aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.cirrus.yml13
-rw-r--r--.github/workflows/ci.yml4
-rw-r--r--.gitignore1
-rw-r--r--CMakeLists.txt33
-rwxr-xr-xbuild/ci/build.sh28
-rw-r--r--build/ci/cirrus_ci/Dockerfile.fc302
-rw-r--r--build/cmake/FindMbedTLS.cmake13
-rw-r--r--build/cmake/config.h.in3
-rw-r--r--build/version2
-rw-r--r--configure.ac25
-rw-r--r--libarchive/archive.h4
-rw-r--r--libarchive/archive_cryptor.c61
-rw-r--r--libarchive/archive_cryptor_private.h17
-rw-r--r--libarchive/archive_digest.c228
-rw-r--r--libarchive/archive_digest_private.h36
-rw-r--r--libarchive/archive_entry.h2
-rw-r--r--libarchive/archive_hmac.c47
-rw-r--r--libarchive/archive_hmac_private.h5
-rw-r--r--libarchive/archive_write.c35
19 files changed, 529 insertions, 30 deletions
diff --git a/.cirrus.yml b/.cirrus.yml
index 25c256113e62..bcc953582f0b 100644
--- a/.cirrus.yml
+++ b/.cirrus.yml
@@ -29,11 +29,14 @@ FreeBSD_task:
Fedora_30_task:
container:
dockerfile: build/ci/cirrus_ci/Dockerfile.fc30
- matrix:
- env:
- BS: autotools
- env:
- BS: cmake
+ env:
+ matrix:
+ - BS: autotools
+ - BS: cmake
+ matrix:
+ - CRYPTO: mbedtls
+ - CRYPTO: nettle
+ - CRYPTO: openssl
configure_script:
- ./build/ci/build.sh -a autogen
- ./build/ci/build.sh -a configure
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 7d5ba4fa4d80..510cb9c29155 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -39,10 +39,11 @@ jobs:
strategy:
matrix:
bs: [autotools, cmake]
+ crypto: [mbedtls, nettle, openssl]
steps:
- uses: actions/checkout@master
- name: Install dependencies
- run: sudo apt-get install -y build-essential cmake libssl-dev libacl1-dev libbz2-dev liblzma-dev libzip-dev liblz4-dev libzstd-dev lzop
+ run: sudo apt-get install -y build-essential cmake libssl-dev nettle-dev libmbedtls-dev libacl1-dev libbz2-dev liblzma-dev libzip-dev liblz4-dev libzstd-dev lzop
- name: Autogen
run: ./build/ci/build.sh -a autogen
env:
@@ -51,6 +52,7 @@ jobs:
run: ./build/ci/build.sh -a configure
env:
BS: ${{ matrix.bs }}
+ CRYPTO: ${{ matrix.crypto }}
- name: Build
run: ./build/ci/build.sh -a build
env:
diff --git a/.gitignore b/.gitignore
index bdee31478876..9c09bf49a0af 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,6 +4,7 @@
*.la
*.lo
*.cmake
+!build/cmake/*.cmake
.deps/
.libs/
.dirstamp
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 4fd93d048027..51c4c00d3569 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -18,7 +18,7 @@ endif()
# RelWithDebInfo : Release build with Debug Info
# MinSizeRel : Release Min Size build
IF(NOT CMAKE_BUILD_TYPE)
- SET(CMAKE_BUILD_TYPE "Release" CACHE STRING "Build Type" FORCE)
+ SET(CMAKE_BUILD_TYPE "Debug" CACHE STRING "Build Type" FORCE)
ENDIF(NOT CMAKE_BUILD_TYPE)
# Set a value type to properly display CMAKE_BUILD_TYPE on GUI if the
# value type is "UNINITIALIZED".
@@ -193,7 +193,8 @@ ENDIF (MSVC)
# Enable CTest/CDash support
include(CTest)
-OPTION(ENABLE_NETTLE "Enable use of Nettle" ON)
+OPTION(ENABLE_MBEDTLS "Enable use of mbed TLS" OFF)
+OPTION(ENABLE_NETTLE "Enable use of Nettle" OFF)
OPTION(ENABLE_OPENSSL "Enable use of OpenSSL" ON)
OPTION(ENABLE_LIBB2 "Enable the use of the system LIBB2 library if found" ON)
OPTION(ENABLE_LZ4 "Enable the use of the system LZ4 library if found" ON)
@@ -739,6 +740,26 @@ CHECK_C_SOURCE_COMPILES(
SAFE_TO_DEFINE_EXTENSIONS)
#
+# Find mbed TLS
+#
+IF(ENABLE_MBEDTLS)
+ FIND_PACKAGE(MbedTLS)
+ IF(MBEDTLS_FOUND)
+ SET(HAVE_LIBMBEDCRYPTO 1)
+ LIST(APPEND ADDITIONAL_LIBS ${MBEDCRYPTO_LIBRARY})
+ INCLUDE_DIRECTORIES(${MBEDTLS_INCLUDE_DIRS})
+
+ LIST(APPEND CMAKE_REQUIRED_INCLUDES ${MBEDTLS_INCLUDE_DIRS})
+ LA_CHECK_INCLUDE_FILE("mbedtls/aes.h" HAVE_MBEDTLS_AES_H)
+ LA_CHECK_INCLUDE_FILE("mbedtls/md.h" HAVE_MBEDTLS_MD_H)
+ LA_CHECK_INCLUDE_FILE("mbedtls/pkcs5.h" HAVE_MBEDTLS_PKCS5_H)
+
+ ENDIF(MBEDTLS_FOUND)
+ MARK_AS_ADVANCED(CLEAR MBEDTLS_INCLUDE_DIRS)
+ MARK_AS_ADVANCED(CLEAR MBEDCRYPTO_LIBRARY)
+ENDIF(ENABLE_MBEDTLS)
+
+#
# Find Nettle
#
IF(ENABLE_NETTLE)
@@ -800,6 +821,8 @@ MACRO(CHECK_CRYPTO ALGORITHMS IMPLEMENTATION)
STRING(TOUPPER "${ALGORITHM}" algorithm)
IF ("${IMPLEMENTATION}" MATCHES "^OPENSSL$" AND NOT OPENSSL_FOUND)
SET(ARCHIVE_CRYPTO_${ALGORITHM}_${IMPLEMENTATION} FALSE)
+ ELSEIF("${IMPLEMENTATION}" MATCHES "^MBEDTLS$" AND NOT MBEDTLS_FOUND)
+ SET(ARCHIVE_CRYPTO_${ALGORITHM}_${IMPLEMENTATION} FALSE)
ELSEIF("${IMPLEMENTATION}" MATCHES "^NETTLE$" AND NOT NETTLE_FOUND)
SET(ARCHIVE_CRYPTO_${ALGORITHM}_${IMPLEMENTATION} FALSE)
ENDIF("${IMPLEMENTATION}" MATCHES "^OPENSSL$" AND NOT OPENSSL_FOUND)
@@ -815,6 +838,11 @@ MACRO(CHECK_CRYPTO ALGORITHMS IMPLEMENTATION)
"${TRY_CRYPTO_REQUIRED_INCLUDES};${OPENSSL_INCLUDE_DIR}")
SET(TRY_CRYPTO_REQUIRED_LIBS
"-DLINK_LIBRARIES:STRING=${OPENSSL_LIBRARIES}")
+ ELSEIF("${IMPLEMENTATION}" MATCHES "^MBEDTLS$" AND MBEDTLS_FOUND)
+ SET(TRY_CRYPTO_REQUIRED_INCLUDES
+ "${TRY_CRYPTO_REQUIRED_INCLUDES};${MBEDTLS_INCLUDE_DIRS}")
+ SET(TRY_CRYPTO_REQUIRED_LIBS
+ "-DLINK_LIBRARIES:STRING=${MBEDCRYPTO_LIBRARY}")
ELSEIF("${IMPLEMENTATION}" MATCHES "^NETTLE$" AND NETTLE_FOUND)
SET(TRY_CRYPTO_REQUIRED_INCLUDES
"${TRY_CRYPTO_REQUIRED_INCLUDES};${NETTLE_INCLUDE_DIR}")
@@ -1960,6 +1988,7 @@ CHECK_CRYPTO("MD5;RMD160;SHA1;SHA256;SHA384;SHA512" LIBC)
CHECK_CRYPTO("SHA256;SHA384;SHA512" LIBC2)
CHECK_CRYPTO("SHA256;SHA384;SHA512" LIBC3)
CHECK_CRYPTO("MD5;SHA1;SHA256;SHA384;SHA512" LIBSYSTEM)
+CHECK_CRYPTO("MD5;RMD160;SHA1;SHA256;SHA384;SHA512" MBEDTLS)
CHECK_CRYPTO("MD5;RMD160;SHA1;SHA256;SHA384;SHA512" NETTLE)
CHECK_CRYPTO("MD5;RMD160;SHA1;SHA256;SHA384;SHA512" OPENSSL)
diff --git a/build/ci/build.sh b/build/ci/build.sh
index 1e5cd11f7051..97d570b5e016 100755
--- a/build/ci/build.sh
+++ b/build/ci/build.sh
@@ -4,9 +4,11 @@
#
# Variables that can be passed via environment:
# BS= # build system (autotools or cmake)
+# CRYPTO= # cryptography provider (openssl, nettle or mbedtls)
# BUILDDIR= # build directory
# SRCDIR= # source directory
# CONFIGURE_ARGS= # configure arguments
+# CMAKE_ARGS= # cmake arguments
# MAKE_ARGS= # make arguments
# DEBUG= # set -g -fsanitize=address flags
@@ -23,14 +25,14 @@ SRCDIR="${SRCDIR:-`pwd`}"
RET=0
usage () {
- echo "Usage: $0 [-b autotools|cmake] [-a autogen|configure|build|test|install|distcheck ] [ -a ... ] [ -d builddir ] [-s srcdir ]"
+ echo "Usage: $0 [-b autotools|cmake] [-a autogen|configure|build|test|install|distcheck ] [ -a ... ] [ -d builddir ] [-c openssl|nettle|mbedtls] [-s srcdir ]"
}
inputerror () {
echo $1
usage
exit 1
}
-while getopts a:b:d:s: opt; do
+while getopts a:b:c:d:s: opt; do
case ${opt} in
a)
case "${OPTARG}" in
@@ -51,6 +53,14 @@ while getopts a:b:d:s: opt; do
*) inputerror "Invalid build system (-b)" ;;
esac
;;
+ c) CRYPTO="${OPTARG}"
+ case "${CRYPTO}" in
+ mbedtls) ;;
+ openssl) ;;
+ nettle) ;;
+ *) inputerror "Invalid crypto provider (-c)" ;;
+ esac
+ ;;
d)
BUILDDIR="${OPTARG}"
;;
@@ -62,6 +72,16 @@ while getopts a:b:d:s: opt; do
;;
esac
done
+case "${CRYPTO}" in
+ mbedtls)
+ CMAKE_ARGS="${CMAKE_ARGS} -DENABLE_OPENSSL=OFF -DENABLE_MBEDTLS=ON"
+ CONFIGURE_ARGS="${CONFIGURE_ARGS} --without-openssl --with-mbedtls"
+ ;;
+ nettle)
+ CMAKE_ARGS="${CMAKE_ARGS} -DENABLE_OPENSSL=OFF -DENABLE_NETTLE=ON"
+ CONFIGURE_ARGS="${CONFIGURE_ARGS} --without-openssl --with-nettle"
+ ;;
+esac
if [ -z "${MAKE_ARGS}" ]; then
if [ "${BS}" = "autotools" ]; then
MAKE_ARGS="V=1"
@@ -76,7 +96,7 @@ if [ -n "${DEBUG}" ]; then
export CFLAGS="-g -fsanitize=address"
fi
if [ "${BS}" = "cmake" ]; then
- CONFIGURE_ARGS="${CONFIGURE_ARGS} -DCMAKE_C_CFLAGS=-g -fsanitize=address"
+ CMAKE_ARGS="${CMAKE_ARGS} -DCMAKE_C_CFLAGS=-g -fsanitize=address"
fi
fi
if [ -z "${ACTIONS}" ]; then
@@ -104,7 +124,7 @@ for action in ${ACTIONS}; do
configure)
case "${BS}" in
autotools) "${SRCDIR}/configure" ${CONFIGURE_ARGS} ;;
- cmake) ${CMAKE} ${CONFIGURE_ARGS} "${SRCDIR}" ;;
+ cmake) ${CMAKE} ${CMAKE_ARGS} "${SRCDIR}" ;;
esac
RET="$?"
;;
diff --git a/build/ci/cirrus_ci/Dockerfile.fc30 b/build/ci/cirrus_ci/Dockerfile.fc30
index 2085d467b670..72a88bcc12b0 100644
--- a/build/ci/cirrus_ci/Dockerfile.fc30
+++ b/build/ci/cirrus_ci/Dockerfile.fc30
@@ -1,3 +1,3 @@
FROM fedora:30
-RUN dnf -y install make cmake gcc gcc-c++ kernel-devel automake libtool bison sharutils pkgconf libacl-devel libasan librichacl-devel bzip2-devel libzip-devel zlib-devel xz-devel lz4-devel libzstd-devel openssl-devel
+RUN dnf -y install make cmake gcc gcc-c++ kernel-devel automake libtool bison sharutils pkgconf libacl-devel libasan librichacl-devel bzip2-devel libzip-devel zlib-devel xz-devel lz4-devel libzstd-devel openssl-devel nettle-devel mbedtls-devel
diff --git a/build/cmake/FindMbedTLS.cmake b/build/cmake/FindMbedTLS.cmake
new file mode 100644
index 000000000000..a91639589218
--- /dev/null
+++ b/build/cmake/FindMbedTLS.cmake
@@ -0,0 +1,13 @@
+find_path(MBEDTLS_INCLUDE_DIRS mbedtls/ssl.h)
+
+find_library(MBEDTLS_LIBRARY mbedtls)
+find_library(MBEDX509_LIBRARY mbedx509)
+find_library(MBEDCRYPTO_LIBRARY mbedcrypto)
+
+set(MBEDTLS_LIBRARIES "${MBEDTLS_LIBRARY}" "${MBEDX509_LIBRARY}" "${MBEDCRYPTO_LIBRARY}")
+
+include(FindPackageHandleStandardArgs)
+find_package_handle_standard_args(MBEDTLS DEFAULT_MSG
+ MBEDTLS_INCLUDE_DIRS MBEDTLS_LIBRARY MBEDX509_LIBRARY MBEDCRYPTO_LIBRARY)
+
+mark_as_advanced(MBEDTLS_INCLUDE_DIRS MBEDTLS_LIBRARY MBEDX509_LIBRARY MBEDCRYPTO_LIBRARY)
diff --git a/build/cmake/config.h.in b/build/cmake/config.h.in
index f0761c957ecd..3b1f0b95c8fb 100644
--- a/build/cmake/config.h.in
+++ b/build/cmake/config.h.in
@@ -710,6 +710,9 @@ typedef uint64_t uintmax_t;
/* Define to 1 if you have the `lzo2' library (-llzo2). */
#cmakedefine HAVE_LIBLZO2 1
+/* Define to 1 if you have the `mbedcrypto' library (-lmbedcrypto). */
+#cmakedefine HAVE_LIBMBEDCRYPTO 1
+
/* Define to 1 if you have the `nettle' library (-lnettle). */
#cmakedefine HAVE_LIBNETTLE 1
diff --git a/build/version b/build/version
index ef25f738fee7..bd97679ec3cc 100644
--- a/build/version
+++ b/build/version
@@ -1 +1 @@
-3004001
+3004002dev
diff --git a/configure.ac b/configure.ac
index c614993066f4..ce90ee83957f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4,8 +4,8 @@ dnl First, define all of the version numbers up front.
dnl In particular, this allows the version macro to be used in AC_INIT
dnl These first two version numbers are updated automatically on each release.
-m4_define([LIBARCHIVE_VERSION_S],[3.4.1])
-m4_define([LIBARCHIVE_VERSION_N],[3004001])
+m4_define([LIBARCHIVE_VERSION_S],[3.4.2dev])
+m4_define([LIBARCHIVE_VERSION_N],[3004002])
dnl bsdtar and bsdcpio versioning tracks libarchive
m4_define([BSDTAR_VERSION_S],LIBARCHIVE_VERSION_S())
@@ -421,8 +421,10 @@ fi
AC_ARG_WITH([cng],
AS_HELP_STRING([--without-cng], [Don't build support of CNG(Crypto Next Generation)]))
+AC_ARG_WITH([mbedtls],
+ AS_HELP_STRING([--with-mbedtls], [Build with crypto support from mbed TLS]))
AC_ARG_WITH([nettle],
- AS_HELP_STRING([--without-nettle], [Don't build with crypto support from Nettle]))
+ AS_HELP_STRING([--with-nettle], [Build with crypto support from Nettle]))
AC_ARG_WITH([openssl],
AS_HELP_STRING([--without-openssl], [Don't build support for mtree and xar hashes through openssl]))
case "$host_os" in
@@ -1120,7 +1122,22 @@ if test "x$with_cng" != "xno"; then
]])
fi
-if test "x$with_nettle" != "xno"; then
+if test "x$with_mbedtls" = "xyes"; then
+ AC_CHECK_HEADERS([mbedtls/aes.h mbedtls/md.h mbedtls/pkcs5.h])
+ saved_LIBS=$LIBS
+ AC_CHECK_LIB(mbedcrypto,mbedtls_sha1_init)
+ CRYPTO_CHECK(MD5, MBEDTLS, md5)
+ CRYPTO_CHECK(RMD160, MBEDTLS, rmd160)
+ CRYPTO_CHECK(SHA1, MBEDTLS, sha1)
+ CRYPTO_CHECK(SHA256, MBEDTLS, sha256)
+ CRYPTO_CHECK(SHA384, MBEDTLS, sha384)
+ CRYPTO_CHECK(SHA512, MBEDTLS, sha512)
+ if test "x$found_MBEDTLS" != "xyes"; then
+ LIBS=$saved_LIBS
+ fi
+fi
+
+if test "x$with_nettle" = "xyes"; then
AC_CHECK_HEADERS([nettle/md5.h nettle/ripemd160.h nettle/sha.h])
AC_CHECK_HEADERS([nettle/pbkdf2.h nettle/aes.h nettle/hmac.h])
saved_LIBS=$LIBS
diff --git a/libarchive/archive.h b/libarchive/archive.h
index 75d5f8eb966e..fe6dc63c8ea3 100644
--- a/libarchive/archive.h
+++ b/libarchive/archive.h
@@ -36,7 +36,7 @@
* assert that ARCHIVE_VERSION_NUMBER >= 2012108.
*/
/* Note: Compiler will complain if this does not match archive_entry.h! */
-#define ARCHIVE_VERSION_NUMBER 3004001
+#define ARCHIVE_VERSION_NUMBER 3004002
#include <sys/stat.h>
#include <stddef.h> /* for wchar_t */
@@ -155,7 +155,7 @@ __LA_DECL int archive_version_number(void);
/*
* Textual name/version of the library, useful for version displays.
*/
-#define ARCHIVE_VERSION_ONLY_STRING "3.4.1"
+#define ARCHIVE_VERSION_ONLY_STRING "3.4.2dev"
#define ARCHIVE_VERSION_STRING "libarchive " ARCHIVE_VERSION_ONLY_STRING
__LA_DECL const char * archive_version_string(void);
diff --git a/libarchive/archive_cryptor.c b/libarchive/archive_cryptor.c
index 74df5c405b08..769756d0b5ab 100644
--- a/libarchive/archive_cryptor.c
+++ b/libarchive/archive_cryptor.c
@@ -85,6 +85,35 @@ pbkdf2_sha1(const char *pw, size_t pw_len, const uint8_t *salt,
return (BCRYPT_SUCCESS(status)) ? 0: -1;
}
+#elif defined(HAVE_LIBMBEDCRYPTO) && defined(HAVE_MBEDTLS_PKCS5_H)
+
+static int
+pbkdf2_sha1(const char *pw, size_t pw_len, const uint8_t *salt,
+ size_t salt_len, unsigned rounds, uint8_t *derived_key,
+ size_t derived_key_len)
+{
+ mbedtls_md_context_t ctx;
+ const mbedtls_md_info_t *info;
+ int ret;
+
+ mbedtls_md_init(&ctx);
+ info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1);
+ if (info == NULL) {
+ mbedtls_md_free(&ctx);
+ return (-1);
+ }
+ ret = mbedtls_md_setup(&ctx, info, 1);
+ if (ret != 0) {
+ mbedtls_md_free(&ctx);
+ return (-1);
+ }
+ ret = mbedtls_pkcs5_pbkdf2_hmac(&ctx, (const unsigned char *)pw,
+ pw_len, salt, salt_len, rounds, derived_key_len, derived_key);
+
+ mbedtls_md_free(&ctx);
+ return (ret);
+}
+
#elif defined(HAVE_LIBNETTLE) && defined(HAVE_NETTLE_PBKDF2_H)
static int
@@ -269,6 +298,38 @@ aes_ctr_release(archive_crypto_ctx *ctx)
return 0;
}
+#elif defined(HAVE_LIBMBEDCRYPTO) && defined(HAVE_MBEDTLS_AES_H)
+static int
+aes_ctr_init(archive_crypto_ctx *ctx, const uint8_t *key, size_t key_len)
+{
+ mbedtls_aes_init(&ctx->ctx);
+ ctx->key_len = key_len;
+ memcpy(ctx->key, key, key_len);
+ memset(ctx->nonce, 0, sizeof(ctx->nonce));
+ ctx->encr_pos = AES_BLOCK_SIZE;
+ return 0;
+}
+
+static int
+aes_ctr_encrypt_counter(archive_crypto_ctx *ctx)
+{
+ if (mbedtls_aes_setkey_enc(&ctx->ctx, ctx->key,
+ ctx->key_len * 8) != 0)
+ return (-1);
+ if (mbedtls_aes_crypt_ecb(&ctx->ctx, MBEDTLS_AES_ENCRYPT, ctx->nonce,
+ ctx->encr_buf) != 0)
+ return (-1);
+ return 0;
+}
+
+static int
+aes_ctr_release(archive_crypto_ctx *ctx)
+{
+ mbedtls_aes_free(&ctx->ctx);
+ memset(ctx, 0, sizeof(*ctx));
+ return 0;
+}
+
#elif defined(HAVE_LIBNETTLE) && defined(HAVE_NETTLE_AES_H)
static int
diff --git a/libarchive/archive_cryptor_private.h b/libarchive/archive_cryptor_private.h
index b9759220df69..0063f3e00149 100644
--- a/libarchive/archive_cryptor_private.h
+++ b/libarchive/archive_cryptor_private.h
@@ -83,6 +83,23 @@ typedef struct {
unsigned encr_pos;
} archive_crypto_ctx;
+#elif defined(HAVE_LIBMBEDCRYPTO) && defined(HAVE_MBEDTLS_AES_H)
+#include <mbedtls/aes.h>
+#include <mbedtls/md.h>
+#include <mbedtls/pkcs5.h>
+
+#define AES_MAX_KEY_SIZE 32
+#define AES_BLOCK_SIZE 16
+
+typedef struct {
+ mbedtls_aes_context ctx;
+ uint8_t key[AES_MAX_KEY_SIZE];
+ unsigned key_len;
+ uint8_t nonce[AES_BLOCK_SIZE];
+ uint8_t encr_buf[AES_BLOCK_SIZE];
+ unsigned encr_pos;
+} archive_crypto_ctx;
+
#elif defined(HAVE_LIBNETTLE) && defined(HAVE_NETTLE_AES_H)
#if defined(HAVE_NETTLE_PBKDF2_H)
#include <nettle/pbkdf2.h>
diff --git a/libarchive/archive_digest.c b/libarchive/archive_digest.c
index 415392303145..34c58ac94942 100644
--- a/libarchive/archive_digest.c
+++ b/libarchive/archive_digest.c
@@ -178,6 +178,40 @@ __archive_libsystem_md5final(archive_md5_ctx *ctx, void *md)
return (ARCHIVE_OK);
}
+#elif defined(ARCHIVE_CRYPTO_MD5_MBEDTLS)
+
+static int
+__archive_mbedtls_md5init(archive_md5_ctx *ctx)
+{
+ mbedtls_md5_init(ctx);
+ if (mbedtls_md5_starts_ret(ctx) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_md5update(archive_md5_ctx *ctx, const void *indata,
+ size_t insize)
+{
+ if (mbedtls_md5_update_ret(ctx, indata, insize) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_md5final(archive_md5_ctx *ctx, void *md)
+{
+ if (mbedtls_md5_finish_ret(ctx, md) == 0) {
+ mbedtls_md5_free(ctx);
+ return (ARCHIVE_OK);
+ } else {
+ mbedtls_md5_free(ctx);
+ return (ARCHIVE_FATAL);
+ }
+}
+
#elif defined(ARCHIVE_CRYPTO_MD5_NETTLE)
static int
@@ -335,6 +369,40 @@ __archive_libmd_ripemd160final(archive_rmd160_ctx *ctx, void *md)
return (ARCHIVE_OK);
}
+#elif defined(ARCHIVE_CRYPTO_RMD160_MBEDTLS)
+
+static int
+__archive_mbedtls_ripemd160init(archive_rmd160_ctx *ctx)
+{
+ mbedtls_ripemd160_init(ctx);
+ if (mbedtls_ripemd160_starts_ret(ctx) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_ripemd160update(archive_rmd160_ctx *ctx, const void *indata,
+ size_t insize)
+{
+ if (mbedtls_ripemd160_update_ret(ctx, indata, insize) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_ripemd160final(archive_rmd160_ctx *ctx, void *md)
+{
+ if (mbedtls_ripemd160_finish_ret(ctx, md) == 0) {
+ mbedtls_ripemd160_free(ctx);
+ return (ARCHIVE_OK);
+ } else {
+ mbedtls_ripemd160_free(ctx);
+ return (ARCHIVE_FATAL);
+ }
+}
+
#elif defined(ARCHIVE_CRYPTO_RMD160_NETTLE)
static int
@@ -491,6 +559,40 @@ __archive_libsystem_sha1final(archive_sha1_ctx *ctx, void *md)
return (ARCHIVE_OK);
}
+#elif defined(ARCHIVE_CRYPTO_SHA1_MBEDTLS)
+
+static int
+__archive_mbedtls_sha1init(archive_sha1_ctx *ctx)
+{
+ mbedtls_sha1_init(ctx);
+ if (mbedtls_sha1_starts_ret(ctx) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_sha1update(archive_sha1_ctx *ctx, const void *indata,
+ size_t insize)
+{
+ if (mbedtls_sha1_update_ret(ctx, indata, insize) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_sha1final(archive_sha1_ctx *ctx, void *md)
+{
+ if (mbedtls_sha1_finish_ret(ctx, md) == 0) {
+ mbedtls_sha1_free(ctx);
+ return (ARCHIVE_OK);
+ } else {
+ mbedtls_sha1_free(ctx);
+ return (ARCHIVE_FATAL);
+ }
+}
+
#elif defined(ARCHIVE_CRYPTO_SHA1_NETTLE)
static int
@@ -720,6 +822,40 @@ __archive_libsystem_sha256final(archive_sha256_ctx *ctx, void *md)
return (ARCHIVE_OK);
}
+#elif defined(ARCHIVE_CRYPTO_SHA256_MBEDTLS)
+
+static int
+__archive_mbedtls_sha256init(archive_sha256_ctx *ctx)
+{
+ mbedtls_sha256_init(ctx);
+ if (mbedtls_sha256_starts_ret(ctx, 0) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_sha256update(archive_sha256_ctx *ctx, const void *indata,
+ size_t insize)
+{
+ if (mbedtls_sha256_update_ret(ctx, indata, insize) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_sha256final(archive_sha256_ctx *ctx, void *md)
+{
+ if (mbedtls_sha256_finish_ret(ctx, md) == 0) {
+ mbedtls_sha256_free(ctx);
+ return (ARCHIVE_OK);
+ } else {
+ mbedtls_sha256_free(ctx);
+ return (ARCHIVE_FATAL);
+ }
+}
+
#elif defined(ARCHIVE_CRYPTO_SHA256_NETTLE)
static int
@@ -921,6 +1057,40 @@ __archive_libsystem_sha384final(archive_sha384_ctx *ctx, void *md)
return (ARCHIVE_OK);
}
+#elif defined(ARCHIVE_CRYPTO_SHA384_MBEDTLS)
+
+static int
+__archive_mbedtls_sha384init(archive_sha384_ctx *ctx)
+{
+ mbedtls_sha512_init(ctx);
+ if (mbedtls_sha512_starts_ret(ctx, 1) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_sha384update(archive_sha384_ctx *ctx, const void *indata,
+ size_t insize)
+{
+ if (mbedtls_sha512_update_ret(ctx, indata, insize) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_sha384final(archive_sha384_ctx *ctx, void *md)
+{
+ if (mbedtls_sha512_finish_ret(ctx, md) == 0) {
+ mbedtls_sha512_free(ctx);
+ return (ARCHIVE_OK);
+ } else {
+ mbedtls_sha512_free(ctx);
+ return (ARCHIVE_FATAL);
+ }
+}
+
#elif defined(ARCHIVE_CRYPTO_SHA384_NETTLE)
static int
@@ -1146,6 +1316,40 @@ __archive_libsystem_sha512final(archive_sha512_ctx *ctx, void *md)
return (ARCHIVE_OK);
}
+#elif defined(ARCHIVE_CRYPTO_SHA512_MBEDTLS)
+
+static int
+__archive_mbedtls_sha512init(archive_sha512_ctx *ctx)
+{
+ mbedtls_sha512_init(ctx);
+ if (mbedtls_sha512_starts_ret(ctx, 0) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_sha512update(archive_sha512_ctx *ctx, const void *indata,
+ size_t insize)
+{
+ if (mbedtls_sha512_update_ret(ctx, indata, insize) == 0)
+ return (ARCHIVE_OK);
+ else
+ return (ARCHIVE_FATAL);
+}
+
+static int
+__archive_mbedtls_sha512final(archive_sha512_ctx *ctx, void *md)
+{
+ if (mbedtls_sha512_finish_ret(ctx, md) == 0) {
+ mbedtls_sha512_free(ctx);
+ return (ARCHIVE_OK);
+ } else {
+ mbedtls_sha512_free(ctx);
+ return (ARCHIVE_FATAL);
+ }
+}
+
#elif defined(ARCHIVE_CRYPTO_SHA512_NETTLE)
static int
@@ -1276,6 +1480,10 @@ const struct archive_digest __archive_digest =
&__archive_libsystem_md5init,
&__archive_libsystem_md5update,
&__archive_libsystem_md5final,
+#elif defined(ARCHIVE_CRYPTO_MD5_MBEDTLS)
+ &__archive_mbedtls_md5init,
+ &__archive_mbedtls_md5update,
+ &__archive_mbedtls_md5final,
#elif defined(ARCHIVE_CRYPTO_MD5_NETTLE)
&__archive_nettle_md5init,
&__archive_nettle_md5update,
@@ -1303,6 +1511,10 @@ const struct archive_digest __archive_digest =
&__archive_libmd_ripemd160init,
&__archive_libmd_ripemd160update,
&__archive_libmd_ripemd160final,
+#elif defined(ARCHIVE_CRYPTO_RMD160_MBEDTLS)
+ &__archive_mbedtls_ripemd160init,
+ &__archive_mbedtls_ripemd160update,
+ &__archive_mbedtls_ripemd160final,
#elif defined(ARCHIVE_CRYPTO_RMD160_NETTLE)
&__archive_nettle_ripemd160init,
&__archive_nettle_ripemd160update,
@@ -1330,6 +1542,10 @@ const struct archive_digest __archive_digest =
&__archive_libsystem_sha1init,
&__archive_libsystem_sha1update,
&__archive_libsystem_sha1final,
+#elif defined(ARCHIVE_CRYPTO_SHA1_MBEDTLS)
+ &__archive_mbedtls_sha1init,
+ &__archive_mbedtls_sha1update,
+ &__archive_mbedtls_sha1final,
#elif defined(ARCHIVE_CRYPTO_SHA1_NETTLE)
&__archive_nettle_sha1init,
&__archive_nettle_sha1update,
@@ -1369,6 +1585,10 @@ const struct archive_digest __archive_digest =
&__archive_libsystem_sha256init,
&__archive_libsystem_sha256update,
&__archive_libsystem_sha256final,
+#elif defined(ARCHIVE_CRYPTO_SHA256_MBEDTLS)
+ &__archive_mbedtls_sha256init,
+ &__archive_mbedtls_sha256update,
+ &__archive_mbedtls_sha256final,
#elif defined(ARCHIVE_CRYPTO_SHA256_NETTLE)
&__archive_nettle_sha256init,
&__archive_nettle_sha256update,
@@ -1404,6 +1624,10 @@ const struct archive_digest __archive_digest =
&__archive_libsystem_sha384init,
&__archive_libsystem_sha384update,
&__archive_libsystem_sha384final,
+#elif defined(ARCHIVE_CRYPTO_SHA384_MBEDTLS)
+ &__archive_mbedtls_sha384init,
+ &__archive_mbedtls_sha384update,
+ &__archive_mbedtls_sha384final,
#elif defined(ARCHIVE_CRYPTO_SHA384_NETTLE)
&__archive_nettle_sha384init,
&__archive_nettle_sha384update,
@@ -1443,6 +1667,10 @@ const struct archive_digest __archive_digest =
&__archive_libsystem_sha512init,
&__archive_libsystem_sha512update,
&__archive_libsystem_sha512final
+#elif defined(ARCHIVE_CRYPTO_SHA512_MBEDTLS)
+ &__archive_mbedtls_sha512init,
+ &__archive_mbedtls_sha512update,
+ &__archive_mbedtls_sha512final
#elif defined(ARCHIVE_CRYPTO_SHA512_NETTLE)
&__archive_nettle_sha512init,
&__archive_nettle_sha512update,
diff --git a/libarchive/archive_digest_private.h b/libarchive/archive_digest_private.h
index b4fd6ca22527..2685b4a017db 100644
--- a/libarchive/archive_digest_private.h
+++ b/libarchive/archive_digest_private.h
@@ -112,6 +112,24 @@
#include <CommonCrypto/CommonDigest.h>
#endif
+/* mbed TLS crypto headers */
+#if defined(ARCHIVE_CRYPTO_MD5_MBEDTLS)
+#include <mbedtls/md5.h>
+#endif
+#if defined(ARCHIVE_CRYPTO_RMD160_MBEDTLS)
+#include <mbedtls/ripemd160.h>
+#endif
+#if defined(ARCHIVE_CRYPTO_SHA1_MBEDTLS)
+#include <mbedtls/sha1.h>
+#endif
+#if defined(ARCHIVE_CRYPTO_SHA256_MBEDTLS)
+#include <mbedtls/sha256.h>
+#endif
+#if defined(ARCHIVE_CRYPTO_SHA384_MBEDTLS) ||\
+ defined(ARCHIVE_CRYPTO_SHA512_MBEDTLS)
+#include <mbedtls/sha512.h>
+#endif
+
/* Nettle crypto headers */
#if defined(ARCHIVE_CRYPTO_MD5_NETTLE)
#include <nettle/md5.h>
@@ -159,6 +177,8 @@ typedef MD5_CTX archive_md5_ctx;
typedef MD5_CTX archive_md5_ctx;
#elif defined(ARCHIVE_CRYPTO_MD5_LIBSYSTEM)
typedef CC_MD5_CTX archive_md5_ctx;
+#elif defined(ARCHIVE_CRYPTO_MD5_MBEDTLS)
+typedef mbedtls_md5_context archive_md5_ctx;
#elif defined(ARCHIVE_CRYPTO_MD5_NETTLE)
typedef struct md5_ctx archive_md5_ctx;
#elif defined(ARCHIVE_CRYPTO_MD5_OPENSSL)
@@ -173,6 +193,8 @@ typedef unsigned char archive_md5_ctx;
typedef RMD160_CTX archive_rmd160_ctx;
#elif defined(ARCHIVE_CRYPTO_RMD160_LIBMD)
typedef RIPEMD160_CTX archive_rmd160_ctx;
+#elif defined(ARCHIVE_CRYPTO_RMD160_MBEDTLS)
+typedef mbedtls_ripemd160_context archive_rmd160_ctx;
#elif defined(ARCHIVE_CRYPTO_RMD160_NETTLE)
typedef struct ripemd160_ctx archive_rmd160_ctx;
#elif defined(ARCHIVE_CRYPTO_RMD160_OPENSSL)
@@ -187,6 +209,8 @@ typedef SHA1_CTX archive_sha1_ctx;
typedef SHA1_CTX archive_sha1_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA1_LIBSYSTEM)
typedef CC_SHA1_CTX archive_sha1_ctx;
+#elif defined(ARCHIVE_CRYPTO_SHA1_MBEDTLS)
+typedef mbedtls_sha1_context archive_sha1_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA1_NETTLE)
typedef struct sha1_ctx archive_sha1_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA1_OPENSSL)
@@ -207,6 +231,8 @@ typedef SHA2_CTX archive_sha256_ctx;
typedef SHA256_CTX archive_sha256_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA256_LIBSYSTEM)
typedef CC_SHA256_CTX archive_sha256_ctx;
+#elif defined(ARCHIVE_CRYPTO_SHA256_MBEDTLS)
+typedef mbedtls_sha256_context archive_sha256_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA256_NETTLE)
typedef struct sha256_ctx archive_sha256_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA256_OPENSSL)
@@ -225,6 +251,8 @@ typedef SHA384_CTX archive_sha384_ctx;
typedef SHA2_CTX archive_sha384_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA384_LIBSYSTEM)
typedef CC_SHA512_CTX archive_sha384_ctx;
+#elif defined(ARCHIVE_CRYPTO_SHA384_MBEDTLS)
+typedef mbedtls_sha512_context archive_sha384_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA384_NETTLE)
typedef struct sha384_ctx archive_sha384_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA384_OPENSSL)
@@ -245,6 +273,8 @@ typedef SHA2_CTX archive_sha512_ctx;
typedef SHA512_CTX archive_sha512_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA512_LIBSYSTEM)
typedef CC_SHA512_CTX archive_sha512_ctx;
+#elif defined(ARCHIVE_CRYPTO_SHA512_MBEDTLS)
+typedef mbedtls_sha512_context archive_sha512_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA512_NETTLE)
typedef struct sha512_ctx archive_sha512_ctx;
#elif defined(ARCHIVE_CRYPTO_SHA512_OPENSSL)
@@ -259,6 +289,7 @@ typedef unsigned char archive_sha512_ctx;
#if defined(ARCHIVE_CRYPTO_MD5_LIBC) ||\
defined(ARCHIVE_CRYPTO_MD5_LIBMD) || \
defined(ARCHIVE_CRYPTO_MD5_LIBSYSTEM) ||\
+ defined(ARCHIVE_CRYPTO_MD5_MBEDTLS) ||\
defined(ARCHIVE_CRYPTO_MD5_NETTLE) ||\
defined(ARCHIVE_CRYPTO_MD5_OPENSSL) ||\
defined(ARCHIVE_CRYPTO_MD5_WIN)
@@ -272,6 +303,7 @@ typedef unsigned char archive_sha512_ctx;
__archive_digest.md5update(ctx, buf, n)
#if defined(ARCHIVE_CRYPTO_RMD160_LIBC) ||\
+ defined(ARCHIVE_CRYPTO_RMD160_MBEDTLS) ||\
defined(ARCHIVE_CRYPTO_RMD160_NETTLE) ||\
defined(ARCHIVE_CRYPTO_RMD160_OPENSSL)
#define ARCHIVE_HAS_RMD160
@@ -286,6 +318,7 @@ typedef unsigned char archive_sha512_ctx;
#if defined(ARCHIVE_CRYPTO_SHA1_LIBC) ||\
defined(ARCHIVE_CRYPTO_SHA1_LIBMD) || \
defined(ARCHIVE_CRYPTO_SHA1_LIBSYSTEM) ||\
+ defined(ARCHIVE_CRYPTO_SHA1_MBEDTLS) ||\
defined(ARCHIVE_CRYPTO_SHA1_NETTLE) ||\
defined(ARCHIVE_CRYPTO_SHA1_OPENSSL) ||\
defined(ARCHIVE_CRYPTO_SHA1_WIN)
@@ -303,6 +336,7 @@ typedef unsigned char archive_sha512_ctx;
defined(ARCHIVE_CRYPTO_SHA256_LIBC3) ||\
defined(ARCHIVE_CRYPTO_SHA256_LIBMD) ||\
defined(ARCHIVE_CRYPTO_SHA256_LIBSYSTEM) ||\
+ defined(ARCHIVE_CRYPTO_SHA256_MBEDTLS) ||\
defined(ARCHIVE_CRYPTO_SHA256_NETTLE) ||\
defined(ARCHIVE_CRYPTO_SHA256_OPENSSL) ||\
defined(ARCHIVE_CRYPTO_SHA256_WIN)
@@ -319,6 +353,7 @@ typedef unsigned char archive_sha512_ctx;
defined(ARCHIVE_CRYPTO_SHA384_LIBC2) ||\
defined(ARCHIVE_CRYPTO_SHA384_LIBC3) ||\
defined(ARCHIVE_CRYPTO_SHA384_LIBSYSTEM) ||\
+ defined(ARCHIVE_CRYPTO_SHA384_MBEDTLS) ||\
defined(ARCHIVE_CRYPTO_SHA384_NETTLE) ||\
defined(ARCHIVE_CRYPTO_SHA384_OPENSSL) ||\
defined(ARCHIVE_CRYPTO_SHA384_WIN)
@@ -336,6 +371,7 @@ typedef unsigned char archive_sha512_ctx;
defined(ARCHIVE_CRYPTO_SHA512_LIBC3) ||\
defined(ARCHIVE_CRYPTO_SHA512_LIBMD) ||\
defined(ARCHIVE_CRYPTO_SHA512_LIBSYSTEM) ||\
+ defined(ARCHIVE_CRYPTO_SHA512_MBEDTLS) ||\
defined(ARCHIVE_CRYPTO_SHA512_NETTLE) ||\
defined(ARCHIVE_CRYPTO_SHA512_OPENSSL) ||\
defined(ARCHIVE_CRYPTO_SHA512_WIN)
diff --git a/libarchive/archive_entry.h b/libarchive/archive_entry.h
index b7b3498a2035..42af20864f7e 100644
--- a/libarchive/archive_entry.h
+++ b/libarchive/archive_entry.h
@@ -30,7 +30,7 @@
#define ARCHIVE_ENTRY_H_INCLUDED
/* Note: Compiler will complain if this does not match archive.h! */
-#define ARCHIVE_VERSION_NUMBER 3004001
+#define ARCHIVE_VERSION_NUMBER 3004002
/*
* Note: archive_entry.h is for use outside of libarchive; the
diff --git a/libarchive/archive_hmac.c b/libarchive/archive_hmac.c
index 7c626df6e1f1..68f2bb55dc04 100644
--- a/libarchive/archive_hmac.c
+++ b/libarchive/archive_hmac.c
@@ -150,6 +150,52 @@ __hmac_sha1_cleanup(archive_hmac_sha1_ctx *ctx)
}
}
+#elif defined(HAVE_LIBMBEDCRYPTO) && defined(HAVE_MBEDTLS_MD_H)
+static int
+__hmac_sha1_init(archive_hmac_sha1_ctx *ctx, const uint8_t *key, size_t key_len)
+{
+ const mbedtls_md_info_t *info;
+ int ret;
+
+ mbedtls_md_init(ctx);
+ info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1);
+ if (info == NULL) {
+ mbedtls_md_free(ctx);
+ return (-1);
+ }
+ ret = mbedtls_md_setup(ctx, info, 1);
+ if (ret != 0) {
+ mbedtls_md_free(ctx);
+ return (-1);
+ }
+ ret = mbedtls_md_hmac_starts(ctx, key, key_len);
+ if (ret != 0) {
+ mbedtls_md_free(ctx);
+ return (-1);
+ }
+ return 0;
+}
+
+static void
+__hmac_sha1_update(archive_hmac_sha1_ctx *ctx, const uint8_t *data,
+ size_t data_len)
+{
+ mbedtls_md_hmac_update(ctx, data, data_len);
+}
+
+static void __hmac_sha1_final(archive_hmac_sha1_ctx *ctx, uint8_t *out, size_t *out_len)
+{
+ (void)out_len; /* UNUSED */
+
+ mbedtls_md_hmac_finish(ctx, out);
+}
+
+static void __hmac_sha1_cleanup(archive_hmac_sha1_ctx *ctx)
+{
+ mbedtls_md_free(ctx);
+ memset(ctx, 0, sizeof(*ctx));
+}
+
#elif defined(HAVE_LIBNETTLE) && defined(HAVE_NETTLE_HMAC_H)
static int
@@ -201,6 +247,7 @@ static void
__hmac_sha1_final(archive_hmac_sha1_ctx *ctx, uint8_t *out, size_t *out_len)
{
unsigned int len = (unsigned int)*out_len;
+
HMAC_Final(*ctx, out, &len);
*out_len = len;
}
diff --git a/libarchive/archive_hmac_private.h b/libarchive/archive_hmac_private.h
index eb45c4ef21bc..b7b365c7ad42 100644
--- a/libarchive/archive_hmac_private.h
+++ b/libarchive/archive_hmac_private.h
@@ -64,6 +64,11 @@ typedef struct {
} archive_hmac_sha1_ctx;
+#elif defined(HAVE_LIBMBEDCRYPTO) && defined(HAVE_MBEDTLS_MD_H)
+#include <mbedtls/md.h>
+
+typedef mbedtls_md_context_t archive_hmac_sha1_ctx;
+
#elif defined(HAVE_LIBNETTLE) && defined(HAVE_NETTLE_HMAC_H)
#include <nettle/hmac.h>
diff --git a/libarchive/archive_write.c b/libarchive/archive_write.c
index e7a973ae41a7..afa26b8ea0ed 100644
--- a/libarchive/archive_write.c
+++ b/libarchive/archive_write.c
@@ -449,6 +449,30 @@ archive_write_client_write(struct archive_write_filter *f,
}
static int
+archive_write_client_free(struct archive_write_filter *f)
+{
+ struct archive_write *a = (struct archive_write *)f->archive;
+ struct archive_none *state = (struct archive_none *)f->data;
+
+ if (state != NULL) {
+ free(state->buffer);
+ free(state);
+ state = NULL;
+ }
+
+ a->client_data = NULL;
+ /* Clear passphrase. */
+ if (a->passphrase != NULL) {
+ memset(a->passphrase, 0, strlen(a->passphrase));
+ free(a->passphrase);
+ a->passphrase = NULL;
+ }
+
+ return (ARCHIVE_OK);
+}
+
+
+static int
archive_write_client_close(struct archive_write_filter *f)
{
struct archive_write *a = (struct archive_write *)f->archive;
@@ -484,17 +508,9 @@ archive_write_client_close(struct archive_write_filter *f)
}
if (a->client_closer)
(*a->client_closer)(&a->archive, a->client_data);
- free(state->buffer);
- free(state);
+
/* Clear the close handler myself not to be called again. */
f->state = ARCHIVE_WRITE_FILTER_STATE_CLOSED;
- a->client_data = NULL;
- /* Clear passphrase. */
- if (a->passphrase != NULL) {
- memset(a->passphrase, 0, strlen(a->passphrase));
- free(a->passphrase);
- a->passphrase = NULL;
- }
return (ret);
}
@@ -523,6 +539,7 @@ archive_write_open(struct archive *_a, void *client_data,
client_filter->open = archive_write_client_open;
client_filter->write = archive_write_client_write;
client_filter->close = archive_write_client_close;
+ client_filter->free = archive_write_client_free;
ret = __archive_write_filters_open(a);
if (ret < ARCHIVE_WARN) {