CVS log for epic5/source/crypt.c

Request diff between arbitrary revisions

* Fix happykey().  Sometimes, I just don't pay enough attention.
* Don't trim 1 too many chars on incoming encrypted messages. Important!
* Fix buffer sizes being too small to hold buffer for enc/dec short strings.
* Add $xform() handlers for blowfish and cast5
* Whip the $xform() callback functions into usable shape.
* Fix base64 encoding both via $xform() and $b64encode().
* Rewrite $xform(), see UPDATES.  Strong crypto now supported! YAY!

* Add arg to panic() controlling whether panic is sent via QUIT (rb black)

* Fix cross-matching of ctcp-over-dcc with queries. YAY! (nullie)
* Fix crash when you received ssl-encrypted msgs and you don't have ssl.

Fix some bugs with /window query that kreca found.

Don't call happykey() on a plain text password.

Fix external crypto script support.

<nullie> it's the last time, i promise! :-)

Yet more bugs! argh!

Fix panic, make sha keys happy looking.

Argh. don't ask.

Fix bug with removing a crypto with a server desc
Add /encrypt -clear for debugging purposes.

* Fix bugs with /crypt
*** I think this is the last commit of the strong crypto project ***
Kev will particularly celebrate the end of the commit storm.
Thanks for everybody's patience.  Enjoy!

* Bust do_crypt back into its callers [de]crypt_msg().
* Make lookups between /encrypt flag<->cipher flag<->ctcp table-driven.

* Add SEDSHA cipher type, which is better than SED, and always available.
* Add my_sleep|isreadable|iswritable() funcs to phase out rogue selects()h
* Add support for multiple concurrent servers to /encrypt. yay!
* Store the length of the Crypt key within the key itself.
* This moves us closer to being able to decrypt arbitrary data.
* Test all of the cipher types, incl. compat of CAST with ircII.  All set!

___ WARNING ___ This stuff is all wildly un(der)tested.
I will get to that soon!  But I'm too excited about this to sit on it.

* Add AESSHA256 support (AES256 using the SHA256 digest of your passkey)
* Rename "EXTCRYPT" to "PROGCRYPT"
* Migrate SED support from crypt.c to crypto.c
* Integrate SED and extprog support into the mainline [de]cipher_message()
* Refactor [de]cipher_message() to be less lame.
* Support "anycrypt" support (AESSHA, AES, BLOWFISH, CAST5, SED, PROG)
* Include sha256 implementation from Karll.  Thanks Karll!
* Unify the ctcp handling of all crypto ctcps
* Add $sha256() function to test sha support (digest)
* Make funcs in crypto.c static and just expose [de]crypt_msg().
* This finishes the divide between crypt.c (front end) and crypto.c (back end)
* Fix a gazillion compiler warnings and sort out const/unsigned char issues.

AES support!

* Support cast5/blowfish encryption a la ircII.
* Fix build for non-ssl users.

* Add /set mail_type (MBOX or MAILDIR) to control what we check for mail.
* Make rebuild-scrollback a toggle flag instead of an operation.
* Teach update_all_windows() how to rebuild scrollback
* Write some preliminary code for the unified lastlog

* Numerous updates/changes/fixes to DCC, functions, scripts, /EXEC, the
  new math parser, as per UPDATES and KNOWNBUGS.

One potential incompatibility is in the change to $open(). (as per UPDATES)

Commit 551 -- second to last commit for this project -- the big one!
* Roll in the new universal_next_arg_count() and attendant macros.
* Comment out some deprecated function decls in ircaux.h
* Do another round of make depends.
* Modify alias arglist code to use the new universal_next_arg_count() stuff
* Convert dequote() to dequoter().
* Convert new_new_next_arg() into new_new_next_arg_count().
* Comment out deprecated functions in ircaux.c -- will be deleted later.

Overhaul of malloced string handling functions:
* Convert m_[s]c3cat[_s]() to malloc_strcat_wordlist_c()
* Nix m_e3cat(), m_s3cat(), m_s3cat_s(), m_3cat()
* Nix m_ec3cat(), m_sc3cat(), m_sc3cat_s(), m_c3cat().
* Convert m_dupchar() to malloc_dupchar().
* Convert m_strndup() to malloc_strndup().
* Make malloc_strcpy/malloc_strcat/malloc_strcat2/malloc_strcat_wordlist macros
* Convert m_2dup() to malloc_strdup2().
* Convert m_3cat() to malloc_strcat2[_c]().
* Convert m_3dup() to malloc_strdup3().
* Convert m_ec3cat() to malloc_strcat2_c()
* Use strlcat_c() in $repeat() instead of strlcpy(). whee!
* Sanity check first arg to $regcomp(), to avoid crashes.
* Don't pass NULL to bsearch(), even if 'nmem' is 0 [$remws()]
* Nix the original malloc_strcpy (supplanted by malloc_strcpy_c)
* Comment out all the deprecated functions

Convert m_strdup() to malloc_strdup().

* Misc bugfixes as per KNOWNBUGS.
* This patch involves renaming crypt.h to sedcrypt.h.

* Rename 'dcc()' to 'dcc_cmd()' so we can use dcc as variable
* Garbage collect unused 'irc_path' global variable.
* Add --with-warns to configure to do FreeBSD "WARNS" like compiler checks
* Many hundreds of changes to improve the "quality of code" in epic, including:
* - Treat all literal strings as (const char *) and fix const correctness.
* - Mopping up all remaining const-correctness issues
* - Do not "launder" a (const char *) to a (char *) in string searches, (ala
    strchr) but rather return a ssize_t offset value.
* - Particular, MatchingBracket() returns (ssize_t) and not (char *).
* - Eliminate all "shadow" variable names by changing them to something else.
* - Eliminate most function decls that do not include a prototype list.
* - Add prototypes for all extern functions that are missing them.
* - Ensure most function pointers include a prototype list.
* - In term.c, most of those (char *)'s are really (const char *)'s.
* - Explicitly specify 'static' functions as 'static'
* - Ensure every function is either 'static' or has a prototype.
* - Eliminate (unsigned) < (signed) type comparisons.
* Hopefully you should not notice any changes!

Nominally remove all uses of "unsafe" functions: (Commit 506)
* Convert all uses of strcpy() to strlcpy()
* Convert all uses of strcat() to strlcat()
* Convert all uses of strmcpy() to strlcpy()
* Convert all uses of strmcat() to strlcat()
* Convert all uses of sprintf() to snprintf()
* As much as possible, use 'sizeof var' in snprintf/strlcpy/strlcat.
* Qualify the size of some global vars so we can sizeof() them.
* Nuke strmcpy(), strmcat(), strmcat_ue(), strmccat(),
* Change strmopencat() to strlopencat().
* Change strmpcat() to strlpcat().
* Fix switch_hostname so it doesn't return a (const) string.
* Fix TimerTimeout so it doesn't return a (const) Timeval.
* Change things like (ret) to do ret while (0); for when "ret" is "{}".
* Fix initialization for load_level
* Stop passing in static strings into io(), so we can modify them.
* Make messages passed to io() more informative to the user.
* Fix CTCP FINGER handler not to assume (struct pw) strings can be overwritten.
* Use (socklen_t) and not an (int) for socket sizes.
* Don't return a value in a void function...
* Don't use return value of process_dcc_chat_ctcps() for assignment.
* Don't put semicolons after function bodies
* Fix $getopt() to save 'input_size' so we can use it with strl*().
* Convert all uses of stpcpy() to strlcat() and strlopencat().
* Nix checks for stpcpy() in configure -- regen configure.

Another merge.

Yikes.  Merged to become consistent with HEAD.  Sorry for all the commits,
I'll be quiet again soon. :)
-wd

Commit 436
This commit is deceptive because it is huge in scope but can be explained
pretty simply.

* Const correctness improvements.
* Invert the meaning of 'new_check_flooding' to return TRUE if flooding.
* Revamp funny.c, /list, /names, /mode reply handling.
* Remove unused joined_nick, public_nick
* Change got_initial_version_28() arguments singly and not an array
* Change signature of protocol handling to take "command" as an argument
* The above change cascades to a lot of other changes.
* Allow the /msg'ing of @W<refnum> to msg a window's refnum.
* First round of larnification (Protection against unexpected server data)
* This involved substantial rewrites of parse.c, and numbers.c
* Now "fake" stuff goes through /on odd_server_stuff.
* Fix /on invite so it takes 3 arguments, not 2.

* Added functions $asciiq() $chrq() $exec() $timerctl() $tcl() $winline()
  and $floodinfo().
* Altered the two argument version of $read() to ctcp quote the strings it
  returns.
* Added sets FLOOD_RATE_PER and FLOOD_MASKUSER.
* Altered the "accept" mode of the dcc_raw and dcc_connect hooks to refer
  to the local port instead of the remote port.
* Added a "-closein %proc" switch to /exec.
* Altered the arg list mode of /alias to use extractw instead of next_arg.
* Added the documented "words" argument to the above.
* Tuned autoget, mudirc, tabkey.ce and commandqueues.
* Altered /pretend to not chop the string.
* Set about rewriting the flood detection and then decided that it's better
  off being a script.
* Moved the function macros to their own file (functions.h) and replaced
  all the copies that are strewn throughout the source with an #include.
  The exception is array.c which broke when I tried it.
* Moved the ctcp enquoting/dequoting functions to ircaux.c.
* Added some command/function ordering checks to funcs/regress, and a check
  for all the functions that are undocumented.
* Rewrote function chanmodetype() so that it doesn't have all those flakey
  buffering things.  Hopefully it's readable now.  The significant change
  is that if a mode character appears twice in CHANMODES, the first one is
  returned instead of the last.
* Added EPIC::call() in the perl routines and an equivalent under tcl.
  this is designed to call a $function() directly, but it isn't really that
  fast, so I might rip them out again.
* The /wait internals used to store a few other settings, which were taken
  out, so I put them back.
* Fixed a few problems with normalize_filename() around the place.
* Fixed a bug with /timer in which it would never show the timers after a
  callback.

Update copyright notices and copyright dates.

I'm going to start sweeping the entire source, adding the official
copyright notice to each file (like ircII does already), and making
sure that the /* $EPIC$ */ thingee is at the top of the file.  This is
my first swath of files.

* Fixed two compiler warnings that apparently occur under macos X.
* Altered "/ignore #channel crap" to work for quit messages.  The rationale
  behind this is that "/ignore #channel nick" works, and the code for both
  are very similar.  This may conceivably alter the exact behaviour of
  channel_signoff, but I have made efforts to keep it working as is.

Tuned the wildcard matching for names in /encrypt.

Minor cosmetic changes to /encrypt with program.
* If the program execution fails or otherwise returns an empty message,
  a warning is printed.

commit_id incremented.

* Fixed a buffer overflow in the new /encrypt program mechanism.
* Minor cosmetic update for encrypted messages for which the encryption
  program returns nothing.

This extends /encrypt to add a new argument, which will be treated as a
program with which to filter messages through to be encrypted/decrypted.

The protocol so far is:  One line in text mode, with the key as the first
word.  Followed (starting on the second line and ending at EOF), by the
encrypted message in binary.  Binary messages returned are automatically
quoted and unquoted for transmission over the wire.  Ascii Armoring
if performed by the program will "bypass" the quoting features.

This patch also alters the way floating point numbers are returned.
Before, canon_number was passed over the textual value.  Now, ftoa()
reads the correct way to do it from FLOATING_POINT_MATH.

Initial import into CVS

Initial revision