From mo at g10code.com Sun Jan 9 15:03:22 2005 From: mo at g10code.com (Moritz Schulte) Date: Sun Jan 9 14:59:38 2005 Subject: Libgcrypt 1.2.1 released Message-ID: <20050109140322.GB16385@sarkutty> We are pleased to announce the availability of Libgcrypt 1.2.1. Since this is a bugfix release, it does not include any new features. Complete source packages: ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.2.1.tar.bz2 (756k) ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.2.1.tar.bz2.sig ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.2.1.tar.gz (939k) ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.2.1.tar.gz.sig Patch against version 1.2.0: ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.2.0-1.2.1.diff.gz (256k) Mirrors are listed at http://www.gnupg.org/download/mirrors.html. SHA1 sums are: 29d3939af1bb6866c9244e98d8c0995eea0bcb78 libgcrypt-1.2.1.tar.bz2 8627d483e26e73b4cfabb4807ae8423875c37cda libgcrypt-1.2.1.tar.gz ba16ffacf00a29bf7e331db62b2f934c8b6795d7 libgcrypt-1.2.0-1.2.1.diff.gz Noteworthy changes: * updated for Automake 1.9, * made the code try to lock secure memory pool not only when running as root, * fixed type usage in Serpent, * made the code mix the PID into the entropy pool for better protection after a fork, * fixed memory leak in RSA. * fixed alignment problems in Rijndael, * fixed memory leak in gcry_pk_sign(), * fixed broken pointer access in gcry_ac_open(), * updated the documentation, * fixed several other bugs. Happy hacking. -- Moritz Schulte -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 193 bytes Desc: not available Url : /pipermail/attachments/20050109/0b0d6a0a/attachment.bin From lanz at wsl.ch Tue Jan 11 13:05:15 2005 From: lanz at wsl.ch (lanz@wsl.ch) Date: Tue Jan 11 17:49:04 2005 Subject: Undefined symbols libgcrypt-1.2.0/tests/ac.c (Solaris 2.7) References: <20041210085124.GA13850@flower.theory.informatik.uni-kassel.de> Message-ID: On 10 Dec 2004, stamer@flower.theory.informatik.uni-kassel.de wrote: > > Hello libgrypt-team, > > the following error appears during the build of libgcrypt-1.2.0 on > Solaris (with non-gnu linker). It seems to me, that the listed > symbols are not in libgcrypt.so but they appear in > libgcrypt.a. --disable-ld-version-script does not help. The created > config.log is attached. > > .... (dropped) I can confirm the build error under Sun Sparc Solaris 2.9 (non-gnu linker). I still get a very similar error with the new libgcrypt version 1.2.1 (see below). Best regards, Adrian. Making all in tests make[2]: Entering directory `/scratch/gnu-downloads/libgcrypt/libgcrypt-1.2.1/tests' if gcc -DHAVE_CONFIG_H -I. -I. -I.. -I../src -I/scratch/gcc/include -I/scratch/apps/include -I/scratch/apps/include/ncurses -I/scratch/apps/include/readline -I/usr/include -I/usr/openwin/include -I/scratch/apps/include -g -O2 -Wall -MT prime.o -MD -MP -MF ".deps/prime.Tpo" -c -o prime.o prime.c; \ then mv -f ".deps/prime.Tpo" ".deps/prime.Po"; else rm -f ".deps/prime.Tpo"; exit 1; fi /bin/bash ../libtool --tag=CC --mode=link gcc -I/scratch/apps/include -g -O2 -Wall -L/scratch/gcc/lib -L/scratch/apps/lib -L/usr/lib/secure -L/usr/lib -L/usr/openwin/lib -o prime prime.o ../src/libgcrypt.la -lnsl -lsocket mkdir .libs gcc -I/scratch/apps/include -g -O2 -Wall -o .libs/prime prime.o -L/scratch/gcc/lib -L/scratch/apps/lib -L/usr/lib/secure -L/usr/lib -L/usr/openwin/lib ../src/.libs/libgcrypt.so /scratch/apps/lib/libgpg-error.so /scratch/apps/lib/libintl.so /scratch/apps/lib/libiconv.so -lc -lnsl -lsocket -R/scratch/apps/lib creating prime if gcc -DHAVE_CONFIG_H -I. -I. -I.. -I../src -I/scratch/gcc/include -I/scratch/apps/include -I/scratch/apps/include/ncurses -I/scratch/apps/include/readline -I/usr/include -I/usr/openwin/include -I/scratch/apps/include -g -O2 -Wall -MT register.o -MD -MP -MF ".deps/register.Tpo" -c -o register.o register.c; \ then mv -f ".deps/register.Tpo" ".deps/register.Po"; else rm -f ".deps/register.Tpo"; exit 1; fi /bin/bash ../libtool --tag=CC --mode=link gcc -I/scratch/apps/include -g -O2 -Wall -L/scratch/gcc/lib -L/scratch/apps/lib -L/usr/lib/secure -L/usr/lib -L/usr/openwin/lib -o register register.o ../src/libgcrypt.la -lnsl -lsocket gcc -I/scratch/apps/include -g -O2 -Wall -o .libs/register register.o -L/scratch/gcc/lib -L/scratch/apps/lib -L/usr/lib/secure -L/usr/lib -L/usr/openwin/lib ../src/.libs/libgcrypt.so /scratch/apps/lib/libgpg-error.so /scratch/apps/lib/libintl.so /scratch/apps/lib/libiconv.so -lc -lnsl -lsocket -R/scratch/apps/lib creating register if gcc -DHAVE_CONFIG_H -I. -I. -I.. -I../src -I/scratch/gcc/include -I/scratch/apps/include -I/scratch/apps/include/ncurses -I/scratch/apps/include/readline -I/usr/include -I/usr/openwin/include -I/scratch/apps/include -g -O2 -Wall -MT ac.o -MD -MP -MF ".deps/ac.Tpo" -c -o ac.o ac.c; \ then mv -f ".deps/ac.Tpo" ".deps/ac.Po"; else rm -f ".deps/ac.Tpo"; exit 1; fi /bin/bash ../libtool --tag=CC --mode=link gcc -I/scratch/apps/include -g -O2 -Wall -L/scratch/gcc/lib -L/scratch/apps/lib -L/usr/lib/secure -L/usr/lib -L/usr/openwin/lib -o ac ac.o ../src/libgcrypt.la -lnsl -lsocket gcc -I/scratch/apps/include -g -O2 -Wall -o .libs/ac ac.o -L/scratch/gcc/lib -L/scratch/apps/lib -L/usr/lib/secure -L/usr/lib -L/usr/openwin/lib ../src/.libs/libgcrypt.so /scratch/apps/lib/libgpg-error.so /scratch/apps/lib/libintl.so /scratch/apps/lib/libiconv.so -lc -lnsl -lsocket -R/scratch/apps/lib Undefined first referenced symbol in file gcry_ac_data_verify ac.o gcry_ac_open ac.o gcry_ac_key_init ac.o gcry_ac_data_encrypt ac.o gcry_ac_data_decrypt ac.o gcry_ac_data_destroy ac.o gcry_ac_close ac.o gcry_ac_key_data_get ac.o gcry_ac_key_pair_generate ac.o gcry_ac_key_pair_extract ac.o gcry_ac_data_sign ac.o gcry_ac_data_copy ac.o gcry_ac_data_get_index ac.o ld: fatal: Symbol referencing errors. No output written to .libs/ac collect2: ld returned 1 exit status make[2]: *** [ac] Error 1 make[2]: Leaving directory `/scratch/gnu-downloads/libgcrypt/libgcrypt-1.2.1/tests' From hvogel at suse.de Tue Jan 18 11:50:51 2005 From: hvogel at suse.de (Henne Vogelsang) Date: Tue Jan 18 12:45:00 2005 Subject: libgcrypt 1.2.1 linux ppc64 patch Message-ID: <20050118105050.GD8911@suse.de> Hi, heres a patch for mpi/config.links that corrects the building on linux ppc64. You where using powerpc*-* there which means that on powerpc64 the powerpc rules applied. That led to a building but not working lib on ppc64. Also attached a small fix for the info page. Henne -- Henne Vogelsang, Subsystems -------------- next part -------------- diff -Nur libgcrypt-1.2.1/mpi/config.links libgcrypt-1.2.1.ppc/mpi/config.links --- libgcrypt-1.2.1/mpi/config.links 2004-12-16 17:26:18.000000000 +0100 +++ libgcrypt-1.2.1.ppc/mpi/config.links 2005-01-18 11:24:14.713430963 +0100 @@ -221,7 +221,7 @@ path="m68k/mc68020 m68k" ;; - powerpc*-*-linux*) + powerpc-*-linux*) echo '/* configured for powerpc/ELF */' >>./mpi/asm-syntax.h echo '#define ELF_SYNTAX' >>./mpi/asm-syntax.h cat $srcdir/mpi/powerpc32/syntax.h >>./mpi/asm-syntax.h @@ -265,11 +265,11 @@ path="powerpc32" ;; ppc620-*-* | \ - powerpc64*-*-*) + powerpc64-*-*) mpi_sflags="-Wa,-mppc" path="powerpc64" ;; - powerpc*-*-*) + powerpc-*-*) mpi_sflags="-Wa,-mppc" path="powerpc32" ;; -------------- next part -------------- --- doc/gcrypt.texi +++ doc/gcrypt.texi @@ -14,7 +14,7 @@ @dircategory GNU Libraries @direntry -* libgcrypt: (gcrypt) Cryptographic function library. +* libgcrypt: (gcrypt). Cryptographic function library. @end direntry @include version.texi From linux at paip.net Tue Jan 18 16:03:12 2005 From: linux at paip.net (Ian Goldberg) Date: Tue Jan 18 17:01:58 2005 Subject: infinite loop in win32 randomness gatherer Message-ID: <20050118150312.GW1060@smtp.paip.net> I'm using libgcrypt 1.2.1 under win32 (mingw cross-compile). Under some circumstances, I found that libgcrypt would go into an infinite (well, to the limits of my patience) loop. A whole lot of fprintfs later, I tracked down the problem. slow_gatherer_windows95 walks the heap table and adds everything in it to the randomness pool. What seems to be happening is that the act of adding things to the pool, is changing the table, and you end up with an infinite loop if that change is to add an item _after_ the place you currently are in the scan. Here's a patch that just cuts your losses by adding a maximum of 500 heap entries. It seems to work Much Better Now (tm). ;-) Thanks, - Ian --- rndw32.c.orig 2003-12-11 10:46:12.000000000 -0500 +++ rndw32.c 2005-01-18 09:45:26.000000000 -0500 @@ -238,6 +238,8 @@ /* Walk through the local heap */ { HEAPLIST32 hl32; + DWORD dwHeapsAdded = 0; + const DWORD maxHeapsToAdd = 500; hl32.dwSize = sizeof (HEAPLIST32); if (pHeap32ListFirst (hSnapshot, &hl32)) { if ( debug_me ) @@ -254,12 +256,16 @@ if (pHeap32First (&he32, hl32.th32ProcessID, hl32.th32HeapID)){ do { (*add) ( &he32, sizeof (he32), requester ); + if (++dwHeapsAdded == maxHeapsToAdd) { + goto doneheap; + } } while (pHeap32Next (&he32)); } } while (pHeap32ListNext (hSnapshot, &hl32)); } } +doneheap: /* Walk through all processes */ { PROCESSENTRY32 pe32; From ian at cypherpunks.ca Tue Jan 18 18:12:56 2005 From: ian at cypherpunks.ca (Ian Goldberg) Date: Tue Jan 18 18:15:15 2005 Subject: infinite loop in win32 randomness gatherer In-Reply-To: <874qhesnbk.fsf@wheatstone.g10code.de> References: <20050118150312.GW1060@smtp.paip.net> <874qhesnbk.fsf@wheatstone.g10code.de> Message-ID: <20050118171256.GD1060@smtp.paip.net> On Tue, Jan 18, 2005 at 05:40:15PM +0100, Werner Koch wrote: > On Tue, 18 Jan 2005 10:03:12 -0500, Ian Goldberg said: > > > slow_gatherer_windows95 walks the heap table and adds everything in it > > to the randomness pool. What seems to be happening is that the act of > > Hmmm, I switched over to W2000 so I have not tested it for a long time. This is actually an XP box. slow_gatherer_windows95 is called whenever has_toolhelp = (platform == VER_PLATFORM_WIN32_WINDOWS || (is_windowsNT && osvi.dwMajorVersion >= 5)); is true. - Ian From wk at gnupg.org Tue Jan 18 17:40:15 2005 From: wk at gnupg.org (Werner Koch) Date: Tue Jan 18 18:41:37 2005 Subject: infinite loop in win32 randomness gatherer In-Reply-To: <20050118150312.GW1060@smtp.paip.net> (Ian Goldberg's message of "Tue, 18 Jan 2005 10:03:12 -0500") References: <20050118150312.GW1060@smtp.paip.net> Message-ID: <874qhesnbk.fsf@wheatstone.g10code.de> On Tue, 18 Jan 2005 10:03:12 -0500, Ian Goldberg said: > slow_gatherer_windows95 walks the heap table and adds everything in it > to the randomness pool. What seems to be happening is that the act of Hmmm, I switched over to W2000 so I have not tested it for a long time. > adding things to the pool, is changing the table, and you end up with an > infinite loop if that change is to add an item _after_ the place you > currently are in the scan. I need to check Peter Gutmann's latest revision of cryptlib - the code is basically his and I shoudl really update it. > Here's a patch that just cuts your losses by adding a maximum of 500 > heap entries. It seems to work Much Better Now (tm). ;-) Thanks, Werner From gcrypt-devel at mlists.thewrittenword.com Fri Jan 21 07:56:25 2005 From: gcrypt-devel at mlists.thewrittenword.com (Albert Chin) Date: Fri Jan 21 08:48:06 2005 Subject: libgpg-error-1.0 pkgconfig file Message-ID: <20050121065624.GB29987@mail1.thewrittenword.com> pkgconfig file for libgpg-error-1.0. -- albert chin (china@thewrittenword.com) -- snip snip --- /dev/null Sun Mar 24 15:28:28 2002 +++ libgpg-error.pc.in Thu Jan 20 21:23:54 2005 @@ -0,0 +1,10 @@ +prefix=@prefix@ +exec_prefix=@exec_prefix@ +libdir=@libdir@ +includedir=@includedir@ + +Name: libgpg-error +Description: Library of common error values for all GnuPG components +Version: @VERSION@ +Libs: -L${libdir} -lgpg-error +Cflags: -I${includedir} --- configure.ac.orig Fri Dec 24 20:16:34 2004 +++ configure.ac Fri Jan 21 00:53:53 2005 @@ -86,6 +86,7 @@ # Checks for library functions. AC_CONFIG_FILES([Makefile]) +AC_CONFIG_FILES([libgpg-error.pc]) AC_CONFIG_FILES([po/Makefile.in m4/Makefile]) AC_CONFIG_FILES([src/Makefile tests/Makefile]) AC_OUTPUT --- Makefile.am.orig Thu Jan 20 21:24:18 2005 +++ Makefile.am Thu Jan 20 21:24:30 2005 @@ -23,6 +23,9 @@ EXTRA_DIST = autogen.sh config.rpath libgpg-error.spec.in +pkgconfigdir = $(libdir)/pkgconfig +pkgconfig_DATA = libgpg-error.pc + dist-hook: sed -e 's/@pkg_version@/$(VERSION)/g' \ $(top_srcdir)/libgpg-error.spec.in > $(distdir)/libgpg-error.spec From gcrypt-devel at mlists.thewrittenword.com Sat Jan 22 00:14:50 2005 From: gcrypt-devel at mlists.thewrittenword.com (Albert Chin) Date: Sat Jan 22 00:10:58 2005 Subject: socklen_t usage in gcrypt.h Message-ID: <20050121231449.GB75725@mail1.thewrittenword.com> gcrypt assumes socklen_t exists on the system. This is not the case for Solaris 2.6, HP-UX 10.20, and Tru64 UNIX 4.0D. Should I modify gcrypt.h accordingly or should callers be expected to provide a socklen_t equivalent? -- albert chin (china@thewrittenword.com) From jas at extundo.com Sat Jan 22 00:29:52 2005 From: jas at extundo.com (Simon Josefsson) Date: Sat Jan 22 16:51:47 2005 Subject: socklen_t usage in gcrypt.h In-Reply-To: <20050121231449.GB75725@mail1.thewrittenword.com> (Albert Chin's message of "Fri, 21 Jan 2005 17:14:50 -0600") References: <20050121231449.GB75725@mail1.thewrittenword.com> Message-ID: Albert Chin writes: > gcrypt assumes socklen_t exists on the system. This is not the case > for Solaris 2.6, HP-UX 10.20, and Tru64 UNIX 4.0D. Should I modify > gcrypt.h accordingly or should callers be expected to provide a > socklen_t equivalent? IMHO, since socklen_t is POSIX, callers should provide an equivalent. I do that successfully in several projects using this snippet (I sometime use 'int' instead of 'size_t'): AC_CHECK_TYPE([socklen_t],, [AC_DEFINE([socklen_t], [size_t], [Define to `size_t' if `socklen_t' is missing.])], [ #ifdef HAVE_SYS_TYPES_H #include #endif #ifdef HAVE_SYS_SOCKET_H #include #endif #ifdef HAVE_NETDB_H #include #endif ]) Hope this helps, Simon From gcrypt-devel at mlists.thewrittenword.com Sat Jan 22 21:02:07 2005 From: gcrypt-devel at mlists.thewrittenword.com (Albert Chin) Date: Sat Jan 22 21:48:24 2005 Subject: libgcrypt pkgconfig file Message-ID: <20050122200207.GD91810@mail1.thewrittenword.com> Depends on the libgpg-error file I posted earlier. -- albert chin (china@thewrittenword.com) -- snip snip --- /dev/null Sun Mar 24 15:28:28 2002 +++ src/libgcrypt.pc.in Thu Jan 20 21:41:30 2005 @@ -0,0 +1,11 @@ +prefix=@prefix@ +exec_prefix=@exec_prefix@ +libdir=@libdir@ +includedir=@includedir@ + +Name: libgcrypt +Description: General purpose crypto library +Version: @VERSION@ +Requires: libgpg-error +Libs: -L${libdir} -lgcrypt +Cflags: -I${includedir} --- configure.ac.orig Thu Jan 20 21:21:02 2005 +++ configure.ac Sat Jan 22 14:00:26 2005 @@ -783,6 +783,7 @@ doc/Makefile src/Makefile src/libgcrypt-config +src/libgcrypt.pc tests/Makefile w32-dll/Makefile ]) --- src/Makefile.am.orig Thu Jan 20 21:44:24 2005 +++ src/Makefile.am Sat Jan 22 14:00:54 2005 @@ -22,6 +22,8 @@ bin_SCRIPTS = libgcrypt-config m4datadir = $(datadir)/aclocal m4data_DATA = libgcrypt.m4 +pkgconfigdir = $(libdir)/pkgconfig +pkgconfig_DATA = libgcrypt.pc include_HEADERS = gcrypt.h gcrypt-module.h lib_LTLIBRARIES = libgcrypt.la From gcrypt-devel at mlists.thewrittenword.com Sat Jan 22 21:09:27 2005 From: gcrypt-devel at mlists.thewrittenword.com (Albert Chin) Date: Sat Jan 22 22:06:49 2005 Subject: Missing include in some tests Message-ID: <20050122200927.GF91810@mail1.thewrittenword.com> Missing #include from some tests. -- albert chin (china@thewrittenword.com) -- snip snip --- tests/prime.c.orig 2005-01-20 23:29:55.000000000 -0600 +++ tests/prime.c 2005-01-20 23:30:09.000000000 -0600 @@ -16,6 +16,9 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. */ +#ifdef HAVE_CONFIG_H +#include +#endif #include #include #include --- tests/register.c.orig 2005-01-20 23:34:30.000000000 -0600 +++ tests/register.c 2005-01-20 23:34:41.000000000 -0600 @@ -18,6 +18,9 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ +#ifdef HAVE_CONFIG_H +#include +#endif #include #include #include --- tests/ac.c.orig 2005-01-20 23:37:26.000000000 -0600 +++ tests/ac.c 2005-01-20 23:37:37.000000000 -0600 @@ -18,6 +18,9 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ +#ifdef HAVE_CONFIG_H +#include +#endif #include #include #include --- tests/basic.c.orig 2005-01-20 23:42:39.000000000 -0600 +++ tests/basic.c 2005-01-20 23:42:50.000000000 -0600 @@ -18,6 +18,9 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ +#ifdef HAVE_CONFIG_H +#include +#endif #include #include #include --- tests/tsexp.c.orig 2005-01-20 23:45:41.000000000 -0600 +++ tests/tsexp.c 2005-01-20 23:45:57.000000000 -0600 @@ -18,6 +18,9 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ +#ifdef HAVE_CONFIG_H +#include +#endif #include #include #include --- tests/keygen.c.orig 2005-01-20 23:46:35.000000000 -0600 +++ tests/keygen.c 2005-01-20 23:46:48.000000000 -0600 @@ -18,6 +18,9 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ +#ifdef HAVE_CONFIG_H +#include +#endif #include #include #include --- tests/pubkey.c.orig 2005-01-20 23:47:20.000000000 -0600 +++ tests/pubkey.c 2005-01-20 23:47:30.000000000 -0600 @@ -18,6 +18,9 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ +#ifdef HAVE_CONFIG_H +#include +#endif #include #include #include From gcrypt-devel at mlists.thewrittenword.com Sat Jan 22 21:16:27 2005 From: gcrypt-devel at mlists.thewrittenword.com (Albert Chin) Date: Sat Jan 22 22:09:33 2005 Subject: libgcrypt configure fixes Message-ID: <20050122201627.GG91810@mail1.thewrittenword.com> 1. Don't use $(CMD) as it's not portable. Use `CMD` instead. 2. Simpler -lnsl/-lsocket test. 3. Test to replace socklen_t on systems without it (TYPE_SOCKLEN_T). This test comes from curl but we wrote it so we own the Copyright. 4. No default for random_modules if --enable-random specified. Patch tested on Solaris 2.5.1-9/SPARC, HP-UX 10.20-11i, AIX 4.3.3-5.2, IRIX 6.5, Tru64 UNIX 4.0D, 5.1, Redhat Linux 7.1, 9, RHEL 2.0, 3.0/x86, 3.0/amd64. -- albert chin (china@thewrittenword.com) --snip snip --- configure.ac.orig Thu Jan 20 21:21:02 2005 +++ configure.ac Sat Jan 22 14:10:48 2005 @@ -250,7 +226,7 @@ AC_ARG_ENABLE(ciphers, AC_HELP_STRING([--enable-ciphers=ciphers], [select the symmetric ciphers to include]), - [enabled_ciphers=$(echo $enableval | tr , ' ' | tr '[A-Z]' '[a-z]')], + [enabled_ciphers=`echo $enableval | tr , ' ' | tr '[A-Z]' '[a-z]'`], [enabled_ciphers=""]) if test "x$enabled_ciphers" = "x" \ -o "$enabled_ciphers" = "yes" \ @@ -270,7 +246,7 @@ AC_ARG_ENABLE(pubkey-ciphers, AC_HELP_STRING([--enable-pubkey-ciphers=ciphers], [select the public-key ciphers to include]), - [enabled_pubkey_ciphers=$(echo $enableval | tr , ' ' | tr '[A-Z]' '[a-z]')], + [enabled_pubkey_ciphers=`echo $enableval | tr , ' ' | tr '[A-Z]' '[a-z]'`], [enabled_pubkey_ciphers=""]) if test "x$enabled_pubkey_ciphers" = "x" \ -o "$enabled_pubkey_ciphers" = "yes" \ @@ -290,7 +266,7 @@ AC_ARG_ENABLE(digests, AC_HELP_STRING([--enable-digests=digests], [select the message digests to include]), - [enabled_digests=$(echo $enableval | tr , ' ' | tr '[A-Z]' '[a-z]')], + [enabled_digests=`echo $enableval | tr , ' ' | tr '[A-Z]' '[a-z]'`], [enabled_digests=""]) if test "x$enabled_digests" = "x" \ -o "$enabled_digests" = "yes" \ @@ -310,7 +286,7 @@ AC_ARG_ENABLE(random, AC_HELP_STRING([--enable-random=name], [select which random number generator to use]), - [random=$(echo $enableval | tr '[A-Z]' '[a-z]')], + [random=`echo $enableval | tr '[A-Z]' '[a-z]'`], []) if test "x$random" = "x" -o "$random" = "yes" -o "$random" = "no"; then random=default @@ -428,18 +407,9 @@ # Solaris needs -lsocket and -lnsl. Unisys system includes # gethostbyname in libsocket but needs libnsl for socket. -AC_CHECK_LIB(nsl, gethostbyname) -AC_CHECK_LIB(socket, socket, ac_need_libsocket=1, ac_try_nsl=1) -if test x$ac_need_libsocket = x1; then - LIBS="$LIBS -lsocket" -fi -if test x$ac_try_nsl = x1; then - AC_CHECK_LIB(nsl, gethostbyname, ac_need_libnsl=1) - if test x$ac_need_libnsl = x1 - then - LIBS="$LIBS -lnsl" - fi -fi +AC_SEARCH_LIBS(setsockopt, [socket], , + [AC_SEARCH_LIBS(setsockopt, [socket], , , [-lnsl])]) +AC_SEARCH_LIBS(setsockopt, [nsl]) ################################## #### Checks for header files. #### @@ -474,6 +444,8 @@ #include ]) +TYPE_SOCKLEN_T + ####################################### #### Checks for library functions. #### ####################################### @@ -554,6 +526,8 @@ if test "$random" = "auto"; then # Build everything, allow to select at runtime. random_modules="$auto_random_modules" + else + random_modules="$random" fi fi --- acinclude.m4.orig 2005-01-20 23:22:38.000000000 -0600 +++ acinclude.m4 2005-01-21 10:57:15.000000000 -0600 @@ -727,3 +728,43 @@ fi ]) +dnl Check for socklen_t: historically on BSD it is an int, and in +dnl POSIX 1g it is a type of its own, but some platforms use different +dnl types for the argument to getsockopt, getpeername, etc. So we +dnl have to test to find something that will work. +AC_DEFUN([TYPE_SOCKLEN_T], +[ + AC_CHECK_TYPE([socklen_t], ,[ + AC_MSG_CHECKING([for socklen_t equivalent]) + AC_CACHE_VAL([socklen_t_equiv], + [ + # Systems have either "struct sockaddr *" or + # "void *" as the second argument to getpeername + socklen_t_equiv= + for arg2 in "struct sockaddr" void; do + for t in int size_t unsigned long "unsigned long"; do + AC_TRY_COMPILE([ + #include + #include + + int getpeername (int, $arg2 *, $t *); + ],[ + $t len; + getpeername(0,0,&len); + ],[ + socklen_t_equiv="$t" + break + ]) + done + done + + if test "x$socklen_t_equiv" = x; then + AC_MSG_ERROR([Cannot find a type to use in place of socklen_t]) + fi + ]) + AC_MSG_RESULT($socklen_t_equiv) + AC_DEFINE_UNQUOTED(socklen_t, $socklen_t_equiv, + [type to use in place of socklen_t if not defined])], + [#include +#include ]) +]) From gcrypt-devel at mlists.thewrittenword.com Sat Jan 22 21:08:06 2005 From: gcrypt-devel at mlists.thewrittenword.com (Albert Chin) Date: Sat Jan 22 23:02:15 2005 Subject: mpi fixes for non-gcc compilers Message-ID: <20050122200806.GE91810@mail1.thewrittenword.com> 1. [mpi/hppa1.1/mpih-mul3.S, mpi/hppa1.1/udiv-qrnnd.S, mpi/hppa1.1/mpih-mul2.S, mpi/hppa1.1/mpih-mul1.S] Add ".level 1.1" to disable warning about using PA-RISC1.1 opcodes. 2. [mpi/Makefile.am] Don't assume the compiler will pre-process the .S files. Some compilers, like those from HP and IBM, don't do this. So, we use the same solution gnupg-1.4.0 does. Preprocess first and then compile. -- albert chin (china@thewrittenword.com) -- snip snip --- mpi/hppa1.1/mpih-mul3.S.orig 2005-01-20 23:13:30.000000000 -0600 +++ mpi/hppa1.1/mpih-mul3.S 2005-01-20 23:13:38.000000000 -0600 @@ -51,6 +51,7 @@ * but that requires reworking the hairy software pipeline... */ + .level 1.1 .code .export _gcry_mpih_submul_1 --- mpi/hppa1.1/udiv-qrnnd.S.orig 2005-01-20 23:36:26.000000000 -0600 +++ mpi/hppa1.1/udiv-qrnnd.S 2005-01-20 23:36:39.000000000 -0600 @@ -36,6 +36,8 @@ * d gr23 */ + .level 1.1 + .data .align 8 .label L$0000 --- mpi/hppa1.1/mpih-mul2.S.orig 2005-01-20 23:36:50.000000000 -0600 +++ mpi/hppa1.1/mpih-mul2.S 2005-01-20 23:36:58.000000000 -0600 @@ -45,6 +45,8 @@ * There are some ideas described in mul1.S that applies to this code too. */ + .level 1.1 + .code .export _gcry_mpih_addmul_1 .label _gcry_mpih_addmul_1 --- mpi/hppa1.1/mpih-mul1.S.orig 2005-01-20 23:37:07.000000000 -0600 +++ mpi/hppa1.1/mpih-mul1.S 2005-01-20 23:37:14.000000000 -0600 @@ -55,6 +55,8 @@ * in the cache.) */ + .level 1.1 + .code .export _gcry_mpih_mul_1 .label _gcry_mpih_mul_1 --- mpi/Makefile.am.orig Thu Jan 20 22:20:39 2005 +++ mpi/Makefile.am Sat Jan 22 14:04:05 2005 @@ -181,10 +181,14 @@ SUFFIXES = .S .o .obj .lo .S.o: - $(CCASCOMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$< + $(CPP) $(INCLUDES) $(DEFS) $< | grep -v '^#' > $*.s + $(CCASCOMPILE) -c `test -f '$*.s' || echo '$(srcdir)/'`$*.s + rm $*.s .S.obj: $(CCASCOMPILE) -c `if test -f '$<'; then $(CYGPATH_W) '$<'; else $(CYGPATH_W) '$(srcdir)/$<'; fi` .S.lo: - $(LTCCASCOMPILE) -c -o $@ `test -f '$<' || echo '$(srcdir)/'`$< + $(CPP) $(INCLUDES) $(DEFS) $< | grep -v '^#' > $*.s + $(LTCCASCOMPILE) -c -o $@ `test -f '$*.s' || echo '$(srcdir)/'`$*.s + rm $*.s From james.hume at gmail.com Sun Jan 23 14:51:51 2005 From: james.hume at gmail.com (James Hume) Date: Mon Jan 24 20:58:35 2005 Subject: RSA Key and signature lengths using gcry_pk_genkey/sign Message-ID: <57b7ed00050123055124692442@mail.gmail.com> Hello, Hope i'm posting this to the right mailing list, apologies if not. I am using the gcry_pk_* functions to generate keys and signatures. I have seen that sometimes the key lengths can vary, as can the signature length which either seems to be 128 bytes or 129 bytes (in which case there always seems to be a leading null byte). Should the library be returning varying signature/key sizes? Thanks for any help in advance. -- James