To: vim_dev@googlegroups.com Subject: Patch 8.2.3032 Fcc: outbox From: Bram Moolenaar Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ------------ Patch 8.2.3032 Problem: Build problems with MSVC, other crypt issues with libsodium. Solution: Adjust MSVC makefile. Disable swap file only when 'key' is set. Adjust error message used when key is wrong. Fix Coverity issues. (Christian Brabandt, closes #8420, closes #8411) Files: src/Make_mvc.mak, src/crypt.c, src/errors.h, src/fileio.c, src/memline.c, src/proto/crypt.pro *** ../vim-8.2.3031/src/Make_mvc.mak 2021-06-20 14:01:25.980924619 +0200 --- src/Make_mvc.mak 2021-06-21 20:59:29.882059577 +0200 *************** *** 42,48 **** # Sound support: SOUND=yes (default is yes) # # Sodium support: SODIUM=[Path to Sodium directory] ! # You need to install the msvc package from https://download.libsodium.org/libsodium/releases/ # # DLL support (EXPERIMENTAL): VIMDLL=yes (default is no) # Creates vim{32,64}.dll, and stub gvim.exe and vim.exe. --- 42,52 ---- # Sound support: SOUND=yes (default is yes) # # Sodium support: SODIUM=[Path to Sodium directory] ! # Dynamic built with libsodium ! # You need to install the msvc package from ! # https://download.libsodium.org/libsodium/releases/ ! # and package the libsodium.dll with Vim ! # # # DLL support (EXPERIMENTAL): VIMDLL=yes (default is no) # Creates vim{32,64}.dll, and stub gvim.exe and vim.exe. *************** *** 383,396 **** ! if "$(CPU)" == "AMD64" SOD_LIB = $(SODIUM)\x64\Release\v140\dynamic ! elseif "$(CPU)" == "i386" ! SOD_LIB = $(SODIUM)\x86\Release\v140\dynamic ! else SODIUM = no ! endif !endif !if "$(SODIUM)" != "no" ! SOD_INC = -I $(SODIUM)\include SOD_DEFS = -DFEAT_SODIUM SOD_LIB = $(SOD_LIB)\libsodium.lib !endif --- 387,400 ---- ! if "$(CPU)" == "AMD64" SOD_LIB = $(SODIUM)\x64\Release\v140\dynamic ! elseif "$(CPU)" == "i386" ! SOD_LIB = $(SODIUM)\Win32\Release\v140\dynamic ! else SODIUM = no ! endif !endif !if "$(SODIUM)" != "no" ! SOD_INC = /I "$(SODIUM)\include" SOD_DEFS = -DFEAT_SODIUM SOD_LIB = $(SOD_LIB)\libsodium.lib !endif *************** *** 514,520 **** CFLAGS = -c /W3 /GF /nologo $(CVARS) -I. -Iproto -DHAVE_PATHDEF -DWIN32 \ $(CSCOPE_DEFS) $(TERM_DEFS) $(SOUND_DEFS) $(NETBEANS_DEFS) $(CHANNEL_DEFS) \ ! $(NBDEBUG_DEFS) $(XPM_DEFS) $(SOD_DEFS) \ $(DEFINES) -DWINVER=$(WINVER) -D_WIN32_WINNT=$(WINVER) #>>>>> end of choices --- 518,524 ---- CFLAGS = -c /W3 /GF /nologo $(CVARS) -I. -Iproto -DHAVE_PATHDEF -DWIN32 \ $(CSCOPE_DEFS) $(TERM_DEFS) $(SOUND_DEFS) $(NETBEANS_DEFS) $(CHANNEL_DEFS) \ ! $(NBDEBUG_DEFS) $(XPM_DEFS) $(SOD_DEFS) $(SOD_INC) \ $(DEFINES) -DWINVER=$(WINVER) -D_WIN32_WINNT=$(WINVER) #>>>>> end of choices *************** *** 726,732 **** INCL = vim.h alloc.h ascii.h ex_cmds.h feature.h errors.h globals.h \ keymap.h macros.h option.h os_dos.h os_win32.h proto.h regexp.h \ ! spell.h structs.h term.h beval.h $(NBDEBUG_INCL) $(SOD_INC) OBJ = \ $(OUTDIR)\arabic.obj \ --- 730,736 ---- INCL = vim.h alloc.h ascii.h ex_cmds.h feature.h errors.h globals.h \ keymap.h macros.h option.h os_dos.h os_win32.h proto.h regexp.h \ ! spell.h structs.h term.h beval.h $(NBDEBUG_INCL) OBJ = \ $(OUTDIR)\arabic.obj \ *** ../vim-8.2.3031/src/crypt.c 2021-06-21 20:15:34.457221520 +0200 --- src/crypt.c 2021-06-21 21:03:17.297382513 +0200 *************** *** 146,154 **** FALSE, NULL, crypt_sodium_init, ! crypt_sodium_encode, crypt_sodium_decode, crypt_sodium_buffer_encode, crypt_sodium_buffer_decode, ! crypt_sodium_encode, crypt_sodium_decode, }, // NOTE: when adding a new method, use some random bytes for the magic key, --- 146,154 ---- FALSE, NULL, crypt_sodium_init, ! NULL, NULL, crypt_sodium_buffer_encode, crypt_sodium_buffer_decode, ! NULL, NULL, }, // NOTE: when adding a new method, use some random bytes for the magic key, *************** *** 250,255 **** --- 250,275 ---- + cryptmethods[method_nr].seed_len; } + + /* + * Get maximum crypt method specific length of the file header in bytes. + */ + int + crypt_get_max_header_len() + { + int i; + int max = 0; + int temp = 0; + + for (i = 0; i < CRYPT_M_COUNT; ++i) + { + temp = crypt_get_header_len(i); + if (temp > max) + max = temp; + } + return max; + } + /* * Set the crypt method for buffer "buf" to "method_nr" using the int value as * returned by crypt_method_nr_from_name(). *************** *** 403,410 **** #ifdef FEAT_SODIUM if (sodium_init() >= 0) { ! randombytes_buf(salt, salt_len); ! randombytes_buf(seed, seed_len); } else #endif --- 423,432 ---- #ifdef FEAT_SODIUM if (sodium_init() >= 0) { ! if (salt_len > 0) ! randombytes_buf(salt, salt_len); ! if (seed_len > 0) ! randombytes_buf(seed, seed_len); } else #endif *************** *** 581,586 **** --- 603,615 ---- msg_scroll = TRUE; msg(_("Warning: Using a weak encryption method; see :help 'cm'")); } + } + + #ifdef FEAT_SODIUM + static void + crypt_check_swapfile_curbuf(void) + { + int method = crypt_get_method_nr(curbuf); if (method == CRYPT_M_SOD) { // encryption uses padding and MAC, that does not work very well with *************** *** 590,600 **** #ifdef FEAT_PERSISTENT_UNDO set_option_value((char_u *)"udf", 0, NULL, OPT_LOCAL); #endif - msg_scroll = TRUE; msg(_("Note: Encryption of swapfile not supported, disabling swap- and undofile")); } } void crypt_check_current_method(void) --- 619,629 ---- #ifdef FEAT_PERSISTENT_UNDO set_option_value((char_u *)"udf", 0, NULL, OPT_LOCAL); #endif msg_scroll = TRUE; msg(_("Note: Encryption of swapfile not supported, disabling swap- and undofile")); } } + #endif void crypt_check_current_method(void) *************** *** 647,652 **** --- 676,684 ---- set_option_value((char_u *)"key", 0L, p1, OPT_LOCAL); crypt_free_key(p1); p1 = curbuf->b_p_key; + #ifdef FEAT_SODIUM + crypt_check_swapfile_curbuf(); + #endif } break; } *************** *** 654,663 **** } // since the user typed this, no need to wait for return ! if (msg_didout) ! msg_putchar('\n'); ! need_wait_return = FALSE; ! msg_didout = FALSE; crypt_free_key(p2); return p1; --- 686,698 ---- } // since the user typed this, no need to wait for return ! if (crypt_get_method_nr(curbuf) != CRYPT_M_SOD) ! { ! if (msg_didout) ! msg_putchar('\n'); ! need_wait_return = FALSE; ! msg_didout = FALSE; ! } crypt_free_key(p2); return p1; *************** *** 726,731 **** --- 761,767 ---- * "from" and "to" can be equal to encrypt in place. * Call needs to ensure that there is enough space in to (for the header) */ + #if 0 // Currently unused void crypt_sodium_encode( cryptstate_T *state UNUSED, *************** *** 764,774 **** sod_st->count++; # endif } ! /* TODO: Unused * Decrypt "from[len]" into "to[len]". * "from" and "to" can be equal to encrypt in place. */ void crypt_sodium_decode( cryptstate_T *state UNUSED, --- 800,812 ---- sod_st->count++; # endif } + #endif ! /* * Decrypt "from[len]" into "to[len]". * "from" and "to" can be equal to encrypt in place. */ + #if 0 // Currently unused void crypt_sodium_decode( cryptstate_T *state UNUSED, *************** *** 841,846 **** --- 879,885 ---- vim_free(buf_out); # endif } + #endif /* * Encrypt "from[len]" into "to[len]". *************** *** 864,870 **** sodium_state_T *sod_st = state->method_state; int first = (sod_st->count == 0); ! length = len + crypto_secretstream_xchacha20poly1305_ABYTES + (first ? crypto_secretstream_xchacha20poly1305_HEADERBYTES : 0); *buf_out = alloc_clear(length); if (*buf_out == NULL) --- 903,909 ---- sodium_state_T *sod_st = state->method_state; int first = (sod_st->count == 0); ! length = (int)len + crypto_secretstream_xchacha20poly1305_ABYTES + (first ? crypto_secretstream_xchacha20poly1305_HEADERBYTES : 0); *buf_out = alloc_clear(length); if (*buf_out == NULL) *** ../vim-8.2.3031/src/errors.h 2021-06-21 20:15:34.457221520 +0200 --- src/errors.h 2021-06-21 21:00:36.605858884 +0200 *************** *** 443,448 **** EXTERN char e_libsodium_cannot_decrypt_buffer[] INIT(= N_("E1199: Cannot decrypt buffer, not enough space")); EXTERN char e_libsodium_decryption_failed[] ! INIT(= N_("E1200: Decryption failed: corrupted chunk!")); EXTERN char e_libsodium_decryption_failed_premature[] INIT(= N_("E1201: Decryption failed: pre-mature end of file!")); --- 443,448 ---- EXTERN char e_libsodium_cannot_decrypt_buffer[] INIT(= N_("E1199: Cannot decrypt buffer, not enough space")); EXTERN char e_libsodium_decryption_failed[] ! INIT(= N_("E1200: Decryption failed!")); EXTERN char e_libsodium_decryption_failed_premature[] INIT(= N_("E1201: Decryption failed: pre-mature end of file!")); *** ../vim-8.2.3031/src/fileio.c 2021-06-20 14:01:25.984924607 +0200 --- src/fileio.c 2021-06-21 20:59:29.882059577 +0200 *************** *** 1213,1218 **** --- 1213,1219 ---- * Read bytes from curbuf. Used for converting text read * from stdin. */ + eof = FALSE; if (read_buf_lnum > from) size = 0; else *************** *** 1261,1266 **** --- 1262,1268 ---- if (!curbuf->b_p_eol) --tlen; size = tlen; + eof = TRUE; break; } } *************** *** 1276,1282 **** // Let the crypt layer work with a buffer size of 8192 if (filesize == 0) // set size to 8K + Sodium Crypt Metadata ! size = WRITEBUFSIZE + 36 + crypto_secretstream_xchacha20poly1305_HEADERBYTES + crypto_secretstream_xchacha20poly1305_ABYTES; --- 1278,1284 ---- // Let the crypt layer work with a buffer size of 8192 if (filesize == 0) // set size to 8K + Sodium Crypt Metadata ! size = WRITEBUFSIZE + crypt_get_max_header_len() + crypto_secretstream_xchacha20poly1305_HEADERBYTES + crypto_secretstream_xchacha20poly1305_ABYTES; *** ../vim-8.2.3031/src/memline.c 2021-06-20 14:01:25.984924607 +0200 --- src/memline.c 2021-06-21 20:59:29.882059577 +0200 *************** *** 497,503 **** return; // no memfile yet, nothing to do old_method = crypt_method_nr_from_name(old_cm); ! if (old_method == CRYPT_M_SOD || crypt_get_method_nr(buf) == CRYPT_M_SOD) { // close the swapfile mf_close_file(buf, TRUE); --- 497,504 ---- return; // no memfile yet, nothing to do old_method = crypt_method_nr_from_name(old_cm); ! // Swapfile encryption not supported by XChaCha20 ! if (crypt_get_method_nr(buf) == CRYPT_M_SOD && *buf->b_p_key != NUL) { // close the swapfile mf_close_file(buf, TRUE); *** ../vim-8.2.3031/src/proto/crypt.pro 2021-06-20 14:01:25.988924596 +0200 --- src/proto/crypt.pro 2021-06-21 21:03:32.645337443 +0200 *************** *** 5,10 **** --- 5,11 ---- int crypt_get_method_nr(buf_T *buf); int crypt_whole_undofile(int method_nr); int crypt_get_header_len(int method_nr); + int crypt_get_max_header_len(void); void crypt_set_cm_option(buf_T *buf, int method_nr); int crypt_self_test(void); cryptstate_T *crypt_create(int method_nr, char_u *key, char_u *salt, int salt_len, char_u *seed, int seed_len); *************** *** 23,30 **** char_u *crypt_get_key(int store, int twice); void crypt_append_msg(buf_T *buf); int crypt_sodium_init(cryptstate_T *state, char_u *key, char_u *salt, int salt_len, char_u *seed, int seed_len); - void crypt_sodium_encode(cryptstate_T *state, char_u *from, size_t len, char_u *to, int last); - void crypt_sodium_decode(cryptstate_T *state, char_u *from, size_t len, char_u *to, int last); long crypt_sodium_buffer_encode(cryptstate_T *state, char_u *from, size_t len, char_u **buf_out, int last); long crypt_sodium_buffer_decode(cryptstate_T *state, char_u *from, size_t len, char_u **buf_out, int last); /* vim: set ft=c : */ --- 24,29 ---- *** ../vim-8.2.3031/src/version.c 2021-06-21 20:48:54.968049445 +0200 --- src/version.c 2021-06-21 21:06:39.428793815 +0200 *************** *** 757,758 **** --- 757,760 ---- { /* Add new patch number below this line */ + /**/ + 3032, /**/ -- How To Keep A Healthy Level Of Insanity: 4. Put your garbage can on your desk and label it "in". /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net \\\ /// \\\ \\\ sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ /// \\\ help me help AIDS victims -- http://ICCF-Holland.org ///