aboutsummaryrefslogtreecommitdiff
path: root/development/monotone/patches/monotone-1.0-botan-1.10.patch
diff options
context:
space:
mode:
Diffstat (limited to 'development/monotone/patches/monotone-1.0-botan-1.10.patch')
-rw-r--r--development/monotone/patches/monotone-1.0-botan-1.10.patch412
1 files changed, 412 insertions, 0 deletions
diff --git a/development/monotone/patches/monotone-1.0-botan-1.10.patch b/development/monotone/patches/monotone-1.0-botan-1.10.patch
new file mode 100644
index 0000000000000..daf73ca833a84
--- /dev/null
+++ b/development/monotone/patches/monotone-1.0-botan-1.10.patch
@@ -0,0 +1,412 @@
+by Martin von Gagern:
+https://code.monotone.ca/p/monotone/issues/182/
+
+============================================================
+--- src/database.cc 4c259f963c440fc95564dfec99b2f832f0bad643
++++ src/database.cc 87efeeff2d3263ba98af684a4022f1897434ed2d
+@@ -3425,9 +3425,8 @@ database::encrypt_rsa(key_id const & pub
+ rsa_pub_key pub;
+ get_key(pub_id, pub);
+
+- SecureVector<Botan::byte> pub_block;
+- pub_block.set(reinterpret_cast<Botan::byte const *>(pub().data()),
+- pub().size());
++ SecureVector<Botan::byte> pub_block
++ (reinterpret_cast<Botan::byte const *>(pub().data()), pub().size());
+
+ shared_ptr<X509_PublicKey> x509_key(Botan::X509::load_key(pub_block));
+ shared_ptr<RSA_PublicKey> pub_key
+@@ -3471,14 +3470,13 @@ database::check_signature(key_id const &
+ else
+ {
+ rsa_pub_key pub;
+- SecureVector<Botan::byte> pub_block;
+
+ if (!public_key_exists(id))
+ return cert_unknown;
+
+ get_key(id, pub);
+- pub_block.set(reinterpret_cast<Botan::byte const *>(pub().data()),
+- pub().size());
++ SecureVector<Botan::byte> pub_block
++ (reinterpret_cast<Botan::byte const *>(pub().data()), pub().size());
+
+ L(FL("building verifier for %d-byte pub key") % pub_block.size());
+ shared_ptr<X509_PublicKey> x509_key(Botan::X509::load_key(pub_block));
+============================================================
+--- src/gzip.cc e7c19bee910e3d421fd073933810ec52092b1d9b
++++ src/gzip.cc bab290412cff6031b2d3bf9d1439a08499d39640
+@@ -137,7 +137,7 @@ void Gzip_Compression::start_msg()
+ /*************************************************
+ * Compress Input with Gzip *
+ *************************************************/
+-void Gzip_Compression::write(const byte input[], u32bit length)
++void Gzip_Compression::write(const byte input[], filter_length_t length)
+ {
+
+ count += length;
+@@ -267,7 +267,7 @@ void Gzip_Decompression::start_msg()
+ /*************************************************
+ * Decompress Input with Gzip *
+ *************************************************/
+-void Gzip_Decompression::write(const byte input[], u32bit length)
++void Gzip_Decompression::write(const byte input[], filter_length_t length)
+ {
+ if(length) no_writes = false;
+
+@@ -284,8 +284,8 @@ void Gzip_Decompression::write(const byt
+ // Check the gzip header
+ if (pos < sizeof(GZIP::GZIP_HEADER))
+ {
+- u32bit len = std::min((u32bit)sizeof(GZIP::GZIP_HEADER)-pos, length);
+- u32bit cmplen = len;
++ filter_length_t len = std::min((filter_length_t)sizeof(GZIP::GZIP_HEADER)-pos, length);
++ filter_length_t cmplen = len;
+ // The last byte is the OS flag - we don't care about that
+ if (pos + len - 1 >= GZIP::HEADER_POS_OS)
+ cmplen--;
+@@ -346,8 +346,14 @@ u32bit Gzip_Decompression::eat_footer(co
+ if (footer.size() >= GZIP::FOOTER_LENGTH)
+ throw Decoding_Error("Gzip_Decompression: Data integrity error in footer");
+
++#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
++ size_t eat_len = std::min(GZIP::FOOTER_LENGTH-footer.size(),
++ static_cast<size_t>(length));
++ footer += std::make_pair(input, eat_len);
++#else
+ u32bit eat_len = std::min(GZIP::FOOTER_LENGTH-footer.size(), length);
+ footer.append(input, eat_len);
++#endif
+
+ if (footer.size() == GZIP::FOOTER_LENGTH)
+ {
+@@ -377,7 +383,12 @@ void Gzip_Decompression::check_footer()
+ for (int i = 0; i < 4; i++)
+ buf[3-i] = tmpbuf[i];
+
++#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
++ tmpbuf.resize(4);
++ tmpbuf.copy(footer.begin(), 4);
++#else
+ tmpbuf.set(footer.begin(), 4);
++#endif
+ if (buf != tmpbuf)
+ throw Decoding_Error("Gzip_Decompression: Data integrity error - CRC32 error");
+
+@@ -412,7 +423,11 @@ void Gzip_Decompression::clear()
+ no_writes = true;
+ inflateReset(&(zlib->stream));
+
++#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
++ footer.clear();
++#else
+ footer.destroy();
++#endif
+ pos = 0;
+ datacount = 0;
+ }
+============================================================
+--- src/gzip.hh 649dfc0b250954f39c0f73870f8bec3f32f7fa43
++++ src/gzip.hh f462dfc1df71ae1e9a8203606fd29d9e0eda9b2a
+@@ -7,6 +7,7 @@
+ #ifndef BOTAN_EXT_GZIP_H__
+ #define BOTAN_EXT_GZIP_H__
+
++#include <botan/version.h>
+ #include <botan/filter.h>
+ #include <botan/pipe.h>
+
+@@ -30,13 +31,19 @@ namespace GZIP {
+
+ }
+
++#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
++ typedef size_t filter_length_t;
++#else
++ typedef u32bit filter_length_t;
++#endif
++
+ /*************************************************
+ * Gzip Compression Filter *
+ *************************************************/
+ class Gzip_Compression : public Filter
+ {
+ public:
+- void write(const byte input[], u32bit length);
++ void write(const byte input[], filter_length_t length);
+ void start_msg();
+ void end_msg();
+ std::string name() const { return "Gzip_Compression"; }
+@@ -60,7 +67,7 @@ class Gzip_Decompression : public Filter
+ class Gzip_Decompression : public Filter
+ {
+ public:
+- void write(const byte input[], u32bit length);
++ void write(const byte input[], filter_length_t length);
+ void start_msg();
+ void end_msg();
+ std::string name() const { return "Gzip_Decompression"; }
+============================================================
+--- src/key_packet.cc d1306df89dd684badac02c03744cd446381c07d3
++++ src/key_packet.cc c97262d161b23c9640972188979669b3e95afe7b
+@@ -106,8 +106,8 @@ namespace
+ void validate_public_key_data(string const & name, string const & keydata) const
+ {
+ string decoded = decode_base64_as<string>(keydata, origin::user);
+- Botan::SecureVector<Botan::byte> key_block;
+- key_block.set(reinterpret_cast<Botan::byte const *>(decoded.c_str()), decoded.size());
++ Botan::SecureVector<Botan::byte> key_block
++ (reinterpret_cast<Botan::byte const *>(decoded.c_str()), decoded.size());
+ try
+ {
+ Botan::X509::load_key(key_block);
+============================================================
+--- src/key_store.cc 64c4c4bed1fadc26b51207b9f61343f9dd7d3c6e
++++ src/key_store.cc 1b1f1a989c21ee0dc69c540783ffb1fe4bceabf5
+@@ -572,13 +572,19 @@ key_store_state::decrypt_private_key(key
+ try // with empty passphrase
+ {
+ Botan::DataSource_Memory ds(kp.priv());
+-#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,7,7)
++#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
++ pkcs8_key.reset(Botan::PKCS8::load_key(ds, lazy_rng::get(), Dummy_UI()));
++#elif BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,7,7)
+ pkcs8_key.reset(Botan::PKCS8::load_key(ds, lazy_rng::get(), ""));
+ #else
+ pkcs8_key.reset(Botan::PKCS8::load_key(ds, ""));
+ #endif
+ }
++#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
++ catch (Passphrase_Required & e)
++#else
+ catch (Botan::Exception & e)
++#endif
+ {
+ L(FL("failed to load key with no passphrase: %s") % e.what());
+
+@@ -856,9 +862,9 @@ key_store::make_signature(database & db,
+ {
+ if (agent.connected()) {
+ //grab the monotone public key as an RSA_PublicKey
+- SecureVector<Botan::byte> pub_block;
+- pub_block.set(reinterpret_cast<Botan::byte const *>(key.pub().data()),
+- key.pub().size());
++ SecureVector<Botan::byte> pub_block
++ (reinterpret_cast<Botan::byte const *>(key.pub().data()),
++ key.pub().size());
+ L(FL("make_signature: building %d-byte pub key") % pub_block.size());
+ shared_ptr<X509_PublicKey> x509_key =
+ shared_ptr<X509_PublicKey>(Botan::X509::load_key(pub_block));
+@@ -1031,8 +1037,14 @@ key_store_state::migrate_old_key_pair
+ for (;;)
+ try
+ {
++#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
++ arc4_key.resize(phrase().size());
++ arc4_key.copy(reinterpret_cast<Botan::byte const *>(phrase().data()),
++ phrase().size());
++#else
+ arc4_key.set(reinterpret_cast<Botan::byte const *>(phrase().data()),
+ phrase().size());
++#endif
+
+ Pipe arc4_decryptor(get_cipher("ARC4", arc4_key, Botan::DECRYPTION));
+
+============================================================
+--- src/monotone.cc a25ecdd170a601db798b63a60add7681609a34c4
++++ src/monotone.cc 2c5f57762bc687a90f75e732f39d2181fc50bd6d
+@@ -170,11 +170,16 @@ cpp_main(int argc, char ** argv)
+ // versions, including all of the stable branch 1.8.x.
+ E(linked_botan_version < BOTAN_VERSION_CODE_FOR(1,9,0), origin::system,
+ F("this monotone binary does not work with Botan 1.9.x"));
+-#else
++#elif BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(1,9,11)
+ E(linked_botan_version > BOTAN_VERSION_CODE_FOR(1,7,22), origin::system,
+ F("this monotone binary requires Botan 1.7.22 or newer"));
+ E(linked_botan_version < BOTAN_VERSION_CODE_FOR(1,9,0), origin::system,
+ F("this monotone binary does not work with Botan 1.9.x"));
++#else
++ E(linked_botan_version > BOTAN_VERSION_CODE_FOR(1,9,11), origin::system,
++ F("this monotone binary requires Botan 1.9.11 or newer"));
++ E(linked_botan_version < BOTAN_VERSION_CODE_FOR(1,11,0), origin::system,
++ F("this monotone binary does not work with Botan 1.11.x"));
+ #endif
+
+ app_state app;
+============================================================
+--- src/packet.cc f61360ed2524fdf53411bd24d022a2a3c9e6e9c7
++++ src/packet.cc 6f6739c4756933843a2d865dc6790de9013626b7
+@@ -156,8 +156,8 @@ namespace
+ void validate_public_key_data(string const & name, string const & keydata) const
+ {
+ string decoded = decode_base64_as<string>(keydata, origin::user);
+- Botan::SecureVector<Botan::byte> key_block;
+- key_block.set(reinterpret_cast<Botan::byte const *>(decoded.c_str()), decoded.size());
++ Botan::SecureVector<Botan::byte> key_block
++ (reinterpret_cast<Botan::byte const *>(decoded.c_str()), decoded.size());
+ try
+ {
+ Botan::X509::load_key(key_block);
+@@ -175,7 +175,9 @@ namespace
+ Botan::DataSource_Memory ds(decoded);
+ try
+ {
+-#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,7,7)
++#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
++ Botan::PKCS8::load_key(ds, lazy_rng::get(), Dummy_UI());
++#elif BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,7,7)
+ Botan::PKCS8::load_key(ds, lazy_rng::get(), string());
+ #else
+ Botan::PKCS8::load_key(ds, string());
+@@ -189,7 +191,11 @@ namespace
+ }
+ // since we do not want to prompt for a password to decode it finally,
+ // we ignore all other exceptions
++#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
++ catch (Passphrase_Required) {}
++#else
+ catch (Botan::Invalid_Argument) {}
++#endif
+ }
+ void validate_certname(string const & cn) const
+ {
+@@ -460,8 +466,14 @@ read_packets(istream & in, packet_consum
+ return count;
+ }
+
++#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
++std::string Dummy_UI::get_passphrase(const std::string&,
++ const std::string&,
++ Botan::User_Interface::UI_Result&) const {
++ throw Passphrase_Required();
++}
++#endif
+
+-
+ // Local Variables:
+ // mode: C++
+ // fill-column: 76
+============================================================
+--- src/packet.hh 0a224e6e92f244e2c3e9a5cdb935eb8613d7e85b
++++ src/packet.hh 6c7d90e0bd9abe1e2e97da8ed40808fe438ea34b
+@@ -84,8 +84,26 @@ size_t read_packets(std::istream & in, p
+
+ size_t read_packets(std::istream & in, packet_consumer & cons);
+
++#if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,9,11)
++// work around botan commit 2d09d7d0cd4bd0e7155d001dd65a4f29103b158c
++#include <botan/ui.h>
++class Dummy_UI : public Botan::User_Interface
++{
++public:
++ virtual std::string get_passphrase(const std::string&,
++ const std::string&,
++ Botan::User_Interface::UI_Result&) const;
++};
++class Passphrase_Required : public Botan::Exception {
++public:
++ Passphrase_Required(const std::string& m = "Passphrase required") :
++ Botan::Exception(m)
++ {}
++};
+ #endif
+
++#endif
++
+ // Local Variables:
+ // mode: C++
+ // fill-column: 76
+============================================================
+--- src/sha1.cc 5e1aa972d7c7d66e06320b039989652b830dcd75
++++ src/sha1.cc 42e48b22fd88b25e0d38d4f91e1f13f8a83c7120
+@@ -50,9 +50,12 @@ CMD_HIDDEN(benchmark_sha1, "benchmark_sh
+ Botan::Default_Benchmark_Timer timer;
+ std::map<std::string, double> results =
+ Botan::algorithm_benchmark("SHA-1", milliseconds, timer, rng, af);
++#elif BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(1,9,11)
++ std::map<std::string, double> results =
++ Botan::algorithm_benchmark("SHA-1", milliseconds, rng, af);
+ #else
+ std::map<std::string, double> results =
+- Botan::algorithm_benchmark("SHA-1", milliseconds, rng, af);
++ Botan::algorithm_benchmark("SHA-1", af, rng, milliseconds, 16);
+ #endif
+
+ for(std::map<std::string, double>::const_iterator i = results.begin();
+============================================================
+--- src/ssh_agent.cc 6d188e7012a0b82f782563b09bbd7adf3f70cf75
++++ src/ssh_agent.cc 4a0dcab873559e934e41c5f220b5434d35600d9b
+@@ -385,9 +385,9 @@ ssh_agent::has_key(const keypair & key)
+ ssh_agent::has_key(const keypair & key)
+ {
+ //grab the monotone public key as an RSA_PublicKey
+- SecureVector<Botan::byte> pub_block;
+- pub_block.set(reinterpret_cast<Botan::byte const *>((key.pub)().data()),
+- (key.pub)().size());
++ SecureVector<Botan::byte> pub_block
++ (reinterpret_cast<Botan::byte const *>((key.pub)().data()),
++ (key.pub)().size());
+ L(FL("has_key: building %d-byte pub key") % pub_block.size());
+ shared_ptr<X509_PublicKey> x509_key =
+ shared_ptr<X509_PublicKey>(Botan::X509::load_key(pub_block));
+============================================================
+--- src/transforms.cc cdfb6854ef4992faba21074145f3c8269b845b11
++++ src/transforms.cc 789e01bbff42020d04d8dba8f6b97588fbe4ca3d
+@@ -53,10 +53,10 @@ using Botan::Hash_Filter;
+ // paradigm "must" be used. this program is intended for source code
+ // control and I make no bones about it.
+
+-NORETURN(static inline void error_in_transform(Botan::Exception & e));
++NORETURN(static inline void error_in_transform(std::exception & e));
+
+ static inline void
+-error_in_transform(Botan::Exception & e, origin::type caused_by)
++error_in_transform(std::exception & e, origin::type caused_by)
+ {
+ // these classes can all indicate data corruption
+ if (typeid(e) == typeid(Botan::Encoding_Error)
+@@ -107,7 +107,7 @@ error_in_transform(Botan::Exception & e,
+ pipe->process_msg(in); \
+ out = pipe->read_all_as_string(Pipe::LAST_MESSAGE); \
+ } \
+- catch (Botan::Exception & e) \
++ catch (std::exception & e) \
+ { \
+ pipe.reset(new Pipe(new T(carg))); \
+ error_in_transform(e, made_from); \
+@@ -173,7 +173,7 @@ template<> string xform<Botan::Hex_Decod
+ {
+ throw Botan::Decoding_Error(string("invalid hex character '") + (char)c + "'");
+ }
+- catch(Botan::Exception & e)
++ catch(std::exception & e)
+ {
+ error_in_transform(e, made_from);
+ }
+@@ -219,7 +219,7 @@ void pack(T const & in, base64< gzip<T>
+ tmp = pipe->read_all_as_string(Pipe::LAST_MESSAGE);
+ out = base64< gzip<T> >(tmp, in.made_from);
+ }
+- catch (Botan::Exception & e)
++ catch (std::exception & e)
+ {
+ pipe.reset(new Pipe(new Gzip_Compression,
+ new Base64_Encoder));
+@@ -237,7 +237,7 @@ void unpack(base64< gzip<T> > const & in
+ pipe->process_msg(in());
+ out = T(pipe->read_all_as_string(Pipe::LAST_MESSAGE), in.made_from);
+ }
+- catch (Botan::Exception & e)
++ catch (std::exception & e)
+ {
+ pipe.reset(new Pipe(new Base64_Decoder,
+ new Gzip_Decompression));
+@@ -264,7 +264,7 @@ calculate_ident(data const & dat,
+ p->process_msg(dat());
+ ident = id(p->read_all_as_string(Pipe::LAST_MESSAGE), dat.made_from);
+ }
+- catch (Botan::Exception & e)
++ catch (std::exception & e)
+ {
+ p.reset(new Pipe(new Hash_Filter("SHA-160")));
+ error_in_transform(e, dat.made_from);