTER_LENGTH-footer.size(),
+                                static_cast<size_t>(length));
+      footer += std::make_pair(input, eat_len);
+#else
       u32bit eat_len = std::min(GZIP::FOOTER_LENGTH-footer.size(), length);
       footer.append(input, eat_len);
+#endif
 
       if (footer.size() == GZIP::FOOTER_LENGTH)
          {
@@ -377,7 +383,12 @@ void Gzip_Decompression::check_footer()
   for (int i = 0; i < 4; i++)
      buf[3-i] = tmpbuf[i];
 
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
+  tmpbuf.resize(4);
+  tmpbuf.copy(footer.begin(), 4);
+#else
   tmpbuf.set(footer.begin(), 4);
+#endif
   if (buf != tmpbuf)
       throw Decoding_Error("Gzip_Decompression: Data integrity error - CRC32 error");
 
@@ -412,7 +423,11 @@ void Gzip_Decompression::clear()
    no_writes = true;
    inflateReset(&(zlib->stream));
 
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
+   footer.clear();
+#else
    footer.destroy();
+#endif
    pos = 0;
    datacount = 0;
    }
============================================================
--- src/gzip.hh	649dfc0b250954f39c0f73870f8bec3f32f7fa43
+++ src/gzip.hh	f462dfc1df71ae1e9a8203606fd29d9e0eda9b2a
@@ -7,6 +7,7 @@
 #ifndef BOTAN_EXT_GZIP_H__
 #define BOTAN_EXT_GZIP_H__
 
+#include <botan/version.h>
 #include <botan/filter.h>
 #include <botan/pipe.h>
 
@@ -30,13 +31,19 @@ namespace GZIP {
 
 }
 
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
+   typedef size_t filter_length_t;
+#else
+   typedef u32bit filter_length_t;
+#endif
+
 /*************************************************
 * Gzip Compression Filter                        *
 *************************************************/
 class Gzip_Compression : public Filter
    {
    public:
-      void write(const byte input[], u32bit length);
+      void write(const byte input[], filter_length_t length);
       void start_msg();
       void end_msg();
       std::string name() const { return "Gzip_Compression"; }
@@ -60,7 +67,7 @@ class Gzip_Decompression : public Filter
 class Gzip_Decompression : public Filter
    {
    public:
-      void write(const byte input[], u32bit length);
+      void write(const byte input[], filter_length_t length);
       void start_msg();
       void end_msg();
       std::string name() const { return "Gzip_Decompression"; }
============================================================
--- src/key_packet.cc	d1306df89dd684badac02c03744cd446381c07d3
+++ src/key_packet.cc	c97262d161b23c9640972188979669b3e95afe7b
@@ -106,8 +106,8 @@ namespace
     void validate_public_key_data(string const & name, string const & keydata) const
     {
       string decoded = decode_base64_as<string>(keydata, origin::user);
-      Botan::SecureVector<Botan::byte> key_block;
-      key_block.set(reinterpret_cast<Botan::byte const *>(decoded.c_str()), decoded.size());
+      Botan::SecureVector<Botan::byte> key_block
+        (reinterpret_cast<Botan::byte const *>(decoded.c_str()), decoded.size());
       try
         {
           Botan::X509::load_key(key_block);
============================================================
--- src/key_store.cc	64c4c4bed1fadc26b51207b9f61343f9dd7d3c6e
+++ src/key_store.cc	1b1f1a989c21ee0dc69c540783ffb1fe4bceabf5
@@ -572,13 +572,19 @@ key_store_state::decrypt_private_key(key
   try // with empty passphrase
     {
       Botan::DataSource_Memory ds(kp.priv());
-#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,7,7)
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
+      pkcs8_key.reset(Botan::PKCS8::load_key(ds, lazy_rng::get(), Dummy_UI()));
+#elif BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,7,7)
       pkcs8_key.reset(Botan::PKCS8::load_key(ds, lazy_rng::get(), ""));
 #else
       pkcs8_key.reset(Botan::PKCS8::load_key(ds, ""));
 #endif
     }
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
+  catch (Passphrase_Required & e)
+#else
   catch (Botan::Exception & e)
+#endif
     {
       L(FL("failed to load key with no passphrase: %s") % e.what());
 
@@ -856,9 +862,9 @@ key_store::make_signature(database & db,
     {
       if (agent.connected()) {
         //grab the monotone public key as an RSA_PublicKey
-        SecureVector<Botan::byte> pub_block;
-        pub_block.set(reinterpret_cast<Botan::byte const *>(key.pub().data()),
-                      key.pub().size());
+        SecureVector<Botan::byte> pub_block
+          (reinterpret_cast<Botan::byte const *>(key.pub().data()),
+           key.pub().size());
         L(FL("make_signature: building %d-byte pub key") % pub_block.size());
         shared_ptr<X509_PublicKey> x509_key =
           shared_ptr<X509_PublicKey>(Botan::X509::load_key(pub_block));
@@ -1031,8 +1037,14 @@ key_store_state::migrate_old_key_pair
   for (;;)
     try
       {
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
+        arc4_key.resize(phrase().size());
+        arc4_key.copy(reinterpret_cast<Botan::byte const *>(phrase().data()),
+                      phrase().size());
+#else
         arc4_key.set(reinterpret_cast<Botan::byte const *>(phrase().data()),
                      phrase().size());
+#endif
 
         Pipe arc4_decryptor(get_cipher("ARC4", arc4_key, Botan::DECRYPTION));
 
============================================================
--- src/monotone.cc	a25ecdd170a601db798b63a60add7681609a34c4
+++ src/monotone.cc	2c5f57762bc687a90f75e732f39d2181fc50bd6d
@@ -170,11 +170,16 @@ cpp_main(int argc, char ** argv)
       // versions, including all of the stable branch 1.8.x.
       E(linked_botan_version < BOTAN_VERSION_CODE_FOR(1,9,0), origin::system,
         F("this monotone binary does not work with Botan 1.9.x"));
-#else
+#elif BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(1,9,11)
       E(linked_botan_version > BOTAN_VERSION_CODE_FOR(1,7,22), origin::system,
         F("this monotone binary requires Botan 1.7.22 or newer"));
       E(linked_botan_version < BOTAN_VERSION_CODE_FOR(1,9,0), origin::system,
         F("this monotone binary does not work with Botan 1.9.x"));
+#else
+      E(linked_botan_version > BOTAN_VERSION_CODE_FOR(1,9,11), origin::system,
+        F("this monotone binary requires Botan 1.9.11 or newer"));
+      E(linked_botan_version < BOTAN_VERSION_CODE_FOR(1,11,0), origin::system,
+        F("this monotone binary does not work with Botan 1.11.x"));
 #endif
 
       app_state app;
============================================================
--- src/packet.cc	f61360ed2524fdf53411bd24d022a2a3c9e6e9c7
+++ src/packet.cc	6f6739c4756933843a2d865dc6790de9013626b7
@@ -156,8 +156,8 @@ namespace
     void validate_public_key_data(string const & name, string const & keydata) const
     {
       string decoded = decode_base64_as<string>(keydata, origin::user);
-      Botan::SecureVector<Botan::byte> key_block;
-      key_block.set(reinterpret_cast<Botan::byte const *>(decoded.c_str()), decoded.size());
+      Botan::SecureVector<Botan::byte> key_block
+        (reinterpret_cast<Botan::byte const *>(decoded.c_str()), decoded.size());
       try
         {
           Botan::X509::load_key(key_block);
@@ -175,7 +175,9 @@ namespace
       Botan::DataSource_Memory ds(decoded);
       try
         {
-#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,7,7)
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
+          Botan::PKCS8::load_key(ds, lazy_rng::get(), Dummy_UI());
+#elif BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,7,7)
           Botan::PKCS8::load_key(ds, lazy_rng::get(), string());
 #else
           Botan::PKCS8::load_key(ds, string());
@@ -189,7 +191,11 @@ namespace
         }
       // since we do not want to prompt for a password to decode it finally,
       // we ignore all other exceptions
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
+      catch (Passphrase_Required) {}
+#else
       catch (Botan::Invalid_Argument) {}
+#endif
     }
     void validate_certname(string const & cn) const
     {
@@ -460,8 +466,14 @@ read_packets(istream & in, packet_consum
   return count;
 }
 
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
+std::string Dummy_UI::get_passphrase(const std::string&,
+                                     const std::string&,
+                                     Botan::User_Interface::UI_Result&) const {
+  throw Passphrase_Required();
+}
+#endif
 
-
 // Local Variables:
 // mode: C++
 // fill-column: 76
============================================================
--- src/packet.hh	0a224e6e92f244e2c3e9a5cdb935eb8613d7e85b
+++ src/packet.hh	6c7d90e0bd9abe1e2e97da8ed40808fe438ea34b
@@ -84,8 +84,26 @@ size_t read_packets(std::istream & in, p
 
 size_t read_packets(std::istream & in, packet_consumer & cons);
 
+#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
+// work around botan commit 2d09d7d0cd4bd0e7155d001dd65a4f29103b158c
+#include <botan/ui.h>
+class Dummy_UI : public Botan::User_Interface
+{
+public:
+  virtual std::string get_passphrase(const std::string&,
+                                     const std::string&,
+                                     Botan::User_Interface::UI_Result&) const;
+};
+class Passphrase_Required : public Botan::Exception {
+public:
+  Passphrase_Required(const std::string& m = "Passphrase required") :
+    Botan::Exception(m)
+    {}
+};
 #endif
 
+#endif
+
 // Local Variables:
 // mode: C++
 // fill-column: 76
============================================================
--- src/sha1.cc	5e1aa972d7c7d66e06320b039989652b830dcd75
+++ src/sha1.cc	42e48b22fd88b25e0d38d4f91e1f13f8a83c7120
@@ -50,9 +50,12 @@ CMD_HIDDEN(benchmark_sha1, "benchmark_sh
   Botan::Default_Benchmark_Timer timer;
   std::map<std::string, double> results =
     Botan::algorithm_benchmark("SHA-1",  milliseconds, timer, rng, af);
+#elif BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(1,9,11)
+  std::map<std::string, double> results =
+    Botan::algorithm_benchmark("SHA-1",  milliseconds, rng, af);
 #else
   std::map<std::string, double> results =
-    Botan::algorithm_benchmark("SHA-1",  milliseconds, rng, af);
+    Botan::algorithm_benchmark("SHA-1",  af, rng, milliseconds, 16);
 #endif
 
   for(std::map<std::string, double>::const_iterator i = results.begin();
============================================================
--- src/ssh_agent.cc	6d188e7012a0b82f782563b09bbd7adf3f70cf75
+++ src/ssh_agent.cc	4a0dcab873559e934e41c5f220b5434d35600d9b
@@ -385,9 +385,9 @@ ssh_agent::has_key(const keypair & key)
 ssh_agent::has_key(const keypair & key)
 {
   //grab the monotone public key as an RSA_PublicKey
-  SecureVector<Botan::byte> pub_block;
-  pub_block.set(reinterpret_cast<Botan::byte const *>((key.pub)().data()),
-                (key.pub)().size());
+  SecureVector<Botan::byte> pub_block
+    (reinterpret_cast<Botan::byte const *>((key.pub)().data()),
+     (key.pub)().size());
   L(FL("has_key: building %d-byte pub key") % pub_block.size());
   shared_ptr<X509_PublicKey> x509_key =
     shared_ptr<X509_PublicKey>(Botan::X509::load_key(pub_block));
============================================================
--- src/transforms.cc	cdfb6854ef4992faba21074145f3c8269b845b11
+++ src/transforms.cc	789e01bbff42020d04d8dba8f6b97588fbe4ca3d
@@ -53,10 +53,10 @@ using Botan::Hash_Filter;
 // paradigm "must" be used. this program is intended for source code
 // control and I make no bones about it.
 
-NORETURN(static inline void error_in_transform(Botan::Exception & e));
+NORETURN(static inline void error_in_transform(std::exception & e));
 
 static inline void
-error_in_transform(Botan::Exception & e, origin::type caused_by)
+error_in_transform(std::exception & e, origin::type caused_by)
 {
   // these classes can all indicate data corruption
   if (typeid(e) == typeid(Botan::Encoding_Error)
@@ -107,7 +107,7 @@ error_in_transform(Botan::Exception & e,
         pipe->process_msg(in);                                  \
         out = pipe->read_all_as_string(Pipe::LAST_MESSAGE);     \
       }                                                         \
-    catch (Botan::Exception & e)                                \
+    catch (std::exception & e)                                   \
       {                                                         \
         pipe.reset(new Pipe(new T(carg)));                      \
         error_in_transform(e, made_from);                       \
@@ -173,7 +173,7 @@ template<> string xform<Botan::Hex_Decod
             {
               throw Botan::Decoding_Error(string("invalid hex character '") + (char)c + "'");
             }
-          catch(Botan::Exception & e)
+          catch(std::exception & e)
             {
               error_in_transform(e, made_from);
             }
@@ -219,7 +219,7 @@ void pack(T const & in, base64< gzip<T> 
       tmp = pipe->read_all_as_string(Pipe::LAST_MESSAGE);
       out = base64< gzip<T> >(tmp, in.made_from);
     }
-  catch (Botan::Exception & e)
+  catch (std::exception & e)
     {
       pipe.reset(new Pipe(new Gzip_Compression,
                           new Base64_Encoder));
@@ -237,7 +237,7 @@ void unpack(base64< gzip<T> > const & in
       pipe->process_msg(in());
       out = T(pipe->read_all_as_string(Pipe::LAST_MESSAGE), in.made_from);
     }
-  catch (Botan::Exception & e)
+  catch (std::exception & e)
     {
       pipe.reset(new Pipe(new Base64_Decoder,
                           new Gzip_Decompression));
@@ -264,7 +264,7 @@ calculate_ident(data const & dat,
       p->process_msg(dat());
       ident = id(p->read_all_as_string(Pipe::LAST_MESSAGE), dat.made_from);
     }
-  catch (Botan::Exception & e)
+  catch (std::exception & e)
     {
       p.reset(new Pipe(new Hash_Filter("SHA-160")));
       error_in_transform(e, dat.made_from);