| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Also handle partial writes in alloc_mmap
|
|
|
|
|
| |
file. FreeBSD's man page for mmap warns that using NOSYNC with sparse
files causes problems. Closes PR 30
|
| |
|
|
|
|
|
| |
fails, not just return 0 since callers expect that the allocator will
either succeed or throw.
|
| |
|
|
|
|
|
|
|
| |
Add a push_back that takes a single argument ala std::vector
For appending, provide some namespace level += operators - we can use
this technique with either MemoryRegion or a std::vector.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the initial/default length of the array, update all users to instead
pass the value to the constructor.
This is a old vestigal thing from a class (SecureBuffer) that used
this compile-time constant in order to store the values in an
array. However this was changed way back in 2002 to use the same
allocator hooks as the rest of the containers, so the only advantage
to using the length field was that the initial length was set and
didn't have to be set in the constructor which was midly convenient.
However this directly conflicts with the desire to be able to
(eventually) use std::vector with a custom allocator, since of course
vector doesn't support this.
Fortunately almost all of the uses are in classes which have only a
single constructor, so there is little to no duplication by instead
initializing the size in the constructor.
|
|
|
|
|
|
| |
Avoid using using directives in MemoryVector and SecureVector to bring
things into scope; it brings them into public scope even if they are
protected which is not desirable. Instead disambiguate using this->func()
|
| |
|
|
|
|
| |
MemoryRegions and concatenated them.
|
|
|
|
|
|
|
|
|
|
|
| |
Add RandomNumberGenerator::random_vec, which takes an length n and
returns a new SecureVector with randomized contents of that size. This
nicely covers most of the cases where randomize was being called on a
vector, and is a little cleaner in the code as well, instead of
vec.resize(length);
rng.randomize(&vec[0], vec.size());
we just write
vec = rng.random_vec(length);
|
|
|
|
|
| |
representation (rather than in an interator context), instead use &buf[0],
which works for both MemoryRegion and std::vector
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
harmonising MemoryRegion with std::vector:
The MemoryRegion::clear() function would zeroise the buffer, but keep
the memory allocated and the size unchanged. This is very different
from STL's clear(), which is basically the equivalent to what is
called destroy() in MemoryRegion. So to be able to replace MemoryRegion
with a std::vector, we have to rename destroy() to clear() and we have
to expose the current functionality of clear() in some other way, since
vector doesn't support this operation. Do so by adding a global function
named zeroise() which takes a MemoryRegion which is zeroed. Remove clear()
to ensure all callers are updated.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
container like vector, truncate is simply resize, but what
MemoryRegion called resize will zap the entire contents, and then what
was resize was called grow_to. This is really problematic in terms of
the goal of replacing MemoryRegion with a vector with a custom
allocator.
In this checkin:
- Remove MemoryRegion::grow_to and MemoryRegion::truncate
- Change the semantics of MemoryRegion::resize to change the size
while keeping any current contents intact (up to the new size),
zero initializing any new values.
Unrelated, just noticed the lack while I was in there, add a version
of CryptoBox::decrypt taking a std::string for the input.
|
|
|
|
|
| |
to fix compilation on Solaris. Everybody else, including POSIX.1, uses
void* here, but as usual Solaris likes to be special.
|
|
|
|
| |
Required by the hex decoder.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
depending on if INITIAL_LEN is non-zero. Normal semantics are the
vector will change size based on whatever it is constructed with,
but that's bad in cases like
SecureVector<byte, 4> val(buffer, 3);
which in the past would be a 4 valued thing with 3 elements set
and one zero trailing. (This construct showed up in base64 and
possibly elsewhere). If INITIAL_LEN is set, use copy instead so
the length does not change.
C++0x cannot come soon enough.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the name at all; instead unlink it at the end of the constructor,
so by the time it is fully constructed it is purely an anonymous
file descriptor.
mkstemp has a weird interface and returns the final name of the
file in its template argument. This prevented us from using a
std::string, since c_str's return is const (and we can't use
&string[0], because that might not be NULL-terminated). This
previously required doing nasty things like explicit new/delete
and using strcpy (the strcpy was what got me started on looking
at this; OpenBSD complains about it, so I was trying to figure
out a good way to remove it).
Instead, use the idea from http://www.gotw.ca/gotw/042.htm, and
use a std::vector to hold the mkstemp argument/result. That works
consistently everywhere, and we don't need to rely on strcpy, and
don't have to worry about memory leaks either. Only minor nit is
having to add an explicit NULL terminator as the std::string
doesn't contain it.
|
|
|
|
| |
that enable botan to be built under the clang C++ compiler.
|
|
|
|
| |
to meaning
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a second template param to SecureVector which specifies the initial
length.
Change all callers to be SecureVector instead of SecureBuffer.
This can go away in C++0x, once compilers implement N2712 ("Non-static
data member initializers"), and we can just write code as
SecureVector<byte> P{18};
instead
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
pointer was actually set. Otherwise, the following problem could occur
if an allocator could not be found:
init() will call Allocator::get, which throws an exception
init() is called from the constructor of the subclasses (MemoryVector, etc)
Since the constructor of MemoryRegion has already finished, its destructor
will be called.
~MemoryRegion will call deallocate()
deallocate() will then access a NULL pointer
By guarding the call, the exception is propagated correctly.
|
|
|
|
|
|
|
| |
Invalid_Argument just a typedef for std::invalid_argument. Make
Botan::Exception a typedef for std::runtime_error. Make Memory_Exhaustion
a public exception, and use it in other places where memory allocations
can fail.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes for the amalgamation generator for internal headers.
Remove BOTAN_DLL exporting macros from all internal-only headers;
the classes/functions there don't need to be exported, and
avoiding the PIC/GOT indirection can be a big win.
Add missing BOTAN_DLLs where necessary, mostly gfpmath and cvc
For GCC, use -fvisibility=hidden and set BOTAN_DLL to the
visibility __attribute__ to export those classes/functions.
|
| |
|
|
|
|
|
|
| |
Remove support for (unused) modset settings.
Move tss, fpe, cryptobox, and aont to new dir constructs
|
|
|
|
|
|
|
|
| |
containers (specifically vector).
Rename is_empty to empty
Remove has_items
Rename create to resize
|
| |
|
|
|
|
|
| |
Pretty much useless and unused, except for listing the module names in
build.h and the short versions totally suffice for that.
|
|
|
|
|
|
| |
just too fragile and not that useful. Something like Java's checked exceptions
might be nice, but simply killing the process entirely if an unexpected
exception is thrown is not exactly useful for something trying to be robust.
|
|
|
|
|
|
|
| |
- rounding.h (round_up, round_down)
- workfactor.h (dl_work_factor)
- timer.h (system_time)
And update all users of the previous util.h
|
|
|
|
| |
Inline round_up and round_down
|
|
|
|
| |
Contributed by Patrick Georgi
|
| |
|
|
|
|
|
|
| |
the info.txt files with the right module dependencies.
Apply it across the codebase.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
up during the Fedora submission review, that each source file include some
text about the license. One handy Perl script later and each file now has
the line
Distributed under the terms of the Botan license
after the copyright notices.
While I was in there modifying every file anyway, I also stripped out the
remainder of the block comments (lots of astericks before and after the
text); this is stylistic thing I picked up when I was first learning C++
but in retrospect it is not a good style as the structure makes it harder
to modify comments (with the result that comments become fewer, shorter and
are less likely to be updated, which are not good things).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
on Solaris 10 with GCC 3.4.3.
First, remove the definition of _XOPEN_SOURCE_EXTENDED=1 in mmap_mem.cpp
and unix_cmd.cpp, because apparently on Solaris defining this macro breaks
C++ compilation entirely with GCC:
http://bugs.opensolaris.org/bugdatabase/view_bug.do?bug_id=6395191
In es_egd.cpp and es_dev.cpp, include <fcntl.h> to get the declaration of
open(), which is apparently where open(2) lives on Solaris - this matches
the include the *BSD man pages for open(2) show, though AFAIK the BSDs
all compiled fine without it (probably due to greater efforts to be
source-compatible with Linux systems by *BSD developers).
I have not been able to test these changes personally on Solaris but
Rickard reports that with these changes everything compiles OK.
Update lib version to 1.8.0-pre. ZOMG. Finally.
|
|
|
|
| |
avoid a potential integer overflow in the multiplication. Fixes bugid 27
|