[pkgsrc/trunk]: pkgsrc/security/netpgpverify netpgpverify-20140304:

[agc <agc%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/eb3b5de5265d
branches:  trunk
changeset: 631419:eb3b5de5265d
user:      agc <agc%pkgsrc.org@localhost>
date:      Wed Mar 05 04:51:37 2014 +0000

description:
netpgpverify-20140304:
+ Check the correct field in the struct is not NULL in sig_verify_dsa()
+ Move to using our own byte-swapping routines - portability
+ Check for errors in bzlib
+ Bump version number to 20140304

diffstat:

 security/netpgpverify/Makefile          |   4 +-
 security/netpgpverify/files/Makefile.in |   2 +-
 security/netpgpverify/files/bzlib.c     |  14 ++++--
 security/netpgpverify/files/libverify.c |  16 ++++---
 security/netpgpverify/files/pgpsum.c    |  74 ++++++++++++++++++++++++++++++++-
 security/netpgpverify/files/pgpsum.h    |   5 ++
 security/netpgpverify/files/verify.h    |   4 +-
 7 files changed, 100 insertions(+), 19 deletions(-)

diffs (270 lines):

diff -r d23aacb91795 -r eb3b5de5265d security/netpgpverify/Makefile
--- a/security/netpgpverify/Makefile    Tue Mar 04 14:00:31 2014 +0000
+++ b/security/netpgpverify/Makefile    Wed Mar 05 04:51:37 2014 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.6 2014/02/16 17:21:15 agc Exp $
+# $NetBSD: Makefile,v 1.7 2014/03/05 04:51:37 agc Exp $
 
-DISTNAME=              netpgpverify-20140210
+DISTNAME=              netpgpverify-20140304
 CATEGORIES=            security
 MASTER_SITES=          # empty
 DISTFILES=             # empty
diff -r d23aacb91795 -r eb3b5de5265d security/netpgpverify/files/Makefile.in
--- a/security/netpgpverify/files/Makefile.in   Tue Mar 04 14:00:31 2014 +0000
+++ b/security/netpgpverify/files/Makefile.in   Wed Mar 05 04:51:37 2014 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.in,v 1.2 2014/02/04 02:11:18 agc Exp $
+# $NetBSD: Makefile.in,v 1.3 2014/03/05 04:51:37 agc Exp $
 
 PROG=netpgpverify
 
diff -r d23aacb91795 -r eb3b5de5265d security/netpgpverify/files/bzlib.c
--- a/security/netpgpverify/files/bzlib.c       Tue Mar 04 14:00:31 2014 +0000
+++ b/security/netpgpverify/files/bzlib.c       Wed Mar 05 04:51:37 2014 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: bzlib.c,v 1.1 2013/03/16 07:32:34 agc Exp $    */
+/*     $NetBSD: bzlib.c,v 1.2 2014/03/05 04:51:37 agc Exp $    */
 
 
 /*-------------------------------------------------------------*/
@@ -35,7 +35,7 @@
 #include "bzlib_private.h"
 
 
-/*     $NetBSD: bzlib.c,v 1.1 2013/03/16 07:32:34 agc Exp $    */
+/*     $NetBSD: bzlib.c,v 1.2 2014/03/05 04:51:37 agc Exp $    */
 
 
 /*-------------------------------------------------------------*/
@@ -680,6 +680,10 @@
    bzFile* bzf = NULL;
    int     ret;
 
+   if (bzerror == NULL) {
+       return NULL;
+   }
+
    BZ_SETERR(BZ_OK);
 
    if (f == NULL || 
@@ -1076,7 +1080,7 @@
 /*-------------------------------------------------------------*/
 /*--- end                                           bzlib.c ---*/
 /*-------------------------------------------------------------*/
-/*     $NetBSD: bzlib.c,v 1.1 2013/03/16 07:32:34 agc Exp $    */
+/*     $NetBSD: bzlib.c,v 1.2 2014/03/05 04:51:37 agc Exp $    */
 
 
 /*-------------------------------------------------------------*/
@@ -1722,7 +1726,7 @@
 /*-------------------------------------------------------------*/
 /*--- end                                      decompress.c ---*/
 /*-------------------------------------------------------------*/
-/*     $NetBSD: bzlib.c,v 1.1 2013/03/16 07:32:34 agc Exp $    */
+/*     $NetBSD: bzlib.c,v 1.2 2014/03/05 04:51:37 agc Exp $    */
 
 
 /*-------------------------------------------------------------*/
@@ -1826,7 +1830,7 @@
 /*-------------------------------------------------------------*/
 /*--- end                                        crctable.c ---*/
 /*-------------------------------------------------------------*/
-/*     $NetBSD: bzlib.c,v 1.1 2013/03/16 07:32:34 agc Exp $    */
+/*     $NetBSD: bzlib.c,v 1.2 2014/03/05 04:51:37 agc Exp $    */
 
 
 /*-------------------------------------------------------------*/
diff -r d23aacb91795 -r eb3b5de5265d security/netpgpverify/files/libverify.c
--- a/security/netpgpverify/files/libverify.c   Tue Mar 04 14:00:31 2014 +0000
+++ b/security/netpgpverify/files/libverify.c   Wed Mar 05 04:51:37 2014 +0000
@@ -386,7 +386,7 @@
 static unsigned
 fmt_32(uint8_t *p, uint32_t a)
 {
-       a = htonl(a);
+       a = pgp_hton32(a);
        memcpy(p, &a, sizeof(a));
        return sizeof(a);
 }
@@ -395,7 +395,7 @@
 static unsigned
 fmt_16(uint8_t *p, uint16_t a)
 {
-       a = htons(a);
+       a = pgp_hton16(a);
        memcpy(p, &a, sizeof(a));
        return sizeof(a);
 }
@@ -626,7 +626,7 @@
        uint16_t        u16;
 
        memcpy(&u16, p, sizeof(u16));
-       return ntohs(u16);
+       return pgp_ntoh16(u16);
 }
 
 /* get a 32 bit integer, in host order */
@@ -636,7 +636,7 @@
        uint32_t        u32;
 
        memcpy(&u32, p, sizeof(u32));
-       return ntohl(u32);
+       return pgp_ntoh32(u32);
 }
 
 #define HOURSECS       (int64_t)(60 * 60)
@@ -1696,7 +1696,9 @@
        BIGNUM           *t1;
        int               ret;
 
-       if (pubkey[DSA_P].bn == NULL || pubkey[DSA_Q].bn == NULL || pubkey[DSA_G].bn == NULL) {
+       if (pubkey->bn[DSA_P].bn == NULL ||
+           pubkey->bn[DSA_Q].bn == NULL ||
+           pubkey->bn[DSA_G].bn == NULL) {
                return 0;
        }
        M = W = t1 = NULL;
@@ -2181,7 +2183,7 @@
        uint32_t         len;
 
        (void) bufgap_getbin(bg, &len, sizeof(len));
-       len = ntohl(len);
+       len = pgp_ntoh32(len);
        (void) bufgap_seek(bg, sizeof(len), BGFromHere, BGByte);
        (void) bufgap_getbin(bg, buf, len);
        bignum->bn = BN_bin2bn((const uint8_t *)buf, (int)len, NULL);
@@ -2296,7 +2298,7 @@
 
        /* get the type of key */
        (void) bufgap_getbin(&bg, &len, sizeof(len));
-       len = ntohl(len);
+       len = pgp_ntoh32(len);
        if (len >= st.st_size) {
                (void) fprintf(stderr, "bad public key file '%s'\n", f);
                return 0;
diff -r d23aacb91795 -r eb3b5de5265d security/netpgpverify/files/pgpsum.c
--- a/security/netpgpverify/files/pgpsum.c      Tue Mar 04 14:00:31 2014 +0000
+++ b/security/netpgpverify/files/pgpsum.c      Wed Mar 05 04:51:37 2014 +0000
@@ -120,8 +120,8 @@
        /* hashed data is non-null (previously checked) */
        hashalg = hashed[3];
        memcpy(&len16, &hashed[4], sizeof(len16));
-       len32 = ntohs(len16) + 6;
-       len32 = htonl(len32);
+       len32 = pgp_ntoh16(len16) + 6;
+       len32 = pgp_hton32(len32);
        trailer[0] = 0x04;
        trailer[1] = 0xff;
        memcpy(&trailer[2], &len32, sizeof(len32));
@@ -142,6 +142,48 @@
        return digest_final(out, &hash);
 }
 
+/* used to byteswap 16 bit words */
+typedef union {
+       uint16_t        i16;
+       uint8_t         i8[2];
+} u16;
+
+/* used to byte swap 32 bit words */
+typedef union {
+       uint32_t        i32;
+       uint8_t         i8[4];
+} u32;
+
+static inline uint16_t
+swap16(uint16_t in)
+{
+       u16     u;
+
+       u.i16 = in;
+       return (u.i8[0] << 8) | u.i8[1];
+}
+
+static inline uint32_t
+swap32(uint32_t in)
+{
+       u32     u;
+
+       u.i32 = in;
+       return (u.i8[0] << 24) | (u.i8[1] << 16) | (u.i8[2] << 8) | u.i8[3];
+}
+
+static inline int
+is_little_endian(void)
+{
+       static const int        indian = 1;
+
+       return (*(const char *)(const void *)&indian != 0);
+}
+
+/************************************************************/
+
+/* exportable routines */
+
 /* open the file, mmap it, and then get the checksum on that */
 int
 pgpv_digest_file(uint8_t *data, size_t size, const char *name, const uint8_t *hashed, size_t hashsize, int doarmor)
@@ -191,3 +233,31 @@
        }
        return calcsum(data, size, mem, cc, hashed, hashsize, doarmor);
 }
+
+/* our 16bit byte swap if LE host */
+uint16_t
+pgp_ntoh16(uint16_t in)
+{
+       return (is_little_endian()) ? swap16(in) : in;
+}
+
+/* our 16bit byte swap if LE host */
+uint16_t
+pgp_hton16(uint16_t in)
+{
+       return (is_little_endian()) ? swap16(in) : in;
+}
+
+/* our 32bit byte swap if LE host */
+uint32_t
+pgp_ntoh32(uint32_t in)
+{
+       return (is_little_endian()) ? swap32(in) : in;
+}
+
+/* our 32bit byte swap if LE host */
+uint32_t
+pgp_hton32(uint32_t in)
+{
+       return (is_little_endian()) ? swap32(in) : in;
+}
diff -r d23aacb91795 -r eb3b5de5265d security/netpgpverify/files/pgpsum.h
--- a/security/netpgpverify/files/pgpsum.h      Tue Mar 04 14:00:31 2014 +0000
+++ b/security/netpgpverify/files/pgpsum.h      Wed Mar 05 04:51:37 2014 +0000
@@ -29,6 +29,11 @@
 
 #include <inttypes.h>
 
+uint16_t pgp_ntoh16(uint16_t /*in*/);
+uint16_t pgp_hton16(uint16_t /*in*/);
+uint32_t pgp_ntoh32(uint32_t /*in*/);
+uint32_t pgp_hton32(uint32_t /*in*/);
+
 int pgpv_digest_file(uint8_t */*buf*/, size_t /*size*/, const char */*name*/, const uint8_t */*hashed*/, size_t /*hashsize*/, int /*doarmor*/);
 int pgpv_digest_memory(uint8_t */*buf*/, size_t /*size*/, void */*memory*/, size_t /*cc*/, const uint8_t */*hashed*/, size_t /*hashsize*/, int /*doarmor*/);
 
diff -r d23aacb91795 -r eb3b5de5265d security/netpgpverify/files/verify.h
--- a/security/netpgpverify/files/verify.h      Tue Mar 04 14:00:31 2014 +0000
+++ b/security/netpgpverify/files/verify.h      Wed Mar 05 04:51:37 2014 +0000
@@ -23,9 +23,9 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #ifndef NETPGP_VERIFY_H_
-#define NETPGP_VERIFY_H_       20140210
+#define NETPGP_VERIFY_H_       20140304
 
-#define NETPGPVERIFY_VERSION   "netpgpverify portable 20140210"
+#define NETPGPVERIFY_VERSION   "netpgpverify portable 20140304"
 
 #include <sys/types.h>