Andre Noll [Sat, 4 Jun 2011 13:26:15 +0000 (15:26 +0200)]
Add alternative crypto implementation.
This fills gcrypt.c (which contained only dummy functions so far)
with contents.
The old openssl-based crypto API uses OAEP padding exclusively, as
this padding method is recommended for new applications which do not
have to care about backwards compatibility. Unfortunately, libcrypt
only supports the older pkcs1 padding method. Since we want older
para_client versions to be compatible with a newer para_server, even
if this para_server was compiled against libgcrypt, we must implement
our own OAEP padding functions. This turned out to be quite simple,
given the good documentation in rfc 3447.
This together with the fact that there is no ASN1 parser in libgcrypt
makes the patch quite large though.
On the other hand, SHA1, random numbers and RC4 were straight-forward
to implement using the primitives provided by libgcrypt.
Andre Noll [Mon, 7 Mar 2011 07:07:37 +0000 (08:07 +0100)]
stream cipher: Allow in-place encryption.
unlike openssl's RC4(), the RC4 implemenation of libgcrypt can encrypt
a buffer in-place. For this the "buf" argument of the various send
and receive functions must not be const.
Andre Noll [Mon, 7 Mar 2011 07:04:23 +0000 (08:04 +0100)]
crypt: Make base64_decode public.
gcrypt.c needs this to decode public rsa keys. Public functions
should always return proper error codes, so change the return
value for errors from -1 to -E_BASE64.
Andre Noll [Sat, 5 Mar 2011 20:53:54 +0000 (21:53 +0100)]
crypt: Move implementation-independent code to separate file.
This introduces crypt_common.c which contains helper functions from
crypt.c which are independent of openssl.
crypt.common.c contains two types of public functions: Frontend
functions are called by users of the crypto API, and these functions
are exported as usual through the crypt.h header file. Backend
functions, on the other hand, are expected to be called only from
the crypto implementation (i.e. from crypt.c or gcrypt.c). These
functions are exported through the new crypt_backend.h header file.
Andre Noll [Sun, 5 Jun 2011 17:14:37 +0000 (19:14 +0200)]
Clear score table on mood reload.
Whenever a blob is added, the mood event handler is called
which may reload the current mood in order to react to the
change being made. However, we missed to clear the score table
first. This is necessary to to re-insert all admissible files.
Currently this fails with
afs_event: table moods, event 8: key already exists in rbtree
Andre Noll [Mon, 6 Jun 2011 06:24:08 +0000 (08:24 +0200)]
alsa: Avoid busy loop at end of file.
During the drain period at the end of input the status of the alsa
buffer tree node is negative, yet we should not request a minimal
scheduler delay until the end of this period.
Andre Noll [Sat, 4 Jun 2011 11:38:02 +0000 (13:38 +0200)]
aft: Do not invalidate status items when closing the audio file table.
Currently aft_close() frees the global variables status_items and
parser_friendly_status_items which are used for the stat comand of
para_server. This function is called on exit and when para_server
receives SIGHUP, the latter may happen while streaming. In this case
clients which connect after the SIGHUP do not see any aft status
items until the audio file changes.
Fix this flaw simply by not freeing the status item buffers until
they are recomputed anyway.
Andre Noll [Tue, 19 Apr 2011 23:28:10 +0000 (01:28 +0200)]
audiod: Document new regular expression syntax.
This changes the man page and the manual. The
usage of regular expressions for receiver, filter
and writers are explained and some examples are
provided.
Andre Noll [Tue, 19 Apr 2011 16:18:45 +0000 (18:18 +0200)]
audiod: Allow regular expressions in receiver config.
The audio format substring of the reciever arg can now be a regular
expression rather than only the name of an audio format. This way
one can easily choose the same receiver for all audio formats by
saying e.g.
receiver ".:udp"
This works because the regex "." matches all audio formats.
Andre Noll [Sun, 29 May 2011 11:53:32 +0000 (13:53 +0200)]
ogg_get_file_info(): Fix off-by-one.
The timing information encoded in the chunk table was not always
sufficient to guarantee no buffer underruns since vorbis frames
are frequently spread over two (or more) ogg pages. This should
fix it.
Andre Noll [Fri, 22 Apr 2011 02:21:48 +0000 (04:21 +0200)]
net.c: Combine host_and_port() and __get_sock_name().
host_and_port() is only called by __get_sock_name().
Both functions are short enough, and merging these
two functions has the additional benefit that we can
always return the same static buffer.
Compiling with -Wwrite-strings previously caused a
warning due to returning either a string literal, or
the static buffer. We now always print into that buffer
and return it.
This also improves the error message which is returned
in the static buffer in case of failures: Previously we
returned "(don't know)" if getname() failed and "(unknown)"
if getnameinfo() failed. This turns it into "(unknown)" in
the former case and "(lookup error)" otherwise.
Andre Noll [Thu, 3 Feb 2011 16:15:27 +0000 (17:15 +0100)]
libao: Avoid segfault on com_cycle.
Executing the cycle command while the ao writer is active can lead to
a segmentation fault because kill_all_decoders() removes the buffer
tree node of the ao writer but leaves its child node alive.
This patch changes kill_all_decoders() to kill the receiver node only
while leaving all other nodes alone, removing the assumption that
the set of filter nodes and writer nodes are the only nodes in the
buffer tree. This assumption used to be true but became false with
the merge of the ao writer which has two buffer tree nodes.
It is enough to kill only the receiver node as all other nodes will
eventually notice that their parent node no longer exists and exit
shortly thereafter.
Andre Noll [Thu, 25 Nov 2010 07:33:20 +0000 (08:33 +0100)]
Add support for ssh-rsa keys.
This allows to use standard ssh keys (that is, keys generated with
ssh-keygen) for the challenge/response authentication method of
paraslash. Only RSA keys without password protection are supported
at the moment.
Since we want that both openssl and ssh keys just work, we introduce
the helper function is_ssh_rsa_key(). It looks at the first few bytes
of the key to decide which type of public key we have. For openssl
keys, we just call openssl's EVP_PKEY_get1_RSA() and be done. Private
keys generated by ssh-keygen do not differ from keys generated by
"openssl rsa" and need no special treatment either.
However, public ssh rsa keys are stored differently, as an uuencoded
byte stream. So this patch adds functions that decode a given buffer
via base64 or uudecode. The two rsa public parameters (modulus and
exponent) are then read from the decoded buffer using BN_bin2bn().
Andre Noll [Tue, 26 Apr 2011 14:33:44 +0000 (16:33 +0200)]
fd: Allow passing NULL to para_munmap().
This patch makes para_munmap succeed with return value 0 if the passed
"start" pointer is NULL. This allows to simplify the code in the
callers a bit, similar to free(NULL).
Andre Noll [Thu, 31 Mar 2011 09:27:49 +0000 (11:27 +0200)]
KILL E_AO_WRITE.
We have E_WRITE_COMMON_EOF, and use of this code is preferred because
para_write treats it as a non-fatal error and exits successfully if
the writer task removed its btr node due to E_WRITER_COMMON_EOF while
it exits non-zero in case of other errors.
Andre Noll [Tue, 15 Feb 2011 07:28:43 +0000 (08:28 +0100)]
autogen.sh: Detect number of processors and run parallel make.
On multi-core machines a parallel make is often much faster than a
sequential make. This patch teaches autogen.sh to detect the number
of processing units available on the build system. It first tries to
execute the nproc utility (part of the coreutils package) and falls
back to /proc/cpuinfo if nproc was unavailable.
If both methods don't work, which is usually the case on non-Linux
systems where coreutils are not installed and /proc/cpuinfo does not
exist, we use the safe default of n=1.
Andre Noll [Tue, 29 Mar 2011 22:10:29 +0000 (00:10 +0200)]
Fix grab client resume.
An active grab client is moved to the inactive list if para_server
stops playing and the grab client is not operating in one-shot mode. In
this state, despite its buffer tree node pointer being NULL, the task
associated with the grab client remains active. This causes para_server
to abort due to the assertion btrn != NULL in btr_node_status().
Fix this bug by always unregistering the task, one-shot mode or not,
and re-registering it later, at the same time the new buffer tree
node for the grab client is allocated.
Andre Noll [Mon, 28 Mar 2011 22:00:23 +0000 (00:00 +0200)]
Don't compile files generated by gengetopt with -Wall.
gcc-4.6.0 spits out lots of warningns of the form
cmdline/recv.cmdline.c:439:9: warning: variable 'stop_char' set but not used [-Wunused-but-set-variable]
Silence these warnings by moving -Wall to the set of debug flags
which are not used for compiling *.cmdline.c files.
For some versions of gcc, including gcc-3.3.3 which is still supported,
the -Wformat-security and -Wmissing-format-attribute options depend on
-Wformat, which is turned on by -Wall, so we have to move these options
also to the DEBUG_CPPFLAGS.
Andre Noll [Tue, 1 Mar 2011 22:12:46 +0000 (23:12 +0100)]
configure: Use AC_ARG_WITH also for openssl options.
Currently the check for openssl is performed by CHECK_SSL() in
configure.ac. This function searches the given directory for the
openssl-header but does not check the existence and usability of
the openssl libraries. The argument of --enable-ssldir, if given,
is tried first, and each member of a hard-coded list of directories
is searched next.
This patch replaces CHECK_SSL() by checks similar to those for
other headers and libraries. In particular, we now also check
for the openssl libraries, and the configure options are now
called --with-openssl-headers and --with-openssl-libs rather than
--enable-ssldir.
Andre Noll [Mon, 28 Feb 2011 23:44:05 +0000 (00:44 +0100)]
Use SSL_CPPFLAGS only for compiling crypt.c
The previous cleanups moved everything which depends on openssl to
crypt.c. This is now the only file which includes openssl headers,
so there is no need to compile all objects with the ssl cpp flags.
In fact this could break things for setups on which the include dir
for openss contains other unwanted header files.
Andre Noll [Mon, 28 Feb 2011 23:28:27 +0000 (00:28 +0100)]
Move sha1.[ch] to crypt.[ch] and make crypto API independent of sha1.
This patch moves all public functions related to sha1 to crypt.c. This
allows to remove sha1.c, sha1.h and hash.h. It also removes the
HASH_TYPE define and avoids the word "sha1" in the public API and
its callers. The former sha1_hash() is now called hash_function().
Andre Noll [Mon, 28 Feb 2011 22:49:06 +0000 (23:49 +0100)]
rename RC4_KEY_LEN to SESSION_KEY_LEN.
The users of the crypto API should not need to care about which stream
cipher is in use. This trivial patch only renames the name of the
constant value and updates the documentation.
Andre Noll [Mon, 28 Feb 2011 22:43:21 +0000 (23:43 +0100)]
Rename struct rc4_context and stream cipher send/receive functions.
This only changes the name structures and functions. Unfortunately,
the patch is rather large since it requires to fixup all callers
of the affected functions. However, each change is either a simple
rename or a trivial documentation adjustment.
Andre Noll [Mon, 28 Feb 2011 21:54:08 +0000 (22:54 +0100)]
Replace direct use of RC4 by stream cipher abstraction.
This introduces the new struct stream_cipher in crypt.h as well as
two functions stream_cipher_new() and stream_cipher_free() which
initialize a new stream cipher structure and deallocate such a
structure, respectively.
The users of RC4 are changed to call the new abstract functions,
so they become independent from openssl. Consequently the affected
files need no include openssl/rc4.h any more.
Andre Noll [Mon, 28 Feb 2011 21:07:44 +0000 (22:07 +0100)]
Replace RSA by an abstract asymmetric key structure.
This declares the new structure asymmetric_key in crypt.h but does not
define it. Instead, it is defined in crypt.c so that only the functions
in this file can access the members of the structure directly.
Functions which previously took an (openssl-specific) RSA pointer
are changed to receive a pointer to struct asymmetric_key instead,
removing the requirement to include an openssl header file before
crypt.h can be included.
Andre Noll [Thu, 24 Mar 2011 12:05:49 +0000 (13:05 +0100)]
udp_send: Silence gcc warning.
Ubuntu Lucid's gcc-4.3.3 emits the following warning about not checking
the return value of write() even if the result is casted to void.
udp_send.c: In function ‘udp_close_target’:
udp_send.c:65: warning: ignoring return value of ‘write’, declared with attribute warn_unused_result
The usual approach to store the return value in a dummy variable is
not optimal because the upcoming gcc-4.6 will warn that the variable
is set but otherwise unused.
Likely there are more places in the paraslash code which have the same
problem, so this patch introduce the do_nothing macro in para.h which,
creatively enough, does nothing. The new macro is employed like
if (write(...))
do_nothing;
This gets rid of the warning on Lucid and does not give new warning
on gcc-4.6.
Andre Noll [Wed, 16 Mar 2011 20:30:26 +0000 (21:30 +0100)]
Silence two Doxygen warnings.
Doxygen does not like comments in <brackets>. Use upper case instead.
This gets rid of annoying warnings of the form
/home/work/maan/scm/paraslash/audiod_command_list.h:13: warning: Unsupported xml/html tag <parent> found
/home/work/maan/scm/paraslash/audiod_command_list.h:13: warning: Unsupported xml/html tag <name> found
Andre Noll [Wed, 16 Mar 2011 16:56:43 +0000 (17:56 +0100)]
fade: Quiesce two gcc warnings.
Ubuntu Lucid's gcc 4.4.3 does not like it if not each possible value
of an enumeration is handled in the body of a switch statement.
Since gengetopt for some reason always creates an additional xxx_NULL
value in options of type enum, this more or less means we have to
introduce default: cases to avoid warnings of the form
fade.c:113: warning: enumeration value ‘mixer_channel__NULL’ not handled in switch
fade.c:346: warning: enumeration value ‘mode__NULL’ not handled in switch
Fortunately, these are the only two warnings, so add default: cases
to make gcc happy.
Andre Noll [Sun, 20 Feb 2011 18:41:09 +0000 (19:41 +0100)]
para_write: Return proper error code.
Currently the exit code of para_write is always the value returned
by schedule(). This is zero unless the call to select() fails,
usually does not happen, so errors resulting from the writers do not
cause para_write to exit with a non-zero exit code.
In particular, para_write exits successfully if the underlying
writer(s) nodes could not open their sound device or unregistered
their task due to other errors.
Fix this by investigating each writer node's t->error value after
schedule() has returned. If this value does not correspond to an end
of file condition, the strerror text of this error code is written
to stderr, and para_write exits non-zero.
Andre Noll [Sun, 20 Feb 2011 18:06:34 +0000 (19:06 +0100)]
audiod: Kill com_kill().
This never worked well because a task which has been killed by
kill_task() has no chance to clean up. Also a stale buffer tree node
remains if the task had an associated buffer tree node.
Andre Noll [Fri, 25 Feb 2011 16:13:08 +0000 (17:13 +0100)]
Replace ncurses by curses.
Ncurses is not available on all platforms, and para_gui should work
with any curses implementation.
So this patch replaces the --with-ncurses-headers and
--with-ncurses-libs configure options by --with-ncurses-headers and
--with-ncurses-libs, and makes configure check for libcurses instead
of libncurses. Moreover, the para_gui executable is now linked against
libcurses rather than libncurses.
Andre Noll [Fri, 25 Feb 2011 15:15:52 +0000 (16:15 +0100)]
Add finer-grained configure options for ogg/vorbis/speex.
This replaces the --with-oggvorbis-headers and --with-oggvorbis-libs
configure options by three pairs of options, for ogg, vorbis and
speex. Since both vorbis and speex depend on libogg, we only check
for the vorbis/speex header and libraries if libogg was been found.
Andre Noll [Sun, 20 Feb 2011 17:41:02 +0000 (18:41 +0100)]
Kill TASK_UNREGISTERED error code.
Currently the scheduler sets t->error to -E_TASK_UNREGISTERED when
it has unregistered a task. This deprives the applications from doing
post-mortem error checking.
The condition (task.error != -E_TASK_UNREGISTERED) is now equivalent
to task.error >= 0, so use this test everywhere.
Andre Noll [Tue, 22 Feb 2011 12:02:17 +0000 (13:02 +0100)]
Fix git-version file creation.
ATM, this does not work well, since only the executables depend on
GIT-VERSION-FILE, but relinking these does not take into account the
new contents of GIT-VERSION-FILE. Hence a "make clean" is necessary
to produce executables that reports the correct version number.
This patch changes GIT-VERSION-GEN so that it generates a preprocessor
define instead of setting a Makefile variable. This value is written
to stdout in any case and also to the file named "$1" if an argument
was given and the current git version differs from the contents of
this file (or if the file does not exist).
In order to not have to recompile everything on version changes,
the macros related to versioning are moved from para.h into the new
version.h file which is included only where necessary.
Makefile.in no longer uses phony targets to include the GIT_VERSION
variable. Instead we simply execute