Andre Noll [Mon, 28 Mar 2016 04:05:14 +0000 (04:05 +0000)]
play: Convert com_next() to lopsub.
com_next() is also called from com_jmp(), where we needed to pass
a fake argv. This is no longer necessary as com_next() now takes
a parse result pointer which is unused. So we may just pass NULL
from com_jmp().
Andre Noll [Sun, 10 Apr 2016 20:02:10 +0000 (22:02 +0200)]
play: Link against lopsub and convert com_help() to lopsub.
This introduces the play_cmd suite for the subcommands of para_play,
like play, pause, fg, bg, etc. The new suite contains only the
"help" subcommand so far. Other commands will be converted one by one
in subsequent patches.
We make use of the lopsub user_data feature to store a pointer to the
command handler in the lls_command structure generated by lopsubgen.
This pointer is initialized by the new EXPORT_PLAY_CMD_HANDLER macro
in play.c.
The suite has no supercommand, therefore lopsubgen adds a special
"unavailable" identifier to play.lsg.h. We must therefore provide a
dummy completer for the fake supercommand.
Until all subcommands are converted, the run_command() and com_help()
subcommand need to iterate over two command lists. Afterwards, this
compatibility code can be removed.
Andre Noll [Fri, 2 Oct 2015 02:34:53 +0000 (02:34 +0000)]
afs.c: Remove compatibility code in action_if_pattern_matches().
This is no longer needed as there are no more non-lopsub
commands left. Now pmd->lpr is non-NULL for all commands which
call action_if_pattern_matches(), which allows to simplify the
function. Moreover, ->patterns of struct pattern_match_data is unused
and can be dropped.
Andre Noll [Sun, 22 May 2016 11:37:48 +0000 (13:37 +0200)]
server: Remove ->argc, ->argv from struct command_context.
Command handlers should not look at the argv[] vector directly
but only use the lopsub library functions to access the parsed
command line.
In fact, the only function which accesses the argv vector is
run_command(). Defining argc and argv as local variables in this
function allows to drop the two members from the command context
structure.
Andre Noll [Sun, 31 Jul 2016 08:32:57 +0000 (10:32 +0200)]
server: Remove support for non-lopsub commands.
Now that all commands have been converted to lopsub, struct
server_command is no longer needed and can be removed, along with
the helper functions for lookup and permission checking.
Andre Noll [Sun, 6 Sep 2015 19:01:41 +0000 (21:01 +0200)]
afs: Remove unused call_callback helpers.
send_option_arg_callback_request() and send_standard_callback_request()
have both become unused now that all server commands have been
converted to lopsub. This patch gets rid of these functions and
removes their declarations from afs.h.
Andre Noll [Mon, 5 Sep 2016 15:34:53 +0000 (17:34 +0200)]
Enable partial matching for server commands.
The feature was deactivated in an earlier commit which converted the
lsatt command to lopsub. The problem was that "ls" would have been
interpreted as lsatt because lsatt was the only converted command
that started with ls.
Now that all server commands are converted, the lopsub library function
lls_lookup_subcmd() does the right thing, so this patch removes the
additional test for an exact match.
Andre Noll [Sun, 27 Dec 2015 22:04:29 +0000 (22:04 +0000)]
server: Convert com_ls() to lopsub.
This is the final server command to be converted to the lopsub API.
Besides the conversion to lopsub, the patch changes the semantics
of the ls command in two ways: The deprecated -p option is removed,
and the -F option is made the default so that full paths are printed
if -b is not given.
Regarding the conversion, the patch removes enum ls_flags which used to
contain the various flags of the ls command. This information can now
be extracted in the callback from the deserialized parse result. Also
write_score() is kind of pointless and is replaced by inlining it.
Note that make_status_items() is also affected by this patch because
it makes use of the infrastructure of the ls command. This function
is called from the event handler of the audio file table for events
of type AFSI_CHANGE and AFHI_CHANGE.
Since no more non-lopsub server commands are left after this patch,
several cleanups are possible. These are dealt with in subsequent
patches.
Andre Noll [Sun, 20 Mar 2016 18:41:25 +0000 (18:41 +0000)]
server: Convert blob commands to lopsub.
This converts all blob commands (ls, cat rm, mv) in one go to lopsub,
making the patch rather large.
The addblob commands are special in that we must pass not only the
blob name given at the command line to the callback but also the
blob data which was read from stdin. The command handler does not
serialize the parse result like most other commands do, but constructs
a query object containing name and data for the callback. Therefore
the command handler does not call send_lls_callback_request() but
send_callback_request(). We continue to follow this scheme.
blob.c contains a few macros which expand to a set of functions,
one for each type of bloc (mood, playlist, image, lyrics). These
macros have to be adjusted to take another argument because we need
the prefixes (e.g., lyr for lyrics) in both upper and lower case and
there is no preprocessor toupper().
Andre Noll [Fri, 2 Oct 2015 21:13:33 +0000 (21:13 +0000)]
server: Convert com_addatt() to lopsub.
Another simple command without options which is easy to convert. The
only thing worth noting is that we now fail the command early if more
than 64 arguments are given when previously we only checked that at
least one argument is given.
Andre Noll [Fri, 2 Oct 2015 21:10:36 +0000 (21:10 +0000)]
server: Convert com_touch() to lopsub.
Another open-coded option parser bites the dust.
This also gets rid of struct com_touch_options, along with the ugly
convention of passing -1 to the action handler to indicate that the
option was not given.
The documentation was enhanced slightly and now explains in the
[description] section the general concept of the touch command.
Andre Noll [Fri, 2 Oct 2015 21:15:06 +0000 (21:15 +0000)]
server: Convert com_select() to lopsub.
Pretty straight-forward conversion since the command does not have
any arguments. In the callback handler, we we can't return directly
any more since we need to free the serialized parse result.
Andre Noll [Sun, 11 Oct 2015 00:17:55 +0000 (00:17 +0000)]
server: Convert com_rm() to lopsub.
This gets rid of the open-coded command line parser in com_rm() and
of enum rm_flags. Patterns are now passed to for_each_matching_row()
and from there to the action handler remove_audio_file() via ->lpr
of struct pattern_match_data.
Andre Noll [Fri, 2 Oct 2015 21:17:09 +0000 (21:17 +0000)]
server: Convert com_cpsi() to lopsub.
Allows to get rid of enum cpsi_flags as we pass the flags via the
serialized parse result to the callback and the action handler
(copy_selector_info()).
Also the open-coded command line parser in com_cpsi() can be removed.
Andre Noll [Fri, 2 Oct 2015 21:21:11 +0000 (21:21 +0000)]
server: Convert com_mvatt() to lopsub.
We need to cast the obj->data pointer to a non-constant type because
the osl library functions expect void *, which results in a warning
without the cast.
Andre Noll [Fri, 2 Oct 2015 21:22:01 +0000 (21:22 +0000)]
server: Convert com_setatt() to lopsub.
Introduces ->input_skip for struct pattern_match data. The setatt
command uses this to strip the attribute modifies off the unnamed
arguments in the lopsub parse result. The remaining arguments are
the patterns which are to be matched against each file in the audio
file table.
Andre Noll [Sun, 20 Mar 2016 18:40:19 +0000 (18:40 +0000)]
server: Convert com_lsatt() to lopsub.
This is the first afs subcommand which needs to pass a pattern list
to its callback. The new send_lls_callback_request() provides this
functionality. It serializes the parse result into a buffer and passes
this buffer to the callback.
Since there are non-lopsub commands which also pass a pattern list,
action_if_pattern_matches() is patched to receive the pattern
list either from the serialized parse result or in the old way via
pmd->data. To achieve this, a parse result pointer is added to struct
pattern_match_data. If this pointer is not NULL, we are dealing with
a subcommand that has been converted.
Since the ls subcommand has not been converted yet, lopsub will
regard "ls" as a uniqe abbreviation of the lsatt command, which
breaks t0004. To work around this, we deactivate prefix matching by
only accepting exact matches in run_command(). This workaround can
be removed after com_ls() has been converted.
Andre Noll [Fri, 2 Oct 2015 21:23:54 +0000 (21:23 +0000)]
server: Convert com_init() to lopsub.
No change necessary for the callback as the init command does
not have any options. The only information that must travel from the
command handler to the callback is the set of tables to create. The
corresponding bitmask is passed without serializing the parse result.
Andre Noll [Sun, 15 May 2016 16:53:50 +0000 (18:53 +0200)]
server: Convert com_add() to lopsub.
In the callback structure for the add command, replace the flags
field by the serialized callback result. This way the callback
has access to the full parse result structure.
Andre Noll [Sun, 12 Jun 2016 13:36:21 +0000 (15:36 +0200)]
server: Convert non-afs commands to lopsub.
Currently the server commands are divided into two group: those
commands which are handled by the server process and those which
communicate with the afs process. This commit converts the commands of
the former group and the corresponding completers for para_client to
the lopsub suite format while the afs commands will be converted in
subsequent commits. After this change para_server needs to be linked
with -llopsub.
To this aim the options and help texts of of the server commands are
transferred from server.cmd to the new server_cmd.suite.m4, enabling
long-style options in the progress. Moreover, an introduction is added
at the beginning of the list of server commands which describes how
server commands are executed.
Command permissions are now handled by making use of the aux_info
feature of lopsub. To keep those commands working which do not
have any permission bit set, we need to add a new identifier
NO_PERMISSION_REQUIRED to enum server_command_permissions of
user_list.h. The value of this identifier is zero of course.
Naturally the bulk of the change takes place in command.c where all
server commands are implemented. The command handlers are modified
to take a pointer to a struct lls_parse result as an additional
argument. A new helper, send_errctx(), is introduced to avoid code
duplication.
Since command.h now refers to a lopsub parse result, all files which
include command.h, including those which implement only afs commands,
need to include the system header lopsub.h.
To keep afs commands working, some compatibility code in run_command()
is added. This will go away after all commands have been converted.
A couple of macros in command.h ease the handling of the long symbolic
constants exposed by the generated lopsub header file.
Although only the non-afs commands are converted, the change allows
for a couple of cleanups:
* The E_BAD_COMMAND error code is no longer needed and has been
removed.
* cmd_perms_itohuman() has become unused and is removed.
* The server_cmds[] array is empty and can be removed, along
with the loop in send_list_of_commands() which iterated over
the array.
The patch also adjusts tests t0004 and t0005 since the help output
format changed slightly, breaking the expectations of these tests.
Andre Noll [Sat, 7 May 2016 08:59:01 +0000 (10:59 +0200)]
Convert audiod commands to lopsub.
The four command lists (server, afs, audiod, play) and all executables
will be converted to the long option parser library (lopsub). This
first patch converts the audiod commands (on, off, cycle...) and adds
the necessary infrastructure to the build system. The option parser
for para_audiod is still generated by gengetopt and will be converted
in a subsequent patch.
The build system is updated to include an autoconf test which
checks for the lopsub library and the lopsubgen executable. If the
check fails, it prints instructions on how to download the lopsub
package. Moreover, a section on lopsub is added to the INSTALL file
and the library is listed as a required tool in the manual.
The options and help texts of all audiod commands are moved from
audiod.cmd to the new file audiod_cmd.suite.m4. Until all command
lists are converted, man_util.bash needs an ugly hack to deal with
the two kinds of files.
The help texts have been reworked slightly, but no syntactical
changes were performed. However, one side effect of the change is
that options to audiod commands now accept short and long options,
and that short options may be combined in the usual way.
The error subsystem of paraslash is extended to treat lopsub errors
analogous to errors from the osl libary: we reserve a new bit for
error codes returned from lopsub library functions and a lls() wrapper
function that must be used for all lopsub functions which return a
lopsub error code on failure. The E_INVALID_AUDIOD_CMD error code
can be removed since invalid commands are now detected by the lopsub
library, which returns its own error code in this case.
As a result of the conversion, struct audiod_command can be removed.
Command handlers now take a pointer to a lopsub parse result instead
of the (argc, argv) pair.
The patch also changes the completers for audiod commands in
audioc.c. to use the information in the generated audioc_cmd.lsg.h
header file instead of duplicating this information.
With the patch applied, para_audiod and para_audioc need to be linked
with -llopsub.
We still need to include ggo.h from audiod_command.c until receivers,
filters and writers have been converted as well.
Andre Noll [Sat, 28 Jan 2017 18:33:26 +0000 (19:33 +0100)]
i9e: Restore file status flags on exit.
The i9e subsystem sets the stdin and stdout fds passed to i9e_open()
to nonblocking mode but misses to restore the original flags in
i9e_close(). This causes terminal applications like dialog to fail
if they are started in the same terminal after e.g. para_play was
executed.
This commit modifies i9e_open() to fetch and save the file status
flags before setting the O_NONBLOCK flag, and i9e_close() to restore
the original value. STDERR is not affected.
Andre Noll [Sat, 31 Dec 2016 20:12:33 +0000 (21:12 +0100)]
Merge branch 'maint'
A trivial conflict in configure.ac and remove/modify conflicts in
web/index.in.html and NEWS. The last file has been renamed to NEWS.md
in master. The conflict was resolved by copying the new text of the
NEWS file from maint (the release notes for v0.4.14) to NEWS.md and
to adjust the formatting to markdown syntax.
Andre Noll [Sat, 31 Dec 2016 15:50:02 +0000 (16:50 +0100)]
Merge branch 'refs/heads/t/simple_error_codes'
Two patches which get rid of the concept of per-subsystem error
codes. The host-compiled error2.c program can be removed, configure.ac
and error.h simplified.
The merge conflicted because both sides modified error.h, but this
was easy to resolve.
* refs/heads/t/simple_error_codes:
Sort errors alphabetically.
Simplify the error subsystem, get rid of error2.[ch].
Andre Noll [Fri, 30 Dec 2016 14:58:41 +0000 (15:58 +0100)]
Merge branch 'refs/heads/t/invalid-ids'
A single patch that was in misc for a while, and two follow up fixups
that were detected after the branch was merged into next.
* refs/heads/t/invalid-ids (cooking for two weeks):
Makefile: Don't compile with -Wformat-signedness unconditionally.
aft.c: Use correct format string for error output.
touch: Refuse to set an invalid image or lyrics ID.
Andre Noll [Wed, 28 Dec 2016 20:40:42 +0000 (21:40 +0100)]
t0004: Specify proper options for ls commands.
The -p option is deprecated, and the default behaviour (if none of -p,
-F and -b is given) will change in v0.6.0. Although the tests succeed
at the moment, it seems prudent to switch to the modern syntax to
make sure the tests won't break when -p is removed and the default
behaviour is changed.
Andre Noll [Wed, 28 Dec 2016 19:38:34 +0000 (20:38 +0100)]
Merge branch 'refs/heads/t/format-signedness'
This series fixes all warnings produced by compiling with
-Wformat-signedness and adds the flag to CFLAGS if the compiler
supports it.
* refs/heads/t/format-signedness (cooking for ~2 weeks):
gcrypt: Fix a few format-signedness issues.
Compile with -Wformat-signedness if possible.
Fix signedness issues in format strings.
Andre Noll [Tue, 27 Dec 2016 18:29:38 +0000 (19:29 +0100)]
resample: Simplify initialization().
In resample_init(), the first check removed in this commit was bogus
because in case there is no parent buffer tree node, we must only
abort if there is no input pending either.
In resample_post_select(), we move up the check of the node status
so that we now call resample_init() only after we know that there
is input available. This makes the second check in resample_init()
pointless as the condition can never be true.
Andre Noll [Wed, 28 Dec 2016 01:08:54 +0000 (02:08 +0100)]
fade: Add documentation for main() and include it in doxygen.
The two mixer implementations for OSS and ALSA are also included,
both of which are only used by para_fade. So it makes sense to include
para_fade as well. main() is the only a non-static function, so let's
doxify that.
Andre Noll [Wed, 28 Dec 2016 12:05:34 +0000 (13:05 +0100)]
Merge branch 'refs/heads/t/wma_fixes'
The series also contains a fix for a silly bug which causes the decoder
to abort on empty output sizes, and a couple of cosmetic cleanups.
* refs/heads/t/wma_fixes (cooking for two weeks):
wmadec: Remove two pointless variables.
wmadec: Remove a pointless cast.
wmadec: Set data size to 0 if nothing was decoded.
wma: Fix packet size calculation.
wmadec: Properly handle empty outputs.
wma_common: Fix typo in log message.
Andre Noll [Tue, 27 Dec 2016 15:29:29 +0000 (16:29 +0100)]
Merge branch 'refs/heads/t/openssl-1.1'
In openssl-1.1 several structures have been made opaque, breaking both
the stream cipher and the public key functions in crypt.c. This series
deals with these issues, trying to minimize the ifdeffery.
* refs/heads/t/openssl-1.1 (cooking for three months):
openssl: RSA fixes for openssl-1.1.
openssl: Use EVP API for AES.
Andre Noll [Mon, 16 Dec 2013 21:18:27 +0000 (22:18 +0100)]
portable_io.h: Provide big-endian versions and use them for aac.
The aac audio format handler code contains some instances that read a
big-endian encoded 32 or 64 bit number from a buffer. While for the
32 bit case there is a helper function aac_read_int32(), the 64 bit
case is open-coded.
We already have similar functions for the conversion of little-endian
entities. This patch adds their big endian counterparts as inline
functions to portable_io.h and changes the callers to use those.
The patch also gets rid of two fprintf() statements in write_portable()
which were commented out for ages.
Andre Noll [Mon, 16 Dec 2013 21:06:44 +0000 (22:06 +0100)]
aac: Switch from unsigned char to char.
The faad library functions take unsigned char pointers while most of
the paraslash code prefers plain char *. It's easier to use char *
in all paraslash functions and cast the arguments of the faad library
function calls than to have a mix of both types.
Andre Noll [Sun, 28 Aug 2016 16:46:22 +0000 (18:46 +0200)]
Simplify the error subsystem, get rid of error2.[ch].
This commit removes error2.c and the surrounding infrastructure of
the build system, getting rid of ~600 LOC.
After the change there are no more subsystems for error codes, and we
don't need to host-compile error2.c any more. Since all executables
now contain the text of every error code, the change has some impact
on the sizes of the (stripped) executables:
Andre Noll [Tue, 20 Dec 2016 14:40:09 +0000 (15:40 +0100)]
Merge branch 'refs/heads/t/base64'
A couple of patches which move the base64 code to a separate file,
and improve on it. Was cooking for several months.
* refs/heads/t/base64:
base64: Speed up decoder by using a table.
base64: Use para_isspace() everywhere.
base64: Trivial whitespace fixes.
base64: Replace Pad64 variable by macro.
base64: Remove unnecessary overflow checks.
base64: Saner semantics for base64_decode() and uudecode().
Move base64 implementation to own file.
Andre Noll [Thu, 8 Dec 2016 23:22:57 +0000 (00:22 +0100)]
wmadec: Remove two pointless variables.
The local variables n and incr of wma_decode_frame() shadow the
values of their counterparts in struct private_wmadec_data, and they
remain constant within the function. Referring directly to the private
structure instead makes the code shorter and improves readability.
Andre Noll [Tue, 1 Nov 2016 10:44:53 +0000 (11:44 +0100)]
wma: Fix packet size calculation.
Usually the (fixed) packet size of a wma file equals the block align
value plus WMA_FRAME_SKIP. However, this is not true in general,
and if the two values differ, we fail to decode the file and bail
out with an "incoherent block length" error.
This patch adds code to read the correct packet size from the file
properties object and uses this value in the decoder and the audio
format handler.
Andre Noll [Tue, 1 Nov 2016 05:10:00 +0000 (06:10 +0100)]
wmadec: Properly handle empty outputs.
If out_size is zero we try to shrink the buffer to size zero. POSIX
says that the behavior is implementation-defined in this case, and
para_realloc() aborts due to an assert() statement that checks for
size zero. This patch makes sure the wma decoder never calls realloc()
with a zero size argument.
Andre Noll [Wed, 23 Nov 2016 22:17:10 +0000 (23:17 +0100)]
Compile with -Wformat-signedness if possible.
We can't activate this warning unconditionally because it is not
supported on older compilers, including clang. Therefore we introduce
a build time check and add the option only if the compiler supports it.
Andre Noll [Wed, 23 Nov 2016 22:16:50 +0000 (23:16 +0100)]
Fix signedness issues in format strings.
Compiling with -Wformat-signedness (not enabled so far) causes many
warnings because of format strings which specify an unsigned type but
correspond to an argument of signed type, or vice versa. This commit
fixes all these mismatches.
For "%u", "%d", "%lu", "%ld" we let the format string match the
type of the argument, but for "%x" we need to cast the argument to
a suitable unsigned type.
After this patch the tree compiles cleanly with -Wformat-signedness
given. The warning will be enabled in a subsequent commit.
Andre Noll [Sun, 4 Dec 2016 10:10:36 +0000 (11:10 +0100)]
Merge branch 'refs/heads/t/sideband-cleanup'
started on 2016-07-03, cooking since 2016-07-16
para_server announces sideband as an optional feature, which is
pointless since sideband connections have become mandatory in
paraslash-0.5.x, so they are always used. This patch set removes
the feature negitiation during the initial handshake. The sideband
protocol remains and is not affected.
Overwiew of the handshake in v0.5.x:
(SA) server announces sideband
(CC) client fails connection if server did not announce sideband
(CR) client requests sideband
(SC) server fails connection if sideband was not requested
already broken
- client-0.4/server-0.5 (!CR, SC)
- client-0.5/server-0.4 (!SA, CC)
In this series only the first two conversion steps are done as they
can be merged early without breaking anything.
* refs/heads/t/sideband-cleanup:
server: Do not fail if client does not request sideband.
client: No longer fail connection if sideband was not announced.
Andre Noll [Tue, 23 Aug 2016 20:58:46 +0000 (22:58 +0200)]
server: Fix race condition in afs startup.
After server_init() returns, the server accepts connections on the
TCP command socket. If an afs command arrives on the command socket,
the server process forks and the resulting child process (the command
handler) connects to the local afs socket. However, this socket is
created by the afs process which was forked from the server process
in server_init(). It is therefore possible that the command handler
connects before the afs process started to listen on the local afs
socket. In this case, the connection, hence the command fails.
This commit fixes the race condition by letting the parent process
block on read(2) on the afs socket. The afs process writes a byte
to the other end of the socket after it has completed its setup,
causing the parent process to resume.
For this to work, we need a connection-mode byte stream for the
communication between the server and the afs process, rather
than the connectionless datagram socket we have now. There is no
particular reason to prefer a datagram socket here, so let's switch
to SOCK_STREAM.
Andre Noll [Thu, 16 Jun 2016 18:17:21 +0000 (20:17 +0200)]
daemon: Fix race condition in daemonize().
If parent_waits is true, the parent process waits for a signal from
the child before it exits. However, this signal can arive before the
parent has set up its signal handler.
This patch closes the race window by switching from signals to
pipes. We now create a pipe before the new process is forked, and
let the parent block on read(2) until the child exits or indicates
success by writing a byte to one end of the pipe. The child process
receives the file descriptor of the writing end of the pipe as the
return value of daemonize().
The only user of the parent_waits feature is para_server, which is
changed accordingly.
Andre Noll [Sat, 26 Mar 2016 22:27:09 +0000 (22:27 +0000)]
touch: Refuse to set an invalid image or lyrics ID.
This makes the callback of the touch command fail the command if the
given ID does not exist in the corresponding blob table.
To this aim we call blob_get_name_by_id() to look up the ID. Since
we are not interested in the name, the function now allows a NULL
result pointer in which case it only checks whether the ID is valid.
With this patch applied the attempt to set an invalid image or lyrics
ID results in an error message like this:
invalid image ID: 456565
remote: key not found in rbtree
main: command failed
Andre Noll [Sun, 25 Sep 2016 13:56:43 +0000 (15:56 +0200)]
test-lib: Fix a bash-4.4 issue.
Apparently bash-4.4 changed how unquoted here strings are treated.
We want to process only the first line of the output, so the right
thing to do is to ask awk to exit after processing the first line.
This works regardless of the bash version.
Andre Noll [Wed, 24 Aug 2016 20:18:36 +0000 (22:18 +0200)]
server: Deprecate ls -p.
In v0.6.0 the -p option will have the same meaning as for the rm and
touch commands: perform pathname match. Also the default for the ls
command will be changed to list full paths while the new -b option
must be given to print only the basename (i.e., the current behaviour
if -p is not given).
This commit is a preparation for these incompatible changes which
does not break existing scripts. It does the following
* The -p option is deprecated in favor of its synonym, the new -F
option (for full path).
* The new -b option instructs the command to perform basename matching
and print only the basename of the matching files. It is currently
a no-op.
With the patch applied, scripts are supposed to specify either -b or
-F as appropriate. In v0.6.0 the semantics of -p will be changed as
described above, the default will be changed to print the full path,
and -F will be deprecated because it is a no-op then.
Andre Noll [Sun, 28 Aug 2016 13:35:11 +0000 (15:35 +0200)]
openssl: RSA fixes for openssl-1.1.
In openssl-1.1 the RSA structure has been made opaque, causing
compilation of crypt.c to fail because the code accesses ->n and ->e
directly to set the modulus and the public exponent according to the
values read from the public ssh key.
With openssl-1.1 applications are supposed to call RSA_set0_key()
to set n and e. Unfortunately, this function does not exist in
openssl-1.0.2.
This patch adds a configure check which defines HAVE_RSA_SET0_KEY if
RSA_set0_key() is available. In crypt.c we either call the function
or set ->n and ->e directly, depending on whether HAVE_RSA_SET0_KEY
is defined. This results in code which works on both openssl-1.0.2
and openssl-1.1.0.
Andre Noll [Sun, 28 Aug 2016 13:35:53 +0000 (15:35 +0200)]
openssl: Use EVP API for AES.
opensssl-1.1 no longer exports AES_set_encrypt_key() and
AES_ctr128_encrypt(). Applications are supposed to use the high-level
EVP interface instead.
Fortunately, the EVP library functions necessary for our use of
the AES_ctr128 stream cipher are available in openssl version 1.0.1
and above, so switching to the EVP API makes the code work with all
versions >= 1.0.1.
Andre Noll [Sat, 11 Jun 2016 18:44:01 +0000 (20:44 +0200)]
afs: Fix error handling of the select command.
com_select() returns success even if the mood or playlist could not
be activated. This commit changes the function to return the error
code from activate_mood_or_playlist() instead.
The function had another minor issue: If the current mood is the
dummy mood, and we failed to switch to the given mood or playlist,
and also failed to switch back to the dummy mood, we try a second
time to activate the dummy mood. This should not happen, but let's
fix it anyway.
Andre Noll [Sat, 9 Apr 2016 18:44:28 +0000 (20:44 +0200)]
base64: Speed up decoder by using a table.
The current implementation calls strchr() for each character in the
decoded data to find the offset in the Base64[] array that corresponds
to six decoded bits. This makes the algorithm scale poorly.
This commit introduces a lookup table of size 256 which simplifies
the code and improves the performance of the decoder.
Andre Noll [Tue, 28 Apr 2015 16:17:42 +0000 (18:17 +0200)]
base64: Remove unnecessary overflow checks.
Since we decode no more than encoded_size many bytes, and the output
buffer is allocated large enough to store the decoded data, we won't
ever overflow the output buffer. This commit removes the pointless
checks.
Andre Noll [Sun, 26 Apr 2015 21:41:00 +0000 (23:41 +0200)]
base64: Saner semantics for base64_decode() and uudecode().
Currently the callers of these functions must allocate a suitably
sized buffer for the decoded data. It is easier to let the decoders
allocate the result buffer, as implemented in this commit. The callers
in crypt.c and gcrypt.c are adjusted accordingly.
Andre Noll [Tue, 10 Jun 2014 15:52:22 +0000 (17:52 +0200)]
Move base64 implementation to own file.
The base64 decoder is independent of anything else, so it should not
be part of the crypto API. This patch moves the two public functions
uudecode() and base64_decode() to a new file, base64.c, and introduces
base64.h to declare them.
Andre Noll [Sun, 10 Jul 2016 19:33:18 +0000 (21:33 +0200)]
gcrypt: Check file permissions of private keys.
Before opening a private key, crypt.c checks that the permissions
are restrictive enough. However, the gcrypt implementation contains
no such check. This commit adds it.
Andre Noll [Sun, 10 Jul 2016 18:59:34 +0000 (20:59 +0200)]
gcrypt: Always initialize result pointer.
If the call to mmap_full_file() at the beginning of decode_key() fails,
we return without initializing the result pointer to NULL. This does not
matter now, because the only caller of decode_key() does not look at the
pointer value in the error case. Let's be defensive here and initialize
the pointer anyway.
Andre Noll [Tue, 21 Jun 2016 07:19:57 +0000 (09:19 +0200)]
daemon: Make daemon_init_colors_or_die() independent of gengetopt.
The function receives the values given to the --log-color option as
a char * array, which is the type that gengetopt provides for the
arguments to string options which may be given multiple times.
This patch gets get rid of this implementation detail. The function no
longer takes the arguments to --log-color at all and applications now
must call daemon_set_log_color_or_die() themselves to set user-defined
per-loglevel colors.
To make this work, we let daemon_init_colors_or_die() return a
boolean which indicates whether color mode should be enabled, and
daemon_set_log_color_or_die() is made public. The two users of this
API, para_server and para_audiod, are adjusted accordingly.
Andre Noll [Mon, 20 Jun 2016 21:20:59 +0000 (23:20 +0200)]
audiod: Move UID check from audiod_command.c to audiod.c.
check_perms() is the only reason for the gengetopt config pointer
being public and for passing the whitelist pointer to handle_connect()
in audiod_command.c. The code get less convoluted by moving the
permission check to audiod.c where both the conf pointer and the
uid_whitelist are defined.
This introduces the new public function uid_is_whitelisted() in
audiod.c which replaces check_perms(). This allows to
* pass only the UID to the check function,
* drop the whitelist pointer argument from handle_connect(),
* make the conf pointer in audiod.c static.
The patch also reorders the function declarations in audiod.h a bit
to separate the functions defined in audiod.c from those defined
in audiod_command.c.
projects / paraslash.git / log