Andre Noll [Sun, 9 Apr 2017 11:47:15 +0000 (13:47 +0200)]
Merge branch 'refs/heads/t/rm_asn'
A few cleanups, and one patch which removes an obsolete feature,
getting rid of an open-coded ASN parser.
Cooking for three months.
* refs/heads/t/rm_asn:
Remove unused E_PUBLIC_KEY.
crypt.c: Combine load_key() and get_private_key().
crypto: Remove support for ASN public keys.
crypto: Simplify asymetric key handling.
crypto: Rename check_key_file() -> check_private_key_file().
gcrypt.c: Always initialize result pointer in get_private_key().
Andre Noll [Sat, 28 Jan 2017 18:33:26 +0000 (19:33 +0100)]
i9e: Restore file status flags on exit.
The i9e subsystem sets the stdin and stdout fds passed to i9e_open()
to nonblocking mode but misses to restore the original flags in
i9e_close(). This causes terminal applications like dialog to fail
if they are started in the same terminal after e.g. para_play was
executed.
This commit modifies i9e_open() to fetch and save the file status
flags before setting the O_NONBLOCK flag, and i9e_close() to restore
the original value. STDERR is not affected.
Andre Noll [Sun, 10 Jul 2016 14:15:37 +0000 (16:15 +0200)]
gcrypt: Remove open-coded OAEP padding.
The open-coded OAEP padding implementaton of gcrypt.c was necessary to
support old libgcrypt versions which do not have the oaep flag. These
days, everybody ought to have moved on to 1.5.0 (released 2011)
or later, so lets require this version from now on.
decode_rsa() used its key_size parameter only for old gcrypt versions,
so the parameter can be removed. Also, the E_MPI_PRINT error code
has become unused and can be removed from error.h.
Since rsa_decrypt_sexp is now constant, there is no need to have a
variable for this, so we can make it a preprocessor definition instead.
Andre Noll [Tue, 12 Jul 2016 17:54:19 +0000 (19:54 +0200)]
crypto: Remove support for ASN public keys.
These have been deprecated for some years in favor of ssh keys
generated with ssh-keygen(1). Removing support for the deprecated
format allows to get rid of quite some ugly ASN parsing code.
Private ASN keys, however, still need to be parsed in case
libgcrypt is employed as the crypto API. So the parser in
find_privkey_bignum_offset() needs to stay.
Andre Noll [Sun, 10 Jul 2016 20:23:45 +0000 (22:23 +0200)]
crypto: Simplify asymetric key handling.
get_asymmetric_key() and free_asymmetric_key() are public because
para_server maintains a copy to the public key of each user so that
the keys need to be loaded only once. On the other hand, for private
keys (used in para_client) key allocation and freeing is performed
implicitly in priv_decrypt(), and no reference to the key is ever
returned. So the crypto API can be simplified by exposing the interface
only for public keys.
Hence this patch renames get_asymmetric_key() to get_public_key()
and drops the "private" argument. Similarly, free_asymmetric_key()
is renamed to free_public_key().
For public keys the function only called stat(2), which is unnecessary
because only an error from the subsequent open(2) call requires to
fail the operation.
The stat() call is needed for loading private keys though, to make
sure permissions are restrictive enough.
This commit renames the function as indicated in the subject and
drops the second parameter. In crypt.c we now call this function for
private keys only.
Andre Noll [Sun, 10 Jul 2016 20:20:03 +0000 (22:20 +0200)]
gcrypt.c: Always initialize result pointer in get_private_key().
This should not matter since the only caller, priv_decrypt(), returns
without investigating the result pointer on errors, but let's be
conservative here.
Andre Noll [Mon, 26 Dec 2016 15:16:36 +0000 (16:16 +0100)]
build: Remove compatibility check for clock_gettime().
Only Mac OS (which is no longer supported) did not have it. Moreover,
on Linux we used to check whether one needs to link with -lrt to
obtain clock_gettime(), which is necessary for glibc versions 2.16
and earlier (released in 2012). All distributions should have moved
on to newer glibc versions by now, so let's get rid of the check.
Andre Noll [Mon, 18 Jul 2016 18:50:41 +0000 (20:50 +0200)]
Drop support for Mac OS.
This software hasn't been tested on Mac OS for years, so Mac OS
support is most likely already broken.
This commit removes the osx writer and the autoconf tests for core
audio, and adjusts the documentation to not mention Mac OS anymore. It
also effectively reverts commit be1074b4 which introduced an ugly
workaround in interactive.c that was only needed on Mac OS.
Andre Noll [Sat, 31 Dec 2016 20:12:33 +0000 (21:12 +0100)]
Merge branch 'maint'
A trivial conflict in configure.ac and remove/modify conflicts in
web/index.in.html and NEWS. The last file has been renamed to NEWS.md
in master. The conflict was resolved by copying the new text of the
NEWS file from maint (the release notes for v0.4.14) to NEWS.md and
to adjust the formatting to markdown syntax.
Andre Noll [Sat, 31 Dec 2016 15:50:02 +0000 (16:50 +0100)]
Merge branch 'refs/heads/t/simple_error_codes'
Two patches which get rid of the concept of per-subsystem error
codes. The host-compiled error2.c program can be removed, configure.ac
and error.h simplified.
The merge conflicted because both sides modified error.h, but this
was easy to resolve.
* refs/heads/t/simple_error_codes:
Sort errors alphabetically.
Simplify the error subsystem, get rid of error2.[ch].
Andre Noll [Fri, 30 Dec 2016 14:58:41 +0000 (15:58 +0100)]
Merge branch 'refs/heads/t/invalid-ids'
A single patch that was in misc for a while, and two follow up fixups
that were detected after the branch was merged into next.
* refs/heads/t/invalid-ids (cooking for two weeks):
Makefile: Don't compile with -Wformat-signedness unconditionally.
aft.c: Use correct format string for error output.
touch: Refuse to set an invalid image or lyrics ID.
Andre Noll [Wed, 28 Dec 2016 20:40:42 +0000 (21:40 +0100)]
t0004: Specify proper options for ls commands.
The -p option is deprecated, and the default behaviour (if none of -p,
-F and -b is given) will change in v0.6.0. Although the tests succeed
at the moment, it seems prudent to switch to the modern syntax to
make sure the tests won't break when -p is removed and the default
behaviour is changed.
Andre Noll [Wed, 28 Dec 2016 19:38:34 +0000 (20:38 +0100)]
Merge branch 'refs/heads/t/format-signedness'
This series fixes all warnings produced by compiling with
-Wformat-signedness and adds the flag to CFLAGS if the compiler
supports it.
* refs/heads/t/format-signedness (cooking for ~2 weeks):
gcrypt: Fix a few format-signedness issues.
Compile with -Wformat-signedness if possible.
Fix signedness issues in format strings.
Andre Noll [Tue, 27 Dec 2016 18:29:38 +0000 (19:29 +0100)]
resample: Simplify initialization().
In resample_init(), the first check removed in this commit was bogus
because in case there is no parent buffer tree node, we must only
abort if there is no input pending either.
In resample_post_select(), we move up the check of the node status
so that we now call resample_init() only after we know that there
is input available. This makes the second check in resample_init()
pointless as the condition can never be true.
Andre Noll [Wed, 28 Dec 2016 01:08:54 +0000 (02:08 +0100)]
fade: Add documentation for main() and include it in doxygen.
The two mixer implementations for OSS and ALSA are also included,
both of which are only used by para_fade. So it makes sense to include
para_fade as well. main() is the only a non-static function, so let's
doxify that.
Andre Noll [Wed, 28 Dec 2016 12:05:34 +0000 (13:05 +0100)]
Merge branch 'refs/heads/t/wma_fixes'
The series also contains a fix for a silly bug which causes the decoder
to abort on empty output sizes, and a couple of cosmetic cleanups.
* refs/heads/t/wma_fixes (cooking for two weeks):
wmadec: Remove two pointless variables.
wmadec: Remove a pointless cast.
wmadec: Set data size to 0 if nothing was decoded.
wma: Fix packet size calculation.
wmadec: Properly handle empty outputs.
wma_common: Fix typo in log message.
Andre Noll [Tue, 27 Dec 2016 15:29:29 +0000 (16:29 +0100)]
Merge branch 'refs/heads/t/openssl-1.1'
In openssl-1.1 several structures have been made opaque, breaking both
the stream cipher and the public key functions in crypt.c. This series
deals with these issues, trying to minimize the ifdeffery.
* refs/heads/t/openssl-1.1 (cooking for three months):
openssl: RSA fixes for openssl-1.1.
openssl: Use EVP API for AES.
Andre Noll [Mon, 16 Dec 2013 21:18:27 +0000 (22:18 +0100)]
portable_io.h: Provide big-endian versions and use them for aac.
The aac audio format handler code contains some instances that read a
big-endian encoded 32 or 64 bit number from a buffer. While for the
32 bit case there is a helper function aac_read_int32(), the 64 bit
case is open-coded.
We already have similar functions for the conversion of little-endian
entities. This patch adds their big endian counterparts as inline
functions to portable_io.h and changes the callers to use those.
The patch also gets rid of two fprintf() statements in write_portable()
which were commented out for ages.
Andre Noll [Mon, 16 Dec 2013 21:06:44 +0000 (22:06 +0100)]
aac: Switch from unsigned char to char.
The faad library functions take unsigned char pointers while most of
the paraslash code prefers plain char *. It's easier to use char *
in all paraslash functions and cast the arguments of the faad library
function calls than to have a mix of both types.
Andre Noll [Sun, 28 Aug 2016 16:46:22 +0000 (18:46 +0200)]
Simplify the error subsystem, get rid of error2.[ch].
This commit removes error2.c and the surrounding infrastructure of
the build system, getting rid of ~600 LOC.
After the change there are no more subsystems for error codes, and we
don't need to host-compile error2.c any more. Since all executables
now contain the text of every error code, the change has some impact
on the sizes of the (stripped) executables:
Andre Noll [Tue, 20 Dec 2016 14:40:09 +0000 (15:40 +0100)]
Merge branch 'refs/heads/t/base64'
A couple of patches which move the base64 code to a separate file,
and improve on it. Was cooking for several months.
* refs/heads/t/base64:
base64: Speed up decoder by using a table.
base64: Use para_isspace() everywhere.
base64: Trivial whitespace fixes.
base64: Replace Pad64 variable by macro.
base64: Remove unnecessary overflow checks.
base64: Saner semantics for base64_decode() and uudecode().
Move base64 implementation to own file.
Andre Noll [Thu, 8 Dec 2016 23:22:57 +0000 (00:22 +0100)]
wmadec: Remove two pointless variables.
The local variables n and incr of wma_decode_frame() shadow the
values of their counterparts in struct private_wmadec_data, and they
remain constant within the function. Referring directly to the private
structure instead makes the code shorter and improves readability.
Andre Noll [Tue, 1 Nov 2016 10:44:53 +0000 (11:44 +0100)]
wma: Fix packet size calculation.
Usually the (fixed) packet size of a wma file equals the block align
value plus WMA_FRAME_SKIP. However, this is not true in general,
and if the two values differ, we fail to decode the file and bail
out with an "incoherent block length" error.
This patch adds code to read the correct packet size from the file
properties object and uses this value in the decoder and the audio
format handler.
Andre Noll [Tue, 1 Nov 2016 05:10:00 +0000 (06:10 +0100)]
wmadec: Properly handle empty outputs.
If out_size is zero we try to shrink the buffer to size zero. POSIX
says that the behavior is implementation-defined in this case, and
para_realloc() aborts due to an assert() statement that checks for
size zero. This patch makes sure the wma decoder never calls realloc()
with a zero size argument.
Andre Noll [Wed, 23 Nov 2016 22:17:10 +0000 (23:17 +0100)]
Compile with -Wformat-signedness if possible.
We can't activate this warning unconditionally because it is not
supported on older compilers, including clang. Therefore we introduce
a build time check and add the option only if the compiler supports it.
Andre Noll [Wed, 23 Nov 2016 22:16:50 +0000 (23:16 +0100)]
Fix signedness issues in format strings.
Compiling with -Wformat-signedness (not enabled so far) causes many
warnings because of format strings which specify an unsigned type but
correspond to an argument of signed type, or vice versa. This commit
fixes all these mismatches.
For "%u", "%d", "%lu", "%ld" we let the format string match the
type of the argument, but for "%x" we need to cast the argument to
a suitable unsigned type.
After this patch the tree compiles cleanly with -Wformat-signedness
given. The warning will be enabled in a subsequent commit.
Andre Noll [Sun, 4 Dec 2016 10:10:36 +0000 (11:10 +0100)]
Merge branch 'refs/heads/t/sideband-cleanup'
started on 2016-07-03, cooking since 2016-07-16
para_server announces sideband as an optional feature, which is
pointless since sideband connections have become mandatory in
paraslash-0.5.x, so they are always used. This patch set removes
the feature negitiation during the initial handshake. The sideband
protocol remains and is not affected.
Overwiew of the handshake in v0.5.x:
(SA) server announces sideband
(CC) client fails connection if server did not announce sideband
(CR) client requests sideband
(SC) server fails connection if sideband was not requested
already broken
- client-0.4/server-0.5 (!CR, SC)
- client-0.5/server-0.4 (!SA, CC)
In this series only the first two conversion steps are done as they
can be merged early without breaking anything.
* refs/heads/t/sideband-cleanup:
server: Do not fail if client does not request sideband.
client: No longer fail connection if sideband was not announced.
Andre Noll [Tue, 23 Aug 2016 20:58:46 +0000 (22:58 +0200)]
server: Fix race condition in afs startup.
After server_init() returns, the server accepts connections on the
TCP command socket. If an afs command arrives on the command socket,
the server process forks and the resulting child process (the command
handler) connects to the local afs socket. However, this socket is
created by the afs process which was forked from the server process
in server_init(). It is therefore possible that the command handler
connects before the afs process started to listen on the local afs
socket. In this case, the connection, hence the command fails.
This commit fixes the race condition by letting the parent process
block on read(2) on the afs socket. The afs process writes a byte
to the other end of the socket after it has completed its setup,
causing the parent process to resume.
For this to work, we need a connection-mode byte stream for the
communication between the server and the afs process, rather
than the connectionless datagram socket we have now. There is no
particular reason to prefer a datagram socket here, so let's switch
to SOCK_STREAM.
Andre Noll [Thu, 16 Jun 2016 18:17:21 +0000 (20:17 +0200)]
daemon: Fix race condition in daemonize().
If parent_waits is true, the parent process waits for a signal from
the child before it exits. However, this signal can arive before the
parent has set up its signal handler.
This patch closes the race window by switching from signals to
pipes. We now create a pipe before the new process is forked, and
let the parent block on read(2) until the child exits or indicates
success by writing a byte to one end of the pipe. The child process
receives the file descriptor of the writing end of the pipe as the
return value of daemonize().
The only user of the parent_waits feature is para_server, which is
changed accordingly.
Andre Noll [Sat, 26 Mar 2016 22:27:09 +0000 (22:27 +0000)]
touch: Refuse to set an invalid image or lyrics ID.
This makes the callback of the touch command fail the command if the
given ID does not exist in the corresponding blob table.
To this aim we call blob_get_name_by_id() to look up the ID. Since
we are not interested in the name, the function now allows a NULL
result pointer in which case it only checks whether the ID is valid.
With this patch applied the attempt to set an invalid image or lyrics
ID results in an error message like this:
invalid image ID: 456565
remote: key not found in rbtree
main: command failed
Andre Noll [Sun, 25 Sep 2016 13:56:43 +0000 (15:56 +0200)]
test-lib: Fix a bash-4.4 issue.
Apparently bash-4.4 changed how unquoted here strings are treated.
We want to process only the first line of the output, so the right
thing to do is to ask awk to exit after processing the first line.
This works regardless of the bash version.
Andre Noll [Wed, 24 Aug 2016 20:18:36 +0000 (22:18 +0200)]
server: Deprecate ls -p.
In v0.6.0 the -p option will have the same meaning as for the rm and
touch commands: perform pathname match. Also the default for the ls
command will be changed to list full paths while the new -b option
must be given to print only the basename (i.e., the current behaviour
if -p is not given).
This commit is a preparation for these incompatible changes which
does not break existing scripts. It does the following
* The -p option is deprecated in favor of its synonym, the new -F
option (for full path).
* The new -b option instructs the command to perform basename matching
and print only the basename of the matching files. It is currently
a no-op.
With the patch applied, scripts are supposed to specify either -b or
-F as appropriate. In v0.6.0 the semantics of -p will be changed as
described above, the default will be changed to print the full path,
and -F will be deprecated because it is a no-op then.
Andre Noll [Sun, 28 Aug 2016 13:35:11 +0000 (15:35 +0200)]
openssl: RSA fixes for openssl-1.1.
In openssl-1.1 the RSA structure has been made opaque, causing
compilation of crypt.c to fail because the code accesses ->n and ->e
directly to set the modulus and the public exponent according to the
values read from the public ssh key.
With openssl-1.1 applications are supposed to call RSA_set0_key()
to set n and e. Unfortunately, this function does not exist in
openssl-1.0.2.
This patch adds a configure check which defines HAVE_RSA_SET0_KEY if
RSA_set0_key() is available. In crypt.c we either call the function
or set ->n and ->e directly, depending on whether HAVE_RSA_SET0_KEY
is defined. This results in code which works on both openssl-1.0.2
and openssl-1.1.0.
Andre Noll [Sun, 28 Aug 2016 13:35:53 +0000 (15:35 +0200)]
openssl: Use EVP API for AES.
opensssl-1.1 no longer exports AES_set_encrypt_key() and
AES_ctr128_encrypt(). Applications are supposed to use the high-level
EVP interface instead.
Fortunately, the EVP library functions necessary for our use of
the AES_ctr128 stream cipher are available in openssl version 1.0.1
and above, so switching to the EVP API makes the code work with all
versions >= 1.0.1.
Andre Noll [Sat, 11 Jun 2016 18:44:01 +0000 (20:44 +0200)]
afs: Fix error handling of the select command.
com_select() returns success even if the mood or playlist could not
be activated. This commit changes the function to return the error
code from activate_mood_or_playlist() instead.
The function had another minor issue: If the current mood is the
dummy mood, and we failed to switch to the given mood or playlist,
and also failed to switch back to the dummy mood, we try a second
time to activate the dummy mood. This should not happen, but let's
fix it anyway.
Andre Noll [Sat, 9 Apr 2016 18:44:28 +0000 (20:44 +0200)]
base64: Speed up decoder by using a table.
The current implementation calls strchr() for each character in the
decoded data to find the offset in the Base64[] array that corresponds
to six decoded bits. This makes the algorithm scale poorly.
This commit introduces a lookup table of size 256 which simplifies
the code and improves the performance of the decoder.
Andre Noll [Tue, 28 Apr 2015 16:17:42 +0000 (18:17 +0200)]
base64: Remove unnecessary overflow checks.
Since we decode no more than encoded_size many bytes, and the output
buffer is allocated large enough to store the decoded data, we won't
ever overflow the output buffer. This commit removes the pointless
checks.
Andre Noll [Sun, 26 Apr 2015 21:41:00 +0000 (23:41 +0200)]
base64: Saner semantics for base64_decode() and uudecode().
Currently the callers of these functions must allocate a suitably
sized buffer for the decoded data. It is easier to let the decoders
allocate the result buffer, as implemented in this commit. The callers
in crypt.c and gcrypt.c are adjusted accordingly.
Andre Noll [Tue, 10 Jun 2014 15:52:22 +0000 (17:52 +0200)]
Move base64 implementation to own file.
The base64 decoder is independent of anything else, so it should not
be part of the crypto API. This patch moves the two public functions
uudecode() and base64_decode() to a new file, base64.c, and introduces
base64.h to declare them.
Andre Noll [Sun, 10 Jul 2016 19:33:18 +0000 (21:33 +0200)]
gcrypt: Check file permissions of private keys.
Before opening a private key, crypt.c checks that the permissions
are restrictive enough. However, the gcrypt implementation contains
no such check. This commit adds it.
Andre Noll [Sun, 10 Jul 2016 18:59:34 +0000 (20:59 +0200)]
gcrypt: Always initialize result pointer.
If the call to mmap_full_file() at the beginning of decode_key() fails,
we return without initializing the result pointer to NULL. This does not
matter now, because the only caller of decode_key() does not look at the
pointer value in the error case. Let's be defensive here and initialize
the pointer anyway.
Andre Noll [Tue, 21 Jun 2016 07:19:57 +0000 (09:19 +0200)]
daemon: Make daemon_init_colors_or_die() independent of gengetopt.
The function receives the values given to the --log-color option as
a char * array, which is the type that gengetopt provides for the
arguments to string options which may be given multiple times.
This patch gets get rid of this implementation detail. The function no
longer takes the arguments to --log-color at all and applications now
must call daemon_set_log_color_or_die() themselves to set user-defined
per-loglevel colors.
To make this work, we let daemon_init_colors_or_die() return a
boolean which indicates whether color mode should be enabled, and
daemon_set_log_color_or_die() is made public. The two users of this
API, para_server and para_audiod, are adjusted accordingly.
Andre Noll [Mon, 20 Jun 2016 21:20:59 +0000 (23:20 +0200)]
audiod: Move UID check from audiod_command.c to audiod.c.
check_perms() is the only reason for the gengetopt config pointer
being public and for passing the whitelist pointer to handle_connect()
in audiod_command.c. The code get less convoluted by moving the
permission check to audiod.c where both the conf pointer and the
uid_whitelist are defined.
This introduces the new public function uid_is_whitelisted() in
audiod.c which replaces check_perms(). This allows to
* pass only the UID to the check function,
* drop the whitelist pointer argument from handle_connect(),
* make the conf pointer in audiod.c static.
The patch also reorders the function declarations in audiod.h a bit
to separate the functions defined in audiod.c from those defined
in audiod_command.c.
Andre Noll [Sun, 26 Jun 2016 17:11:05 +0000 (19:11 +0200)]
Set copyright year in Makefile.real.
Hopefully this helps to update the copyright year more timely in the
future. It also allows to pass this information to other commands in
the receipts of the Makefile should this become necessary.
Andre Noll [Mon, 4 Apr 2016 22:44:42 +0000 (00:44 +0200)]
mood.c: Improve log output for current mood.
When a new mood is loaded, we print some information about the score
table, like the number of admissible files, the average last_played
and num_played values, and the empiric standard deviation of these
quantities. However, since last_played is measured in seconds after
the epoch, the reported numbers are rather large.
This commit changes log_statistics() of mood.c to report the mean
value and the standard deviation in number of days.
Since loading a new mood happens not very frequently, let's increase
the severity of these log messages from INFO to NOTICE. If the new
mood has no admissible files we now log the message as a warning
rather than with severity NOTICE.
Andre Noll [Sun, 8 May 2016 09:56:23 +0000 (11:56 +0200)]
afh: Improve error diagnostics.
If compute_afhi() can not figure out the type of an audio file, it
prints a rather incomprehensive error message for each audiod format
which was tried to no avail. This commit improves the readability of
these error messages by including the path and the name of the audio
format that caused the error.
Before:
$ para_afh /etc/resolv.conf
mp3_read_info: could not read mp3 info
compute_afhi: could not read mp3 info
compute_afhi: ogg sync page-out error (no ogg file?)
compute_afhi: mp4v2 library error
compute_afhi: asf/wma format not recognized
compute_afhi: ogg sync page-out error (no ogg file?)
compute_afhi: could not read meta chain
compute_afhi: ogg sync page-out error (no ogg file?)
main: audio format not recognized
After:
$ para_afh /etc/resolv.conf
get_file_info: /etc/resolv.conf: mp3 format not detected: could not read mp3 info
get_file_info: /etc/resolv.conf: ogg format not detected: ogg sync page-out error (no ogg file?)
get_file_info: /etc/resolv.conf: aac format not detected: did not find esds atom
get_file_info: /etc/resolv.conf: wma format not detected: asf/wma format not recognized
get_file_info: /etc/resolv.conf: spx format not detected: ogg sync page-out error (no ogg file?)
get_file_info: /etc/resolv.conf: flac format not detected: could not read meta chain
get_file_info: /etc/resolv.conf: opus format not detected: ogg sync page-out error (no ogg file?)
main: audio format not recognized
The patch also removes a call to PARA_ERROR_LOG() in the mp3 audio
format handler which is unnecessary because we return the error code
and print the message in the caller anyway.
A new helper, get_file_info(), is introduced to print the diagnostic
messages. Since audio_format_name() is called from this helper,
that function needed to be moved up to avoid a forward declaration.
Andre Noll [Sun, 10 Jul 2016 15:04:06 +0000 (17:04 +0200)]
web: Remove extra source browser.
There are two versions of the browsable source code on the paraslash
web pages: the one generated by doxygen and another one which we
create directly with global. The html is identical, modulo style
issues, so let's get rid of the directly generated one.
With the patch applied, the size of the paraslash web pages reduces
by 21M to 80M (55M doxygen + 25M release tarballs).
Andre Noll [Tue, 19 Jul 2016 17:03:15 +0000 (19:03 +0200)]
Make local sockets world-readable.
We already have S_IWOTH, so it's kind of pointless to not permit read
access to the socket special. This patch changes afs.c and audiod.c
to create sockets with mode 666 which was probably intended anyway.
The patch should not cause any compatibility issues since on Linux we
check credentials with SCM_CREDENTIALS while *BSD ignores permissions
for UNIX domain sockets. According to unix(7), portable programs
should not rely on them.
Andre Noll [Sat, 18 Jun 2016 18:25:28 +0000 (20:25 +0200)]
build: Add -Wdeclaration-after-statement.
No code in the tree has declarations after statements, so this
change produces no new warnings. It makes sure, however, that we do
not introduce such declarations in the future. The option was not
enabled only because old gcc versions do not support it. Since we
require gcc-4.2.x or newer these days, we can count on the option
and enable it unconditionally.