now using setrlimit() if present and if not in debug mode; applied changes for removed files

2025-12-17 12:00:56 +01:00 · 2015-01-13 13:06:20 +01:00
parent 54986fa6dc
commit f0494385e1
10 changed files with 70 additions and 23 deletions
--- a/7
+++ b/7
@@ -1,3 +1,10 @@
+NEXT
+	removed hand-written padding stuff and using
+	libsodiums _easy() functions for crypto now
+	instead of the raw nacl ones.
+
+	using secure memory where applicable.
+	
 0.2.4	fixed compiler macro misplacement (github#4).

 	fixed invalid free (github#5).
--- a/35
+++ b/35
@@ -26,22 +26,25 @@ c++ destructor double free mess
 cpptest 0 uses same Context for encryptor and decryptor,
 must be another one for the latter!

-Python binding, e.g.:
-py % cdll.LoadLibrary("libsodium.so.8")
-<CDLL 'libsodium.so.8', handle 800776c00 at 80192a3d0>
-py % nacl = CDLL("libsodium.so.8")
-py % hash = create_string_buffer('\000' * 64)
-py % hash
-<ctypes.c_char_Array_65 object at 0x80182c560>
-py % hash.raw
-'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x...
-py % key = create_string_buffer('a' * 32)
-py % nacl.crypto_hash_sha256(pointer(hash), pointer(key), 32)
-0
-py % hash.raw
-';\xa3\xf5\xf4;\x92`&\x83\xc1\x9a\xeeb\xa2\x03B\xb0\x84\...
-py % 
-
 after new z85 padding scheme: write z85 blocksize to output
 as well? if a reader doesn't know the blocksize it won't be
 able to decode it properly. Or no issue? Not sure yet...
+
+
+(gdb) set args  -V v1 -p -x xxx -z -i 0x8671F4264E20F179
+(gdb) r
+Starting program: /usr/home/sciplocal/D/github/pcp/src/pcp1 -V v1 -p -x xxx -z -i 0x8671F4264E20F179
+failed to decrypt the secret key (got -1, expected 32)!
+Error: Operation not permitted
+
+Program received signal SIGSEGV, Segmentation fault.
+0x000000000040f8e8 in pcphash_del (ptx=0x801017040, key=0x80107b100, type=Variable "type" is not available.
+) at keyhash.c:28
+28          HASH_DEL(ptx->pcpkey_hash, (pcp_key_t *)key);
+(gdb) bt
+#0  0x000000000040f8e8 in pcphash_del (ptx=0x801017040, key=0x80107b100, type=Variable "type" is not available.
+) at keyhash.c:28
+#1  0x000000000040fba7 in pcphash_clean (ptx=0x801017040) at keyhash.c:50
+#2  0x00000000004084ff in ptx_clean (ptx=0x801017040) at context.c:52
+#3  0x0000000000402557 in main (argc=Variable "argc" is not available.
+) at pcp.c:593
--- a/autogen.sh
+++ b/autogen.sh
@@ -61,7 +61,7 @@ Pretty Curved Privacy - File encryption using eliptic curve cryptography.

    # generate pypcp types
    bindings/py/gencffi.pl include/pcp/defines.h include/pcp/structs.h include/pcp/key.h \
-	                   include/pcp/buffer.h include/pcp/context.h include/pcp/mac.h \
+	                   include/pcp/buffer.h include/pcp/context.h \
 	                   include/pcp/ed.h include/pcp/crypto.h include/pcp/vault.h \
 	                   include/pcp/mgmt.h include/pcp/keyhash.h include/pcp/scrypt.h \
 	                   include/pcp/pcpstream.h include/pcp/z85.h > bindings/py/pypcp/raw.py
--- a/configure.ac
+++ b/configure.ac
@@ -78,6 +78,7 @@ AC_CHECK_FUNCS( \
    memset \
    memcpy \
    perror \
+    setrlimit \
    strnlen \
    strnstr \
    strlen \
@@ -192,12 +193,31 @@ if test "x${_havenacl}" = "xno"; then
 		LDFLAGS=`pkg-config --libs libsodium`
 		CFLAGS=`pkg-config --cflags libsodium`
 		_ldlib=`pkg-config --libs libsodium | cut -d ' ' -f 1 | cut -d L -f 2`
+		_havenacl=yes
 		AC_MSG_RESULT([yes])
 	else
 		AC_MSG_RESULT([no])
 	fi
 fi

+if test "x${_havenacl}" != "xno" -a "x$cross_compile" = "xno"; then
+    AC_MSG_CHECKING([libsodium version compatible])
+    AC_RUN_IFELSE([
+	    AC_LANG_PROGRAM([[
+#include <sodium.h>
+			]],[[
+			if (sodium_library_version_major() >= 7) { exit(0); }
+			else { exit(1); }    
+			    ]])],
+	[
+	    AC_MSG_RESULT([yes])
+	    ],
+	[
+	    AC_MSG_ERROR([no, libsodium too old. please update your libsodium installation])
+	]
+    )
+fi
+
 AC_ARG_ENABLE([cbc],
            [AS_HELP_STRING([--enable-cbc],
                            [Enable CBC@1k encryption mode (default: EBC @32k)])],
@@ -260,6 +280,7 @@ AC_MSG_CHECKING([is libsodium compiled correctly])
 AC_RUN_IFELSE([
 AC_LANG_PROGRAM([[
 #include <sodium.h>
+#include <stdlib.h>
 #if crypto_box_PUBLICKEYBYTES != 32 || crypto_box_SECRETKEYBYTES != 32 || crypto_sign_PUBLICKEYBYTES != 32 || crypto_sign_PUBLICKEYBYTES != 32
 #   error "libsodium not built correctly"
 #endif
@@ -301,7 +322,7 @@ AC_ARG_ENABLE([debug],
    AS_HELP_STRING([--disable-debug], [Disable debugging]))

 AS_IF([test "x$enable_debug" != "xno"], [
-	  CFLAGS="$CFLAGS -g"
+	  CFLAGS="$CFLAGS -g -DDEBUG"
 	  enable_debug="yes"
 ])

@@ -388,6 +409,8 @@ AC_MSG_RESULT([

 	target platform:        ${host}
        big endian cpu:         ${bigendian}
+	cross compile:          ${cross_compile}
+	have nacl:              ${_havenacl}

 	build python binding:   ${python}
 	build c++ binding:      ${enable_cpp_binding}
--- a/include/Makefile.am
+++ b/include/Makefile.am
@@ -7,9 +7,7 @@ PCPEXPORT = pcp.h \
            pcp/jenhash.h \
            pcp/key.h \
            pcp/keyhash.h \
-            pcp/mac.h \
            pcp/mem.h \
-            pcp/pad.h \
            pcp/platform.h \
            pcp/randomart.h \
            pcp/uthash.h \
--- a/include/pcp.h
+++ b/include/pcp.h
@@ -19,10 +19,8 @@ extern "C" {
 #include "pcp/key.h"
 #include "pcp/keyhash.h"
 #include "pcp/keysig.h"
-#include "pcp/mac.h"
 #include "pcp/mem.h"
 #include "pcp/mgmt.h"
-#include "pcp/pad.h"
 #include "pcp/pcpstream.h"
 #include "pcp/platform.h"
 #include "pcp/plist.h"
--- a/include/pcp/config.h.in
+++ b/include/pcp/config.h.in
@@ -91,6 +91,9 @@
 /* Define to 1 if you have the `posix_memalign' function. */
 #undef HAVE_POSIX_MEMALIGN

+/* Define to 1 if you have the `setrlimit' function. */
+#undef HAVE_SETRLIMIT
+
 /* Define to 1 if you have the `sizeof' function. */
 #undef HAVE_SIZEOF

--- a/libpcp/Makefile.am
+++ b/libpcp/Makefile.am
@@ -26,7 +26,7 @@ lib_LTLIBRARIES      = libpcp1.la
 pkgconfigdir = $(libdir)/pkgconfig
 pkgconfig_DATA = libpcp1.pc

-libpcp1_la_SOURCES = platform.c mac.c mem.c pad.c version.c \
+libpcp1_la_SOURCES = platform.c  mem.c version.c \
 		    context.c z85.c zmq_z85.c key.c randomart.c \
 		    vault.c jenhash.c digital_crc32.c \
                    crypto.c ed.c keyhash.c scrypt.c \
--- a/src/pcp.c
+++ b/src/pcp.c
@@ -309,6 +309,13 @@ int main (int argc, char **argv)  {


  sodium_init(); /*  FIXME: better called from the lib? */
+
+#ifndef DEBUG
+#  ifdef HAVE_SETRLIMIT
+     setrlimit(RLIMIT_CORE, &(struct rlimit) {0, 0});
+#  endif
+#endif  
+
  errno = 0; /* FIXME: workaround for https://github.com/jedisct1/libsodium/issues/114 */

  if(mode == PCP_MODE_ENCRYPT && useid == 0 && userec == 0) {
--- a/src/pcp.h
+++ b/src/pcp.h
@@ -28,6 +28,14 @@
 #include <stdlib.h>
 #include <compat_getopt.h>

+#ifndef DEBUG
+#  ifdef HAVE_SETRLIMIT
+#    include <sys/types.h>
+#    include <sys/time.h>
+#    include <sys/resource.h>
+#  endif
+#endif
+
 /*  lib */
 #include "mem.h"
 #include "z85.h"