From: Mark Wooding <mdw@distorted.org.uk>
Date: Sun, 29 Sep 2019 14:39:49 +0000 (+0100)
Subject: server/bulkcrypto.c: Replace dynamic assertions with static ones.
X-Git-Url: https://git.distorted.org.uk/~mdw/tripe/commitdiff_plain/71887b00bdaf045f33da5a528fff4f0a5cdca4ee

server/bulkcrypto.c: Replace dynamic assertions with static ones.

This adds a dependency on mLib 2.4.1.
---

diff --git a/configure.ac b/configure.ac
index e6d1c0d2..47c26585 100644
--- a/configure.ac
+++ b/configure.ac
@@ -86,7 +86,7 @@ case $want_adns,$have_adns in
     ;;
 esac
 
-PKG_CHECK_MODULES([mLib], [mLib >= 2.2.1])
+PKG_CHECK_MODULES([mLib], [mLib >= 2.4.1])
 PKG_CHECK_MODULES([catacomb], [catacomb >= 2.5.0])
 
 AM_CFLAGS="$AM_CFLAGS $mLib_CFLAGS $catacomb_CFLAGS"
diff --git a/debian/control b/debian/control
index f4cbade4..5c6bb82c 100644
--- a/debian/control
+++ b/debian/control
@@ -6,7 +6,7 @@ XS-Python-Version: >= 2.4
 Build-Depends: debhelper (>= 9), pkg-config, curl, rsync,
 	tshark, wireshark-dev (>= 1.12.1),
 	python (>= 2.6.6-3~),
-	mlib-dev (>= 2.2.2),
+	mlib-dev (>= 2.4.1),
 	catacomb-dev (>= 2.5.0), catacomb-bin (>= 2.1.4)
 Build-Depends-Indep: python-cdb, python-gtk2,
 	python-mlib (>= 1.0.2), python-catacomb (>= 1.2.0)
diff --git a/server/bulkcrypto.c b/server/bulkcrypto.c
index 4e98ea12..4c6be323 100644
--- a/server/bulkcrypto.c
+++ b/server/bulkcrypto.c
@@ -1321,7 +1321,8 @@ static int naclbox_chaltag(bulkchal *bc, const void *m, size_t msz,
   poly1305_ctx pm;
   octet b[POLY1305_KEYSZ + POLY1305_MASKSZ];
 
-  assert(SALSA20_NONCESZ <= sizeof(b));
+  STATIC_ASSERT(SALSA20_NONCESZ <= sizeof(b), "Need more space for nonce");
+
   memset(b, 0, SALSA20_NONCESZ - 4); STORE32(b + SALSA20_NONCESZ - 4, seq);
   GC_SETIV(c->c, b); GC_ENCRYPT(c->c, 0, b, sizeof(b));
   poly1305_keyinit(&pk, b, POLY1305_KEYSZ);
@@ -1339,13 +1340,15 @@ static int naclbox_chalvrf(bulkchal *bc, const void *m, size_t msz,
   poly1305_ctx pm;
   octet b[POLY1305_KEYSZ + POLY1305_MASKSZ];
 
-  assert(SALSA20_NONCESZ <= sizeof(b));
+  STATIC_ASSERT(SALSA20_NONCESZ <= sizeof(b), "Need more space for nonce");
+  STATIC_ASSERT(POLY1305_TAGSZ <= sizeof(b), "Need more space for tag");
+
   memset(b, 0, SALSA20_NONCESZ - 4); STORE32(b + SALSA20_NONCESZ - 4, seq);
   GC_SETIV(c->c, b); GC_ENCRYPT(c->c, 0, b, sizeof(b));
   poly1305_keyinit(&pk, b, POLY1305_KEYSZ);
   poly1305_macinit(&pm, &pk, b + POLY1305_KEYSZ);
   if (msz) poly1305_hash(&pm, m, msz);
-  assert(POLY1305_TAGSZ <= sizeof(b)); poly1305_done(&pm, b);
+  poly1305_done(&pm, b);
   return (ct_memeq(t, b, POLY1305_TAGSZ) ? 0 : -1);
 }