Merge branch 'maint' Two fixes for gcc-12 warnings, and another fix for a benign but embarrassing braino in gcrypt.c. * maint: gcrypt: Fix return value of apc_get_pubkey(). error.h: Be more careful with error code masking. mp3_afh: Drop unused fields from struct mp3header.
gcrypt: Fix return value of apc_get_pubkey(). The function is supposed to return the key size in bytes, but it returns the number of *bits*. A consequence of this bug is that RSA keys which are too short to encrypt our 128 byte buffer are not rejected as they should be. This is not too serious because we'll fail later during the encryption step. Fix the bug anyway and clarify the documentation of apc_get_pubkey().
Introduce hash2 (sha256). This adds a second hash function which will replace sha1. Both openssl and libgcrypt support sha256, so it is easy to do. There are no users of the new functions so far, so this patch has no effect yet.
doc: Add missing \ref in crypt.h. This way, we get a warning when the name of the function changes but the comment is left unmodified.
crypt_common: Constify hash pointers. hash_to_asc() and hash_compare() only read from the memory locations given by these pointers.
crypt: Introduce crypt_shutdown(). This plugs a few harmless memory leaks in the openssl crypto backend. The leaks occur on exit and are only reported by valgrind if it is run with --leak-check=full --show-leak-kinds=all. The gcrypt backend has similar problems, but there is no way to provide a similar patch for libgrypt. The newly added comment in gcrypt.c explains why.
crypt: Rename init_random_seed_or_die() -> crypt_init(). At least the gcrypt implementation does more than just seed the PRNG. The new name is shorter and more descriptive.
crypt: Rename RSA functions. This renames the functions and constants of the public crypto API which deal with RSA to have the common "apc" (asymmetric pubkey cryptosystem) prefix. This hides RSA as an implementation detail and makes it clear that the functions/constants are related to apc. Pure renaming, no semantic change. The only other changes are a new comment to crypt.h and a \ref statement in the doxygen comment of apc_free_pubkey().
crypt.h: Remove two unused constants. These should have been removed already last year in commit d9f54f43 (crypto: Remove support for ASN public keys), since that commit made the constants obsolete.
Shorten copyright notice. The GPLv2 line does not add any additional information, so drop it. This leaves a single line of legalese text for most files, which is about the amount of screen real estate it deserves. This patch was created with the following script (plus some manual fixups): awk '{ if (NR <= 5) { gs = gensub(/.*Copyright.* ([0-9]+).*Andre Noll.*/, "\\1", "g") if (gs != $0) year = gs next } if (NR == 6 && year != "") printf("/* Copyright (C) %s Andre Noll <maan@tuebingen.mpg.de>, see file COPYING. */\n", year) print }'
Merge branch 'refs/heads/t/rm_rc4' This patch removes support for RC4, making the AES-based stream cipher mandadory. The aes_ctr128 server feature is made a no-op, breaking support with very old clients (<= 0.5.1). Cooking for three months. * refs/heads/t/rm_rc4: crypt: Remove RC4 support.
crypt: Remove RC4 support. Multiple vulnerabilities have been discovered in the RC4 stream cipher, rendering it insecure. paraslash stopped using RC4 as the default stream cipher since version 0.5.2 (2014-04-11), but server and client still supported the broken cipher for backward compatibility. This commit removes the compatibility code from both the openssl and the libgcrypt code base, leaving aes_ctr128 as the only remaining stream cipher. The server still announces the aes_ctr128 feature, although it is now mandatory because the server will enable aes_ctr128 unconditionally, no matter whether it was requested by the client or not. The client, on the other hand, still requests this feature, regardless of whether it was announced by the server or not. This keeps unpatched clients => 0.5.2 working with new servers and vice versa. Regarding the public crypto API, sc_new() loses its boolean use_aes parameter. Otherwise the API remains the same. The patch also rewrites the crypto section of the manual to not mention RC4 any more.
crypto: Simplify asymetric key handling. get_asymmetric_key() and free_asymmetric_key() are public because para_server maintains a copy to the public key of each user so that the keys need to be loaded only once. On the other hand, for private keys (used in para_client) key allocation and freeing is performed implicitly in priv_decrypt(), and no reference to the key is ever returned. So the crypto API can be simplified by exposing the interface only for public keys. Hence this patch renames get_asymmetric_key() to get_public_key() and drops the "private" argument. Similarly, free_asymmetric_key() is renamed to free_public_key().
Update year in copyright headers. Done with files=$(git grep -l 'Copyright (C) [0-9]\{4\}\(-2014\)* Andre Noll') sed --in-place= -e 's/Copyright (C) \([0-9]\{4\}\)-2014 Andre Noll/Copyright (C) \1 Andre Noll/1' $files In previous years we ran a similar script to set the second year in the range to the current year. This is kind of silly, so let's get rid of this useless information. This commit replaces "Copyright (C) A-B" by "Copyright (C) A" in all file headers, i.e. only the first year (A) is left in. Accurate information including time stamps for each change can be obtained from the git history.
doc: Change email address to maan@tuebingen.mpg.de The mail server on systemlinux.org was down for more than a week lately, so let's use an alternative official address. This commit changes all maan@systemlinux.org addresses to maan@tuebingen.mpg.de. Most .c and .h files contain the email address in the copyright header, so they must all be patched. Three other files contain the address for a different reason: * README lists email and git, gitweb and home page URLs * configure.ac needs it for configure -h * version.c contains it for the -V option of all commands
Merge branch 't/misc' Various fixes, improvements, cleanups. Cooking since 2014-02-22. * t/misc: (29 commits) build: Don't link with -lreadline if readline was not found. audiod: Skip NULL pointer check in compute_time_diff(). audiod: Make compute_time_diff() return void. com_stat(): Remove pointless uptime variable. gcrypt: Fix gcc warning on Ubuntu Lucid. flac: Try to link also without -logg. version.c: Fix comment of version_single_line(). doxygen: Expand all macros, in particular config.h. recv_common.c: Improve documentation of check_receiver_arg(). audiod: get_time_string() comment fix. configure: Really print opus audio file handler if opus lib was found. Overhaul doxygen main page. afs.h: Don't try to list all supported audio formats. Change copyright year to 2014. Add link to sideband.h in doxygen main page. Doxify error2.c and add GPL header. Add -Wdeclaration-after-statement. Add some missing includes. Makefile.real: Add clean2 to the list of phony targets. mood.c: Fix a trivial whitespace issue. ...
Change copyright year to 2014. This year, we're really on time. The changes in this patch were created by the following silly script: files=$(git grep -l 'Copyright (C) [0-9]\{4\}\(-2013\)* Andre Noll') sed --in-place= -e 's/Copyright (C) \([0-9]\{4\}\)-2013 Andre Noll/Copyright (C) \1-2014 Andre Noll/1' $files sed --in-place= -e 's/Copyright (C) 2013 Andre Noll/Copyright (C) 2013-2014 Andre Noll/1' $files
Implement aes_ctr128 and prefer it over RC4. This adds the aes_ctr128 stream cipher to para_server, para_client and para_audiod. para_server now announces this cipher as a supported feature and para_client requests an aes_ctr128-encrypted session if the server supports it. If one or both sides don't understand the new feature, the RC4 fallback applies. So this change is backwards-compatible. Both gcrypt and openssl support aes_ctr128, and the two implementations are compatible to each other: a para_client linked against openssl can talk to a para_server which was linked against libgcrypt and vice versa. This patch also updates the documentation to talk about stream ciphers and session keys rather than to mention RC4 explicitly. A short section on AES is added which also explains how counter mode turns a block cipher into a stream cipher.
Remove old stream cipher API. No users remained after the sideband compatibility code has been removed.
Change copyright year to 2013. Better late than never.