mirror of
https://github.com/neovim/neovim.git
synced 2025-09-28 22:18:33 +00:00
Remove cryptography
As discussed in #694, vim encryption uses old, obsolete algorithms that are poorly implemented. Since insecure cryptography is worse than no cryptgraphy, the community voted in favor of removing all crypto. Various alternatives to the old crypto is being discussed in #701. Closes #694.
This commit is contained in:
John Schmidt
committed by
Thiago de Arruda
Thiago de Arruda
parent
32d018b57e
commit
85338fe1d5
@@ -94,7 +94,6 @@
|
||||
#include "nvim/misc1.h"
|
||||
#include "nvim/misc2.h"
|
||||
#include "nvim/memory.h"
|
||||
#include "nvim/crypt.h"
|
||||
#include "nvim/garray.h"
|
||||
#include "nvim/option.h"
|
||||
#include "nvim/os_unix.h"
|
||||
@@ -121,9 +120,6 @@ static void u_freeentries(buf_T *buf, u_header_T *uhp,
|
||||
static void u_freeentry(u_entry_T *, long);
|
||||
static void corruption_error(char *mesg, char_u *file_name);
|
||||
static void u_free_uhp(u_header_T *uhp);
|
||||
static size_t fwrite_crypt(buf_T *buf, char_u *ptr, size_t len,
|
||||
FILE *fp);
|
||||
static char_u *read_string_decrypt(buf_T *buf, FILE *fd, int len);
|
||||
static int serialize_header(FILE *fp, buf_T *buf, char_u *hash);
|
||||
static int serialize_uhp(FILE *fp, buf_T *buf, u_header_T *uhp);
|
||||
static u_header_T *unserialize_uhp(FILE *fp, char_u *file_name);
|
||||
@@ -634,7 +630,6 @@ nomem:
|
||||
# define UF_ENTRY_MAGIC 0xf518 /* magic at start of entry */
|
||||
# define UF_ENTRY_END_MAGIC 0x3581 /* magic after last entry */
|
||||
# define UF_VERSION 2 /* 2-byte undofile version number */
|
||||
# define UF_VERSION_CRYPT 0x8002 /* idem, encrypted */
|
||||
|
||||
/* extra fields for header */
|
||||
# define UF_LAST_SAVE_NR 1
|
||||
@@ -753,44 +748,6 @@ static void u_free_uhp(u_header_T *uhp)
|
||||
free(uhp);
|
||||
}
|
||||
|
||||
/*
|
||||
* Like fwrite() but crypt the bytes when 'key' is set.
|
||||
* Returns 1 if successful.
|
||||
*/
|
||||
static size_t fwrite_crypt(buf_T *buf, char_u *ptr, size_t len, FILE *fp)
|
||||
{
|
||||
char_u *copy;
|
||||
char_u small_buf[100];
|
||||
size_t i;
|
||||
|
||||
if (*buf->b_p_key == NUL)
|
||||
return fwrite(ptr, len, (size_t)1, fp);
|
||||
if (len < 100)
|
||||
copy = small_buf; /* no malloc()/free() for short strings */
|
||||
else {
|
||||
copy = xmalloc(len);
|
||||
}
|
||||
crypt_encode(ptr, len, copy);
|
||||
i = fwrite(copy, len, (size_t)1, fp);
|
||||
if (copy != small_buf)
|
||||
free(copy);
|
||||
return i;
|
||||
}
|
||||
|
||||
/*
|
||||
* Read a string of length "len" from "fd".
|
||||
* When 'key' is set decrypt the bytes.
|
||||
*/
|
||||
static char_u *read_string_decrypt(buf_T *buf, FILE *fd, int len)
|
||||
{
|
||||
char_u *ptr;
|
||||
|
||||
ptr = read_string(fd, len);
|
||||
if (ptr != NULL && *buf->b_p_key != NUL)
|
||||
crypt_decode(ptr, len);
|
||||
return ptr;
|
||||
}
|
||||
|
||||
static int serialize_header(FILE *fp, buf_T *buf, char_u *hash)
|
||||
{
|
||||
int len;
|
||||
@@ -799,25 +756,7 @@ static int serialize_header(FILE *fp, buf_T *buf, char_u *hash)
|
||||
if (fwrite(UF_START_MAGIC, (size_t)UF_START_MAGIC_LEN, (size_t)1, fp) != 1)
|
||||
return FAIL;
|
||||
|
||||
/* If the buffer is encrypted then all text bytes following will be
|
||||
* encrypted. Numbers and other info is not crypted. */
|
||||
if (*buf->b_p_key != NUL) {
|
||||
char_u *header;
|
||||
int header_len;
|
||||
|
||||
put_bytes(fp, (long_u)UF_VERSION_CRYPT, 2);
|
||||
header = prepare_crypt_write(buf, &header_len);
|
||||
if (header == NULL)
|
||||
return FAIL;
|
||||
len = (int)fwrite(header, (size_t)header_len, (size_t)1, fp);
|
||||
free(header);
|
||||
if (len != 1) {
|
||||
crypt_pop_state();
|
||||
return FAIL;
|
||||
}
|
||||
} else
|
||||
put_bytes(fp, (long_u)UF_VERSION, 2);
|
||||
|
||||
put_bytes(fp, (long_u)UF_VERSION, 2);
|
||||
|
||||
/* Write a hash of the buffer text, so that we can verify it is still the
|
||||
* same when reading the buffer text. */
|
||||
@@ -828,7 +767,7 @@ static int serialize_header(FILE *fp, buf_T *buf, char_u *hash)
|
||||
put_bytes(fp, (long_u)buf->b_ml.ml_line_count, 4);
|
||||
len = buf->b_u_line_ptr != NULL ? (int)STRLEN(buf->b_u_line_ptr) : 0;
|
||||
put_bytes(fp, (long_u)len, 4);
|
||||
if (len > 0 && fwrite_crypt(buf, buf->b_u_line_ptr, (size_t)len, fp) != 1)
|
||||
if (len > 0 && fwrite(buf->b_u_line_ptr, len, 1, fp) != 1)
|
||||
return FAIL;
|
||||
put_bytes(fp, (long_u)buf->b_u_line_lnum, 4);
|
||||
put_bytes(fp, (long_u)buf->b_u_line_colnr, 4);
|
||||
@@ -982,7 +921,7 @@ static int serialize_uep(FILE *fp, buf_T *buf, u_entry_T *uep)
|
||||
len = STRLEN(uep->ue_array[i]);
|
||||
if (put_bytes(fp, (long_u)len, 4) == FAIL)
|
||||
return FAIL;
|
||||
if (len > 0 && fwrite_crypt(buf, uep->ue_array[i], len, fp) != 1)
|
||||
if (len > 0 && fwrite(uep->ue_array[i], len, 1, fp) != 1)
|
||||
return FAIL;
|
||||
}
|
||||
return OK;
|
||||
@@ -1015,7 +954,7 @@ static u_entry_T *unserialize_uep(FILE *fp, int *error, char_u *file_name)
|
||||
for (i = 0; i < uep->ue_size; ++i) {
|
||||
line_len = get4c(fp);
|
||||
if (line_len >= 0)
|
||||
line = read_string_decrypt(curbuf, fp, line_len);
|
||||
line = read_string(fp, line_len);
|
||||
else {
|
||||
line = NULL;
|
||||
corruption_error("line length", file_name);
|
||||
@@ -1107,7 +1046,6 @@ void u_write_undo(char_u *name, int forceit, buf_T *buf, char_u *hash)
|
||||
FILE *fp = NULL;
|
||||
int perm;
|
||||
int write_ok = FALSE;
|
||||
int do_crypt = FALSE;
|
||||
|
||||
if (name == NULL) {
|
||||
file_name = u_get_undo_file_name(buf->b_ffname, FALSE);
|
||||
@@ -1245,8 +1183,6 @@ void u_write_undo(char_u *name, int forceit, buf_T *buf, char_u *hash)
|
||||
*/
|
||||
if (serialize_header(fp, buf, hash) == FAIL)
|
||||
goto write_error;
|
||||
if (*buf->b_p_key != NUL)
|
||||
do_crypt = TRUE;
|
||||
|
||||
/*
|
||||
* Iteratively serialize UHPs and their UEPs from the top down.
|
||||
@@ -1305,8 +1241,6 @@ write_error:
|
||||
#endif
|
||||
|
||||
theend:
|
||||
if (do_crypt)
|
||||
crypt_pop_state();
|
||||
if (file_name != name)
|
||||
free(file_name);
|
||||
}
|
||||
@@ -1343,7 +1277,6 @@ void u_read_undo(char_u *name, char_u *hash, char_u *orig_name)
|
||||
#ifdef U_DEBUG
|
||||
int *uhp_table_used;
|
||||
#endif
|
||||
int do_decrypt = FALSE;
|
||||
|
||||
if (name == NULL) {
|
||||
file_name = u_get_undo_file_name(curbuf->b_ffname, TRUE);
|
||||
@@ -1393,18 +1326,7 @@ void u_read_undo(char_u *name, char_u *hash, char_u *orig_name)
|
||||
goto error;
|
||||
}
|
||||
version = get2c(fp);
|
||||
if (version == UF_VERSION_CRYPT) {
|
||||
if (*curbuf->b_p_key == NUL) {
|
||||
EMSG2(_("E832: Non-encrypted file has encrypted undo file: %s"),
|
||||
file_name);
|
||||
goto error;
|
||||
}
|
||||
if (prepare_crypt_read(fp) == FAIL) {
|
||||
EMSG2(_("E826: Undo file decryption failed: %s"), file_name);
|
||||
goto error;
|
||||
}
|
||||
do_decrypt = TRUE;
|
||||
} else if (version != UF_VERSION) {
|
||||
if (version != UF_VERSION) {
|
||||
EMSG2(_("E824: Incompatible undo file: %s"), file_name);
|
||||
goto error;
|
||||
}
|
||||
@@ -1432,7 +1354,7 @@ void u_read_undo(char_u *name, char_u *hash, char_u *orig_name)
|
||||
if (str_len < 0)
|
||||
goto error;
|
||||
if (str_len > 0)
|
||||
line_ptr = read_string_decrypt(curbuf, fp, str_len);
|
||||
line_ptr = read_string(fp, str_len);
|
||||
line_lnum = (linenr_T)get4c(fp);
|
||||
line_colnr = (colnr_T)get4c(fp);
|
||||
if (line_lnum < 0 || line_colnr < 0) {
|
||||
@@ -1602,8 +1524,6 @@ error:
|
||||
}
|
||||
|
||||
theend:
|
||||
if (do_decrypt)
|
||||
crypt_pop_state();
|
||||
if (fp != NULL)
|
||||
fclose(fp);
|
||||
if (file_name != name)
|
||||
|
||||
Reference in New Issue
Block a user