patch 8.2.3032: build problems with MSVC, other crypt issues with libsodium
Problem:    Build problems with MSVC, other crypt issues with libsodium.
Solution:   Adjust MSVC makefile. Disable swap file only when 'key' is set.
            Adjust error message used when key is wrong.  Fix Coverity issues.
            (Christian Brabandt, closes #8420, closes #8411)
			
			
This commit is contained in:
		
				
					committed by
					
						 Bram Moolenaar
						Bram Moolenaar
					
				
			
			
				
	
			
			
			
						parent
						
							22f17a29cd
						
					
				
				
					commit
					226b28b961
				
			| @ -42,7 +42,11 @@ | |||||||
| #	Sound support: SOUND=yes (default is yes) | #	Sound support: SOUND=yes (default is yes) | ||||||
| # | # | ||||||
| #	Sodium support: SODIUM=[Path to Sodium directory] | #	Sodium support: SODIUM=[Path to Sodium directory] | ||||||
| #	 You need to install the msvc package from https://download.libsodium.org/libsodium/releases/ | #	 Dynamic built with libsodium | ||||||
|  | #	 You need to install the msvc package from | ||||||
|  | #	 https://download.libsodium.org/libsodium/releases/ | ||||||
|  | #	 and package the libsodium.dll with Vim | ||||||
|  | # | ||||||
| # | # | ||||||
| #	DLL support (EXPERIMENTAL): VIMDLL=yes (default is no) | #	DLL support (EXPERIMENTAL): VIMDLL=yes (default is no) | ||||||
| #	  Creates vim{32,64}.dll, and stub gvim.exe and vim.exe. | #	  Creates vim{32,64}.dll, and stub gvim.exe and vim.exe. | ||||||
| @ -383,14 +387,14 @@ SODIUM = no | |||||||
| ! if "$(CPU)" == "AMD64" | ! if "$(CPU)" == "AMD64" | ||||||
| SOD_LIB		= $(SODIUM)\x64\Release\v140\dynamic | SOD_LIB		= $(SODIUM)\x64\Release\v140\dynamic | ||||||
| ! elseif "$(CPU)" == "i386" | ! elseif "$(CPU)" == "i386" | ||||||
| SOD_LIB		= $(SODIUM)\x86\Release\v140\dynamic | SOD_LIB		= $(SODIUM)\Win32\Release\v140\dynamic | ||||||
| ! else | ! else | ||||||
| SODIUM = no | SODIUM = no | ||||||
| ! endif | ! endif | ||||||
| !endif | !endif | ||||||
|  |  | ||||||
| !if "$(SODIUM)" != "no" | !if "$(SODIUM)" != "no" | ||||||
| SOD_INC		= -I $(SODIUM)\include | SOD_INC		= /I "$(SODIUM)\include" | ||||||
| SOD_DEFS	= -DFEAT_SODIUM | SOD_DEFS	= -DFEAT_SODIUM | ||||||
| SOD_LIB		= $(SOD_LIB)\libsodium.lib | SOD_LIB		= $(SOD_LIB)\libsodium.lib | ||||||
| !endif | !endif | ||||||
| @ -514,7 +518,7 @@ CON_LIB = $(CON_LIB) /DELAYLOAD:comdlg32.dll /DELAYLOAD:ole32.dll DelayImp.lib | |||||||
|  |  | ||||||
| CFLAGS = -c /W3 /GF /nologo $(CVARS) -I. -Iproto -DHAVE_PATHDEF -DWIN32 \ | CFLAGS = -c /W3 /GF /nologo $(CVARS) -I. -Iproto -DHAVE_PATHDEF -DWIN32 \ | ||||||
| 		$(CSCOPE_DEFS) $(TERM_DEFS) $(SOUND_DEFS) $(NETBEANS_DEFS) $(CHANNEL_DEFS) \ | 		$(CSCOPE_DEFS) $(TERM_DEFS) $(SOUND_DEFS) $(NETBEANS_DEFS) $(CHANNEL_DEFS) \ | ||||||
| 		$(NBDEBUG_DEFS) $(XPM_DEFS) $(SOD_DEFS) \ | 		$(NBDEBUG_DEFS) $(XPM_DEFS) $(SOD_DEFS) $(SOD_INC) \ | ||||||
| 		$(DEFINES) -DWINVER=$(WINVER) -D_WIN32_WINNT=$(WINVER) | 		$(DEFINES) -DWINVER=$(WINVER) -D_WIN32_WINNT=$(WINVER) | ||||||
|  |  | ||||||
| #>>>>> end of choices | #>>>>> end of choices | ||||||
| @ -726,7 +730,7 @@ CFLAGS = $(CFLAGS) $(CFLAGS_DEPR) | |||||||
|  |  | ||||||
| INCL =	vim.h alloc.h ascii.h ex_cmds.h feature.h errors.h globals.h \ | INCL =	vim.h alloc.h ascii.h ex_cmds.h feature.h errors.h globals.h \ | ||||||
| 	keymap.h macros.h option.h os_dos.h os_win32.h proto.h regexp.h \ | 	keymap.h macros.h option.h os_dos.h os_win32.h proto.h regexp.h \ | ||||||
| 	spell.h structs.h term.h beval.h $(NBDEBUG_INCL) $(SOD_INC) | 	spell.h structs.h term.h beval.h $(NBDEBUG_INCL) | ||||||
|  |  | ||||||
| OBJ = \ | OBJ = \ | ||||||
| 	$(OUTDIR)\arabic.obj \ | 	$(OUTDIR)\arabic.obj \ | ||||||
|  | |||||||
							
								
								
									
										61
									
								
								src/crypt.c
									
									
									
									
									
								
							
							
						
						
									
										61
									
								
								src/crypt.c
									
									
									
									
									
								
							| @ -146,9 +146,9 @@ static cryptmethod_T cryptmethods[CRYPT_M_COUNT] = { | |||||||
| 	FALSE, | 	FALSE, | ||||||
| 	NULL, | 	NULL, | ||||||
| 	crypt_sodium_init, | 	crypt_sodium_init, | ||||||
| 	crypt_sodium_encode, crypt_sodium_decode, | 	NULL, NULL, | ||||||
| 	crypt_sodium_buffer_encode, crypt_sodium_buffer_decode, | 	crypt_sodium_buffer_encode, crypt_sodium_buffer_decode, | ||||||
| 	crypt_sodium_encode, crypt_sodium_decode, | 	NULL, NULL, | ||||||
|     }, |     }, | ||||||
|  |  | ||||||
|     // NOTE: when adding a new method, use some random bytes for the magic key, |     // NOTE: when adding a new method, use some random bytes for the magic key, | ||||||
| @ -250,6 +250,26 @@ crypt_get_header_len(int method_nr) | |||||||
| 	+ cryptmethods[method_nr].seed_len; | 	+ cryptmethods[method_nr].seed_len; | ||||||
| } | } | ||||||
|  |  | ||||||
|  |  | ||||||
|  | /* | ||||||
|  |  * Get maximum crypt method specific length of the file header in bytes. | ||||||
|  |  */ | ||||||
|  |     int | ||||||
|  | crypt_get_max_header_len() | ||||||
|  | { | ||||||
|  |     int i; | ||||||
|  |     int max = 0; | ||||||
|  |     int temp = 0; | ||||||
|  |  | ||||||
|  |     for (i = 0; i < CRYPT_M_COUNT; ++i) | ||||||
|  |     { | ||||||
|  | 	temp = crypt_get_header_len(i); | ||||||
|  | 	if (temp > max) | ||||||
|  | 	    max = temp; | ||||||
|  |     } | ||||||
|  |     return max; | ||||||
|  | } | ||||||
|  |  | ||||||
| /* | /* | ||||||
|  * Set the crypt method for buffer "buf" to "method_nr" using the int value as |  * Set the crypt method for buffer "buf" to "method_nr" using the int value as | ||||||
|  * returned by crypt_method_nr_from_name(). |  * returned by crypt_method_nr_from_name(). | ||||||
| @ -403,8 +423,10 @@ crypt_create_for_writing( | |||||||
| #ifdef FEAT_SODIUM | #ifdef FEAT_SODIUM | ||||||
| 	if (sodium_init() >= 0) | 	if (sodium_init() >= 0) | ||||||
| 	{ | 	{ | ||||||
| 	    randombytes_buf(salt, salt_len); | 	    if (salt_len > 0) | ||||||
| 	    randombytes_buf(seed, seed_len); | 		randombytes_buf(salt, salt_len); | ||||||
|  | 	    if (seed_len > 0) | ||||||
|  | 		randombytes_buf(seed, seed_len); | ||||||
| 	} | 	} | ||||||
| 	else | 	else | ||||||
| #endif | #endif | ||||||
| @ -581,6 +603,13 @@ crypt_check_method(int method) | |||||||
| 	msg_scroll = TRUE; | 	msg_scroll = TRUE; | ||||||
| 	msg(_("Warning: Using a weak encryption method; see :help 'cm'")); | 	msg(_("Warning: Using a weak encryption method; see :help 'cm'")); | ||||||
|     } |     } | ||||||
|  | } | ||||||
|  |  | ||||||
|  | #ifdef FEAT_SODIUM | ||||||
|  |     static void | ||||||
|  | crypt_check_swapfile_curbuf(void) | ||||||
|  | { | ||||||
|  |     int method = crypt_get_method_nr(curbuf); | ||||||
|     if (method == CRYPT_M_SOD) |     if (method == CRYPT_M_SOD) | ||||||
|     { |     { | ||||||
| 	// encryption uses padding and MAC, that does not work very well with | 	// encryption uses padding and MAC, that does not work very well with | ||||||
| @ -590,11 +619,11 @@ crypt_check_method(int method) | |||||||
| #ifdef FEAT_PERSISTENT_UNDO | #ifdef FEAT_PERSISTENT_UNDO | ||||||
| 	set_option_value((char_u *)"udf", 0, NULL, OPT_LOCAL); | 	set_option_value((char_u *)"udf", 0, NULL, OPT_LOCAL); | ||||||
| #endif | #endif | ||||||
|  |  | ||||||
| 	msg_scroll = TRUE; | 	msg_scroll = TRUE; | ||||||
| 	msg(_("Note: Encryption of swapfile not supported, disabling swap- and undofile")); | 	msg(_("Note: Encryption of swapfile not supported, disabling swap- and undofile")); | ||||||
|     } |     } | ||||||
| } | } | ||||||
|  | #endif | ||||||
|  |  | ||||||
|     void |     void | ||||||
| crypt_check_current_method(void) | crypt_check_current_method(void) | ||||||
| @ -647,6 +676,9 @@ crypt_get_key( | |||||||
| 		set_option_value((char_u *)"key", 0L, p1, OPT_LOCAL); | 		set_option_value((char_u *)"key", 0L, p1, OPT_LOCAL); | ||||||
| 		crypt_free_key(p1); | 		crypt_free_key(p1); | ||||||
| 		p1 = curbuf->b_p_key; | 		p1 = curbuf->b_p_key; | ||||||
|  | #ifdef FEAT_SODIUM | ||||||
|  | 		crypt_check_swapfile_curbuf(); | ||||||
|  | #endif | ||||||
| 	    } | 	    } | ||||||
| 	    break; | 	    break; | ||||||
| 	} | 	} | ||||||
| @ -654,10 +686,13 @@ crypt_get_key( | |||||||
|     } |     } | ||||||
|  |  | ||||||
|     // since the user typed this, no need to wait for return |     // since the user typed this, no need to wait for return | ||||||
|     if (msg_didout) |     if (crypt_get_method_nr(curbuf) != CRYPT_M_SOD) | ||||||
| 	msg_putchar('\n'); |     { | ||||||
|     need_wait_return = FALSE; | 	if (msg_didout) | ||||||
|     msg_didout = FALSE; | 	    msg_putchar('\n'); | ||||||
|  | 	need_wait_return = FALSE; | ||||||
|  | 	msg_didout = FALSE; | ||||||
|  |     } | ||||||
|  |  | ||||||
|     crypt_free_key(p2); |     crypt_free_key(p2); | ||||||
|     return p1; |     return p1; | ||||||
| @ -726,6 +761,7 @@ crypt_sodium_init( | |||||||
|  * "from" and "to" can be equal to encrypt in place. |  * "from" and "to" can be equal to encrypt in place. | ||||||
|  * Call needs to ensure that there is enough space in to (for the header) |  * Call needs to ensure that there is enough space in to (for the header) | ||||||
|  */ |  */ | ||||||
|  | #if 0  // Currently unused | ||||||
|     void |     void | ||||||
| crypt_sodium_encode( | crypt_sodium_encode( | ||||||
|     cryptstate_T *state UNUSED, |     cryptstate_T *state UNUSED, | ||||||
| @ -764,11 +800,13 @@ crypt_sodium_encode( | |||||||
|     sod_st->count++; |     sod_st->count++; | ||||||
| # endif | # endif | ||||||
| } | } | ||||||
|  | #endif | ||||||
|  |  | ||||||
| /* TODO: Unused | /* | ||||||
|  * Decrypt "from[len]" into "to[len]". |  * Decrypt "from[len]" into "to[len]". | ||||||
|  * "from" and "to" can be equal to encrypt in place. |  * "from" and "to" can be equal to encrypt in place. | ||||||
|  */ |  */ | ||||||
|  | #if 0  // Currently unused | ||||||
|     void |     void | ||||||
| crypt_sodium_decode( | crypt_sodium_decode( | ||||||
|     cryptstate_T *state UNUSED, |     cryptstate_T *state UNUSED, | ||||||
| @ -841,6 +879,7 @@ fail: | |||||||
|     vim_free(buf_out); |     vim_free(buf_out); | ||||||
| # endif | # endif | ||||||
| } | } | ||||||
|  | #endif | ||||||
|  |  | ||||||
| /* | /* | ||||||
|  * Encrypt "from[len]" into "to[len]". |  * Encrypt "from[len]" into "to[len]". | ||||||
| @ -864,7 +903,7 @@ crypt_sodium_buffer_encode( | |||||||
|     sodium_state_T	*sod_st = state->method_state; |     sodium_state_T	*sod_st = state->method_state; | ||||||
|     int			first = (sod_st->count == 0); |     int			first = (sod_st->count == 0); | ||||||
|  |  | ||||||
|     length = len + crypto_secretstream_xchacha20poly1305_ABYTES |     length = (int)len + crypto_secretstream_xchacha20poly1305_ABYTES | ||||||
| 	     + (first ? crypto_secretstream_xchacha20poly1305_HEADERBYTES : 0); | 	     + (first ? crypto_secretstream_xchacha20poly1305_HEADERBYTES : 0); | ||||||
|     *buf_out = alloc_clear(length); |     *buf_out = alloc_clear(length); | ||||||
|     if (*buf_out == NULL) |     if (*buf_out == NULL) | ||||||
|  | |||||||
| @ -443,6 +443,6 @@ EXTERN char e_libsodium_decryption_failed_header_incomplete[] | |||||||
| EXTERN char e_libsodium_cannot_decrypt_buffer[] | EXTERN char e_libsodium_cannot_decrypt_buffer[] | ||||||
| 	INIT(= N_("E1199: Cannot decrypt buffer, not enough space")); | 	INIT(= N_("E1199: Cannot decrypt buffer, not enough space")); | ||||||
| EXTERN char e_libsodium_decryption_failed[] | EXTERN char e_libsodium_decryption_failed[] | ||||||
| 	INIT(= N_("E1200: Decryption failed: corrupted chunk!")); | 	INIT(= N_("E1200: Decryption failed!")); | ||||||
| EXTERN char e_libsodium_decryption_failed_premature[] | EXTERN char e_libsodium_decryption_failed_premature[] | ||||||
| 	INIT(= N_("E1201: Decryption failed: pre-mature end of file!")); | 	INIT(= N_("E1201: Decryption failed: pre-mature end of file!")); | ||||||
|  | |||||||
| @ -1213,6 +1213,7 @@ retry: | |||||||
| 		     * Read bytes from curbuf.  Used for converting text read | 		     * Read bytes from curbuf.  Used for converting text read | ||||||
| 		     * from stdin. | 		     * from stdin. | ||||||
| 		     */ | 		     */ | ||||||
|  | 		    eof = FALSE; | ||||||
| 		    if (read_buf_lnum > from) | 		    if (read_buf_lnum > from) | ||||||
| 			size = 0; | 			size = 0; | ||||||
| 		    else | 		    else | ||||||
| @ -1261,6 +1262,7 @@ retry: | |||||||
| 				    if (!curbuf->b_p_eol) | 				    if (!curbuf->b_p_eol) | ||||||
| 					--tlen; | 					--tlen; | ||||||
| 				    size = tlen; | 				    size = tlen; | ||||||
|  | 				    eof = TRUE; | ||||||
| 				    break; | 				    break; | ||||||
| 				} | 				} | ||||||
| 			    } | 			    } | ||||||
| @ -1276,7 +1278,7 @@ retry: | |||||||
| 		    // Let the crypt layer work with a buffer size of 8192 | 		    // Let the crypt layer work with a buffer size of 8192 | ||||||
| 		    if (filesize == 0) | 		    if (filesize == 0) | ||||||
| 			// set size to 8K + Sodium Crypt Metadata | 			// set size to 8K + Sodium Crypt Metadata | ||||||
| 			size = WRITEBUFSIZE + 36 | 			size = WRITEBUFSIZE + crypt_get_max_header_len() | ||||||
| 		     + crypto_secretstream_xchacha20poly1305_HEADERBYTES | 		     + crypto_secretstream_xchacha20poly1305_HEADERBYTES | ||||||
| 		     + crypto_secretstream_xchacha20poly1305_ABYTES; | 		     + crypto_secretstream_xchacha20poly1305_ABYTES; | ||||||
|  |  | ||||||
|  | |||||||
| @ -497,7 +497,8 @@ ml_set_crypt_key( | |||||||
| 	return;  // no memfile yet, nothing to do | 	return;  // no memfile yet, nothing to do | ||||||
|     old_method = crypt_method_nr_from_name(old_cm); |     old_method = crypt_method_nr_from_name(old_cm); | ||||||
|  |  | ||||||
|     if (old_method == CRYPT_M_SOD || crypt_get_method_nr(buf) == CRYPT_M_SOD) |     // Swapfile encryption not supported by XChaCha20 | ||||||
|  |     if (crypt_get_method_nr(buf) == CRYPT_M_SOD && *buf->b_p_key != NUL) | ||||||
|     { |     { | ||||||
| 	// close the swapfile | 	// close the swapfile | ||||||
| 	mf_close_file(buf, TRUE); | 	mf_close_file(buf, TRUE); | ||||||
|  | |||||||
| @ -5,6 +5,7 @@ int crypt_works_inplace(cryptstate_T *state); | |||||||
| int crypt_get_method_nr(buf_T *buf); | int crypt_get_method_nr(buf_T *buf); | ||||||
| int crypt_whole_undofile(int method_nr); | int crypt_whole_undofile(int method_nr); | ||||||
| int crypt_get_header_len(int method_nr); | int crypt_get_header_len(int method_nr); | ||||||
|  | int crypt_get_max_header_len(void); | ||||||
| void crypt_set_cm_option(buf_T *buf, int method_nr); | void crypt_set_cm_option(buf_T *buf, int method_nr); | ||||||
| int crypt_self_test(void); | int crypt_self_test(void); | ||||||
| cryptstate_T *crypt_create(int method_nr, char_u *key, char_u *salt, int salt_len, char_u *seed, int seed_len); | cryptstate_T *crypt_create(int method_nr, char_u *key, char_u *salt, int salt_len, char_u *seed, int seed_len); | ||||||
| @ -23,8 +24,6 @@ void crypt_check_current_method(void); | |||||||
| char_u *crypt_get_key(int store, int twice); | char_u *crypt_get_key(int store, int twice); | ||||||
| void crypt_append_msg(buf_T *buf); | void crypt_append_msg(buf_T *buf); | ||||||
| int crypt_sodium_init(cryptstate_T *state, char_u *key, char_u *salt, int salt_len, char_u *seed, int seed_len); | int crypt_sodium_init(cryptstate_T *state, char_u *key, char_u *salt, int salt_len, char_u *seed, int seed_len); | ||||||
| void crypt_sodium_encode(cryptstate_T *state, char_u *from, size_t len, char_u *to, int last); |  | ||||||
| void crypt_sodium_decode(cryptstate_T *state, char_u *from, size_t len, char_u *to, int last); |  | ||||||
| long crypt_sodium_buffer_encode(cryptstate_T *state, char_u *from, size_t len, char_u **buf_out, int last); | long crypt_sodium_buffer_encode(cryptstate_T *state, char_u *from, size_t len, char_u **buf_out, int last); | ||||||
| long crypt_sodium_buffer_decode(cryptstate_T *state, char_u *from, size_t len, char_u **buf_out, int last); | long crypt_sodium_buffer_decode(cryptstate_T *state, char_u *from, size_t len, char_u **buf_out, int last); | ||||||
| /* vim: set ft=c : */ | /* vim: set ft=c : */ | ||||||
|  | |||||||
| @ -755,6 +755,8 @@ static char *(features[]) = | |||||||
|  |  | ||||||
| static int included_patches[] = | static int included_patches[] = | ||||||
| {   /* Add new patch number below this line */ | {   /* Add new patch number below this line */ | ||||||
|  | /**/ | ||||||
|  |     3032, | ||||||
| /**/ | /**/ | ||||||
|     3031, |     3031, | ||||||
| /**/ | /**/ | ||||||
|  | |||||||
		Reference in New Issue
	
	Block a user