Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package Botan for openSUSE:Factory checked in at 2021-04-21 21:00:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/Botan (Old) and /work/SRC/openSUSE:Factory/.Botan.new.12324 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "Botan" Wed Apr 21 21:00:25 2021 rev:58 rq:887274 version:2.18.0 Changes: -------- --- /work/SRC/openSUSE:Factory/Botan/Botan.changes 2020-12-23 14:22:34.709804984 +0100 +++ /work/SRC/openSUSE:Factory/.Botan.new.12324/Botan.changes 2021-04-21 21:01:09.830368089 +0200 @@ -1,0 +2,14 @@ +Fri Apr 16 16:56:20 UTC 2021 - Ferdinand Thiessen <r...@fthiessen.de> + +- Botan 2.18.0 + * Add support for implementing custom RNG objects through the FFI + interface + * Improve safegcd bounds, improving runtime performance + * Reject non-TLS messages as quickly as possible without waiting + for a full record. + * Fixes for TLS::Stream::async_shutdown +- Removed unneeded GNU MP build requirement, support was dropped + with version 1.11.10 +- Enabled check target, verify integrity of build library + +------------------------------------------------------------------- Old: ---- Botan-2.17.3.tar.xz Botan-2.17.3.tar.xz.asc New: ---- Botan-2.18.0.tar.xz Botan-2.18.0.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ Botan.spec ++++++ --- /var/tmp/diff_new_pack.fuUwo7/_old 2021-04-21 21:01:10.442369052 +0200 +++ /var/tmp/diff_new_pack.fuUwo7/_new 2021-04-21 21:01:10.446369059 +0200 @@ -1,7 +1,7 @@ # # spec file for package Botan # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2021 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,10 +16,10 @@ # -%define version_suffix 2-17 +%define version_suffix 2-18 %define short_version 2 Name: Botan -Version: 2.17.3 +Version: 2.18.0 Release: 0 Summary: A C++ Crypto Library License: BSD-2-Clause @@ -31,9 +31,6 @@ Source3: baselibs.conf BuildRequires: bzip2 >= 1.0.2 BuildRequires: gcc-c++ -# FIXME: is this dependency correct? -BuildRequires: gmp-devel >= 4.1 -#Requires: gmp >= 4.1 BuildRequires: libbz2-devel BuildRequires: openssl-devel BuildRequires: pkgconfig @@ -100,6 +97,7 @@ --with-bzip2 \ --with-zlib \ --with-openssl \ + --with-openmp \ %ifarch %{ix86} --cpu=x86_32 %else @@ -119,6 +117,9 @@ chmod +x %{buildroot}%{python3_sitearch}/botan2.py sed -i '1s@^#!/.*@#!%{_bindir}/python3@' %{buildroot}%{python3_sitearch}/botan2.py +%check +make check + %post -n libbotan-%{version_suffix} -p /sbin/ldconfig %postun -n libbotan-%{version_suffix} -p /sbin/ldconfig ++++++ Botan-2.17.3.tar.xz -> Botan-2.18.0.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-2.17.3/configure.py new/Botan-2.18.0/configure.py --- old/Botan-2.17.3/configure.py 2020-12-21 18:19:42.000000000 +0100 +++ new/Botan-2.18.0/configure.py 2021-04-15 07:14:48.000000000 +0200 @@ -333,6 +333,9 @@ target_group.add_option('--ldflags', metavar='FLAGS', help='set linker flags', default=None) + target_group.add_option('--extra-libs', metavar='LIBS', + help='specify extra libraries to link against', default='') + target_group.add_option('--ar-command', dest='ar_command', metavar='AR', default=None, help='set path to static archive creator') @@ -2007,6 +2010,12 @@ else: return '%s %s' % (options.compiler_cache, cxx) + def extra_libs(libs, cc): + if libs is None: + return '' + + return ' '.join([(cc.add_lib_option % lib) for lib in libs.split(',') if lib != '']) + variables = { 'version_major': Version.major(), 'version_minor': Version.minor(), @@ -2131,6 +2140,7 @@ 'cc_sysroot': sysroot_option(), 'cc_compile_flags': options.cxxflags or cc.cc_compile_flags(options), 'ldflags': options.ldflags or '', + 'extra_libs': extra_libs(options.extra_libs, cc), 'cc_warning_flags': cc.cc_warning_flags(options), 'output_to_exe': cc.output_to_exe, 'cc_macro': cc.macro_name, @@ -3006,6 +3016,10 @@ if options.build_fuzzers == 'libfuzzer' and options.fuzzer_lib is None: options.fuzzer_lib = 'Fuzzer' + if options.ldflags is not None: + libs = [m.group(1) for m in re.finditer(r'-l([a-z0-9]+)', options.ldflags)] + options.extra_libs += ','.join(libs) + # Checks user options for consistency # This method DOES NOT change options on behalf of the user but explains # why the given configuration does not work. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-2.17.3/news.rst new/Botan-2.18.0/news.rst --- old/Botan-2.17.3/news.rst 2020-12-21 18:19:42.000000000 +0100 +++ new/Botan-2.18.0/news.rst 2021-04-15 07:14:48.000000000 +0200 @@ -1,11 +1,33 @@ Release Notes ======================================== +Version 2.18.0, 2021-04-15 +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +* Add support for implementing custom RNG objects through the + FFI interface (GH #2627 #2600) + +* Improve safegcd bounds, improving runtime performance (GH #2628 #2619) + +* Fix a bug introduced in 2.9.0 where BigInt::operator< would return + an incorrect result if both operands were negative. (GH #2641 #2638) + +* Reject non-TLS messages as quickly as possible without waiting for + a full record. (GH #2676) + +* Add build support for RISC-V 32 + +* Fixes for TLS::Stream::async_shutdown (GH #2673) + +* Fix a regression introduced in 2.17.0 where LDFLAGS which add an extra + library (such as ``-latomic`` needed on SPARC) were not always applied + effectively. (GH #2622 #2623 #2625) + Version 2.17.3, 2020-12-21 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -* Change base64, base58, base32, and hex encoding and decoding opearations - to run in constant time (GH #2549) +* CVE-2021-24115 Change base64, base58, base32, and hex encoding and + decoding opearations to run in constant time (GH #2549) * Fix a build problem on PPC64 building with Clang (GH #2547) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-2.17.3/readme.rst new/Botan-2.18.0/readme.rst --- old/Botan-2.17.3/readme.rst 2020-12-21 18:19:42.000000000 +0100 +++ new/Botan-2.18.0/readme.rst 2021-04-15 07:14:48.000000000 +0200 @@ -27,9 +27,9 @@ <https://botan.randombit.net/security.html>`_ for contact information. The latest release is -`2.17.3 <https://botan.randombit.net/releases/Botan-2.17.3.tar.xz>`_ -`(sig) <https://botan.randombit.net/releases/Botan-2.17.3.tar.xz.asc>`_, -released on 2020-12-21. +`2.18.0 <https://botan.randombit.net/releases/Botan-2.18.0.tar.xz>`_ +`(sig) <https://botan.randombit.net/releases/Botan-2.18.0.tar.xz.asc>`_, +released on 2021-04-15. All releases are signed with a `PGP key <https://botan.randombit.net/pgpkey.txt>`_. See the `release notes <https://botan.randombit.net/news.html>`_ for what is new. Botan is also available through most diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-2.17.3/src/build-data/arch/riscv32.txt new/Botan-2.18.0/src/build-data/arch/riscv32.txt --- old/Botan-2.17.3/src/build-data/arch/riscv32.txt 1970-01-01 01:00:00.000000000 +0100 +++ new/Botan-2.18.0/src/build-data/arch/riscv32.txt 2021-04-15 07:14:48.000000000 +0200 @@ -0,0 +1,2 @@ +family riscv +endian little diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-2.17.3/src/build-data/arch/riscv64.txt new/Botan-2.18.0/src/build-data/arch/riscv64.txt --- old/Botan-2.17.3/src/build-data/arch/riscv64.txt 2020-12-21 18:19:42.000000000 +0100 +++ new/Botan-2.18.0/src/build-data/arch/riscv64.txt 2021-04-15 07:14:48.000000000 +0200 @@ -1,2 +1,3 @@ family riscv endian little +wordsize 64 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-2.17.3/src/build-data/makefile.in new/Botan-2.18.0/src/build-data/makefile.in --- old/Botan-2.17.3/src/build-data/makefile.in 2020-12-21 18:19:42.000000000 +0100 +++ new/Botan-2.18.0/src/build-data/makefile.in 2021-04-15 07:14:48.000000000 +0200 @@ -21,7 +21,7 @@ EXE_LINK_CMD = %{exe_link_cmd} LIB_LINKS_TO = %{external_link_cmd} %{link_to} -EXE_LINKS_TO = %{link_to_botan} $(LIB_LINKS_TO) +EXE_LINKS_TO = %{link_to_botan} $(LIB_LINKS_TO) %{extra_libs} BUILD_FLAGS = $(ABI_FLAGS) $(LANG_FLAGS) $(CXXFLAGS) $(WARN_FLAGS) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-2.17.3/src/build-data/version.txt new/Botan-2.18.0/src/build-data/version.txt --- old/Botan-2.17.3/src/build-data/version.txt 2020-12-21 18:19:42.000000000 +0100 +++ new/Botan-2.18.0/src/build-data/version.txt 2021-04-15 07:14:48.000000000 +0200 @@ -1,11 +1,11 @@ release_major = 2 -release_minor = 17 -release_patch = 3 +release_minor = 18 +release_patch = 0 release_suffix = '' -release_so_abi_rev = 17 +release_so_abi_rev = 18 # These are set by the distribution script -release_vc_rev = 'git:bcda19704da482c57eb0bce786cebb97f378f146' -release_datestamp = 20201221 +release_vc_rev = 'git:21c71f73883820f51d7adce25f6c1f54a243c3a4' +release_datestamp = 20210415 release_type = 'release' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-2.17.3/src/fuzzer/bn_cmp.cpp new/Botan-2.18.0/src/fuzzer/bn_cmp.cpp --- old/Botan-2.17.3/src/fuzzer/bn_cmp.cpp 1970-01-01 01:00:00.000000000 +0100 +++ new/Botan-2.18.0/src/fuzzer/bn_cmp.cpp 2021-04-15 07:14:48.000000000 +0200 @@ -0,0 +1,74 @@ +/* +* (C) 2021 Jack Lloyd +* +* Botan is released under the Simplified BSD License (see license.txt) +*/ + +#include "fuzzers.h" + +#include <botan/bigint.h> + +void fuzz(const uint8_t in[], size_t len) + { + const size_t max_bits = 512; + + if(len < 3 || len > 1 + 2*(max_bits/8)) + return; + + const uint8_t signs = in[0]; + const size_t x_len = (len - 1) / 2; + + Botan::BigInt x = Botan::BigInt::decode(in + 1, x_len); + Botan::BigInt y = Botan::BigInt::decode(in + 1 + x_len, len - x_len - 1); + + if(signs & 1) + x.flip_sign(); + if(signs & 2) + y.flip_sign(); + + const Botan::BigInt d1 = x - y; + const Botan::BigInt d2 = y - x; + + FUZZER_ASSERT_TRUE(d1.cmp(d2, false) == 0); + + const bool is_eq = (x == y); + const bool is_lt = (x < y); + const bool is_gt = (x > y); + const bool is_lte = (x <= y); + const bool is_gte = (x >= y); + + if(is_eq) + { + FUZZER_ASSERT_TRUE(d1.is_zero()); + FUZZER_ASSERT_TRUE(d2.is_zero()); + } + + if(is_lte) + { + FUZZER_ASSERT_TRUE(is_lt || is_eq); + } + + if(is_gte) + { + FUZZER_ASSERT_TRUE(is_gt || is_eq); + } + + if(is_lt) + { + FUZZER_ASSERT_TRUE(!is_gt); + FUZZER_ASSERT_TRUE(d1.is_nonzero()); + FUZZER_ASSERT_TRUE(d2.is_nonzero()); + FUZZER_ASSERT_TRUE(d1.is_negative()); + FUZZER_ASSERT_TRUE(d2.is_positive()); + } + + if(is_gt) + { + FUZZER_ASSERT_TRUE(!is_lt); + FUZZER_ASSERT_TRUE(d1.is_nonzero()); + FUZZER_ASSERT_TRUE(d2.is_nonzero()); + FUZZER_ASSERT_TRUE(d1.is_positive()); + FUZZER_ASSERT_TRUE(d2.is_negative()); + } + } + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-2.17.3/src/lib/ffi/ffi.cpp new/Botan-2.18.0/src/lib/ffi/ffi.cpp --- old/Botan-2.17.3/src/lib/ffi/ffi.cpp 2020-12-21 18:19:42.000000000 +0100 +++ new/Botan-2.18.0/src/lib/ffi/ffi.cpp 2021-04-15 07:14:48.000000000 +0200 @@ -200,6 +200,10 @@ int botan_ffi_supports_api(uint32_t api_version) { + // This is the API introduced in 2.18 + if(api_version == 20210220) + return BOTAN_FFI_SUCCESS; + // This is the API introduced in 2.13 if(api_version == 20191214) return BOTAN_FFI_SUCCESS; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-2.17.3/src/lib/ffi/ffi.h new/Botan-2.18.0/src/lib/ffi/ffi.h --- old/Botan-2.17.3/src/lib/ffi/ffi.h 2020-12-21 18:19:42.000000000 +0100 +++ new/Botan-2.18.0/src/lib/ffi/ffi.h 2021-04-15 07:14:48.000000000 +0200 @@ -1,6 +1,7 @@ /* * FFI (C89 API) * (C) 2015,2017 Jack Lloyd +* (C) 2021 Ren?? Fischer * * Botan is released under the Simplified BSD License (see license.txt) */ @@ -201,6 +202,20 @@ BOTAN_PUBLIC_API(2,0) int botan_rng_init(botan_rng_t* rng, const char* rng_type); /** +* Initialize a custom random number generator from a set of callback functions +* @param rng rng object +* @param rng_name name of the rng +* @param context An application-specific context passed to the callback functions +* @param get_cb Callback for getting random bytes from the rng, return 0 for success +* @param add_entry_cb Callback for adding entropy to the rng, return 0 for success, may be NULL +* @param destroy_cb Callback called when rng is destroyed, may be NULL +*/ +BOTAN_PUBLIC_API(2,18) int botan_rng_init_custom(botan_rng_t* rng_out, const char* rng_name, void* context, + int(* get_cb)(void* context, uint8_t* out, size_t out_len), + int(* add_entropy_cb)(void* context, const uint8_t input[], size_t length), + void(* destroy_cb)(void* context)); + +/** * Get random bytes from a random number generator * @param rng rng object * @param out output buffer of size out_len diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-2.17.3/src/lib/ffi/ffi_rng.cpp new/Botan-2.18.0/src/lib/ffi/ffi_rng.cpp --- old/Botan-2.17.3/src/lib/ffi/ffi_rng.cpp 2020-12-21 18:19:42.000000000 +0100 +++ new/Botan-2.18.0/src/lib/ffi/ffi_rng.cpp 2021-04-15 07:14:48.000000000 +0200 @@ -1,5 +1,6 @@ /* * (C) 2015,2017 Jack Lloyd +* (C) 2021 Ren?? Fischer * * Botan is released under the Simplified BSD License (see license.txt) */ @@ -10,6 +11,8 @@ #include <botan/system_rng.h> #include <botan/auto_rng.h> +#include <functional> + #if defined(BOTAN_HAS_PROCESSOR_RNG) #include <botan/processor_rng.h> #endif @@ -57,6 +60,101 @@ }); } +int botan_rng_init_custom(botan_rng_t* rng_out, const char* rng_name, void* context, + int(* get_cb)(void* context, uint8_t* out, size_t out_len), + int(* add_entropy_cb)(void* context, const uint8_t input[], size_t length), + void(* destroy_cb)(void* context)) +{ +return ffi_guard_thunk(__func__,[=]() -> int { + if(rng_out == nullptr) + return BOTAN_FFI_ERROR_NULL_POINTER; + + if(rng_name == nullptr) + return BOTAN_FFI_ERROR_NULL_POINTER; + + if(get_cb == nullptr) + return BOTAN_FFI_ERROR_NULL_POINTER; + + class Custom_RNG : public Botan::RandomNumberGenerator + { + public: + Custom_RNG(const std::string& name, void* context, + int(* get_cb)(void* context, uint8_t* out, size_t out_len), + int(* add_entropy_cb)(void* context, const uint8_t input[], size_t length), + void(* destroy_cb)(void* context)) : + m_name(name) + { + m_context = context; + m_get_cb = get_cb; + m_add_entropy_cb = add_entropy_cb; + m_destroy_cb = destroy_cb; + } + + ~Custom_RNG() + { + if(m_destroy_cb) + { + m_destroy_cb(m_context); + } + } + + void randomize(uint8_t output[], size_t length) override + { + int rc = m_get_cb(m_context, output, length); + if(rc) + { + throw Botan::Invalid_State("Failed to get random from C callback, rc=" + std::to_string(rc)); + } + } + + bool accepts_input() const override + { + return m_add_entropy_cb != nullptr; + } + + void add_entropy(const uint8_t input[], size_t length) override + { + if(m_add_entropy_cb == nullptr) + { + return; + } + + int rc = m_add_entropy_cb(m_context, input, length); + if(rc) + { + throw Botan::Invalid_State("Failed to add entropy via C callback, rc=" + std::to_string(rc)); + } + } + + std::string name() const override + { + return m_name; + } + + void clear() override + { + } + + bool is_seeded() const override + { + return true; + } + + private: + std::string m_name; + void* m_context; + std::function<int(void* context, uint8_t* out, size_t out_len)> m_get_cb; + std::function<int(void* context, const uint8_t input[], size_t length)> m_add_entropy_cb; + std::function<void(void* context)> m_destroy_cb; + }; + + std::unique_ptr<Botan::RandomNumberGenerator> rng(new Custom_RNG(rng_name, context, get_cb, add_entropy_cb, destroy_cb)); + + *rng_out = new botan_rng_struct(rng.release()); + return BOTAN_FFI_SUCCESS; + }); +} + int botan_rng_destroy(botan_rng_t rng) { return BOTAN_FFI_CHECKED_DELETE(rng); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-2.17.3/src/lib/ffi/info.txt new/Botan-2.18.0/src/lib/ffi/info.txt --- old/Botan-2.17.3/src/lib/ffi/info.txt 2020-12-21 18:19:42.000000000 +0100 +++ new/Botan-2.18.0/src/lib/ffi/info.txt 2021-04-15 07:14:48.000000000 +0200 @@ -1,5 +1,5 @@ <defines> -FFI -> 20191214 +FFI -> 20210220 </defines> <header:internal> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-2.17.3/src/lib/math/bigint/bigint.cpp new/Botan-2.18.0/src/lib/math/bigint/bigint.cpp --- old/Botan-2.17.3/src/lib/math/bigint/bigint.cpp 2020-12-21 18:19:42.000000000 +0100 +++ new/Botan-2.18.0/src/lib/math/bigint/bigint.cpp 2021-04-15 07:14:48.000000000 +0200 @@ -165,8 +165,8 @@ if(other.is_negative() && this->is_negative()) { - return !bigint_ct_is_lt(other.data(), other.sig_words(), - this->data(), this->sig_words(), true).is_set(); + return bigint_ct_is_lt(other.data(), other.sig_words(), + this->data(), this->sig_words()).is_set(); } return bigint_ct_is_lt(this->data(), this->sig_words(), diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-2.17.3/src/lib/math/numbertheory/numthry.cpp new/Botan-2.18.0/src/lib/math/numbertheory/numthry.cpp --- old/Botan-2.17.3/src/lib/math/numbertheory/numthry.cpp 2020-12-21 18:19:42.000000000 +0100 +++ new/Botan-2.18.0/src/lib/math/numbertheory/numthry.cpp 2021-04-15 07:14:48.000000000 +0200 @@ -61,13 +61,29 @@ return seen_nonempty_word.if_set_return(low_zero); } +namespace { + +size_t safegcd_loop_bound(size_t f_bits, size_t g_bits) + { + const size_t d = std::max(f_bits, g_bits); + + if(d < 46) + return (49*d + 80) / 17; + else + return (49*d + 57) / 17; + } + +} + /* * Calculate the GCD */ BigInt gcd(const BigInt& a, const BigInt& b) { - if(a.is_zero() || b.is_zero()) - return 0; + if(a.is_zero()) + return abs(b); + if(b.is_zero()) + return abs(a); if(a == 1 || b == 1) return 1; @@ -91,7 +107,7 @@ int32_t delta = 1; - const size_t loop_cnt = 4 + 3*std::max(f.bits(), g.bits()); + const size_t loop_cnt = safegcd_loop_bound(f.bits(), g.bits()); BigInt newg, t; for(size_t i = 0; i != loop_cnt; ++i) @@ -100,8 +116,8 @@ const bool need_swap = (g.is_odd() && delta > 0); - // if(need_swap) delta *= -1 - delta *= CT::Mask<uint8_t>::expand(need_swap).select(0, 2) - 1; + // if(need_swap) { delta *= -1 } else { delta *= 1 } + delta *= CT::Mask<uint8_t>::expand(need_swap).if_not_set_return(2) - 1; f.ct_cond_swap(need_swap, g); g.ct_cond_swap(need_swap, newg); @@ -116,6 +132,8 @@ f.const_time_unpoison(); g.const_time_unpoison(); + BOTAN_ASSERT_NOMSG(g.is_zero()); + return f; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-2.17.3/src/lib/tls/asio/asio_stream.h new/Botan-2.18.0/src/lib/tls/asio/asio_stream.h --- old/Botan-2.17.3/src/lib/tls/asio/asio_stream.h 2020-12-21 18:19:42.000000000 +0100 +++ new/Botan-2.18.0/src/lib/tls/asio/asio_stream.h 2021-04-15 07:14:48.000000000 +0200 @@ -334,28 +334,36 @@ private: /** - * @brief Internal wrapper type to adapt the expected signature of `async_shutdown` - * to the completion handler signature of `AsyncWriteOperation`. + * @brief Internal wrapper type to adapt the expected signature of `async_shutdown` to the completion handler + * signature of `AsyncWriteOperation`. * - * This is boilerplate to ignore the `size_t` parameter that is passed to the - * completion handler of `AsyncWriteOperation`. - * - * @todo in C++14 and above this could be implemented as a mutable lambda expression - * that captures `handler` by perfect forwarding, like so: - * - * [h = std::forward<Handler>(handler)] (...) mutable { return h(ec); } + * This is boilerplate to ignore the `size_t` parameter that is passed to the completion handler of + * `AsyncWriteOperation`. Note that it needs to retain the wrapped handler's executor. */ - template <typename Handler> - class Wrapper + template <typename Handler, typename Executor> + struct Wrapper { - public: - Wrapper(Handler&& handler) : _handler(std::forward<Handler>(handler)) {} - void operator()(boost::system::error_code ec, size_t) - { - _handler(ec); - } - private: - Handler _handler; + void operator()(boost::system::error_code ec, std::size_t) + { + handler(ec); + } + + using executor_type = boost::asio::associated_executor_t<Handler, Executor>; + + executor_type get_executor() const noexcept + { + return boost::asio::get_associated_executor(handler, io_executor); + } + + using allocator_type = boost::asio::associated_allocator_t<Handler>; + + allocator_type get_allocator() const noexcept + { + return boost::asio::get_associated_allocator(handler); + } + + Handler handler; + Executor io_executor; }; public: @@ -380,9 +388,9 @@ // If ec is set by native_handle->close(), the AsyncWriteOperation created below will do nothing but call the // handler with the error_code set appropriately - no need to early return here. - using ShutdownHandlerWrapper = Wrapper<ShutdownHandler>; + using ShutdownHandlerWrapper = Wrapper<ShutdownHandler, typename Stream::executor_type>; - ShutdownHandlerWrapper w(std::forward<ShutdownHandler>(handler)); + ShutdownHandlerWrapper w{std::forward<ShutdownHandler>(handler), get_executor()}; BOOST_ASIO_SHUTDOWN_HANDLER_CHECK(ShutdownHandler, w) type_check; boost::asio::async_completion<ShutdownHandlerWrapper, void(boost::system::error_code, std::size_t)> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-2.17.3/src/lib/tls/tls_record.cpp new/Botan-2.18.0/src/lib/tls/tls_record.cpp --- old/Botan-2.17.3/src/lib/tls/tls_record.cpp 2020-12-21 18:19:42.000000000 +0100 +++ new/Botan-2.18.0/src/lib/tls/tls_record.cpp 2021-04-15 07:14:48.000000000 +0200 @@ -340,11 +340,13 @@ BOTAN_ASSERT_EQUAL(readbuf.size(), TLS_HEADER_SIZE, "Have an entire header"); } - const Protocol_Version version(readbuf[1], readbuf[2]); - - if(version.is_datagram_protocol()) + if(readbuf[1] != 3) + { throw TLS_Exception(Alert::PROTOCOL_VERSION, - "Expected TLS but got a record with DTLS version"); + "Got unexpected TLS record version"); + } + + const Protocol_Version version(readbuf[1], readbuf[2]); const size_t record_size = make_uint16(readbuf[TLS_HEADER_SIZE-2], readbuf[TLS_HEADER_SIZE-1]); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-2.17.3/src/lib/utils/rotate.h new/Botan-2.18.0/src/lib/utils/rotate.h --- old/Botan-2.17.3/src/lib/utils/rotate.h 2020-12-21 18:19:42.000000000 +0100 +++ new/Botan-2.18.0/src/lib/utils/rotate.h 2021-04-15 07:14:48.000000000 +0200 @@ -69,14 +69,20 @@ template<> inline uint32_t rotl_var(uint32_t input, size_t rot) { - asm("roll %1,%0" : "+r" (input) : "c" (static_cast<uint8_t>(rot))); + asm("roll %1,%0" + : "+r" (input) + : "c" (static_cast<uint8_t>(rot)) + : "cc"); return input; } template<> inline uint32_t rotr_var(uint32_t input, size_t rot) { - asm("rorl %1,%0" : "+r" (input) : "c" (static_cast<uint8_t>(rot))); + asm("rorl %1,%0" + : "+r" (input) + : "c" (static_cast<uint8_t>(rot)) + : "cc"); return input; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-2.17.3/src/tests/data/bn/cmp.vec new/Botan-2.18.0/src/tests/data/bn/cmp.vec --- old/Botan-2.17.3/src/tests/data/bn/cmp.vec 1970-01-01 01:00:00.000000000 +0100 +++ new/Botan-2.18.0/src/tests/data/bn/cmp.vec 2021-04-15 07:14:48.000000000 +0200 @@ -0,0 +1,78 @@ +[EQ] +X = 5 +Y = 5 +R = true + +X = -5 +Y = 5 +R = false + +X = 5 +Y = -5 +R = false + +X = -5 +Y = -5 +R = true + +X = 4 +Y = 5 +R = false + +X = 5 +Y = 4 +R = false + +[LT] +X = 5 +Y = 5 +R = false + +X = -5 +Y = 5 +R = true + +X = 5 +Y = -5 +R = false + +X = -5 +Y = -5 +R = false + +X = -1 +Y = -3 +R = false + +X = -2 +Y = -1 +R = true + +[LTE] +X = 5 +Y = 5 +R = true + +X = 5 +Y = 6 +R = true + +X = 6 +Y = 5 +R = false + +X = -5 +Y = 5 +R = true + +X = 5 +Y = -5 +R = false + +X = -1 +Y = -2 +R = false + +X = -2 +Y = -1 +R = true diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-2.17.3/src/tests/test_bigint.cpp new/Botan-2.18.0/src/tests/test_bigint.cpp --- old/Botan-2.17.3/src/tests/test_bigint.cpp 2020-12-21 18:19:42.000000000 +0100 +++ new/Botan-2.18.0/src/tests/test_bigint.cpp 2021-04-15 07:14:48.000000000 +0200 @@ -219,6 +219,50 @@ BOTAN_REGISTER_TEST("math", "bigint_unit", BigInt_Unit_Tests); +class BigInt_Cmp_Test final : public Text_Based_Test + { + public: + BigInt_Cmp_Test() : Text_Based_Test("bn/cmp.vec", "X,Y,R") {} + + Test::Result run_one_test(const std::string& op, const VarMap& vars) override + { + Test::Result result("BigInt Comparison " + op); + + const BigInt x = vars.get_req_bn("X"); + const BigInt y = vars.get_req_bn("Y"); + const bool expected = vars.get_req_bool("R"); + + if(op == "EQ") + { + result.confirm("Values equal", x == y, expected); + } + else if(op == "LT") + { + result.confirm("Values LT", x < y, expected); + + if(expected) + result.confirm("If LT then reverse is GT", y >= x); + else + result.confirm("If not LT then GTE", x >= y); + } + else if(op == "LTE") + { + result.confirm("Values LTE", x <= y, expected); + + if(expected) + result.confirm("If LTE then either LT or EQ", x < y || x == y); + else + result.confirm("If not LTE then GT", x > y); + } + else + throw Test_Error("Unknown BigInt comparison type " + op); + + return result; + } + }; + +BOTAN_REGISTER_TEST("math", "bn_cmp", BigInt_Cmp_Test); + class BigInt_Add_Test final : public Text_Based_Test { public: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-2.17.3/src/tests/test_ffi.cpp new/Botan-2.18.0/src/tests/test_ffi.cpp --- old/Botan-2.17.3/src/tests/test_ffi.cpp 2020-12-21 18:19:42.000000000 +0100 +++ new/Botan-2.18.0/src/tests/test_ffi.cpp 2021-04-15 07:14:48.000000000 +0200 @@ -201,6 +201,7 @@ botan_rng_t system_rng; botan_rng_t rdrand_rng = nullptr; botan_rng_t null_rng; + botan_rng_t custom_rng; TEST_FFI_FAIL("invalid rng type", botan_rng_init, (&rng, "invalid_type")); @@ -247,6 +248,50 @@ TEST_FFI_OK(botan_rng_add_entropy, (rng, not_really_entropy, 32)); } + size_t cb_counter = 0; + + auto custom_get_cb = [](void* context, uint8_t* out, size_t out_len) -> int + { + Botan::set_mem(out, out_len, 0x12); + BOTAN_UNUSED(out, out_len); + (*(static_cast<size_t*>(context)))++; + return 0; + }; + + auto custom_add_entropy_cb = [](void* context, const uint8_t input[], size_t length) -> int + { + BOTAN_UNUSED(input, length); + (*(static_cast<size_t*>(context)))++; + return 0; + }; + + auto custom_destroy_cb = [](void* context) -> void + { + (*(static_cast<size_t*>(context)))++; + }; + + if(TEST_FFI_OK(botan_rng_init_custom, (&custom_rng, "custom rng", &cb_counter, custom_get_cb, custom_add_entropy_cb, custom_destroy_cb))) + { + Botan::clear_mem(outbuf.data(), outbuf.size()); + TEST_FFI_OK(botan_rng_get, (custom_rng, outbuf.data(), outbuf.size())); + result.test_eq("custom_get_cb called", cb_counter, 1); + std::vector<uint8_t> pattern(outbuf.size(), 0x12); + result.test_eq("custom_get_cb returned bytes", pattern, outbuf); + + TEST_FFI_OK(botan_rng_reseed, (custom_rng, 256)); + result.test_eq("custom_add_entropy_cb called", cb_counter, 2); + + TEST_FFI_OK(botan_rng_reseed_from_rng, (custom_rng, system_rng, 256)); + result.test_eq("custom_add_entropy_cb called", cb_counter, 3); + + uint8_t not_really_entropy[32] = { 0 }; + TEST_FFI_OK(botan_rng_add_entropy, (custom_rng, not_really_entropy, 32)); + result.test_eq("custom_add_entropy_cb called", cb_counter, 4); + + TEST_FFI_OK(botan_rng_destroy, (custom_rng)); + result.test_eq("custom_destroy_cb called", cb_counter, 5); + } + TEST_FFI_OK(botan_rng_destroy, (rng)); TEST_FFI_OK(botan_rng_destroy, (null_rng)); TEST_FFI_OK(botan_rng_destroy, (system_rng)); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Botan-2.17.3/src/tests/tests.h new/Botan-2.18.0/src/tests/tests.h --- old/Botan-2.17.3/src/tests/tests.h 2020-12-21 18:19:42.000000000 +0100 +++ new/Botan-2.18.0/src/tests/tests.h 2021-04-15 07:14:48.000000000 +0200 @@ -233,9 +233,9 @@ test_failure(what, buf.data(), buf.size()); } - bool confirm(const std::string& what, bool expr) + bool confirm(const std::string& what, bool expr, bool expected = true) { - return test_eq(what, expr, true); + return test_eq(what, expr, expected); } template<typename T> ++++++ baselibs.conf ++++++ --- /var/tmp/diff_new_pack.fuUwo7/_old 2021-04-21 21:01:12.426372178 +0200 +++ /var/tmp/diff_new_pack.fuUwo7/_new 2021-04-21 21:01:12.426372178 +0200 @@ -1,4 +1,4 @@ -libbotan-2-17 +libbotan-2-18 libbotan-devel requires -libbotan-<targettype> = <version> - requires "libbotan-2-17-<targettype> = <version>" + requires "libbotan-2-18-<targettype> = <version>"