diff --git a/SOURCES/vim-7.4-blowfish2.patch b/SOURCES/vim-7.4-blowfish2.patch new file mode 100644 index 0000000..08dab82 --- /dev/null +++ b/SOURCES/vim-7.4-blowfish2.patch @@ -0,0 +1,4045 @@ +diff -up vim74/runtime/doc/editing.txt.blowfish2 vim74/runtime/doc/editing.txt +--- vim74/runtime/doc/editing.txt.blowfish2 2013-08-10 13:24:53.000000000 +0200 ++++ vim74/runtime/doc/editing.txt 2017-09-05 14:47:34.915912305 +0200 +@@ -1364,8 +1364,13 @@ The text in the swap file and the undo f + + Note: The text in memory is not encrypted. A system administrator may be able + to see your text while you are editing it. When filtering text with +-":!filter" or using ":w !command" the text is not encrypted, this may reveal +-it to others. The 'viminfo' file is not encrypted. ++":!filter" or using ":w !command" the text is also not encrypted, this may ++reveal it to others. The 'viminfo' file is not encrypted. ++ ++You could do this to edit very secret text: > ++ :set noundofile viminfo= ++ :noswapfile edit secrets.txt ++Keep in mind that without a swap file you risk loosing your work in a crash. + + WARNING: If you make a typo when entering the key and then write the file and + exit, the text will be lost! +@@ -1392,18 +1397,24 @@ To disable the encryption, reset the 'ke + :set key= + + You can use the 'cryptmethod' option to select the type of encryption, use one +-of these two: > +- :setlocal cm=zip " weak method, backwards compatible +- :setlocal cm=blowfish " strong method ++of these: > ++ :setlocal cm=zip " weak method, backwards compatible ++ :setlocal cm=blowfish " method with flaws ++ :setlocal cm=blowfish2 " medium strong method ++ + Do this before writing the file. When reading an encrypted file it will be + set automatically to the method used when that file was written. You can + change 'cryptmethod' before writing that file to change the method. + To set the default method, used for new files, use one of these in your + |vimrc| file: > + set cm=zip +- set cm=blowfish ++ set cm=blowfish2 ++Use the first one if you need to be compatible with Vim 7.2 and older. Using ++"blowfish2" is highly recommended if you can use a Vim version that supports ++it. ++ + The message given for reading and writing a file will show "[crypted]" when +-using zip, "[blowfish]" when using blowfish. ++using zip, "[blowfish]" when using blowfish, etc. + + When writing an undo file, the same key and method will be used for the text + in the undo file. |persistent-undo|. +@@ -1438,7 +1449,7 @@ lines to "/etc/magic", "/usr/share/misc/ + 0 string VimCrypt~ Vim encrypted file + >9 string 01 - "zip" cryptmethod + >9 string 02 - "blowfish" cryptmethod +- ++ >9 string 03 - "blowfish2" cryptmethod + + Notes: + - Encryption is not possible when doing conversion with 'charconvert'. +@@ -1462,6 +1473,10 @@ Notes: + - Pkzip uses the same encryption as 'cryptmethod' "zip", and US Govt has no + objection to its export. Pkzip's public file APPNOTE.TXT describes this + algorithm in detail. ++- The implementation of 'cryptmethod' "blowfish" has a flaw. It is possible to ++ crack the first 64 bytes of a file and in some circumstances more of the ++ file. Use of it is not recommended, but it's still the strongest method ++ supported by Vim 7.3 and 7.4. The "zip" method is even weaker. + - Vim originates from the Netherlands. That is where the sources come from. + Thus the encryption code is not exported from the USA. + +diff -up vim74/runtime/doc/options.txt.blowfish2 vim74/runtime/doc/options.txt +--- vim74/runtime/doc/options.txt.blowfish2 2017-09-05 14:47:33.976919884 +0200 ++++ vim74/runtime/doc/options.txt 2017-09-05 14:47:34.925912224 +0200 +@@ -2197,10 +2197,18 @@ A jump table for the options with a shor + zip PkZip compatible method. A weak kind of encryption. + Backwards compatible with Vim 7.2 and older. + *blowfish* +- blowfish Blowfish method. Strong encryption. Requires Vim 7.3 +- or later, files can NOT be read by Vim 7.2 and older. +- This adds a "seed" to the file, every time you write +- the file the encrypted bytes will be different. ++ blowfish Blowfish method. Medium strong encryption but it has ++ an implementation flaw. Requires Vim 7.3 or later, ++ files can NOT be read by Vim 7.2 and older. This adds ++ a "seed" to the file, every time you write the file ++ the encrypted bytes will be different. ++ *blowfish2* ++ blowfish2 Blowfish method. Medium strong encryption. Requires ++ Vim 7.4.399 or later, files can NOT be read by Vim 7.3 ++ and older. This adds a "seed" to the file, every time ++ you write the file the encrypted bytes will be ++ different. The whole undo file is encrypted, not just ++ the pieces of text. + + When reading an encrypted file 'cryptmethod' will be set automatically + to the detected method of the file being read. Thus if you write it +diff -up vim74/src/blowfish.c.blowfish2 vim74/src/blowfish.c +--- vim74/src/blowfish.c.blowfish2 2010-12-17 19:58:18.000000000 +0100 ++++ vim74/src/blowfish.c 2017-09-05 14:47:34.926912216 +0200 +@@ -9,17 +9,25 @@ + * Blowfish encryption for Vim; in Blowfish output feedback mode. + * Contributed by Mohsin Ahmed, http://www.cs.albany.edu/~mosh + * Based on http://www.schneier.com/blowfish.html by Bruce Schneier. ++ * ++ * There are two variants: ++ * - The old one "blowfish" has a flaw which makes it much easier to crack the ++ * key. To see this, make a text file with one line of 1000 "x" characters ++ * and write it encrypted. Use "xxd" to inspect the bytes in the file. You ++ * will see that a block of 8 bytes repeats 8 times. ++ * - The new one "blowfish2" is better. It uses an 8 byte CFB to avoid the ++ * repeats. + */ + + #include "vim.h" + +-#if defined(FEAT_CRYPT) ++#if defined(FEAT_CRYPT) || defined(PROTO) + + #define ARRAY_LENGTH(A) (sizeof(A)/sizeof(A[0])) + + #define BF_BLOCK 8 + #define BF_BLOCK_MASK 7 +-#define BF_OFB_LEN (8*(BF_BLOCK)) ++#define BF_MAX_CFB_LEN (8 * BF_BLOCK) + + typedef union { + UINT32_T ul[2]; +@@ -37,14 +45,26 @@ typedef union { + # endif + #endif + +-static void bf_e_block __ARGS((UINT32_T *p_xl, UINT32_T *p_xr)); +-static void bf_e_cblock __ARGS((char_u *block)); +-static int bf_check_tables __ARGS((UINT32_T a_ipa[18], UINT32_T a_sbi[4][256], UINT32_T val)); ++/* The state of encryption, referenced by cryptstate_T. */ ++typedef struct { ++ UINT32_T pax[18]; /* P-array */ ++ UINT32_T sbx[4][256]; /* S-boxes */ ++ int randbyte_offset; ++ int update_offset; ++ char_u cfb_buffer[BF_MAX_CFB_LEN]; /* up to 64 bytes used */ ++ int cfb_len; /* size of cfb_buffer actually used */ ++} bf_state_T; ++ ++ ++static void bf_e_block __ARGS((bf_state_T *state, UINT32_T *p_xl, UINT32_T *p_xr)); ++static void bf_e_cblock __ARGS((bf_state_T *state, char_u *block)); ++static int bf_check_tables __ARGS((UINT32_T pax[18], UINT32_T sbx[4][256], UINT32_T val)); + static int bf_self_test __ARGS((void)); ++static void bf_key_init __ARGS((bf_state_T *state, char_u *password, char_u *salt, int salt_len)); ++static void bf_cfb_init __ARGS((bf_state_T *state, char_u *seed, int seed_len)); + + /* Blowfish code */ +-static UINT32_T pax[18]; +-static UINT32_T ipa[18] = { ++static UINT32_T pax_init[18] = { + 0x243f6a88u, 0x85a308d3u, 0x13198a2eu, + 0x03707344u, 0xa4093822u, 0x299f31d0u, + 0x082efa98u, 0xec4e6c89u, 0x452821e6u, +@@ -53,8 +73,7 @@ static UINT32_T ipa[18] = { + 0xb5470917u, 0x9216d5d9u, 0x8979fb1bu + }; + +-static UINT32_T sbx[4][256]; +-static UINT32_T sbi[4][256] = { ++static UINT32_T sbx_init[4][256] = { + {0xd1310ba6u, 0x98dfb5acu, 0x2ffd72dbu, 0xd01adfb7u, + 0xb8e1afedu, 0x6a267e96u, 0xba7c9045u, 0xf12c7f99u, + 0x24a19947u, 0xb3916cf7u, 0x0801f2e2u, 0x858efc16u, +@@ -314,33 +333,40 @@ static UINT32_T sbi[4][256] = { + } + }; + +- + #define F1(i) \ +- xl ^= pax[i]; \ +- xr ^= ((sbx[0][xl >> 24] + \ +- sbx[1][(xl & 0xFF0000) >> 16]) ^ \ +- sbx[2][(xl & 0xFF00) >> 8]) + \ +- sbx[3][xl & 0xFF]; ++ xl ^= bfs->pax[i]; \ ++ xr ^= ((bfs->sbx[0][xl >> 24] + \ ++ bfs->sbx[1][(xl & 0xFF0000) >> 16]) ^ \ ++ bfs->sbx[2][(xl & 0xFF00) >> 8]) + \ ++ bfs->sbx[3][xl & 0xFF]; + + #define F2(i) \ +- xr ^= pax[i]; \ +- xl ^= ((sbx[0][xr >> 24] + \ +- sbx[1][(xr & 0xFF0000) >> 16]) ^ \ +- sbx[2][(xr & 0xFF00) >> 8]) + \ +- sbx[3][xr & 0xFF]; +- ++ xr ^= bfs->pax[i]; \ ++ xl ^= ((bfs->sbx[0][xr >> 24] + \ ++ bfs->sbx[1][(xr & 0xFF0000) >> 16]) ^ \ ++ bfs->sbx[2][(xr & 0xFF00) >> 8]) + \ ++ bfs->sbx[3][xr & 0xFF]; + + static void +-bf_e_block(p_xl, p_xr) ++bf_e_block(bfs, p_xl, p_xr) ++ bf_state_T *bfs; + UINT32_T *p_xl; + UINT32_T *p_xr; + { +- UINT32_T temp, xl = *p_xl, xr = *p_xr; +- +- F1(0) F2(1) F1(2) F2(3) F1(4) F2(5) F1(6) F2(7) +- F1(8) F2(9) F1(10) F2(11) F1(12) F2(13) F1(14) F2(15) +- xl ^= pax[16]; +- xr ^= pax[17]; ++ UINT32_T temp; ++ UINT32_T xl = *p_xl; ++ UINT32_T xr = *p_xr; ++ ++ F1(0) F2(1) ++ F1(2) F2(3) ++ F1(4) F2(5) ++ F1(6) F2(7) ++ F1(8) F2(9) ++ F1(10) F2(11) ++ F1(12) F2(13) ++ F1(14) F2(15) ++ xl ^= bfs->pax[16]; ++ xr ^= bfs->pax[17]; + temp = xl; + xl = xr; + xr = temp; +@@ -348,23 +374,6 @@ bf_e_block(p_xl, p_xr) + *p_xr = xr; + } + +-#if 0 /* not used */ +- static void +-bf_d_block(p_xl, p_xr) +- UINT32_T *p_xl; +- UINT32_T *p_xr; +-{ +- UINT32_T temp, xl = *p_xl, xr = *p_xr; +- F1(17) F2(16) F1(15) F2(14) F1(13) F2(12) F1(11) F2(10) +- F1(9) F2(8) F1(7) F2(6) F1(5) F2(4) F1(3) F2(2) +- xl ^= pax[1]; +- xr ^= pax[0]; +- temp = xl; xl = xr; xr = temp; +- *p_xl = xl; *p_xr = xr; +-} +-#endif +- +- + #ifdef WORDS_BIGENDIAN + # define htonl2(x) \ + x = ((((x) & 0xffL) << 24) | (((x) & 0xff00L) << 8) | \ +@@ -374,7 +383,8 @@ bf_d_block(p_xl, p_xr) + #endif + + static void +-bf_e_cblock(block) ++bf_e_cblock(bfs, block) ++ bf_state_T *bfs; + char_u *block; + { + block8 bk; +@@ -382,35 +392,22 @@ bf_e_cblock(block) + memcpy(bk.uc, block, 8); + htonl2(bk.ul[0]); + htonl2(bk.ul[1]); +- bf_e_block(&bk.ul[0], &bk.ul[1]); ++ bf_e_block(bfs, &bk.ul[0], &bk.ul[1]); + htonl2(bk.ul[0]); + htonl2(bk.ul[1]); + memcpy(block, bk.uc, 8); + } + +-#if 0 /* not used */ +- void +-bf_d_cblock(block) +- char_u *block; +-{ +- block8 bk; +- memcpy(bk.uc, block, 8); +- htonl2(bk.ul[0]); htonl2(bk.ul[1]); +- bf_d_block(&bk.ul[0], &bk.ul[1]); +- htonl2(bk.ul[0]); htonl2(bk.ul[1]); +- memcpy(block, bk.uc, 8); +-} +-#endif +- + /* + * Initialize the crypt method using "password" as the encryption key and + * "salt[salt_len]" as the salt. + */ +- void +-bf_key_init(password, salt, salt_len) +- char_u *password; +- char_u *salt; +- int salt_len; ++ static void ++bf_key_init(bfs, password, salt, salt_len) ++ bf_state_T *bfs; ++ char_u *password; ++ char_u *salt; ++ int salt_len; + { + int i, j, keypos = 0; + unsigned u; +@@ -418,7 +415,7 @@ bf_key_init(password, salt, salt_len) + char_u *key; + int keylen; + +- /* Process the key 1000 times. ++ /* Process the key 1001 times. + * See http://en.wikipedia.org/wiki/Key_strengthening. */ + key = sha256_key(password, salt, salt_len); + for (i = 0; i < 1000; i++) +@@ -437,52 +434,54 @@ bf_key_init(password, salt, salt_len) + key[i] = u; + } + +- mch_memmove(sbx, sbi, 4 * 4 * 256); ++ /* Use "key" to initialize the P-array ("pax") and S-boxes ("sbx") of ++ * Blowfish. */ ++ mch_memmove(bfs->sbx, sbx_init, 4 * 4 * 256); + + for (i = 0; i < 18; ++i) + { + val = 0; + for (j = 0; j < 4; ++j) + val = (val << 8) | key[keypos++ % keylen]; +- pax[i] = ipa[i] ^ val; ++ bfs->pax[i] = pax_init[i] ^ val; + } + + data_l = data_r = 0; + for (i = 0; i < 18; i += 2) + { +- bf_e_block(&data_l, &data_r); +- pax[i + 0] = data_l; +- pax[i + 1] = data_r; ++ bf_e_block(bfs, &data_l, &data_r); ++ bfs->pax[i + 0] = data_l; ++ bfs->pax[i + 1] = data_r; + } + + for (i = 0; i < 4; ++i) + { + for (j = 0; j < 256; j += 2) + { +- bf_e_block(&data_l, &data_r); +- sbx[i][j + 0] = data_l; +- sbx[i][j + 1] = data_r; ++ bf_e_block(bfs, &data_l, &data_r); ++ bfs->sbx[i][j + 0] = data_l; ++ bfs->sbx[i][j + 1] = data_r; + } + } + } + + /* +- * BF Self test for corrupted tables or instructions ++ * Blowfish self-test for corrupted tables or instructions. + */ + static int +-bf_check_tables(a_ipa, a_sbi, val) +- UINT32_T a_ipa[18]; +- UINT32_T a_sbi[4][256]; ++bf_check_tables(pax, sbx, val) ++ UINT32_T pax[18]; ++ UINT32_T sbx[4][256]; + UINT32_T val; + { + int i, j; + UINT32_T c = 0; + + for (i = 0; i < 18; i++) +- c ^= a_ipa[i]; ++ c ^= pax[i]; + for (i = 0; i < 4; i++) + for (j = 0; j < 256; j++) +- c ^= a_sbi[i][j]; ++ c ^= sbx[i][j]; + return c == val; + } + +@@ -520,6 +519,10 @@ bf_self_test() + int err = 0; + block8 bk; + UINT32_T ui = 0xffffffffUL; ++ bf_state_T state; ++ ++ vim_memset(&state, 0, sizeof(bf_state_T)); ++ state.cfb_len = BF_MAX_CFB_LEN; + + /* We can't simply use sizeof(UINT32_T), it would generate a compiler + * warning. */ +@@ -528,21 +531,21 @@ bf_self_test() + EMSG(_("E820: sizeof(uint32_t) != 4")); + } + +- if (!bf_check_tables(ipa, sbi, 0x6ffa520a)) ++ if (!bf_check_tables(pax_init, sbx_init, 0x6ffa520a)) + err++; + + bn = ARRAY_LENGTH(bf_test_data); + for (i = 0; i < bn; i++) + { +- bf_key_init((char_u *)(bf_test_data[i].password), ++ bf_key_init(&state, (char_u *)(bf_test_data[i].password), + bf_test_data[i].salt, + (int)STRLEN(bf_test_data[i].salt)); +- if (!bf_check_tables(pax, sbx, bf_test_data[i].keysum)) ++ if (!bf_check_tables(state.pax, state.sbx, bf_test_data[i].keysum)) + err++; + + /* Don't modify bf_test_data[i].plaintxt, self test is idempotent. */ + memcpy(bk.uc, bf_test_data[i].plaintxt, 8); +- bf_e_cblock(bk.uc); ++ bf_e_cblock(&state, bk.uc); + if (memcmp(bk.uc, bf_test_data[i].cryptxt, 8) != 0) + { + if (err == 0 && memcmp(bk.uc, bf_test_data[i].badcryptxt, 8) == 0) +@@ -554,43 +557,43 @@ bf_self_test() + return err > 0 ? FAIL : OK; + } + +-/* Output feedback mode. */ +-static int randbyte_offset = 0; +-static int update_offset = 0; +-static char_u ofb_buffer[BF_OFB_LEN]; /* 64 bytes */ ++/* ++ * CFB: Cipher Feedback Mode. ++ */ + + /* +- * Initialize with seed "iv[iv_len]". ++ * Initialize with seed "seed[seed_len]". + */ +- void +-bf_ofb_init(iv, iv_len) +- char_u *iv; +- int iv_len; ++ static void ++bf_cfb_init(bfs, seed, seed_len) ++ bf_state_T *bfs; ++ char_u *seed; ++ int seed_len; + { + int i, mi; + +- randbyte_offset = update_offset = 0; +- vim_memset(ofb_buffer, 0, BF_OFB_LEN); +- if (iv_len > 0) ++ bfs->randbyte_offset = bfs->update_offset = 0; ++ vim_memset(bfs->cfb_buffer, 0, bfs->cfb_len); ++ if (seed_len > 0) + { +- mi = iv_len > BF_OFB_LEN ? iv_len : BF_OFB_LEN; ++ mi = seed_len > bfs->cfb_len ? seed_len : bfs->cfb_len; + for (i = 0; i < mi; i++) +- ofb_buffer[i % BF_OFB_LEN] ^= iv[i % iv_len]; ++ bfs->cfb_buffer[i % bfs->cfb_len] ^= seed[i % seed_len]; + } + } + +-#define BF_OFB_UPDATE(c) { \ +- ofb_buffer[update_offset] ^= (char_u)c; \ +- if (++update_offset == BF_OFB_LEN) \ +- update_offset = 0; \ ++#define BF_CFB_UPDATE(bfs, c) { \ ++ bfs->cfb_buffer[bfs->update_offset] ^= (char_u)c; \ ++ if (++bfs->update_offset == bfs->cfb_len) \ ++ bfs->update_offset = 0; \ + } + +-#define BF_RANBYTE(t) { \ +- if ((randbyte_offset & BF_BLOCK_MASK) == 0) \ +- bf_e_cblock(&ofb_buffer[randbyte_offset]); \ +- t = ofb_buffer[randbyte_offset]; \ +- if (++randbyte_offset == BF_OFB_LEN) \ +- randbyte_offset = 0; \ ++#define BF_RANBYTE(bfs, t) { \ ++ if ((bfs->randbyte_offset & BF_BLOCK_MASK) == 0) \ ++ bf_e_cblock(bfs, &(bfs->cfb_buffer[bfs->randbyte_offset])); \ ++ t = bfs->cfb_buffer[bfs->randbyte_offset]; \ ++ if (++bfs->randbyte_offset == bfs->cfb_len) \ ++ bfs->randbyte_offset = 0; \ + } + + /* +@@ -598,90 +601,69 @@ bf_ofb_init(iv, iv_len) + * "from" and "to" can be equal to encrypt in place. + */ + void +-bf_crypt_encode(from, len, to) ++crypt_blowfish_encode(state, from, len, to) ++ cryptstate_T *state; + char_u *from; + size_t len; + char_u *to; + { ++ bf_state_T *bfs = state->method_state; + size_t i; + int ztemp, t; + + for (i = 0; i < len; ++i) + { + ztemp = from[i]; +- BF_RANBYTE(t); +- BF_OFB_UPDATE(ztemp); ++ BF_RANBYTE(bfs, t); ++ BF_CFB_UPDATE(bfs, ztemp); + to[i] = t ^ ztemp; + } + } + + /* +- * Decrypt "ptr[len]" in place. ++ * Decrypt "from[len]" into "to[len]". + */ + void +-bf_crypt_decode(ptr, len) +- char_u *ptr; +- long len; ++crypt_blowfish_decode(state, from, len, to) ++ cryptstate_T *state; ++ char_u *from; ++ size_t len; ++ char_u *to; + { +- char_u *p; ++ bf_state_T *bfs = state->method_state; ++ size_t i; + int t; + +- for (p = ptr; p < ptr + len; ++p) ++ for (i = 0; i < len; ++i) + { +- BF_RANBYTE(t); +- *p ^= t; +- BF_OFB_UPDATE(*p); ++ BF_RANBYTE(bfs, t); ++ to[i] = from[i] ^ t; ++ BF_CFB_UPDATE(bfs, to[i]); + } + } + +-/* +- * Initialize the encryption keys and the random header according to +- * the given password. +- */ + void +-bf_crypt_init_keys(passwd) +- char_u *passwd; /* password string with which to modify keys */ +-{ +- char_u *p; +- +- for (p = passwd; *p != NUL; ++p) +- { +- BF_OFB_UPDATE(*p); +- } +-} ++crypt_blowfish_init(state, key, salt, salt_len, seed, seed_len) ++ cryptstate_T *state; ++ char_u* key; ++ char_u* salt; ++ int salt_len; ++ char_u* seed; ++ int seed_len; ++{ ++ bf_state_T *bfs = (bf_state_T *)alloc_clear(sizeof(bf_state_T)); ++ ++ state->method_state = bfs; ++ ++ /* "blowfish" uses a 64 byte buffer, causing it to repeat 8 byte groups 8 ++ * times. "blowfish2" uses a 8 byte buffer to avoid repeating. */ ++ bfs->cfb_len = state->method_nr == CRYPT_M_BF ? BF_MAX_CFB_LEN : BF_BLOCK; + +-static int save_randbyte_offset; +-static int save_update_offset; +-static char_u save_ofb_buffer[BF_OFB_LEN]; +-static UINT32_T save_pax[18]; +-static UINT32_T save_sbx[4][256]; +- +-/* +- * Save the current crypt state. Can only be used once before +- * bf_crypt_restore(). +- */ +- void +-bf_crypt_save() +-{ +- save_randbyte_offset = randbyte_offset; +- save_update_offset = update_offset; +- mch_memmove(save_ofb_buffer, ofb_buffer, BF_OFB_LEN); +- mch_memmove(save_pax, pax, 4 * 18); +- mch_memmove(save_sbx, sbx, 4 * 4 * 256); +-} ++ if (blowfish_self_test() == FAIL) ++ return; + +-/* +- * Restore the current crypt state. Can only be used after +- * bf_crypt_save(). +- */ +- void +-bf_crypt_restore() +-{ +- randbyte_offset = save_randbyte_offset; +- update_offset = save_update_offset; +- mch_memmove(ofb_buffer, save_ofb_buffer, BF_OFB_LEN); +- mch_memmove(pax, save_pax, 4 * 18); +- mch_memmove(sbx, save_sbx, 4 * 4 * 256); ++ bf_key_init(bfs, key, salt, salt_len); ++ bf_cfb_init(bfs, seed, seed_len); + } + + /* +diff -up vim74/src/crypt.c.blowfish2 vim74/src/crypt.c +--- vim74/src/crypt.c.blowfish2 2017-09-05 14:47:34.933912159 +0200 ++++ vim74/src/crypt.c 2017-09-05 14:47:34.933912159 +0200 +@@ -0,0 +1,585 @@ ++/* vi:set ts=8 sts=4 sw=4: ++ * ++ * VIM - Vi IMproved by Bram Moolenaar ++ * ++ * Do ":help uganda" in Vim to read copying and usage conditions. ++ * Do ":help credits" in Vim to see a list of people who contributed. ++ * See README.txt for an overview of the Vim source code. ++ */ ++ ++/* ++ * crypt.c: Generic encryption support. ++ */ ++#include "vim.h" ++ ++#if defined(FEAT_CRYPT) || defined(PROTO) ++/* ++ * Optional encryption support. ++ * Mohsin Ahmed, mosh@sasi.com, 1998-09-24 ++ * Based on zip/crypt sources. ++ * Refactored by David Leadbeater, 2014. ++ * ++ * NOTE FOR USA: Since 2000 exporting this code from the USA is allowed to ++ * most countries. There are a few exceptions, but that still should not be a ++ * problem since this code was originally created in Europe and India. ++ * ++ * Blowfish addition originally made by Mohsin Ahmed, ++ * http://www.cs.albany.edu/~mosh 2010-03-14 ++ * Based on blowfish by Bruce Schneier (http://www.schneier.com/blowfish.html) ++ * and sha256 by Christophe Devine. ++ */ ++ ++typedef struct { ++ char *name; /* encryption name as used in 'cryptmethod' */ ++ char *magic; /* magic bytes stored in file header */ ++ int salt_len; /* length of salt, or 0 when not using salt */ ++ int seed_len; /* length of seed, or 0 when not using salt */ ++ int works_inplace; /* encryption/decryption can be done in-place */ ++ int whole_undofile; /* whole undo file is encrypted */ ++ ++ /* Optional function pointer for a self-test. */ ++ int (* self_test_fn)(); ++ ++ /* Function pointer for initializing encryption/decription. */ ++ void (* init_fn)(cryptstate_T *state, char_u *key, ++ char_u *salt, int salt_len, char_u *seed, int seed_len); ++ ++ /* Function pointers for encoding/decoding from one buffer into another. ++ * Optional, however, these or the _buffer ones should be configured. */ ++ void (*encode_fn)(cryptstate_T *state, char_u *from, size_t len, ++ char_u *to); ++ void (*decode_fn)(cryptstate_T *state, char_u *from, size_t len, ++ char_u *to); ++ ++ /* Function pointers for encoding and decoding, can buffer data if needed. ++ * Optional (however, these or the above should be configured). */ ++ long (*encode_buffer_fn)(cryptstate_T *state, char_u *from, size_t len, ++ char_u **newptr); ++ long (*decode_buffer_fn)(cryptstate_T *state, char_u *from, size_t len, ++ char_u **newptr); ++ ++ /* Function pointers for in-place encoding and decoding, used for ++ * crypt_*_inplace(). "from" and "to" arguments will be equal. ++ * These may be the same as decode_fn and encode_fn above, however an ++ * algorithm may implement them in a way that is not interchangeable with ++ * the crypt_(en|de)code() interface (for example because it wishes to add ++ * padding to files). ++ * This method is used for swap and undo files which have a rigid format. ++ */ ++ void (*encode_inplace_fn)(cryptstate_T *state, char_u *p1, size_t len, ++ char_u *p2); ++ void (*decode_inplace_fn)(cryptstate_T *state, char_u *p1, size_t len, ++ char_u *p2); ++} cryptmethod_T; ++ ++/* index is method_nr of cryptstate_T, CRYPT_M_* */ ++static cryptmethod_T cryptmethods[CRYPT_M_COUNT] = { ++ /* PK_Zip; very weak */ ++ { ++ "zip", ++ "VimCrypt~01!", ++ 0, ++ 0, ++ TRUE, ++ FALSE, ++ NULL, ++ crypt_zip_init, ++ crypt_zip_encode, crypt_zip_decode, ++ NULL, NULL, ++ crypt_zip_encode, crypt_zip_decode, ++ }, ++ ++ /* Blowfish/CFB + SHA-256 custom key derivation; implementation issues. */ ++ { ++ "blowfish", ++ "VimCrypt~02!", ++ 8, ++ 8, ++ TRUE, ++ FALSE, ++ blowfish_self_test, ++ crypt_blowfish_init, ++ crypt_blowfish_encode, crypt_blowfish_decode, ++ NULL, NULL, ++ crypt_blowfish_encode, crypt_blowfish_decode, ++ }, ++ ++ /* Blowfish/CFB + SHA-256 custom key derivation; fixed. */ ++ { ++ "blowfish2", ++ "VimCrypt~03!", ++ 8, ++ 8, ++ TRUE, ++ TRUE, ++ blowfish_self_test, ++ crypt_blowfish_init, ++ crypt_blowfish_encode, crypt_blowfish_decode, ++ NULL, NULL, ++ crypt_blowfish_encode, crypt_blowfish_decode, ++ }, ++}; ++ ++#define CRYPT_MAGIC_LEN 12 /* cannot change */ ++static char crypt_magic_head[] = "VimCrypt~"; ++ ++/* ++ * Return int value for crypt method name. ++ * 0 for "zip", the old method. Also for any non-valid value. ++ * 1 for "blowfish". ++ * 2 for "blowfish2". ++ */ ++ int ++crypt_method_nr_from_name(name) ++ char_u *name; ++{ ++ int i; ++ ++ for (i = 0; i < CRYPT_M_COUNT; ++i) ++ if (STRCMP(name, cryptmethods[i].name) == 0) ++ return i; ++ return 0; ++} ++ ++/* ++ * Get the crypt method used for a file from "ptr[len]", the magic text at the ++ * start of the file. ++ * Returns -1 when no encryption used. ++ */ ++ int ++crypt_method_nr_from_magic(ptr, len) ++ char *ptr; ++ int len; ++{ ++ int i; ++ ++ if (len < CRYPT_MAGIC_LEN) ++ return -1; ++ ++ for (i = 0; i < CRYPT_M_COUNT; i++) ++ if (memcmp(ptr, cryptmethods[i].magic, CRYPT_MAGIC_LEN) == 0) ++ return i; ++ ++ i = (int)STRLEN(crypt_magic_head); ++ if (len >= i && memcmp(ptr, crypt_magic_head, i) == 0) ++ EMSG(_("E821: File is encrypted with unknown method")); ++ ++ return -1; ++} ++ ++/* ++ * Return TRUE if the crypt method for "method_nr" can be done in-place. ++ */ ++ int ++crypt_works_inplace(state) ++ cryptstate_T *state; ++{ ++ return cryptmethods[state->method_nr].works_inplace; ++} ++ ++/* ++ * Get the crypt method for buffer "buf" as a number. ++ */ ++ int ++crypt_get_method_nr(buf) ++ buf_T *buf; ++{ ++ return crypt_method_nr_from_name(*buf->b_p_cm == NUL ? p_cm : buf->b_p_cm); ++} ++ ++/* ++ * Return TRUE when the buffer uses an encryption method that encrypts the ++ * whole undo file, not only the text. ++ */ ++ int ++crypt_whole_undofile(method_nr) ++ int method_nr; ++{ ++ return cryptmethods[method_nr].whole_undofile; ++} ++ ++/* ++ * Get crypt method specifc length of the file header in bytes. ++ */ ++ int ++crypt_get_header_len(method_nr) ++ int method_nr; ++{ ++ return CRYPT_MAGIC_LEN ++ + cryptmethods[method_nr].salt_len ++ + cryptmethods[method_nr].seed_len; ++} ++ ++/* ++ * Set the crypt method for buffer "buf" to "method_nr" using the int value as ++ * returned by crypt_method_nr_from_name(). ++ */ ++ void ++crypt_set_cm_option(buf, method_nr) ++ buf_T *buf; ++ int method_nr; ++{ ++ free_string_option(buf->b_p_cm); ++ buf->b_p_cm = vim_strsave((char_u *)cryptmethods[method_nr].name); ++} ++ ++/* ++ * If the crypt method for the current buffer has a self-test, run it and ++ * return OK/FAIL. ++ */ ++ int ++crypt_self_test() ++{ ++ int method_nr = crypt_get_method_nr(curbuf); ++ ++ if (cryptmethods[method_nr].self_test_fn == NULL) ++ return OK; ++ return cryptmethods[method_nr].self_test_fn(); ++} ++ ++/* ++ * Allocate a crypt state and initialize it. ++ */ ++ cryptstate_T * ++crypt_create(method_nr, key, salt, salt_len, seed, seed_len) ++ int method_nr; ++ char_u *key; ++ char_u *salt; ++ int salt_len; ++ char_u *seed; ++ int seed_len; ++{ ++ cryptstate_T *state = (cryptstate_T *)alloc((int)sizeof(cryptstate_T)); ++ ++ state->method_nr = method_nr; ++ cryptmethods[method_nr].init_fn(state, key, salt, salt_len, seed, seed_len); ++ return state; ++} ++ ++/* ++ * Allocate a crypt state from a file header and initialize it. ++ * Assumes that header contains at least the number of bytes that ++ * crypt_get_header_len() returns for "method_nr". ++ */ ++ cryptstate_T * ++crypt_create_from_header(method_nr, key, header) ++ int method_nr; ++ char_u *key; ++ char_u *header; ++{ ++ char_u *salt = NULL; ++ char_u *seed = NULL; ++ int salt_len = cryptmethods[method_nr].salt_len; ++ int seed_len = cryptmethods[method_nr].seed_len; ++ ++ if (salt_len > 0) ++ salt = header + CRYPT_MAGIC_LEN; ++ if (seed_len > 0) ++ seed = header + CRYPT_MAGIC_LEN + salt_len; ++ ++ return crypt_create(method_nr, key, salt, salt_len, seed, seed_len); ++} ++ ++/* ++ * Read the crypt method specific header data from "fp". ++ * Return an allocated cryptstate_T or NULL on error. ++ */ ++ cryptstate_T * ++crypt_create_from_file(fp, key) ++ FILE *fp; ++ char_u *key; ++{ ++ int method_nr; ++ int header_len; ++ char magic_buffer[CRYPT_MAGIC_LEN]; ++ char_u *buffer; ++ cryptstate_T *state; ++ ++ if (fread(magic_buffer, CRYPT_MAGIC_LEN, 1, fp) != 1) ++ return NULL; ++ method_nr = crypt_method_nr_from_magic(magic_buffer, CRYPT_MAGIC_LEN); ++ if (method_nr < 0) ++ return NULL; ++ ++ header_len = crypt_get_header_len(method_nr); ++ if ((buffer = alloc(header_len)) == NULL) ++ return NULL; ++ mch_memmove(buffer, magic_buffer, CRYPT_MAGIC_LEN); ++ if (header_len > CRYPT_MAGIC_LEN ++ && fread(buffer + CRYPT_MAGIC_LEN, ++ header_len - CRYPT_MAGIC_LEN, 1, fp) != 1) ++ { ++ vim_free(buffer); ++ return NULL; ++ } ++ ++ state = crypt_create_from_header(method_nr, key, buffer); ++ vim_free(buffer); ++ return state; ++} ++ ++/* ++ * Allocate a cryptstate_T for writing and initialize it with "key". ++ * Allocates and fills in the header and stores it in "header", setting ++ * "header_len". The header may include salt and seed, depending on ++ * cryptmethod. Caller must free header. ++ * Returns the state or NULL on failure. ++ */ ++ cryptstate_T * ++crypt_create_for_writing(method_nr, key, header, header_len) ++ int method_nr; ++ char_u *key; ++ char_u **header; ++ int *header_len; ++{ ++ int len = crypt_get_header_len(method_nr); ++ char_u *salt = NULL; ++ char_u *seed = NULL; ++ int salt_len = cryptmethods[method_nr].salt_len; ++ int seed_len = cryptmethods[method_nr].seed_len; ++ cryptstate_T *state; ++ ++ *header_len = len; ++ *header = alloc(len); ++ if (*header == NULL) ++ return NULL; ++ ++ mch_memmove(*header, cryptmethods[method_nr].magic, CRYPT_MAGIC_LEN); ++ if (salt_len > 0 || seed_len > 0) ++ { ++ if (salt_len > 0) ++ salt = *header + CRYPT_MAGIC_LEN; ++ if (seed_len > 0) ++ seed = *header + CRYPT_MAGIC_LEN + salt_len; ++ ++ /* TODO: Should this be crypt method specific? (Probably not worth ++ * it). sha2_seed is pretty bad for large amounts of entropy, so make ++ * that into something which is suitable for anything. */ ++ sha2_seed(salt, salt_len, seed, seed_len); ++ } ++ ++ state = crypt_create(method_nr, key, salt, salt_len, seed, seed_len); ++ if (state == NULL) ++ { ++ vim_free(*header); ++ *header = NULL; ++ } ++ return state; ++} ++ ++/* ++ * Free the crypt state. ++ */ ++ void ++crypt_free_state(state) ++ cryptstate_T *state; ++{ ++ vim_free(state->method_state); ++ vim_free(state); ++} ++ ++/* ++ * Encode "from[len]" and store the result in a newly allocated buffer, which ++ * is stored in "newptr". ++ * Return number of bytes in "newptr", 0 for need more or -1 on error. ++ */ ++ long ++crypt_encode_alloc(state, from, len, newptr) ++ cryptstate_T *state; ++ char_u *from; ++ size_t len; ++ char_u **newptr; ++{ ++ cryptmethod_T *method = &cryptmethods[state->method_nr]; ++ ++ if (method->encode_buffer_fn != NULL) ++ /* Has buffer function, pass through. */ ++ return method->encode_buffer_fn(state, from, len, newptr); ++ if (len == 0) ++ /* Not buffering, just return EOF. */ ++ return len; ++ ++ *newptr = alloc(len); ++ if (*newptr == NULL) ++ return -1; ++ method->encode_fn(state, from, len, *newptr); ++ return len; ++} ++ ++/* ++ * Decrypt "ptr[len]" and store the result in a newly allocated buffer, which ++ * is stored in "newptr". ++ * Return number of bytes in "newptr", 0 for need more or -1 on error. ++ */ ++ long ++crypt_decode_alloc(state, ptr, len, newptr) ++ cryptstate_T *state; ++ char_u *ptr; ++ long len; ++ char_u **newptr; ++{ ++ cryptmethod_T *method = &cryptmethods[state->method_nr]; ++ ++ if (method->decode_buffer_fn != NULL) ++ /* Has buffer function, pass through. */ ++ return method->decode_buffer_fn(state, ptr, len, newptr); ++ ++ if (len == 0) ++ /* Not buffering, just return EOF. */ ++ return len; ++ ++ *newptr = alloc(len); ++ if (*newptr == NULL) ++ return -1; ++ method->decode_fn(state, ptr, len, *newptr); ++ return len; ++} ++ ++/* ++ * Encrypting "from[len]" into "to[len]". ++ */ ++ void ++crypt_encode(state, from, len, to) ++ cryptstate_T *state; ++ char_u *from; ++ size_t len; ++ char_u *to; ++{ ++ cryptmethods[state->method_nr].encode_fn(state, from, len, to); ++} ++ ++/* ++ * decrypting "from[len]" into "to[len]". ++ */ ++ void ++crypt_decode(state, from, len, to) ++ cryptstate_T *state; ++ char_u *from; ++ size_t len; ++ char_u *to; ++{ ++ cryptmethods[state->method_nr].decode_fn(state, from, len, to); ++} ++ ++/* ++ * Simple inplace encryption, modifies "buf[len]" in place. ++ */ ++ void ++crypt_encode_inplace(state, buf, len) ++ cryptstate_T *state; ++ char_u *buf; ++ size_t len; ++{ ++ cryptmethods[state->method_nr].encode_inplace_fn(state, buf, len, buf); ++} ++ ++/* ++ * Simple inplace decryption, modifies "buf[len]" in place. ++ */ ++ void ++crypt_decode_inplace(state, buf, len) ++ cryptstate_T *state; ++ char_u *buf; ++ size_t len; ++{ ++ cryptmethods[state->method_nr].decode_inplace_fn(state, buf, len, buf); ++} ++ ++/* ++ * Free an allocated crypt key. Clear the text to make sure it doesn't stay ++ * in memory anywhere. ++ */ ++ void ++crypt_free_key(key) ++ char_u *key; ++{ ++ char_u *p; ++ ++ if (key != NULL) ++ { ++ for (p = key; *p != NUL; ++p) ++ *p = 0; ++ vim_free(key); ++ } ++} ++ ++/* ++ * Ask the user for a crypt key. ++ * When "store" is TRUE, the new key is stored in the 'key' option, and the ++ * 'key' option value is returned: Don't free it. ++ * When "store" is FALSE, the typed key is returned in allocated memory. ++ * Returns NULL on failure. ++ */ ++ char_u * ++crypt_get_key(store, twice) ++ int store; ++ int twice; /* Ask for the key twice. */ ++{ ++ char_u *p1, *p2 = NULL; ++ int round; ++ ++ for (round = 0; ; ++round) ++ { ++ cmdline_star = TRUE; ++ cmdline_row = msg_row; ++ p1 = getcmdline_prompt(NUL, round == 0 ++ ? (char_u *)_("Enter encryption key: ") ++ : (char_u *)_("Enter same key again: "), 0, EXPAND_NOTHING, ++ NULL); ++ cmdline_star = FALSE; ++ ++ if (p1 == NULL) ++ break; ++ ++ if (round == twice) ++ { ++ if (p2 != NULL && STRCMP(p1, p2) != 0) ++ { ++ MSG(_("Keys don't match!")); ++ crypt_free_key(p1); ++ crypt_free_key(p2); ++ p2 = NULL; ++ round = -1; /* do it again */ ++ continue; ++ } ++ ++ if (store) ++ { ++ set_option_value((char_u *)"key", 0L, p1, OPT_LOCAL); ++ crypt_free_key(p1); ++ p1 = curbuf->b_p_key; ++ } ++ break; ++ } ++ p2 = p1; ++ } ++ ++ /* since the user typed this, no need to wait for return */ ++ if (msg_didout) ++ msg_putchar('\n'); ++ need_wait_return = FALSE; ++ msg_didout = FALSE; ++ ++ crypt_free_key(p2); ++ return p1; ++} ++ ++ ++/* ++ * Append a message to IObuff for the encryption/decryption method being used. ++ */ ++ void ++crypt_append_msg(buf) ++ buf_T *buf; ++{ ++ if (crypt_get_method_nr(buf) == 0) ++ STRCAT(IObuff, _("[crypted]")); ++ else ++ { ++ STRCAT(IObuff, "["); ++ STRCAT(IObuff, *buf->b_p_cm == NUL ? p_cm : buf->b_p_cm); ++ STRCAT(IObuff, "]"); ++ } ++} ++ ++#endif /* FEAT_CRYPT */ +diff -up vim74/src/crypt_zip.c.blowfish2 vim74/src/crypt_zip.c +--- vim74/src/crypt_zip.c.blowfish2 2017-09-05 14:47:34.934912151 +0200 ++++ vim74/src/crypt_zip.c 2017-09-05 14:47:34.934912151 +0200 +@@ -0,0 +1,158 @@ ++/* vi:set ts=8 sts=4 sw=4: ++ * ++ * VIM - Vi IMproved by Bram Moolenaar ++ * ++ * Do ":help uganda" in Vim to read copying and usage conditions. ++ * Do ":help credits" in Vim to see a list of people who contributed. ++ * See README.txt for an overview of the Vim source code. ++ */ ++ ++/* ++ * crypt_zip.c: Zip encryption support. ++ */ ++#include "vim.h" ++ ++#if defined(FEAT_CRYPT) || defined(PROTO) ++/* ++ * Optional encryption support. ++ * Mohsin Ahmed, mosh@sasi.com, 98-09-24 ++ * Based on zip/crypt sources. ++ * ++ * NOTE FOR USA: Since 2000 exporting this code from the USA is allowed to ++ * most countries. There are a few exceptions, but that still should not be a ++ * problem since this code was originally created in Europe and India. ++ */ ++ ++/* Need a type that should be 32 bits. 64 also works but wastes space. */ ++# if VIM_SIZEOF_INT >= 4 ++typedef unsigned int u32_T; /* int is at least 32 bits */ ++# else ++typedef unsigned long u32_T; /* long should be 32 bits or more */ ++# endif ++ ++/* The state of encryption, referenced by cryptstate_T. */ ++typedef struct { ++ u32_T keys[3]; ++} zip_state_T; ++ ++ ++static void make_crc_tab __ARGS((void)); ++ ++static u32_T crc_32_table[256]; ++ ++/* ++ * Fill the CRC table, if not done already. ++ */ ++ static void ++make_crc_tab() ++{ ++ u32_T s, t, v; ++ static int done = FALSE; ++ ++ if (done) ++ return; ++ for (t = 0; t < 256; t++) ++ { ++ v = t; ++ for (s = 0; s < 8; s++) ++ v = (v >> 1) ^ ((v & 1) * (u32_T)0xedb88320L); ++ crc_32_table[t] = v; ++ } ++ done = TRUE; ++} ++ ++#define CRC32(c, b) (crc_32_table[((int)(c) ^ (b)) & 0xff] ^ ((c) >> 8)) ++ ++/* ++ * Return the next byte in the pseudo-random sequence. ++ */ ++#define DECRYPT_BYTE_ZIP(keys, t) { \ ++ short_u temp = (short_u)keys[2] | 2; \ ++ t = (int)(((unsigned)(temp * (temp ^ 1U)) >> 8) & 0xff); \ ++} ++ ++/* ++ * Update the encryption keys with the next byte of plain text. ++ */ ++#define UPDATE_KEYS_ZIP(keys, c) { \ ++ keys[0] = CRC32(keys[0], (c)); \ ++ keys[1] += keys[0] & 0xff; \ ++ keys[1] = keys[1] * 134775813L + 1; \ ++ keys[2] = CRC32(keys[2], (int)(keys[1] >> 24)); \ ++} ++ ++/* ++ * Initialize for encryption/decryption. ++ */ ++ void ++crypt_zip_init(state, key, salt, salt_len, seed, seed_len) ++ cryptstate_T *state; ++ char_u *key; ++ char_u *salt UNUSED; ++ int salt_len UNUSED; ++ char_u *seed UNUSED; ++ int seed_len UNUSED; ++{ ++ char_u *p; ++ zip_state_T *zs; ++ ++ zs = (zip_state_T *)alloc(sizeof(zip_state_T)); ++ state->method_state = zs; ++ ++ make_crc_tab(); ++ zs->keys[0] = 305419896L; ++ zs->keys[1] = 591751049L; ++ zs->keys[2] = 878082192L; ++ for (p = key; *p != NUL; ++p) ++ { ++ UPDATE_KEYS_ZIP(zs->keys, (int)*p); ++ } ++} ++ ++/* ++ * Encrypt "from[len]" into "to[len]". ++ * "from" and "to" can be equal to encrypt in place. ++ */ ++ void ++crypt_zip_encode(state, from, len, to) ++ cryptstate_T *state; ++ char_u *from; ++ size_t len; ++ char_u *to; ++{ ++ zip_state_T *zs = state->method_state; ++ size_t i; ++ int ztemp, t; ++ ++ for (i = 0; i < len; ++i) ++ { ++ ztemp = from[i]; ++ DECRYPT_BYTE_ZIP(zs->keys, t); ++ UPDATE_KEYS_ZIP(zs->keys, ztemp); ++ to[i] = t ^ ztemp; ++ } ++} ++ ++/* ++ * Decrypt "from[len]" into "to[len]". ++ */ ++ void ++crypt_zip_decode(state, from, len, to) ++ cryptstate_T *state; ++ char_u *from; ++ size_t len; ++ char_u *to; ++{ ++ zip_state_T *zs = state->method_state; ++ size_t i; ++ short_u temp; ++ ++ for (i = 0; i < len; ++i) ++ { ++ temp = (short_u)zs->keys[2] | 2; ++ temp = (int)(((unsigned)(temp * (temp ^ 1U)) >> 8) & 0xff); ++ UPDATE_KEYS_ZIP(zs->keys, to[i] = from[i] ^ temp); ++ } ++} ++ ++#endif /* FEAT_CRYPT */ +diff -up vim74/src/eval.c.blowfish2 vim74/src/eval.c +--- vim74/src/eval.c.blowfish2 2017-09-05 14:47:34.837912934 +0200 ++++ vim74/src/eval.c 2017-09-05 14:47:34.939912111 +0200 +@@ -12228,6 +12228,8 @@ f_has(argvars, rettv) + #endif + #ifdef FEAT_CRYPT + "cryptv", ++ "crypt-blowfish", ++ "crypt-blowfish2", + #endif + #ifdef FEAT_CSCOPE + "cscope", +diff -up vim74/src/ex_docmd.c.blowfish2 vim74/src/ex_docmd.c +--- vim74/src/ex_docmd.c.blowfish2 2017-09-05 14:47:34.782913378 +0200 ++++ vim74/src/ex_docmd.c 2017-09-05 14:47:34.945912063 +0200 +@@ -11497,8 +11497,7 @@ ex_match(eap) + ex_X(eap) + exarg_T *eap UNUSED; + { +- if (get_crypt_method(curbuf) == 0 || blowfish_self_test() == OK) +- (void)get_crypt_key(TRUE, TRUE); ++ (void)crypt_get_key(TRUE, TRUE); + } + #endif + +diff -up vim74/src/fileio.c.blowfish2 vim74/src/fileio.c +--- vim74/src/fileio.c.blowfish2 2017-09-05 14:47:34.245917713 +0200 ++++ vim74/src/fileio.c 2017-09-05 14:47:34.947912046 +0200 +@@ -24,20 +24,6 @@ + #define BUFSIZE 8192 /* size of normal write buffer */ + #define SMBUFSIZE 256 /* size of emergency write buffer */ + +-#ifdef FEAT_CRYPT +-/* crypt_magic[0] is pkzip crypt, crypt_magic[1] is sha2+blowfish */ +-static char *crypt_magic[] = {"VimCrypt~01!", "VimCrypt~02!"}; +-static char crypt_magic_head[] = "VimCrypt~"; +-# define CRYPT_MAGIC_LEN 12 /* must be multiple of 4! */ +- +-/* For blowfish, after the magic header, we store 8 bytes of salt and then 8 +- * bytes of seed (initialisation vector). */ +-static int crypt_salt_len[] = {0, 8}; +-static int crypt_seed_len[] = {0, 8}; +-#define CRYPT_SALT_LEN_MAX 8 +-#define CRYPT_SEED_LEN_MAX 8 +-#endif +- + /* Is there any system that doesn't have access()? */ + #define USE_MCH_ACCESS + +@@ -55,7 +41,6 @@ static char_u *readfile_charconvert __AR + static void check_marks_read __ARGS((void)); + #endif + #ifdef FEAT_CRYPT +-static int crypt_method_from_magic __ARGS((char *ptr, int len)); + static char_u *check_for_cryptkey __ARGS((char_u *cryptkey, char_u *ptr, long *sizep, off_t *filesizep, int newfile, char_u *fname, int *did_ask)); + #endif + #ifdef UNIX +@@ -116,6 +101,9 @@ struct bw_info + #ifdef HAS_BW_FLAGS + int bw_flags; /* FIO_ flags */ + #endif ++#ifdef FEAT_CRYPT ++ buf_T *bw_buffer; /* buffer being written */ ++#endif + #ifdef FEAT_MBYTE + char_u bw_rest[CONV_RESTLEN]; /* not converted bytes */ + int bw_restlen; /* nr of bytes in bw_rest[] */ +@@ -250,7 +238,6 @@ readfile(fname, sfname, from, lines_to_s + #ifdef FEAT_CRYPT + char_u *cryptkey = NULL; + int did_ask_for_key = FALSE; +- int crypt_method_used; + #endif + #ifdef FEAT_PERSISTENT_UNDO + context_sha256_T sha_ctx; +@@ -966,13 +953,6 @@ retry: + #endif + } + +-#ifdef FEAT_CRYPT +- if (cryptkey != NULL) +- /* Need to reset the state, but keep the key, don't want to ask for it +- * again. */ +- crypt_pop_state(); +-#endif +- + /* + * When retrying with another "fenc" and the first time "fileformat" + * will be reset. +@@ -1175,6 +1155,15 @@ retry: + if (read_undo_file) + sha256_start(&sha_ctx); + #endif ++#ifdef FEAT_CRYPT ++ if (curbuf->b_cryptstate != NULL) ++ { ++ /* Need to free the state, but keep the key, don't want to ask for ++ * it again. */ ++ crypt_free_state(curbuf->b_cryptstate); ++ curbuf->b_cryptstate = NULL; ++ } ++#endif + } + + while (!error && !got_int) +@@ -1339,6 +1328,76 @@ retry: + size = read_eintr(fd, ptr, size); + } + ++#ifdef FEAT_CRYPT ++ /* ++ * At start of file: Check for magic number of encryption. ++ */ ++ if (filesize == 0 && size > 0) ++ cryptkey = check_for_cryptkey(cryptkey, ptr, &size, ++ &filesize, newfile, sfname, ++ &did_ask_for_key); ++ /* ++ * Decrypt the read bytes. This is done before checking for ++ * EOF because the crypt layer may be buffering. ++ */ ++ if (cryptkey != NULL && curbuf->b_cryptstate != NULL && size > 0) ++ { ++ if (crypt_works_inplace(curbuf->b_cryptstate)) ++ { ++ crypt_decode_inplace(curbuf->b_cryptstate, ptr, size); ++ } ++ else ++ { ++ char_u *newptr = NULL; ++ int decrypted_size; ++ ++ decrypted_size = crypt_decode_alloc( ++ curbuf->b_cryptstate, ptr, size, &newptr); ++ ++ /* If the crypt layer is buffering, not producing ++ * anything yet, need to read more. */ ++ if (size > 0 && decrypted_size == 0) ++ continue; ++ ++ if (linerest == 0) ++ { ++ /* Simple case: reuse returned buffer (may be ++ * NULL, checked later). */ ++ new_buffer = newptr; ++ } ++ else ++ { ++ long_u new_size; ++ ++ /* Need new buffer to add bytes carried over. */ ++ new_size = (long_u)(decrypted_size + linerest + 1); ++ new_buffer = lalloc(new_size, FALSE); ++ if (new_buffer == NULL) ++ { ++ do_outofmem_msg(new_size); ++ error = TRUE; ++ break; ++ } ++ ++ mch_memmove(new_buffer, buffer, linerest); ++ if (newptr != NULL) ++ mch_memmove(new_buffer + linerest, newptr, ++ decrypted_size); ++ } ++ ++ if (new_buffer != NULL) ++ { ++ vim_free(buffer); ++ buffer = new_buffer; ++ new_buffer = NULL; ++ line_start = buffer; ++ ptr = buffer + linerest; ++ } ++ size = decrypted_size; ++ } ++ } ++#endif ++ + if (size <= 0) + { + if (size < 0) /* read error */ +@@ -1403,21 +1462,6 @@ retry: + } + #endif + } +- +-#ifdef FEAT_CRYPT +- /* +- * At start of file: Check for magic number of encryption. +- */ +- if (filesize == 0) +- cryptkey = check_for_cryptkey(cryptkey, ptr, &size, +- &filesize, newfile, sfname, +- &did_ask_for_key); +- /* +- * Decrypt the read bytes. +- */ +- if (cryptkey != NULL && size > 0) +- crypt_decode(ptr, size); +-#endif + } + skip_read = FALSE; + +@@ -1430,10 +1474,9 @@ retry: + */ + if ((filesize == 0 + # ifdef FEAT_CRYPT +- || (filesize == (CRYPT_MAGIC_LEN +- + crypt_salt_len[use_crypt_method] +- + crypt_seed_len[use_crypt_method]) +- && cryptkey != NULL) ++ || (cryptkey != NULL ++ && filesize == crypt_get_header_len( ++ crypt_get_method_nr(curbuf))) + # endif + ) + && (fio_flags == FIO_UCSBOM +@@ -2262,15 +2305,15 @@ failed: + save_file_ff(curbuf); /* remember the current file format */ + + #ifdef FEAT_CRYPT +- crypt_method_used = use_crypt_method; +- if (cryptkey != NULL) ++ if (curbuf->b_cryptstate != NULL) + { +- crypt_pop_state(); +- if (cryptkey != curbuf->b_p_key) +- free_crypt_key(cryptkey); +- /* don't set cryptkey to NULL, it's used below as a flag that +- * encryption was used */ ++ crypt_free_state(curbuf->b_cryptstate); ++ curbuf->b_cryptstate = NULL; + } ++ if (cryptkey != NULL && cryptkey != curbuf->b_p_key) ++ crypt_free_key(cryptkey); ++ /* Don't set cryptkey to NULL, it's used below as a flag that ++ * encryption was used. */ + #endif + + #ifdef FEAT_MBYTE +@@ -2457,10 +2500,7 @@ failed: + #ifdef FEAT_CRYPT + if (cryptkey != NULL) + { +- if (crypt_method_used == 1) +- STRCAT(IObuff, _("[blowfish]")); +- else +- STRCAT(IObuff, _("[crypted]")); ++ crypt_append_msg(curbuf); + c = TRUE; + } + #endif +@@ -2489,9 +2529,7 @@ failed: + #ifdef FEAT_CRYPT + if (cryptkey != NULL) + msg_add_lines(c, (long)linecnt, filesize +- - CRYPT_MAGIC_LEN +- - crypt_salt_len[use_crypt_method] +- - crypt_seed_len[use_crypt_method]); ++ - crypt_get_header_len(crypt_get_method_nr(curbuf))); + else + #endif + msg_add_lines(c, (long)linecnt, filesize); +@@ -2882,33 +2920,6 @@ check_marks_read() + + #if defined(FEAT_CRYPT) || defined(PROTO) + /* +- * Get the crypt method used for a file from "ptr[len]", the magic text at the +- * start of the file. +- * Returns -1 when no encryption used. +- */ +- static int +-crypt_method_from_magic(ptr, len) +- char *ptr; +- int len; +-{ +- int i; +- +- for (i = 0; i < (int)(sizeof(crypt_magic) / sizeof(crypt_magic[0])); i++) +- { +- if (len < (CRYPT_MAGIC_LEN + crypt_salt_len[i] + crypt_seed_len[i])) +- continue; +- if (memcmp(ptr, crypt_magic[i], CRYPT_MAGIC_LEN) == 0) +- return i; +- } +- +- i = (int)STRLEN(crypt_magic_head); +- if (len >= i && memcmp(ptr, crypt_magic_head, i) == 0) +- EMSG(_("E821: File is encrypted with unknown method")); +- +- return -1; +-} +- +-/* + * Check for magic number used for encryption. Applies to the current buffer. + * If found, the magic number is removed from ptr[*sizep] and *sizep and + * *filesizep are updated. +@@ -2924,7 +2935,7 @@ check_for_cryptkey(cryptkey, ptr, sizep, + char_u *fname; /* file name to display */ + int *did_ask; /* flag: whether already asked for key */ + { +- int method = crypt_method_from_magic((char *)ptr, *sizep); ++ int method = crypt_method_nr_from_magic((char *)ptr, *sizep); + int b_p_ro = curbuf->b_p_ro; + + if (method >= 0) +@@ -2933,9 +2944,8 @@ check_for_cryptkey(cryptkey, ptr, sizep, + * Avoids accidentally overwriting the file with garbage. */ + curbuf->b_p_ro = TRUE; + +- set_crypt_method(curbuf, method); +- if (method > 0) +- (void)blowfish_self_test(); ++ /* Set the cryptmethod local to the buffer. */ ++ crypt_set_cm_option(curbuf, method); + if (cryptkey == NULL && !*did_ask) + { + if (*curbuf->b_p_key) +@@ -2948,7 +2958,7 @@ check_for_cryptkey(cryptkey, ptr, sizep, + * Happens when retrying to detect encoding. */ + smsg((char_u *)_(need_key_msg), fname); + msg_scroll = TRUE; +- cryptkey = get_crypt_key(newfile, FALSE); ++ cryptkey = crypt_get_key(newfile, FALSE); + *did_ask = TRUE; + + /* check if empty key entered */ +@@ -2963,24 +2973,18 @@ check_for_cryptkey(cryptkey, ptr, sizep, + + if (cryptkey != NULL) + { +- int seed_len = crypt_seed_len[method]; +- int salt_len = crypt_salt_len[method]; ++ int header_len; + +- crypt_push_state(); +- use_crypt_method = method; +- if (method == 0) +- crypt_init_keys(cryptkey); +- else +- { +- bf_key_init(cryptkey, ptr + CRYPT_MAGIC_LEN, salt_len); +- bf_ofb_init(ptr + CRYPT_MAGIC_LEN + salt_len, seed_len); +- } ++ curbuf->b_cryptstate = crypt_create_from_header( ++ method, cryptkey, ptr); ++ crypt_set_cm_option(curbuf, method); ++ ++ /* Remove cryptmethod specific header from the text. */ ++ header_len = crypt_get_header_len(method); ++ *filesizep += header_len; ++ *sizep -= header_len; ++ mch_memmove(ptr, ptr + header_len, (size_t)*sizep); + +- /* Remove magic number from the text */ +- *filesizep += CRYPT_MAGIC_LEN + salt_len + seed_len; +- *sizep -= CRYPT_MAGIC_LEN + salt_len + seed_len; +- mch_memmove(ptr, ptr + CRYPT_MAGIC_LEN + salt_len + seed_len, +- (size_t)*sizep); + /* Restore the read-only flag. */ + curbuf->b_p_ro = b_p_ro; + } +@@ -2992,85 +2996,6 @@ check_for_cryptkey(cryptkey, ptr, sizep, + + return cryptkey; + } +- +-/* +- * Check for magic number used for encryption. Applies to the current buffer. +- * If found and decryption is possible returns OK; +- */ +- int +-prepare_crypt_read(fp) +- FILE *fp; +-{ +- int method; +- char_u buffer[CRYPT_MAGIC_LEN + CRYPT_SALT_LEN_MAX +- + CRYPT_SEED_LEN_MAX + 2]; +- +- if (fread(buffer, CRYPT_MAGIC_LEN, 1, fp) != 1) +- return FAIL; +- method = crypt_method_from_magic((char *)buffer, +- CRYPT_MAGIC_LEN + +- CRYPT_SEED_LEN_MAX + +- CRYPT_SALT_LEN_MAX); +- if (method < 0 || method != get_crypt_method(curbuf)) +- return FAIL; +- +- crypt_push_state(); +- if (method == 0) +- crypt_init_keys(curbuf->b_p_key); +- else +- { +- int salt_len = crypt_salt_len[method]; +- int seed_len = crypt_seed_len[method]; +- +- if (fread(buffer, salt_len + seed_len, 1, fp) != 1) +- return FAIL; +- bf_key_init(curbuf->b_p_key, buffer, salt_len); +- bf_ofb_init(buffer + salt_len, seed_len); +- } +- return OK; +-} +- +-/* +- * Prepare for writing encrypted bytes for buffer "buf". +- * Returns a pointer to an allocated header of length "*lenp". +- * When out of memory returns NULL. +- * Otherwise calls crypt_push_state(), call crypt_pop_state() later. +- */ +- char_u * +-prepare_crypt_write(buf, lenp) +- buf_T *buf; +- int *lenp; +-{ +- char_u *header; +- int seed_len = crypt_seed_len[get_crypt_method(buf)]; +- int salt_len = crypt_salt_len[get_crypt_method(buf)]; +- char_u *salt; +- char_u *seed; +- +- header = alloc_clear(CRYPT_MAGIC_LEN + CRYPT_SALT_LEN_MAX +- + CRYPT_SEED_LEN_MAX + 2); +- if (header != NULL) +- { +- crypt_push_state(); +- use_crypt_method = get_crypt_method(buf); /* select zip or blowfish */ +- vim_strncpy(header, (char_u *)crypt_magic[use_crypt_method], +- CRYPT_MAGIC_LEN); +- if (use_crypt_method == 0) +- crypt_init_keys(buf->b_p_key); +- else +- { +- /* Using blowfish, add salt and seed. */ +- salt = header + CRYPT_MAGIC_LEN; +- seed = salt + salt_len; +- sha2_seed(salt, salt_len, seed, seed_len); +- bf_key_init(buf->b_p_key, salt, salt_len); +- bf_ofb_init(seed, seed_len); +- } +- } +- *lenp = CRYPT_MAGIC_LEN + salt_len + seed_len; +- return header; +-} +- + #endif /* FEAT_CRYPT */ + + #ifdef UNIX +@@ -3224,9 +3149,6 @@ buf_write(buf, fname, sfname, start, end + int write_undo_file = FALSE; + context_sha256_T sha_ctx; + #endif +-#ifdef FEAT_CRYPT +- int crypt_method_used; +-#endif + + if (fname == NULL || *fname == NUL) /* safety check */ + return FAIL; +@@ -3262,6 +3184,9 @@ buf_write(buf, fname, sfname, start, end + write_info.bw_iconv_fd = (iconv_t)-1; + # endif + #endif ++#ifdef FEAT_CRYPT ++ write_info.bw_buffer = buf; ++#endif + + /* After writing a file changedtick changes but we don't want to display + * the line. */ +@@ -4505,17 +4430,17 @@ restore_backup: + #ifdef FEAT_CRYPT + if (*buf->b_p_key != NUL && !filtering) + { +- char_u *header; +- int header_len; ++ char_u *header; ++ int header_len; + +- header = prepare_crypt_write(buf, &header_len); +- if (header == NULL) ++ buf->b_cryptstate = crypt_create_for_writing(crypt_get_method_nr(buf), ++ buf->b_p_key, &header, &header_len); ++ if (buf->b_cryptstate == NULL || header == NULL) + end = 0; + else + { +- /* Write magic number, so that Vim knows that this file is +- * encrypted when reading it again. This also undergoes utf-8 to +- * ucs-2/4 conversion when needed. */ ++ /* Write magic number, so that Vim knows how this file is ++ * encrypted when reading it back. */ + write_info.bw_buf = header; + write_info.bw_len = header_len; + write_info.bw_flags = FIO_NOCONVERT; +@@ -4769,9 +4694,11 @@ restore_backup: + mch_set_acl(wfname, acl); + #endif + #ifdef FEAT_CRYPT +- crypt_method_used = use_crypt_method; +- if (wb_flags & FIO_ENCRYPTED) +- crypt_pop_state(); ++ if (buf->b_cryptstate != NULL) ++ { ++ crypt_free_state(buf->b_cryptstate); ++ buf->b_cryptstate = NULL; ++ } + #endif + + +@@ -4924,10 +4851,7 @@ restore_backup: + #ifdef FEAT_CRYPT + if (wb_flags & FIO_ENCRYPTED) + { +- if (crypt_method_used == 1) +- STRCAT(IObuff, _("[blowfish]")); +- else +- STRCAT(IObuff, _("[crypted]")); ++ crypt_append_msg(buf); + c = TRUE; + } + #endif +@@ -5740,8 +5664,26 @@ buf_write_bytes(ip) + #endif /* FEAT_MBYTE */ + + #ifdef FEAT_CRYPT +- if (flags & FIO_ENCRYPTED) /* encrypt the data */ +- crypt_encode(buf, len, buf); ++ if (flags & FIO_ENCRYPTED) ++ { ++ /* Encrypt the data. Do it in-place if possible, otherwise use an ++ * allocated buffer. */ ++ if (crypt_works_inplace(ip->bw_buffer->b_cryptstate)) ++ { ++ crypt_encode_inplace(ip->bw_buffer->b_cryptstate, buf, len); ++ } ++ else ++ { ++ char_u *outbuf; ++ ++ len = crypt_encode_alloc(curbuf->b_cryptstate, buf, len, &outbuf); ++ if (len == 0) ++ return OK; /* Crypt layer is buffering, will flush later. */ ++ wlen = write_eintr(ip->bw_fd, outbuf, len); ++ vim_free(outbuf); ++ return (wlen < len) ? FAIL : OK; ++ } ++ } + #endif + + wlen = write_eintr(ip->bw_fd, buf, len); +diff -up vim74/src/globals.h.blowfish2 vim74/src/globals.h +--- vim74/src/globals.h.blowfish2 2017-09-05 14:47:33.909920425 +0200 ++++ vim74/src/globals.h 2017-09-05 14:47:34.950912022 +0200 +@@ -105,10 +105,6 @@ EXTERN int exec_from_reg INIT(= FALSE); + + EXTERN int screen_cleared INIT(= FALSE); /* screen has been cleared */ + +-#ifdef FEAT_CRYPT +-EXTERN int use_crypt_method INIT(= 0); +-#endif +- + /* + * When '$' is included in 'cpoptions' option set: + * When a change command is given that deletes only part of a line, a dollar +diff -up vim74/src/main.c.blowfish2 vim74/src/main.c +--- vim74/src/main.c.blowfish2 2017-09-05 14:47:34.571915081 +0200 ++++ vim74/src/main.c 2017-09-05 14:47:34.955911982 +0200 +@@ -845,8 +845,7 @@ vim_main2(int argc UNUSED, char **argv U + #ifdef FEAT_CRYPT + if (params.ask_for_key) + { +- (void)blowfish_self_test(); +- (void)get_crypt_key(TRUE, TRUE); ++ (void)crypt_get_key(TRUE, TRUE); + TIME_MSG("getting crypt key"); + } + #endif +diff -up vim74/src/Makefile.blowfish2 vim74/src/Makefile +--- vim74/src/Makefile.blowfish2 2017-09-05 14:47:34.847912854 +0200 ++++ vim74/src/Makefile 2017-09-05 14:47:34.956911974 +0200 +@@ -1427,6 +1427,8 @@ BASIC_SRC = \ + blowfish.c \ + buffer.c \ + charset.c \ ++ crypt.c \ ++ crypt_zip.c \ + diff.c \ + digraph.c \ + edit.c \ +@@ -1516,6 +1518,8 @@ OBJ_COMMON = \ + objects/buffer.o \ + objects/blowfish.o \ + objects/charset.o \ ++ objects/crypt.o \ ++ objects/crypt_zip.o \ + objects/diff.o \ + objects/digraph.o \ + objects/edit.o \ +@@ -1585,6 +1589,8 @@ PRO_AUTO = \ + blowfish.pro \ + buffer.pro \ + charset.pro \ ++ crypt.pro \ ++ crypt_zip.pro \ + diff.pro \ + digraph.pro \ + edit.pro \ +@@ -1745,10 +1751,11 @@ xxd/xxd$(EXEEXT): xxd/xxd.c + languages: + @if test -n "$(MAKEMO)" -a -f $(PODIR)/Makefile; then \ + cd $(PODIR); \ +- CC="$(CC)" $(MAKE) prefix=$(DESTDIR)$(prefix); \ ++ CC="$(CC)" $(MAKE) prefix=$(DESTDIR)$(prefix); \ + fi + -@if test -n "$(MAKEMO)" -a -f $(PODIR)/Makefile; then \ +- cd $(PODIR); CC="$(CC)" $(MAKE) prefix=$(DESTDIR)$(prefix) converted; \ ++ cd $(PODIR); \ ++ CC="$(CC)" $(MAKE) prefix=$(DESTDIR)$(prefix) converted; \ + fi + + # Update the *.po files for changes in the sources. Only run manually. +@@ -1874,6 +1881,12 @@ unittest unittests: $(UNITTEST_TARGETS) + + # Run individual test, assuming that Vim was already compiled. + test1 test2 test3 test4 test5 test6 test7 test8 test9 \ ++ test_breakindent \ ++ test_changelist \ ++ test_insertcount \ ++ test_listlbr \ ++ test_listlbr_utf8 \ ++ test_qf_title \ + test10 test11 test12 test13 test14 test15 test16 test17 test18 test19 \ + test20 test21 test22 test23 test24 test25 test26 test27 test28 test29 \ + test30 test31 test32 test33 test34 test35 test36 test37 test38 test39 \ +@@ -2494,6 +2507,12 @@ objects/buffer.o: buffer.c + objects/charset.o: charset.c + $(CCC) -o $@ charset.c + ++objects/crypt.o: crypt.c ++ $(CCC) -o $@ crypt.c ++ ++objects/crypt_zip.o: crypt_zip.c ++ $(CCC) -o $@ crypt_zip.c ++ + objects/diff.o: diff.c + $(CCC) -o $@ diff.c + +@@ -2843,6 +2862,14 @@ objects/charset.o: charset.c vim.h auto/ + ascii.h keymap.h term.h macros.h option.h structs.h regexp.h gui.h \ + gui_beval.h proto/gui_beval.pro ex_cmds.h proto.h globals.h farsi.h \ + arabic.h ++objects/crypt.o: crypt.c vim.h auto/config.h feature.h os_unix.h auto/osdef.h \ ++ ascii.h keymap.h term.h macros.h option.h structs.h regexp.h gui.h \ ++ gui_beval.h proto/gui_beval.pro ex_cmds.h proto.h globals.h farsi.h \ ++ arabic.h ++objects/crypt_zip.o: crypt_zip.c vim.h auto/config.h feature.h os_unix.h \ ++ auto/osdef.h ascii.h keymap.h term.h macros.h option.h structs.h \ ++ regexp.h gui.h gui_beval.h proto/gui_beval.pro ex_cmds.h proto.h \ ++ globals.h farsi.h arabic.h + objects/diff.o: diff.c vim.h auto/config.h feature.h os_unix.h auto/osdef.h \ + ascii.h keymap.h term.h macros.h option.h structs.h regexp.h gui.h \ + gui_beval.h proto/gui_beval.pro ex_cmds.h proto.h globals.h farsi.h \ +diff -up vim74/src/memline.c.blowfish2 vim74/src/memline.c +--- vim74/src/memline.c.blowfish2 2017-09-05 14:47:34.217917939 +0200 ++++ vim74/src/memline.c 2017-09-05 14:47:34.957911966 +0200 +@@ -63,6 +63,15 @@ typedef struct pointer_entry PTR_EN; + #define BLOCK0_ID1 '0' /* block 0 id 1 */ + #define BLOCK0_ID1_C0 'c' /* block 0 id 1 'cm' 0 */ + #define BLOCK0_ID1_C1 'C' /* block 0 id 1 'cm' 1 */ ++#define BLOCK0_ID1_C2 'd' /* block 0 id 1 'cm' 2 */ ++ ++#if defined(FEAT_CRYPT) ++static int id1_codes[] = { ++ BLOCK0_ID1_C0, /* CRYPT_M_ZIP */ ++ BLOCK0_ID1_C1, /* CRYPT_M_BF */ ++ BLOCK0_ID1_C2, /* CRYPT_M_BF2 */ ++}; ++#endif + + /* + * pointer to a block, used in a pointer block +@@ -151,7 +160,7 @@ struct data_block + struct block0 + { + char_u b0_id[2]; /* id for block 0: BLOCK0_ID0 and BLOCK0_ID1, +- * BLOCK0_ID1_C0, BLOCK0_ID1_C1 */ ++ * BLOCK0_ID1_C0, BLOCK0_ID1_C1, etc. */ + char_u b0_version[10]; /* Vim version string */ + char_u b0_page_size[4];/* number of bytes per page */ + char_u b0_mtime[4]; /* last modification time of file */ +@@ -226,6 +235,7 @@ typedef enum { + } upd_block0_T; + + #ifdef FEAT_CRYPT ++static void ml_set_mfp_crypt __ARGS((buf_T *buf)); + static void ml_set_b0_crypt __ARGS((buf_T *buf, ZERO_BL *b0p)); + #endif + static int ml_check_b0_id __ARGS((ZERO_BL *b0p)); +@@ -256,7 +266,7 @@ static long char_to_long __ARGS((char_u + static char_u *make_percent_swname __ARGS((char_u *dir, char_u *name)); + #endif + #ifdef FEAT_CRYPT +-static void ml_crypt_prepare __ARGS((memfile_T *mfp, off_t offset, int reading)); ++static cryptstate_T *ml_crypt_prepare __ARGS((memfile_T *mfp, off_t offset, int reading)); + #endif + #ifdef FEAT_BYTEOFF + static void ml_updatechunk __ARGS((buf_T *buf, long line, long len, int updtype)); +@@ -356,8 +366,7 @@ ml_open(buf) + b0p->b0_hname[B0_HNAME_SIZE - 1] = NUL; + long_to_char(mch_get_pid(), b0p->b0_pid); + #ifdef FEAT_CRYPT +- if (*buf->b_p_key != NUL) +- ml_set_b0_crypt(buf, b0p); ++ ml_set_b0_crypt(buf, b0p); + #endif + } + +@@ -422,6 +431,25 @@ error: + + #if defined(FEAT_CRYPT) || defined(PROTO) + /* ++ * Prepare encryption for "buf" for the current key and method. ++ */ ++ static void ++ml_set_mfp_crypt(buf) ++ buf_T *buf; ++{ ++ if (*buf->b_p_key != NUL) ++ { ++ int method_nr = crypt_get_method_nr(buf); ++ ++ if (method_nr > CRYPT_M_ZIP) ++ { ++ /* Generate a seed and store it in the memfile. */ ++ sha2_seed(buf->b_ml.ml_mfp->mf_seed, MF_SEED_LEN, NULL, 0); ++ } ++ } ++} ++ ++/* + * Prepare encryption for "buf" with block 0 "b0p". + */ + static void +@@ -433,11 +461,11 @@ ml_set_b0_crypt(buf, b0p) + b0p->b0_id[1] = BLOCK0_ID1; + else + { +- if (get_crypt_method(buf) == 0) +- b0p->b0_id[1] = BLOCK0_ID1_C0; +- else ++ int method_nr = crypt_get_method_nr(buf); ++ ++ b0p->b0_id[1] = id1_codes[method_nr]; ++ if (method_nr > CRYPT_M_ZIP) + { +- b0p->b0_id[1] = BLOCK0_ID1_C1; + /* Generate a seed and store it in block 0 and in the memfile. */ + sha2_seed(&b0p->b0_seed, MF_SEED_LEN, NULL, 0); + mch_memmove(buf->b_ml.ml_mfp->mf_seed, &b0p->b0_seed, MF_SEED_LEN); +@@ -884,7 +912,8 @@ ml_check_b0_id(b0p) + if (b0p->b0_id[0] != BLOCK0_ID0 + || (b0p->b0_id[1] != BLOCK0_ID1 + && b0p->b0_id[1] != BLOCK0_ID1_C0 +- && b0p->b0_id[1] != BLOCK0_ID1_C1) ++ && b0p->b0_id[1] != BLOCK0_ID1_C1 ++ && b0p->b0_id[1] != BLOCK0_ID1_C2) + ) + return FAIL; + return OK; +@@ -903,8 +932,19 @@ ml_upd_block0(buf, what) + ZERO_BL *b0p; + + mfp = buf->b_ml.ml_mfp; +- if (mfp == NULL || (hp = mf_get(mfp, (blocknr_T)0, 1)) == NULL) ++ if (mfp == NULL) ++ return; ++ hp = mf_get(mfp, (blocknr_T)0, 1); ++ if (hp == NULL) ++ { ++#ifdef FEAT_CRYPT ++ /* Possibly update the seed in the memfile before there is a block0. */ ++ if (what == UB_CRYPT) ++ ml_set_mfp_crypt(buf); ++#endif + return; ++ } ++ + b0p = (ZERO_BL *)(hp->bh_data); + if (ml_check_b0_id(b0p) == FAIL) + EMSG(_("E304: ml_upd_block0(): Didn't get block 0??")); +@@ -1252,14 +1292,12 @@ ml_recover() + } + + #ifdef FEAT_CRYPT +- if (b0p->b0_id[1] == BLOCK0_ID1_C0) +- b0_cm = 0; +- else if (b0p->b0_id[1] == BLOCK0_ID1_C1) +- { +- b0_cm = 1; ++ for (i = 0; i < (int)(sizeof(id1_codes) / sizeof(int)); ++i) ++ if (id1_codes[i] == b0p->b0_id[1]) ++ b0_cm = i; ++ if (b0_cm > 0) + mch_memmove(mfp->mf_seed, &b0p->b0_seed, MF_SEED_LEN); +- } +- set_crypt_method(buf, b0_cm); ++ crypt_set_cm_option(buf, b0_cm < 0 ? 0 : b0_cm); + #else + if (b0p->b0_id[1] != BLOCK0_ID1) + { +@@ -1386,7 +1424,7 @@ ml_recover() + } + else + smsg((char_u *)_(need_key_msg), fname_used); +- buf->b_p_key = get_crypt_key(FALSE, FALSE); ++ buf->b_p_key = crypt_get_key(FALSE, FALSE); + if (buf->b_p_key == NULL) + buf->b_p_key = curbuf->b_p_key; + else if (*buf->b_p_key == NUL) +@@ -4813,6 +4851,7 @@ ml_encrypt_data(mfp, data, offset, size) + char_u *text_start; + char_u *new_data; + int text_len; ++ cryptstate_T *state; + + if (dp->db_id != DATA_ID) + return data; +@@ -4828,10 +4867,9 @@ ml_encrypt_data(mfp, data, offset, size) + mch_memmove(new_data, dp, head_end - (char_u *)dp); + + /* Encrypt the text. */ +- crypt_push_state(); +- ml_crypt_prepare(mfp, offset, FALSE); +- crypt_encode(text_start, text_len, new_data + dp->db_txt_start); +- crypt_pop_state(); ++ state = ml_crypt_prepare(mfp, offset, FALSE); ++ crypt_encode(state, text_start, text_len, new_data + dp->db_txt_start); ++ crypt_free_state(state); + + /* Clear the gap. */ + if (head_end < text_start) +@@ -4854,6 +4892,7 @@ ml_decrypt_data(mfp, data, offset, size) + char_u *head_end; + char_u *text_start; + int text_len; ++ cryptstate_T *state; + + if (dp->db_id == DATA_ID) + { +@@ -4866,17 +4905,17 @@ ml_decrypt_data(mfp, data, offset, size) + return; /* data was messed up */ + + /* Decrypt the text in place. */ +- crypt_push_state(); +- ml_crypt_prepare(mfp, offset, TRUE); +- crypt_decode(text_start, text_len); +- crypt_pop_state(); ++ state = ml_crypt_prepare(mfp, offset, TRUE); ++ crypt_decode_inplace(state, text_start, text_len); ++ crypt_free_state(state); + } + } + + /* + * Prepare for encryption/decryption, using the key, seed and offset. ++ * Return an allocated cryptstate_T *. + */ +- static void ++ static cryptstate_T * + ml_crypt_prepare(mfp, offset, reading) + memfile_T *mfp; + off_t offset; +@@ -4884,38 +4923,37 @@ ml_crypt_prepare(mfp, offset, reading) + { + buf_T *buf = mfp->mf_buffer; + char_u salt[50]; +- int method; ++ int method_nr; + char_u *key; + char_u *seed; + + if (reading && mfp->mf_old_key != NULL) + { + /* Reading back blocks with the previous key/method/seed. */ +- method = mfp->mf_old_cm; ++ method_nr = mfp->mf_old_cm; + key = mfp->mf_old_key; + seed = mfp->mf_old_seed; + } + else + { +- method = get_crypt_method(buf); ++ method_nr = crypt_get_method_nr(buf); + key = buf->b_p_key; + seed = mfp->mf_seed; + } + +- use_crypt_method = method; /* select pkzip or blowfish */ +- if (method == 0) ++ if (method_nr == CRYPT_M_ZIP) + { ++ /* For PKzip: Append the offset to the key, so that we use a different ++ * key for every block. */ + vim_snprintf((char *)salt, sizeof(salt), "%s%ld", key, (long)offset); +- crypt_init_keys(salt); +- } +- else +- { +- /* Using blowfish, add salt and seed. We use the byte offset of the +- * block for the salt. */ +- vim_snprintf((char *)salt, sizeof(salt), "%ld", (long)offset); +- bf_key_init(key, salt, (int)STRLEN(salt)); +- bf_ofb_init(seed, MF_SEED_LEN); ++ return crypt_create(method_nr, salt, NULL, 0, NULL, 0); + } ++ ++ /* Using blowfish or better: add salt and seed. We use the byte offset ++ * of the block for the salt. */ ++ vim_snprintf((char *)salt, sizeof(salt), "%ld", (long)offset); ++ return crypt_create(method_nr, key, salt, (int)STRLEN(salt), ++ seed, MF_SEED_LEN); + } + + #endif +diff -up vim74/src/misc2.c.blowfish2 vim74/src/misc2.c +--- vim74/src/misc2.c.blowfish2 2017-09-05 14:47:34.461915969 +0200 ++++ vim74/src/misc2.c 2017-09-05 14:47:34.959911949 +0200 +@@ -3803,322 +3803,6 @@ update_mouseshape(shape_idx) + #endif /* CURSOR_SHAPE */ + + +-#ifdef FEAT_CRYPT +-/* +- * Optional encryption support. +- * Mohsin Ahmed, mosh@sasi.com, 98-09-24 +- * Based on zip/crypt sources. +- * +- * NOTE FOR USA: Since 2000 exporting this code from the USA is allowed to +- * most countries. There are a few exceptions, but that still should not be a +- * problem since this code was originally created in Europe and India. +- * +- * Blowfish addition originally made by Mohsin Ahmed, +- * http://www.cs.albany.edu/~mosh 2010-03-14 +- * Based on blowfish by Bruce Schneier (http://www.schneier.com/blowfish.html) +- * and sha256 by Christophe Devine. +- */ +- +-/* from zip.h */ +- +-typedef unsigned short ush; /* unsigned 16-bit value */ +-typedef unsigned long ulg; /* unsigned 32-bit value */ +- +-static void make_crc_tab __ARGS((void)); +- +-static ulg crc_32_tab[256]; +- +-/* +- * Fill the CRC table. +- */ +- static void +-make_crc_tab() +-{ +- ulg s,t,v; +- static int done = FALSE; +- +- if (done) +- return; +- for (t = 0; t < 256; t++) +- { +- v = t; +- for (s = 0; s < 8; s++) +- v = (v >> 1) ^ ((v & 1) * (ulg)0xedb88320L); +- crc_32_tab[t] = v; +- } +- done = TRUE; +-} +- +-#define CRC32(c, b) (crc_32_tab[((int)(c) ^ (b)) & 0xff] ^ ((c) >> 8)) +- +-static ulg keys[3]; /* keys defining the pseudo-random sequence */ +- +-/* +- * Return the next byte in the pseudo-random sequence. +- */ +-#define DECRYPT_BYTE_ZIP(t) { \ +- ush temp; \ +- \ +- temp = (ush)keys[2] | 2; \ +- t = (int)(((unsigned)(temp * (temp ^ 1U)) >> 8) & 0xff); \ +-} +- +-/* +- * Update the encryption keys with the next byte of plain text. +- */ +-#define UPDATE_KEYS_ZIP(c) { \ +- keys[0] = CRC32(keys[0], (c)); \ +- keys[1] += keys[0] & 0xff; \ +- keys[1] = keys[1] * 134775813L + 1; \ +- keys[2] = CRC32(keys[2], (int)(keys[1] >> 24)); \ +-} +- +-static int crypt_busy = 0; +-static ulg saved_keys[3]; +-static int saved_crypt_method; +- +-/* +- * Return int value for crypt method string: +- * 0 for "zip", the old method. Also for any non-valid value. +- * 1 for "blowfish". +- */ +- int +-crypt_method_from_string(s) +- char_u *s; +-{ +- return *s == 'b' ? 1 : 0; +-} +- +-/* +- * Get the crypt method for buffer "buf" as a number. +- */ +- int +-get_crypt_method(buf) +- buf_T *buf; +-{ +- return crypt_method_from_string(*buf->b_p_cm == NUL ? p_cm : buf->b_p_cm); +-} +- +-/* +- * Set the crypt method for buffer "buf" to "method" using the int value as +- * returned by crypt_method_from_string(). +- */ +- void +-set_crypt_method(buf, method) +- buf_T *buf; +- int method; +-{ +- free_string_option(buf->b_p_cm); +- buf->b_p_cm = vim_strsave((char_u *)(method == 0 ? "zip" : "blowfish")); +-} +- +-/* +- * Prepare for initializing encryption. If already doing encryption then save +- * the state. +- * Must always be called symmetrically with crypt_pop_state(). +- */ +- void +-crypt_push_state() +-{ +- if (crypt_busy == 1) +- { +- /* save the state */ +- if (use_crypt_method == 0) +- { +- saved_keys[0] = keys[0]; +- saved_keys[1] = keys[1]; +- saved_keys[2] = keys[2]; +- } +- else +- bf_crypt_save(); +- saved_crypt_method = use_crypt_method; +- } +- else if (crypt_busy > 1) +- EMSG2(_(e_intern2), "crypt_push_state()"); +- ++crypt_busy; +-} +- +-/* +- * End encryption. If doing encryption before crypt_push_state() then restore +- * the saved state. +- * Must always be called symmetrically with crypt_push_state(). +- */ +- void +-crypt_pop_state() +-{ +- --crypt_busy; +- if (crypt_busy == 1) +- { +- use_crypt_method = saved_crypt_method; +- if (use_crypt_method == 0) +- { +- keys[0] = saved_keys[0]; +- keys[1] = saved_keys[1]; +- keys[2] = saved_keys[2]; +- } +- else +- bf_crypt_restore(); +- } +-} +- +-/* +- * Encrypt "from[len]" into "to[len]". +- * "from" and "to" can be equal to encrypt in place. +- */ +- void +-crypt_encode(from, len, to) +- char_u *from; +- size_t len; +- char_u *to; +-{ +- size_t i; +- int ztemp, t; +- +- if (use_crypt_method == 0) +- for (i = 0; i < len; ++i) +- { +- ztemp = from[i]; +- DECRYPT_BYTE_ZIP(t); +- UPDATE_KEYS_ZIP(ztemp); +- to[i] = t ^ ztemp; +- } +- else +- bf_crypt_encode(from, len, to); +-} +- +-/* +- * Decrypt "ptr[len]" in place. +- */ +- void +-crypt_decode(ptr, len) +- char_u *ptr; +- long len; +-{ +- char_u *p; +- +- if (use_crypt_method == 0) +- for (p = ptr; p < ptr + len; ++p) +- { +- ush temp; +- +- temp = (ush)keys[2] | 2; +- temp = (int)(((unsigned)(temp * (temp ^ 1U)) >> 8) & 0xff); +- UPDATE_KEYS_ZIP(*p ^= temp); +- } +- else +- bf_crypt_decode(ptr, len); +-} +- +-/* +- * Initialize the encryption keys and the random header according to +- * the given password. +- * If "passwd" is NULL or empty, don't do anything. +- */ +- void +-crypt_init_keys(passwd) +- char_u *passwd; /* password string with which to modify keys */ +-{ +- if (passwd != NULL && *passwd != NUL) +- { +- if (use_crypt_method == 0) +- { +- char_u *p; +- +- make_crc_tab(); +- keys[0] = 305419896L; +- keys[1] = 591751049L; +- keys[2] = 878082192L; +- for (p = passwd; *p!= NUL; ++p) +- { +- UPDATE_KEYS_ZIP((int)*p); +- } +- } +- else +- bf_crypt_init_keys(passwd); +- } +-} +- +-/* +- * Free an allocated crypt key. Clear the text to make sure it doesn't stay +- * in memory anywhere. +- */ +- void +-free_crypt_key(key) +- char_u *key; +-{ +- char_u *p; +- +- if (key != NULL) +- { +- for (p = key; *p != NUL; ++p) +- *p = 0; +- vim_free(key); +- } +-} +- +-/* +- * Ask the user for a crypt key. +- * When "store" is TRUE, the new key is stored in the 'key' option, and the +- * 'key' option value is returned: Don't free it. +- * When "store" is FALSE, the typed key is returned in allocated memory. +- * Returns NULL on failure. +- */ +- char_u * +-get_crypt_key(store, twice) +- int store; +- int twice; /* Ask for the key twice. */ +-{ +- char_u *p1, *p2 = NULL; +- int round; +- +- for (round = 0; ; ++round) +- { +- cmdline_star = TRUE; +- cmdline_row = msg_row; +- p1 = getcmdline_prompt(NUL, round == 0 +- ? (char_u *)_("Enter encryption key: ") +- : (char_u *)_("Enter same key again: "), 0, EXPAND_NOTHING, +- NULL); +- cmdline_star = FALSE; +- +- if (p1 == NULL) +- break; +- +- if (round == twice) +- { +- if (p2 != NULL && STRCMP(p1, p2) != 0) +- { +- MSG(_("Keys don't match!")); +- free_crypt_key(p1); +- free_crypt_key(p2); +- p2 = NULL; +- round = -1; /* do it again */ +- continue; +- } +- +- if (store) +- { +- set_option_value((char_u *)"key", 0L, p1, OPT_LOCAL); +- free_crypt_key(p1); +- p1 = curbuf->b_p_key; +- } +- break; +- } +- p2 = p1; +- } +- +- /* since the user typed this, no need to wait for return */ +- if (msg_didout) +- msg_putchar('\n'); +- need_wait_return = FALSE; +- msg_didout = FALSE; +- +- free_crypt_key(p2); +- return p1; +-} +- +-#endif /* FEAT_CRYPT */ +- + /* TODO: make some #ifdef for this */ + /*--------[ file searching ]-------------------------------------------------*/ + /* +@@ -6588,8 +6272,23 @@ put_time(fd, the_time) + FILE *fd; + time_t the_time; + { ++ char_u buf[8]; ++ ++ time_to_bytes(the_time, buf); ++ fwrite(buf, (size_t)8, (size_t)1, fd); ++} ++ ++/* ++ * Write time_t to "buf[8]". ++ */ ++ void ++time_to_bytes(the_time, buf) ++ time_t the_time; ++ char_u *buf; ++{ + int c; + int i; ++ int bi = 0; + time_t wtime = the_time; + + /* time_t can be up to 8 bytes in size, more than long_u, thus we +@@ -6603,7 +6302,7 @@ put_time(fd, the_time) + { + if (i + 1 > (int)sizeof(time_t)) + /* ">>" doesn't work well when shifting more bits than avail */ +- putc(0, fd); ++ buf[bi++] = 0; + else + { + #if defined(SIZEOF_TIME_T) && SIZEOF_TIME_T > 4 +@@ -6611,7 +6310,7 @@ put_time(fd, the_time) + #else + c = (int)((long_u)wtime >> (i * 8)); + #endif +- putc(c, fd); ++ buf[bi++] = c; + } + } + } +diff -up vim74/src/option.c.blowfish2 vim74/src/option.c +--- vim74/src/option.c.blowfish2 2017-09-05 14:47:34.899912434 +0200 ++++ vim74/src/option.c 2017-09-05 14:47:34.961911933 +0200 +@@ -2969,7 +2969,7 @@ static char *(p_bg_values[]) = {"light", + static char *(p_nf_values[]) = {"octal", "hex", "alpha", NULL}; + static char *(p_ff_values[]) = {FF_UNIX, FF_DOS, FF_MAC, NULL}; + #ifdef FEAT_CRYPT +-static char *(p_cm_values[]) = {"zip", "blowfish", NULL}; ++static char *(p_cm_values[]) = {"zip", "blowfish", "blowfish2", NULL}; + #endif + #ifdef FEAT_CMDL_COMPL + static char *(p_wop_values[]) = {"tagfile", NULL}; +@@ -6156,7 +6156,7 @@ did_set_string_option(opt_idx, varp, new + # endif + if (STRCMP(curbuf->b_p_key, oldval) != 0) + /* Need to update the swapfile. */ +- ml_set_crypt_key(curbuf, oldval, get_crypt_method(curbuf)); ++ ml_set_crypt_key(curbuf, oldval, crypt_get_method_nr(curbuf)); + } + + else if (gvarp == &p_cm) +@@ -6167,7 +6167,7 @@ did_set_string_option(opt_idx, varp, new + p = p_cm; + if (check_opt_strings(p, p_cm_values, TRUE) != OK) + errmsg = e_invarg; +- else if (get_crypt_method(curbuf) > 0 && blowfish_self_test() == FAIL) ++ else if (crypt_self_test() == FAIL) + errmsg = e_invarg; + else + { +@@ -6179,6 +6179,14 @@ did_set_string_option(opt_idx, varp, new + p_cm = vim_strsave((char_u *)"zip"); + new_value_alloced = TRUE; + } ++ /* When using ":set cm=name" the local value is going to be empty. ++ * Do that here, otherwise the crypt functions will still use the ++ * local value. */ ++ if ((opt_flags & (OPT_LOCAL | OPT_GLOBAL)) == 0) ++ { ++ free_string_option(curbuf->b_p_cm); ++ curbuf->b_p_cm = empty_option; ++ } + + /* Need to update the swapfile when the effective method changed. + * Set "s" to the effective old value, "p" to the effective new +@@ -6193,7 +6201,7 @@ did_set_string_option(opt_idx, varp, new + p = curbuf->b_p_cm; + if (STRCMP(s, p) != 0) + ml_set_crypt_key(curbuf, curbuf->b_p_key, +- crypt_method_from_string(s)); ++ crypt_method_nr_from_name(s)); + + /* If the global value changes need to update the swapfile for all + * buffers using that value. */ +@@ -6204,7 +6212,7 @@ did_set_string_option(opt_idx, varp, new + for (buf = firstbuf; buf != NULL; buf = buf->b_next) + if (buf != curbuf && *buf->b_p_cm == NUL) + ml_set_crypt_key(buf, buf->b_p_key, +- crypt_method_from_string(oldval)); ++ crypt_method_nr_from_name(oldval)); + } + } + } +diff -up vim74/src/proto/blowfish.pro.blowfish2 vim74/src/proto/blowfish.pro +--- vim74/src/proto/blowfish.pro.blowfish2 2013-08-10 13:37:06.000000000 +0200 ++++ vim74/src/proto/blowfish.pro 2017-09-05 14:47:34.964911909 +0200 +@@ -1,10 +1,6 @@ + /* blowfish.c */ +-void bf_key_init __ARGS((char_u *password, char_u *salt, int salt_len)); +-void bf_ofb_init __ARGS((char_u *iv, int iv_len)); +-void bf_crypt_encode __ARGS((char_u *from, size_t len, char_u *to)); +-void bf_crypt_decode __ARGS((char_u *ptr, long len)); +-void bf_crypt_init_keys __ARGS((char_u *passwd)); +-void bf_crypt_save __ARGS((void)); +-void bf_crypt_restore __ARGS((void)); ++void crypt_blowfish_encode __ARGS((cryptstate_T *state, char_u *from, size_t len, char_u *to)); ++void crypt_blowfish_decode __ARGS((cryptstate_T *state, char_u *from, size_t len, char_u *to)); ++void crypt_blowfish_init __ARGS((cryptstate_T *state, char_u *key, char_u *salt, int salt_len, char_u *seed, int seed_len)); + int blowfish_self_test __ARGS((void)); + /* vim: set ft=c : */ +diff -up vim74/src/proto/crypt.pro.blowfish2 vim74/src/proto/crypt.pro +--- vim74/src/proto/crypt.pro.blowfish2 2017-09-05 14:47:34.965911901 +0200 ++++ vim74/src/proto/crypt.pro 2017-09-05 14:47:34.965911901 +0200 +@@ -0,0 +1,24 @@ ++/* crypt.c */ ++int crypt_method_nr_from_name __ARGS((char_u *name)); ++int crypt_method_nr_from_magic __ARGS((char *ptr, int len)); ++int crypt_works_inplace __ARGS((cryptstate_T *state)); ++int crypt_get_method_nr __ARGS((buf_T *buf)); ++int crypt_whole_undofile __ARGS((int method_nr)); ++int crypt_get_header_len __ARGS((int method_nr)); ++void crypt_set_cm_option __ARGS((buf_T *buf, int method_nr)); ++int crypt_self_test __ARGS((void)); ++cryptstate_T *crypt_create __ARGS((int method_nr, char_u *key, char_u *salt, int salt_len, char_u *seed, int seed_len)); ++cryptstate_T *crypt_create_from_header __ARGS((int method_nr, char_u *key, char_u *header)); ++cryptstate_T *crypt_create_from_file __ARGS((FILE *fp, char_u *key)); ++cryptstate_T *crypt_create_for_writing __ARGS((int method_nr, char_u *key, char_u **header, int *header_len)); ++void crypt_free_state __ARGS((cryptstate_T *state)); ++long crypt_encode_alloc __ARGS((cryptstate_T *state, char_u *from, size_t len, char_u **newptr)); ++long crypt_decode_alloc __ARGS((cryptstate_T *state, char_u *ptr, long len, char_u **newptr)); ++void crypt_encode __ARGS((cryptstate_T *state, char_u *from, size_t len, char_u *to)); ++void crypt_decode __ARGS((cryptstate_T *state, char_u *from, size_t len, char_u *to)); ++void crypt_encode_inplace __ARGS((cryptstate_T *state, char_u *buf, size_t len)); ++void crypt_decode_inplace __ARGS((cryptstate_T *state, char_u *buf, size_t len)); ++void crypt_free_key __ARGS((char_u *key)); ++char_u *crypt_get_key __ARGS((int store, int twice)); ++void crypt_append_msg __ARGS((buf_T *buf)); ++/* vim: set ft=c : */ +diff -up vim74/src/proto/crypt_zip.pro.blowfish2 vim74/src/proto/crypt_zip.pro +--- vim74/src/proto/crypt_zip.pro.blowfish2 2017-09-05 14:47:34.965911901 +0200 ++++ vim74/src/proto/crypt_zip.pro 2017-09-05 14:47:34.965911901 +0200 +@@ -0,0 +1,5 @@ ++/* crypt_zip.c */ ++void crypt_zip_init __ARGS((cryptstate_T *state, char_u *key, char_u *salt, int salt_len, char_u *seed, int seed_len)); ++void crypt_zip_encode __ARGS((cryptstate_T *state, char_u *from, size_t len, char_u *to)); ++void crypt_zip_decode __ARGS((cryptstate_T *state, char_u *from, size_t len, char_u *to)); ++/* vim: set ft=c : */ +diff -up vim74/src/proto/fileio.pro.blowfish2 vim74/src/proto/fileio.pro +--- vim74/src/proto/fileio.pro.blowfish2 2013-08-10 13:37:11.000000000 +0200 ++++ vim74/src/proto/fileio.pro 2017-09-05 14:47:34.965911901 +0200 +@@ -4,8 +4,6 @@ int readfile __ARGS((char_u *fname, char + int prep_exarg __ARGS((exarg_T *eap, buf_T *buf)); + void set_file_options __ARGS((int set_options, exarg_T *eap)); + void set_forced_fenc __ARGS((exarg_T *eap)); +-int prepare_crypt_read __ARGS((FILE *fp)); +-char_u *prepare_crypt_write __ARGS((buf_T *buf, int *lenp)); + int check_file_readonly __ARGS((char_u *fname, int perm)); + int buf_write __ARGS((buf_T *buf, char_u *fname, char_u *sfname, linenr_T start, linenr_T end, exarg_T *eap, int append, int forceit, int reset_changed, int filtering)); + void msg_add_fname __ARGS((buf_T *buf, char_u *fname)); +diff -up vim74/src/proto.h.blowfish2 vim74/src/proto.h +--- vim74/src/proto.h.blowfish2 2013-02-26 14:18:19.000000000 +0100 ++++ vim74/src/proto.h 2017-09-05 14:47:34.966911893 +0200 +@@ -70,6 +70,8 @@ extern int _stricoll __ARGS((char *a, ch + + # ifdef FEAT_CRYPT + # include "blowfish.pro" ++# include "crypt.pro" ++# include "crypt_zip.pro" + # endif + # include "buffer.pro" + # include "charset.pro" +diff -up vim74/src/proto/misc2.pro.blowfish2 vim74/src/proto/misc2.pro +--- vim74/src/proto/misc2.pro.blowfish2 2013-08-10 13:37:20.000000000 +0200 ++++ vim74/src/proto/misc2.pro 2017-09-05 14:47:34.966911893 +0200 +@@ -84,16 +84,6 @@ int illegal_slash __ARGS((char *name)); + char_u *parse_shape_opt __ARGS((int what)); + int get_shape_idx __ARGS((int mouse)); + void update_mouseshape __ARGS((int shape_idx)); +-int crypt_method_from_string __ARGS((char_u *s)); +-int get_crypt_method __ARGS((buf_T *buf)); +-void set_crypt_method __ARGS((buf_T *buf, int method)); +-void crypt_push_state __ARGS((void)); +-void crypt_pop_state __ARGS((void)); +-void crypt_encode __ARGS((char_u *from, size_t len, char_u *to)); +-void crypt_decode __ARGS((char_u *ptr, long len)); +-void crypt_init_keys __ARGS((char_u *passwd)); +-void free_crypt_key __ARGS((char_u *key)); +-char_u *get_crypt_key __ARGS((int store, int twice)); + void *vim_findfile_init __ARGS((char_u *path, char_u *filename, char_u *stopdirs, int level, int free_visited, int find_what, void *search_ctx_arg, int tagfile, char_u *rel_fname)); + char_u *vim_findfile_stopdir __ARGS((char_u *buf)); + void vim_findfile_cleanup __ARGS((void *ctx)); +@@ -116,5 +106,6 @@ time_t get8ctime __ARGS((FILE *fd)); + char_u *read_string __ARGS((FILE *fd, int cnt)); + int put_bytes __ARGS((FILE *fd, long_u nr, int len)); + void put_time __ARGS((FILE *fd, time_t the_time)); ++void time_to_bytes __ARGS((time_t the_time, char_u *buf)); + int has_non_ascii __ARGS((char_u *s)); + /* vim: set ft=c : */ +diff -up vim74/src/structs.h.blowfish2 vim74/src/structs.h +--- vim74/src/structs.h.blowfish2 2017-09-05 14:47:34.839912918 +0200 ++++ vim74/src/structs.h 2017-09-05 14:47:34.967911885 +0200 +@@ -1240,6 +1240,24 @@ typedef struct { + } syn_time_T; + #endif + ++#ifdef FEAT_CRYPT ++/* ++ * Structure to hold the type of encryption and the state of encryption or ++ * decryption. ++ */ ++typedef struct { ++ int method_nr; ++ void *method_state; /* method-specific state information */ ++} cryptstate_T; ++ ++/* values for method_nr */ ++# define CRYPT_M_ZIP 0 ++# define CRYPT_M_BF 1 ++# define CRYPT_M_BF2 2 ++# define CRYPT_M_COUNT 3 /* number of crypt methods */ ++#endif ++ ++ + /* + * These are items normally related to a buffer. But when using ":ownsyntax" + * a window may have its own instance. +@@ -1765,7 +1783,12 @@ struct file_buffer + int b_was_netbeans_file;/* TRUE if b_netbeans_file was once set */ + #endif + +-}; ++#ifdef FEAT_CRYPT ++ cryptstate_T *b_cryptstate; /* Encryption state while reading or writing ++ * the file. NULL when not using encryption. */ ++#endif ++ ++}; /* file_buffer */ + + + #ifdef FEAT_DIFF +diff -up vim74/src/testdir/test72.in.blowfish2 vim74/src/testdir/test72.in +--- vim74/src/testdir/test72.in.blowfish2 2012-01-04 19:04:17.000000000 +0100 ++++ vim74/src/testdir/test72.in 2017-09-05 15:23:47.590060199 +0200 +@@ -4,6 +4,7 @@ undo-able pieces. Do that by setting 'u + + STARTTEST + :so small.vim ++:set belloff=all + :" + :" Test 'undofile': first a simple one-line change. + :set nocompatible viminfo+=nviminfo visualbell +@@ -25,7 +26,6 @@ u:.w! test.out + :set undofile + :bwipe! + :e Xtestfile +-:" TODO: this beeps + u:.w >>test.out + :" + :" Test 'undofile', add 10 lines, delete 6 lines, undo 3 +@@ -81,7 +81,8 @@ uu:w >>test.out + :" + :" With encryption, cryptmethod=blowfish + :e! Xtestfile +-:set undofile cm=blowfish ++rubbish ++:set undofile cm=blowfish ff& + ggdGijan + feb + mar +@@ -104,8 +105,38 @@ u:.w >>test.out + u:.w >>test.out + u:.w >>test.out + :" ++:" With encryption, cryptmethod=blowfish2 ++:e! Xtestfile ++rubbish ++:set undofile cm=blowfish2 ff& ++ggdGijan ++feb ++mar ++apr ++jun:set ul=100 ++kk0ifoo :set ul=100 ++dd:set ul=100 ++ibar :set ul=100 ++:X ++foo2bar ++foo2bar ++:w! ++:bwipe! ++:e Xtestfile ++foo2bar ++:set key= ++/bar ++:.w >>test.out ++u:.w >>test.out ++u:.w >>test.out ++u:.w >>test.out ++:" + :" Rename the undo file so that it gets cleaned up. +-:call rename(".Xtestfile.un~", "Xtestundo") ++:if has("vms") ++: call rename("_un_Xtestfile", "Xtestundo") ++:else ++: call rename(".Xtestfile.un~", "Xtestundo") ++:endif + :qa! + ENDTEST + +diff -up vim74/src/testdir/test72.ok.blowfish2 vim74/src/testdir/test72.ok +--- vim74/src/testdir/test72.ok.blowfish2 2012-01-04 19:04:17.000000000 +0100 ++++ vim74/src/testdir/test72.ok 2017-09-05 15:23:47.596060147 +0200 +@@ -25,3 +25,7 @@ bar apr + apr + foo mar + mar ++bar apr ++apr ++foo mar ++mar +diff -up vim74/src/undo.c.blowfish2 vim74/src/undo.c +--- vim74/src/undo.c.blowfish2 2017-09-05 14:47:34.740913717 +0200 ++++ vim74/src/undo.c 2017-09-05 14:47:34.973911836 +0200 +@@ -81,8 +81,25 @@ + #define UH_MAGIC 0x18dade /* value for uh_magic when in use */ + #define UE_MAGIC 0xabc123 /* value for ue_magic when in use */ + ++/* Size of buffer used for encryption. */ ++#define CRYPT_BUF_SIZE 8192 ++ + #include "vim.h" + ++/* Structure passed around between functions. ++ * Avoids passing cryptstate_T when encryption not available. */ ++typedef struct { ++ buf_T *bi_buf; ++ FILE *bi_fp; ++#ifdef FEAT_CRYPT ++ cryptstate_T *bi_state; ++ char_u *bi_buffer; /* CRYPT_BUF_SIZE, NULL when not buffering */ ++ size_t bi_used; /* bytes written to/read from bi_buffer */ ++ size_t bi_avail; /* bytes available in bi_buffer */ ++#endif ++} bufinfo_T; ++ ++ + static long get_undolevel __ARGS((void)); + static void u_unch_branch __ARGS((u_header_T *uhp)); + static u_entry_T *u_get_headentry __ARGS((void)); +@@ -98,18 +115,26 @@ static void u_freeentry __ARGS((u_entry_ + #ifdef FEAT_PERSISTENT_UNDO + static void corruption_error __ARGS((char *mesg, char_u *file_name)); + static void u_free_uhp __ARGS((u_header_T *uhp)); +-static size_t fwrite_crypt __ARGS((buf_T *buf UNUSED, char_u *ptr, size_t len, FILE *fp)); +-static char_u *read_string_decrypt __ARGS((buf_T *buf UNUSED, FILE *fd, int len)); +-static int serialize_header __ARGS((FILE *fp, buf_T *buf, char_u *hash)); +-static int serialize_uhp __ARGS((FILE *fp, buf_T *buf, u_header_T *uhp)); +-static u_header_T *unserialize_uhp __ARGS((FILE *fp, char_u *file_name)); +-static int serialize_uep __ARGS((FILE *fp, buf_T *buf, u_entry_T *uep)); +-static u_entry_T *unserialize_uep __ARGS((FILE *fp, int *error, char_u *file_name)); +-static void serialize_pos __ARGS((pos_T pos, FILE *fp)); +-static void unserialize_pos __ARGS((pos_T *pos, FILE *fp)); +-static void serialize_visualinfo __ARGS((visualinfo_T *info, FILE *fp)); +-static void unserialize_visualinfo __ARGS((visualinfo_T *info, FILE *fp)); +-static void put_header_ptr __ARGS((FILE *fp, u_header_T *uhp)); ++static int undo_write __ARGS((bufinfo_T *bi, char_u *ptr, size_t len)); ++static int undo_flush __ARGS((bufinfo_T *bi)); ++static int fwrite_crypt __ARGS((bufinfo_T *bi, char_u *ptr, size_t len)); ++static int undo_write_bytes __ARGS((bufinfo_T *bi, long_u nr, int len)); ++static void put_header_ptr __ARGS((bufinfo_T *bi, u_header_T *uhp)); ++static int undo_read_4c __ARGS((bufinfo_T *bi)); ++static int undo_read_2c __ARGS((bufinfo_T *bi)); ++static int undo_read_byte __ARGS((bufinfo_T *bi)); ++static time_t undo_read_time __ARGS((bufinfo_T *bi)); ++static int undo_read __ARGS((bufinfo_T *bi, char_u *buffer, size_t size)); ++static char_u *read_string_decrypt __ARGS((bufinfo_T *bi, int len)); ++static int serialize_header __ARGS((bufinfo_T *bi, char_u *hash)); ++static int serialize_uhp __ARGS((bufinfo_T *bi, u_header_T *uhp)); ++static u_header_T *unserialize_uhp __ARGS((bufinfo_T *bi, char_u *file_name)); ++static int serialize_uep __ARGS((bufinfo_T *bi, u_entry_T *uep)); ++static u_entry_T *unserialize_uep __ARGS((bufinfo_T *bi, int *error, char_u *file_name)); ++static void serialize_pos __ARGS((bufinfo_T *bi, pos_T pos)); ++static void unserialize_pos __ARGS((bufinfo_T *bi, pos_T *pos)); ++static void serialize_visualinfo __ARGS((bufinfo_T *bi, visualinfo_T *info)); ++static void unserialize_visualinfo __ARGS((bufinfo_T *bi, visualinfo_T *info)); + #endif + + #define U_ALLOC_LINE(size) lalloc((long_u)(size), FALSE) +@@ -850,68 +875,294 @@ u_free_uhp(uhp) + } + + /* +- * Like fwrite() but crypt the bytes when 'key' is set. +- * Returns 1 if successful. ++ * Write a sequence of bytes to the undo file. ++ * Buffers and encrypts as needed. ++ * Returns OK or FAIL. + */ +- static size_t +-fwrite_crypt(buf, ptr, len, fp) +- buf_T *buf UNUSED; ++ static int ++undo_write(bi, ptr, len) ++ bufinfo_T *bi; ++ char_u *ptr; ++ size_t len; ++{ ++#ifdef FEAT_CRYPT ++ if (bi->bi_buffer != NULL) ++ { ++ size_t len_todo = len; ++ char_u *p = ptr; ++ ++ while (bi->bi_used + len_todo >= CRYPT_BUF_SIZE) ++ { ++ size_t n = CRYPT_BUF_SIZE - bi->bi_used; ++ ++ mch_memmove(bi->bi_buffer + bi->bi_used, p, n); ++ len_todo -= n; ++ p += n; ++ bi->bi_used = CRYPT_BUF_SIZE; ++ if (undo_flush(bi) == FAIL) ++ return FAIL; ++ } ++ if (len_todo > 0) ++ { ++ mch_memmove(bi->bi_buffer + bi->bi_used, p, len_todo); ++ bi->bi_used += len_todo; ++ } ++ return OK; ++ } ++#endif ++ if (fwrite(ptr, len, (size_t)1, bi->bi_fp) != 1) ++ return FAIL; ++ return OK; ++} ++ ++#ifdef FEAT_CRYPT ++ static int ++undo_flush(bi) ++ bufinfo_T *bi; ++{ ++ if (bi->bi_buffer != NULL && bi->bi_state != NULL && bi->bi_used > 0) ++ { ++ crypt_encode_inplace(bi->bi_state, bi->bi_buffer, bi->bi_used); ++ if (fwrite(bi->bi_buffer, bi->bi_used, (size_t)1, bi->bi_fp) != 1) ++ return FAIL; ++ bi->bi_used = 0; ++ } ++ return OK; ++} ++#endif ++ ++/* ++ * Write "ptr[len]" and crypt the bytes when needed. ++ * Returns OK or FAIL. ++ */ ++ static int ++fwrite_crypt(bi, ptr, len) ++ bufinfo_T *bi; + char_u *ptr; + size_t len; +- FILE *fp; + { + #ifdef FEAT_CRYPT + char_u *copy; + char_u small_buf[100]; + size_t i; + +- if (*buf->b_p_key == NUL) +- return fwrite(ptr, len, (size_t)1, fp); +- if (len < 100) +- copy = small_buf; /* no malloc()/free() for short strings */ +- else ++ if (bi->bi_state != NULL && bi->bi_buffer == NULL) + { +- copy = lalloc(len, FALSE); +- if (copy == NULL) +- return 0; +- } +- crypt_encode(ptr, len, copy); +- i = fwrite(copy, len, (size_t)1, fp); +- if (copy != small_buf) +- vim_free(copy); +- return i; +-#else +- return fwrite(ptr, len, (size_t)1, fp); ++ /* crypting every piece of text separately */ ++ if (len < 100) ++ copy = small_buf; /* no malloc()/free() for short strings */ ++ else ++ { ++ copy = lalloc(len, FALSE); ++ if (copy == NULL) ++ return 0; ++ } ++ crypt_encode(bi->bi_state, ptr, len, copy); ++ i = fwrite(copy, len, (size_t)1, bi->bi_fp); ++ if (copy != small_buf) ++ vim_free(copy); ++ return i == 1 ? OK : FAIL; ++ } + #endif ++ return undo_write(bi, ptr, len); + } + + /* +- * Read a string of length "len" from "fd". +- * When 'key' is set decrypt the bytes. ++ * Write a number, MSB first, in "len" bytes. ++ * Must match with undo_read_?c() functions. ++ * Returns OK or FAIL. + */ +- static char_u * +-read_string_decrypt(buf, fd, len) +- buf_T *buf UNUSED; +- FILE *fd; ++ static int ++undo_write_bytes(bi, nr, len) ++ bufinfo_T *bi; ++ long_u nr; + int len; + { +- char_u *ptr; ++ char_u buf[8]; ++ int i; ++ int bufi = 0; ++ ++ for (i = len - 1; i >= 0; --i) ++ buf[bufi++] = nr >> (i * 8); ++ return undo_write(bi, buf, (size_t)len); ++} + +- ptr = read_string(fd, len); ++/* ++ * Write the pointer to an undo header. Instead of writing the pointer itself ++ * we use the sequence number of the header. This is converted back to ++ * pointers when reading. */ ++ static void ++put_header_ptr(bi, uhp) ++ bufinfo_T *bi; ++ u_header_T *uhp; ++{ ++ undo_write_bytes(bi, (long_u)(uhp != NULL ? uhp->uh_seq : 0), 4); ++} ++ ++ static int ++undo_read_4c(bi) ++ bufinfo_T *bi; ++{ + #ifdef FEAT_CRYPT +- if (ptr != NULL && *buf->b_p_key != NUL) +- crypt_decode(ptr, len); ++ if (bi->bi_buffer != NULL) ++ { ++ char_u buf[4]; ++ int n; ++ ++ undo_read(bi, buf, (size_t)4); ++ n = (buf[0] << 24) + (buf[1] << 16) + (buf[2] << 8) + buf[3]; ++ return n; ++ } + #endif ++ return get4c(bi->bi_fp); ++} ++ ++ static int ++undo_read_2c(bi) ++ bufinfo_T *bi; ++{ ++#ifdef FEAT_CRYPT ++ if (bi->bi_buffer != NULL) ++ { ++ char_u buf[2]; ++ int n; ++ ++ undo_read(bi, buf, (size_t)2); ++ n = (buf[0] << 8) + buf[1]; ++ return n; ++ } ++#endif ++ return get2c(bi->bi_fp); ++} ++ ++ static int ++undo_read_byte(bi) ++ bufinfo_T *bi; ++{ ++#ifdef FEAT_CRYPT ++ if (bi->bi_buffer != NULL) ++ { ++ char_u buf[1]; ++ ++ undo_read(bi, buf, (size_t)1); ++ return buf[0]; ++ } ++#endif ++ return getc(bi->bi_fp); ++} ++ ++ static time_t ++undo_read_time(bi) ++ bufinfo_T *bi; ++{ ++#ifdef FEAT_CRYPT ++ if (bi->bi_buffer != NULL) ++ { ++ char_u buf[8]; ++ time_t n = 0; ++ int i; ++ ++ undo_read(bi, buf, (size_t)8); ++ for (i = 0; i < 8; ++i) ++ n = (n << 8) + buf[i]; ++ return n; ++ } ++#endif ++ return get8ctime(bi->bi_fp); ++} ++ ++/* ++ * Read "buffer[size]" from the undo file. ++ * Return OK or FAIL. ++ */ ++ static int ++undo_read(bi, buffer, size) ++ bufinfo_T *bi; ++ char_u *buffer; ++ size_t size; ++{ ++#ifdef FEAT_CRYPT ++ if (bi->bi_buffer != NULL) ++ { ++ int size_todo = size; ++ char_u *p = buffer; ++ ++ while (size_todo > 0) ++ { ++ size_t n; ++ ++ if (bi->bi_used >= bi->bi_avail) ++ { ++ n = fread(bi->bi_buffer, 1, (size_t)CRYPT_BUF_SIZE, bi->bi_fp); ++ if (n <= 0) ++ { ++ /* Error may be checked for only later. Fill with zeros, ++ * so that the reader won't use garbage. */ ++ vim_memset(p, 0, size_todo); ++ return FAIL; ++ } ++ bi->bi_avail = n; ++ bi->bi_used = 0; ++ crypt_decode_inplace(bi->bi_state, bi->bi_buffer, bi->bi_avail); ++ } ++ n = size_todo; ++ if (n > bi->bi_avail - bi->bi_used) ++ n = bi->bi_avail - bi->bi_used; ++ mch_memmove(p, bi->bi_buffer + bi->bi_used, n); ++ bi->bi_used += n; ++ size_todo -= n; ++ p += n; ++ } ++ return OK; ++ } ++#endif ++ if (fread(buffer, (size_t)size, 1, bi->bi_fp) != 1) ++ return FAIL; ++ return OK; ++} ++ ++/* ++ * Read a string of length "len" from "bi->bi_fd". ++ * "len" can be zero to allocate an empty line. ++ * Decrypt the bytes if needed. ++ * Append a NUL. ++ * Returns a pointer to allocated memory or NULL for failure. ++ */ ++ static char_u * ++read_string_decrypt(bi, len) ++ bufinfo_T *bi; ++ int len; ++{ ++ char_u *ptr = alloc((unsigned)len + 1); ++ ++ if (ptr != NULL) ++ { ++ if (len > 0 && undo_read(bi, ptr, len) == FAIL) ++ { ++ vim_free(ptr); ++ return NULL; ++ } ++ ptr[len] = NUL; ++#ifdef FEAT_CRYPT ++ if (bi->bi_state != NULL && bi->bi_buffer == NULL) ++ crypt_decode_inplace(bi->bi_state, ptr, len); ++#endif ++ } + return ptr; + } + ++/* ++ * Writes the (not encrypted) header and initializes encryption if needed. ++ */ + static int +-serialize_header(fp, buf, hash) +- FILE *fp; +- buf_T *buf; ++serialize_header(bi, hash) ++ bufinfo_T *bi; + char_u *hash; + { +- int len; ++ int len; ++ buf_T *buf = bi->bi_buf; ++ FILE *fp = bi->bi_fp; ++ char_u time_buf[8]; + + /* Start writing, first the magic marker and undo info version. */ + if (fwrite(UF_START_MAGIC, (size_t)UF_START_MAGIC_LEN, (size_t)1, fp) != 1) +@@ -925,117 +1176,124 @@ serialize_header(fp, buf, hash) + char_u *header; + int header_len; + +- put_bytes(fp, (long_u)UF_VERSION_CRYPT, 2); +- header = prepare_crypt_write(buf, &header_len); +- if (header == NULL) ++ undo_write_bytes(bi, (long_u)UF_VERSION_CRYPT, 2); ++ bi->bi_state = crypt_create_for_writing(crypt_get_method_nr(buf), ++ buf->b_p_key, &header, &header_len); ++ if (bi->bi_state == NULL) + return FAIL; + len = (int)fwrite(header, (size_t)header_len, (size_t)1, fp); + vim_free(header); + if (len != 1) + { +- crypt_pop_state(); ++ crypt_free_state(bi->bi_state); ++ bi->bi_state = NULL; + return FAIL; + } ++ ++ if (crypt_whole_undofile(crypt_get_method_nr(buf))) ++ { ++ bi->bi_buffer = alloc(CRYPT_BUF_SIZE); ++ if (bi->bi_buffer == NULL) ++ { ++ crypt_free_state(bi->bi_state); ++ bi->bi_state = NULL; ++ return FAIL; ++ } ++ bi->bi_used = 0; ++ } + } + else + #endif +- put_bytes(fp, (long_u)UF_VERSION, 2); ++ undo_write_bytes(bi, (long_u)UF_VERSION, 2); + + + /* Write a hash of the buffer text, so that we can verify it is still the + * same when reading the buffer text. */ +- if (fwrite(hash, (size_t)UNDO_HASH_SIZE, (size_t)1, fp) != 1) ++ if (undo_write(bi, hash, (size_t)UNDO_HASH_SIZE) == FAIL) + return FAIL; + + /* buffer-specific data */ +- put_bytes(fp, (long_u)buf->b_ml.ml_line_count, 4); ++ undo_write_bytes(bi, (long_u)buf->b_ml.ml_line_count, 4); + len = buf->b_u_line_ptr != NULL ? (int)STRLEN(buf->b_u_line_ptr) : 0; +- put_bytes(fp, (long_u)len, 4); +- if (len > 0 && fwrite_crypt(buf, buf->b_u_line_ptr, (size_t)len, fp) != 1) ++ undo_write_bytes(bi, (long_u)len, 4); ++ if (len > 0 && fwrite_crypt(bi, buf->b_u_line_ptr, (size_t)len) == FAIL) + return FAIL; +- put_bytes(fp, (long_u)buf->b_u_line_lnum, 4); +- put_bytes(fp, (long_u)buf->b_u_line_colnr, 4); ++ undo_write_bytes(bi, (long_u)buf->b_u_line_lnum, 4); ++ undo_write_bytes(bi, (long_u)buf->b_u_line_colnr, 4); + + /* Undo structures header data */ +- put_header_ptr(fp, buf->b_u_oldhead); +- put_header_ptr(fp, buf->b_u_newhead); +- put_header_ptr(fp, buf->b_u_curhead); +- +- put_bytes(fp, (long_u)buf->b_u_numhead, 4); +- put_bytes(fp, (long_u)buf->b_u_seq_last, 4); +- put_bytes(fp, (long_u)buf->b_u_seq_cur, 4); +- put_time(fp, buf->b_u_time_cur); ++ put_header_ptr(bi, buf->b_u_oldhead); ++ put_header_ptr(bi, buf->b_u_newhead); ++ put_header_ptr(bi, buf->b_u_curhead); ++ ++ undo_write_bytes(bi, (long_u)buf->b_u_numhead, 4); ++ undo_write_bytes(bi, (long_u)buf->b_u_seq_last, 4); ++ undo_write_bytes(bi, (long_u)buf->b_u_seq_cur, 4); ++ time_to_bytes(buf->b_u_time_cur, time_buf); ++ undo_write(bi, time_buf, 8); + + /* Optional fields. */ +- putc(4, fp); +- putc(UF_LAST_SAVE_NR, fp); +- put_bytes(fp, (long_u)buf->b_u_save_nr_last, 4); ++ undo_write_bytes(bi, 4, 1); ++ undo_write_bytes(bi, UF_LAST_SAVE_NR, 1); ++ undo_write_bytes(bi, (long_u)buf->b_u_save_nr_last, 4); + +- putc(0, fp); /* end marker */ ++ undo_write_bytes(bi, 0, 1); /* end marker */ + + return OK; + } + + static int +-serialize_uhp(fp, buf, uhp) +- FILE *fp; +- buf_T *buf; ++serialize_uhp(bi, uhp) ++ bufinfo_T *bi; + u_header_T *uhp; + { + int i; + u_entry_T *uep; ++ char_u time_buf[8]; + +- if (put_bytes(fp, (long_u)UF_HEADER_MAGIC, 2) == FAIL) ++ if (undo_write_bytes(bi, (long_u)UF_HEADER_MAGIC, 2) == FAIL) + return FAIL; + +- put_header_ptr(fp, uhp->uh_next.ptr); +- put_header_ptr(fp, uhp->uh_prev.ptr); +- put_header_ptr(fp, uhp->uh_alt_next.ptr); +- put_header_ptr(fp, uhp->uh_alt_prev.ptr); +- put_bytes(fp, uhp->uh_seq, 4); +- serialize_pos(uhp->uh_cursor, fp); ++ put_header_ptr(bi, uhp->uh_next.ptr); ++ put_header_ptr(bi, uhp->uh_prev.ptr); ++ put_header_ptr(bi, uhp->uh_alt_next.ptr); ++ put_header_ptr(bi, uhp->uh_alt_prev.ptr); ++ undo_write_bytes(bi, uhp->uh_seq, 4); ++ serialize_pos(bi, uhp->uh_cursor); + #ifdef FEAT_VIRTUALEDIT +- put_bytes(fp, (long_u)uhp->uh_cursor_vcol, 4); ++ undo_write_bytes(bi, (long_u)uhp->uh_cursor_vcol, 4); + #else +- put_bytes(fp, (long_u)0, 4); ++ undo_write_bytes(bi, (long_u)0, 4); + #endif +- put_bytes(fp, (long_u)uhp->uh_flags, 2); ++ undo_write_bytes(bi, (long_u)uhp->uh_flags, 2); + /* Assume NMARKS will stay the same. */ + for (i = 0; i < NMARKS; ++i) +- serialize_pos(uhp->uh_namedm[i], fp); +-#ifdef FEAT_VISUAL +- serialize_visualinfo(&uhp->uh_visual, fp); +-#else +- { +- visualinfo_T info; +- +- memset(&info, 0, sizeof(visualinfo_T)); +- serialize_visualinfo(&info, fp); +- } +-#endif +- put_time(fp, uhp->uh_time); ++ serialize_pos(bi, uhp->uh_namedm[i]); ++ serialize_visualinfo(bi, &uhp->uh_visual); ++ time_to_bytes(uhp->uh_time, time_buf); ++ undo_write(bi, time_buf, 8); + + /* Optional fields. */ +- putc(4, fp); +- putc(UHP_SAVE_NR, fp); +- put_bytes(fp, (long_u)uhp->uh_save_nr, 4); ++ undo_write_bytes(bi, 4, 1); ++ undo_write_bytes(bi, UHP_SAVE_NR, 1); ++ undo_write_bytes(bi, (long_u)uhp->uh_save_nr, 4); + +- putc(0, fp); /* end marker */ ++ undo_write_bytes(bi, 0, 1); /* end marker */ + + /* Write all the entries. */ + for (uep = uhp->uh_entry; uep != NULL; uep = uep->ue_next) + { +- put_bytes(fp, (long_u)UF_ENTRY_MAGIC, 2); +- if (serialize_uep(fp, buf, uep) == FAIL) ++ undo_write_bytes(bi, (long_u)UF_ENTRY_MAGIC, 2); ++ if (serialize_uep(bi, uep) == FAIL) + return FAIL; + } +- put_bytes(fp, (long_u)UF_ENTRY_END_MAGIC, 2); ++ undo_write_bytes(bi, (long_u)UF_ENTRY_END_MAGIC, 2); + return OK; + } + + static u_header_T * +-unserialize_uhp(fp, file_name) +- FILE *fp; ++unserialize_uhp(bi, file_name) ++ bufinfo_T *bi; + char_u *file_name; + { + u_header_T *uhp; +@@ -1051,63 +1309,56 @@ unserialize_uhp(fp, file_name) + #ifdef U_DEBUG + uhp->uh_magic = UH_MAGIC; + #endif +- uhp->uh_next.seq = get4c(fp); +- uhp->uh_prev.seq = get4c(fp); +- uhp->uh_alt_next.seq = get4c(fp); +- uhp->uh_alt_prev.seq = get4c(fp); +- uhp->uh_seq = get4c(fp); ++ uhp->uh_next.seq = undo_read_4c(bi); ++ uhp->uh_prev.seq = undo_read_4c(bi); ++ uhp->uh_alt_next.seq = undo_read_4c(bi); ++ uhp->uh_alt_prev.seq = undo_read_4c(bi); ++ uhp->uh_seq = undo_read_4c(bi); + if (uhp->uh_seq <= 0) + { + corruption_error("uh_seq", file_name); + vim_free(uhp); + return NULL; + } +- unserialize_pos(&uhp->uh_cursor, fp); ++ unserialize_pos(bi, &uhp->uh_cursor); + #ifdef FEAT_VIRTUALEDIT +- uhp->uh_cursor_vcol = get4c(fp); ++ uhp->uh_cursor_vcol = undo_read_4c(bi); + #else +- (void)get4c(fp); ++ (void)undo_read_4c(bi); + #endif +- uhp->uh_flags = get2c(fp); ++ uhp->uh_flags = undo_read_2c(bi); + for (i = 0; i < NMARKS; ++i) +- unserialize_pos(&uhp->uh_namedm[i], fp); +-#ifdef FEAT_VISUAL +- unserialize_visualinfo(&uhp->uh_visual, fp); +-#else +- { +- visualinfo_T info; +- unserialize_visualinfo(&info, fp); +- } +-#endif +- uhp->uh_time = get8ctime(fp); ++ unserialize_pos(bi, &uhp->uh_namedm[i]); ++ unserialize_visualinfo(bi, &uhp->uh_visual); ++ uhp->uh_time = undo_read_time(bi); + + /* Optional fields. */ + for (;;) + { +- int len = getc(fp); ++ int len = undo_read_byte(bi); + int what; + + if (len == 0) + break; +- what = getc(fp); ++ what = undo_read_byte(bi); + switch (what) + { + case UHP_SAVE_NR: +- uhp->uh_save_nr = get4c(fp); ++ uhp->uh_save_nr = undo_read_4c(bi); + break; + default: + /* field not supported, skip */ + while (--len >= 0) +- (void)getc(fp); ++ (void)undo_read_byte(bi); + } + } + + /* Unserialize the uep list. */ + last_uep = NULL; +- while ((c = get2c(fp)) == UF_ENTRY_MAGIC) ++ while ((c = undo_read_2c(bi)) == UF_ENTRY_MAGIC) + { + error = FALSE; +- uep = unserialize_uep(fp, &error, file_name); ++ uep = unserialize_uep(bi, &error, file_name); + if (last_uep == NULL) + uhp->uh_entry = uep; + else +@@ -1130,35 +1381,34 @@ unserialize_uhp(fp, file_name) + } + + /* +- * Serialize "uep" to "fp". ++ * Serialize "uep". + */ + static int +-serialize_uep(fp, buf, uep) +- FILE *fp; +- buf_T *buf; ++serialize_uep(bi, uep) ++ bufinfo_T *bi; + u_entry_T *uep; + { + int i; + size_t len; + +- put_bytes(fp, (long_u)uep->ue_top, 4); +- put_bytes(fp, (long_u)uep->ue_bot, 4); +- put_bytes(fp, (long_u)uep->ue_lcount, 4); +- put_bytes(fp, (long_u)uep->ue_size, 4); ++ undo_write_bytes(bi, (long_u)uep->ue_top, 4); ++ undo_write_bytes(bi, (long_u)uep->ue_bot, 4); ++ undo_write_bytes(bi, (long_u)uep->ue_lcount, 4); ++ undo_write_bytes(bi, (long_u)uep->ue_size, 4); + for (i = 0; i < uep->ue_size; ++i) + { + len = STRLEN(uep->ue_array[i]); +- if (put_bytes(fp, (long_u)len, 4) == FAIL) ++ if (undo_write_bytes(bi, (long_u)len, 4) == FAIL) + return FAIL; +- if (len > 0 && fwrite_crypt(buf, uep->ue_array[i], len, fp) != 1) ++ if (len > 0 && fwrite_crypt(bi, uep->ue_array[i], len) == FAIL) + return FAIL; + } + return OK; + } + + static u_entry_T * +-unserialize_uep(fp, error, file_name) +- FILE *fp; ++unserialize_uep(bi, error, file_name) ++ bufinfo_T *bi; + int *error; + char_u *file_name; + { +@@ -1175,10 +1425,10 @@ unserialize_uep(fp, error, file_name) + #ifdef U_DEBUG + uep->ue_magic = UE_MAGIC; + #endif +- uep->ue_top = get4c(fp); +- uep->ue_bot = get4c(fp); +- uep->ue_lcount = get4c(fp); +- uep->ue_size = get4c(fp); ++ uep->ue_top = undo_read_4c(bi); ++ uep->ue_bot = undo_read_4c(bi); ++ uep->ue_lcount = undo_read_4c(bi); ++ uep->ue_size = undo_read_4c(bi); + if (uep->ue_size > 0) + { + array = (char_u **)U_ALLOC_LINE(sizeof(char_u *) * uep->ue_size); +@@ -1195,9 +1445,9 @@ unserialize_uep(fp, error, file_name) + + for (i = 0; i < uep->ue_size; ++i) + { +- line_len = get4c(fp); ++ line_len = undo_read_4c(bi); + if (line_len >= 0) +- line = read_string_decrypt(curbuf, fp, line_len); ++ line = read_string_decrypt(bi, line_len); + else + { + line = NULL; +@@ -1214,83 +1464,71 @@ unserialize_uep(fp, error, file_name) + } + + /* +- * Serialize "pos" to "fp". ++ * Serialize "pos". + */ + static void +-serialize_pos(pos, fp) ++serialize_pos(bi, pos) ++ bufinfo_T *bi; + pos_T pos; +- FILE *fp; + { +- put_bytes(fp, (long_u)pos.lnum, 4); +- put_bytes(fp, (long_u)pos.col, 4); ++ undo_write_bytes(bi, (long_u)pos.lnum, 4); ++ undo_write_bytes(bi, (long_u)pos.col, 4); + #ifdef FEAT_VIRTUALEDIT +- put_bytes(fp, (long_u)pos.coladd, 4); ++ undo_write_bytes(bi, (long_u)pos.coladd, 4); + #else +- put_bytes(fp, (long_u)0, 4); ++ undo_write_bytes(bi, (long_u)0, 4); + #endif + } + + /* +- * Unserialize the pos_T at the current position in fp. ++ * Unserialize the pos_T at the current position. + */ + static void +-unserialize_pos(pos, fp) ++unserialize_pos(bi, pos) ++ bufinfo_T *bi; + pos_T *pos; +- FILE *fp; + { +- pos->lnum = get4c(fp); ++ pos->lnum = undo_read_4c(bi); + if (pos->lnum < 0) + pos->lnum = 0; +- pos->col = get4c(fp); ++ pos->col = undo_read_4c(bi); + if (pos->col < 0) + pos->col = 0; + #ifdef FEAT_VIRTUALEDIT +- pos->coladd = get4c(fp); ++ pos->coladd = undo_read_4c(bi); + if (pos->coladd < 0) + pos->coladd = 0; + #else +- (void)get4c(fp); ++ (void)undo_read_4c(bi); + #endif + } + + /* +- * Serialize "info" to "fp". ++ * Serialize "info". + */ + static void +-serialize_visualinfo(info, fp) ++serialize_visualinfo(bi, info) ++ bufinfo_T *bi; + visualinfo_T *info; +- FILE *fp; + { +- serialize_pos(info->vi_start, fp); +- serialize_pos(info->vi_end, fp); +- put_bytes(fp, (long_u)info->vi_mode, 4); +- put_bytes(fp, (long_u)info->vi_curswant, 4); ++ serialize_pos(bi, info->vi_start); ++ serialize_pos(bi, info->vi_end); ++ undo_write_bytes(bi, (long_u)info->vi_mode, 4); ++ undo_write_bytes(bi, (long_u)info->vi_curswant, 4); + } + + /* +- * Unserialize the visualinfo_T at the current position in fp. ++ * Unserialize the visualinfo_T at the current position. + */ + static void +-unserialize_visualinfo(info, fp) ++unserialize_visualinfo(bi, info) ++ bufinfo_T *bi; + visualinfo_T *info; +- FILE *fp; +-{ +- unserialize_pos(&info->vi_start, fp); +- unserialize_pos(&info->vi_end, fp); +- info->vi_mode = get4c(fp); +- info->vi_curswant = get4c(fp); +-} +- +-/* +- * Write the pointer to an undo header. Instead of writing the pointer itself +- * we use the sequence number of the header. This is converted back to +- * pointers when reading. */ +- static void +-put_header_ptr(fp, uhp) +- FILE *fp; +- u_header_T *uhp; + { +- put_bytes(fp, (long_u)(uhp != NULL ? uhp->uh_seq : 0), 4); ++ unserialize_pos(bi, &info->vi_start); ++ unserialize_pos(bi, &info->vi_end); ++ info->vi_mode = undo_read_4c(bi); ++ info->vi_curswant = undo_read_4c(bi); + } + + /* +@@ -1324,9 +1562,9 @@ u_write_undo(name, forceit, buf, hash) + struct stat st_old; + struct stat st_new; + #endif +-#ifdef FEAT_CRYPT +- int do_crypt = FALSE; +-#endif ++ bufinfo_T bi; ++ ++ vim_memset(&bi, 0, sizeof(bi)); + + if (name == NULL) + { +@@ -1481,14 +1719,12 @@ u_write_undo(name, forceit, buf, hash) + u_sync(TRUE); + + /* +- * Write the header. ++ * Write the header. Initializes encryption, if enabled. + */ +- if (serialize_header(fp, buf, hash) == FAIL) ++ bi.bi_buf = buf; ++ bi.bi_fp = fp; ++ if (serialize_header(&bi, hash) == FAIL) + goto write_error; +-#ifdef FEAT_CRYPT +- if (*buf->b_p_key != NUL) +- do_crypt = TRUE; +-#endif + + /* + * Iteratively serialize UHPs and their UEPs from the top down. +@@ -1504,7 +1740,7 @@ u_write_undo(name, forceit, buf, hash) + #ifdef U_DEBUG + ++headers_written; + #endif +- if (serialize_uhp(fp, buf, uhp) == FAIL) ++ if (serialize_uhp(&bi, uhp) == FAIL) + goto write_error; + } + +@@ -1523,7 +1759,7 @@ u_write_undo(name, forceit, buf, hash) + uhp = uhp->uh_next.ptr; + } + +- if (put_bytes(fp, (long_u)UF_HEADER_END_MAGIC, 2) == OK) ++ if (undo_write_bytes(&bi, (long_u)UF_HEADER_END_MAGIC, 2) == OK) + write_ok = TRUE; + #ifdef U_DEBUG + if (headers_written != buf->b_u_numhead) +@@ -1533,6 +1769,11 @@ u_write_undo(name, forceit, buf, hash) + } + #endif + ++#ifdef FEAT_CRYPT ++ if (bi.bi_state != NULL && undo_flush(&bi) == FAIL) ++ write_ok = FALSE; ++#endif ++ + write_error: + fclose(fp); + if (!write_ok) +@@ -1558,8 +1799,9 @@ write_error: + + theend: + #ifdef FEAT_CRYPT +- if (do_crypt) +- crypt_pop_state(); ++ if (bi.bi_state != NULL) ++ crypt_free_state(bi.bi_state); ++ vim_free(bi.bi_buffer); + #endif + if (file_name != name) + vim_free(file_name); +@@ -1605,10 +1847,9 @@ u_read_undo(name, hash, orig_name) + struct stat st_orig; + struct stat st_undo; + #endif +-#ifdef FEAT_CRYPT +- int do_decrypt = FALSE; +-#endif ++ bufinfo_T bi; + ++ vim_memset(&bi, 0, sizeof(bi)); + if (name == NULL) + { + file_name = u_get_undo_file_name(curbuf->b_ffname, TRUE); +@@ -1651,6 +1892,8 @@ u_read_undo(name, hash, orig_name) + EMSG2(_("E822: Cannot open undo file for reading: %s"), file_name); + goto error; + } ++ bi.bi_buf = curbuf; ++ bi.bi_fp = fp; + + /* + * Read the undo file header. +@@ -1671,12 +1914,24 @@ u_read_undo(name, hash, orig_name) + file_name); + goto error; + } +- if (prepare_crypt_read(fp) == FAIL) ++ bi.bi_state = crypt_create_from_file(fp, curbuf->b_p_key); ++ if (bi.bi_state == NULL) + { + EMSG2(_("E826: Undo file decryption failed: %s"), file_name); + goto error; + } +- do_decrypt = TRUE; ++ if (crypt_whole_undofile(bi.bi_state->method_nr)) ++ { ++ bi.bi_buffer = alloc(CRYPT_BUF_SIZE); ++ if (bi.bi_buffer == NULL) ++ { ++ crypt_free_state(bi.bi_state); ++ bi.bi_state = NULL; ++ goto error; ++ } ++ bi.bi_avail = 0; ++ bi.bi_used = 0; ++ } + #else + EMSG2(_("E827: Undo file is encrypted: %s"), file_name); + goto error; +@@ -1688,12 +1943,12 @@ u_read_undo(name, hash, orig_name) + goto error; + } + +- if (fread(read_hash, UNDO_HASH_SIZE, 1, fp) != 1) ++ if (undo_read(&bi, read_hash, (size_t)UNDO_HASH_SIZE) == FAIL) + { + corruption_error("hash", file_name); + goto error; + } +- line_count = (linenr_T)get4c(fp); ++ line_count = (linenr_T)undo_read_4c(&bi); + if (memcmp(hash, read_hash, UNDO_HASH_SIZE) != 0 + || line_count != curbuf->b_ml.ml_line_count) + { +@@ -1710,13 +1965,13 @@ u_read_undo(name, hash, orig_name) + } + + /* Read undo data for "U" command. */ +- str_len = get4c(fp); ++ str_len = undo_read_4c(&bi); + if (str_len < 0) + goto error; + if (str_len > 0) +- line_ptr = read_string_decrypt(curbuf, fp, str_len); +- line_lnum = (linenr_T)get4c(fp); +- line_colnr = (colnr_T)get4c(fp); ++ line_ptr = read_string_decrypt(&bi, str_len); ++ line_lnum = (linenr_T)undo_read_4c(&bi); ++ line_colnr = (colnr_T)undo_read_4c(&bi); + if (line_lnum < 0 || line_colnr < 0) + { + corruption_error("line lnum/col", file_name); +@@ -1724,32 +1979,32 @@ u_read_undo(name, hash, orig_name) + } + + /* Begin general undo data */ +- old_header_seq = get4c(fp); +- new_header_seq = get4c(fp); +- cur_header_seq = get4c(fp); +- num_head = get4c(fp); +- seq_last = get4c(fp); +- seq_cur = get4c(fp); +- seq_time = get8ctime(fp); ++ old_header_seq = undo_read_4c(&bi); ++ new_header_seq = undo_read_4c(&bi); ++ cur_header_seq = undo_read_4c(&bi); ++ num_head = undo_read_4c(&bi); ++ seq_last = undo_read_4c(&bi); ++ seq_cur = undo_read_4c(&bi); ++ seq_time = undo_read_time(&bi); + + /* Optional header fields. */ + for (;;) + { +- int len = getc(fp); ++ int len = undo_read_byte(&bi); + int what; + + if (len == 0 || len == EOF) + break; +- what = getc(fp); ++ what = undo_read_byte(&bi); + switch (what) + { + case UF_LAST_SAVE_NR: +- last_save_nr = get4c(fp); ++ last_save_nr = undo_read_4c(&bi); + break; + default: + /* field not supported, skip */ + while (--len >= 0) +- (void)getc(fp); ++ (void)undo_read_byte(&bi); + } + } + +@@ -1765,7 +2020,7 @@ u_read_undo(name, hash, orig_name) + goto error; + } + +- while ((c = get2c(fp)) == UF_HEADER_MAGIC) ++ while ((c = undo_read_2c(&bi)) == UF_HEADER_MAGIC) + { + if (num_read_uhps >= num_head) + { +@@ -1773,7 +2028,7 @@ u_read_undo(name, hash, orig_name) + goto error; + } + +- uhp = unserialize_uhp(fp, file_name); ++ uhp = unserialize_uhp(&bi, file_name); + if (uhp == NULL) + goto error; + uhp_table[num_read_uhps++] = uhp; +@@ -1905,8 +2160,9 @@ error: + + theend: + #ifdef FEAT_CRYPT +- if (do_decrypt) +- crypt_pop_state(); ++ if (bi.bi_state != NULL) ++ crypt_free_state(bi.bi_state); ++ vim_free(bi.bi_buffer); + #endif + if (fp != NULL) + fclose(fp); +diff -up vim74/src/version.c.blowfish2 vim74/src/version.c +--- vim74/src/version.c.blowfish2 2017-09-05 14:47:34.768913491 +0200 ++++ vim74/src/version.c 2017-09-05 14:47:34.973911836 +0200 +@@ -739,6 +739,14 @@ static char *(features[]) = + static int included_patches[] = + { /* Add new patch number below this line */ + /**/ ++ 1099, ++/**/ ++ 403, ++/**/ ++ 402, ++/**/ ++ 399, ++/**/ + 160, + /**/ + 159, diff --git a/SOURCES/vim-7.4-c++11.patch b/SOURCES/vim-7.4-c++11.patch new file mode 100644 index 0000000..91268b0 --- /dev/null +++ b/SOURCES/vim-7.4-c++11.patch @@ -0,0 +1,114 @@ +diff -up vim74/runtime/syntax/cpp.vim.c++11 vim74/runtime/syntax/cpp.vim +--- vim74/runtime/syntax/cpp.vim.c++11 2017-08-23 17:49:00.722250142 +0200 ++++ vim74/runtime/syntax/cpp.vim 2017-08-23 17:49:29.132979711 +0200 +@@ -1,29 +1,23 @@ + " Vim syntax file + " Language: C++ +-" Current Maintainer: vim-jp (https://github.com/vim-jp/cpp-vim) ++" Current Maintainer: vim-jp (https://github.com/vim-jp/vim-cpp) + " Previous Maintainer: Ken Shan +-" Last Change: 2012 Jun 14 ++" Last Change: 2017 Jun 05 + +-" For version 5.x: Clear all syntax items +-" For version 6.x: Quit when a syntax file was already loaded +-if version < 600 +- syntax clear +-elseif exists("b:current_syntax") ++" quit when a syntax file was already loaded ++if exists("b:current_syntax") + finish + endif + + " Read the C syntax to start with +-if version < 600 +- so :p:h/c.vim +-else +- runtime! syntax/c.vim +- unlet b:current_syntax +-endif ++runtime! syntax/c.vim ++unlet b:current_syntax + + " C++ extensions + syn keyword cppStatement new delete this friend using + syn keyword cppAccess public protected private +-syn keyword cppType inline virtual explicit export bool wchar_t ++syn keyword cppModifier inline virtual explicit export ++syn keyword cppType bool wchar_t + syn keyword cppExceptions throw try catch + syn keyword cppOperator operator typeid + syn keyword cppOperator and bitor or xor compl bitand and_eq or_eq xor_eq not not_eq +@@ -32,38 +26,51 @@ syn match cppCast "\<\(const\|static\|d + syn keyword cppStorageClass mutable + syn keyword cppStructure class typename template namespace + syn keyword cppBoolean true false ++syn keyword cppConstant __cplusplus + + " C++ 11 extensions + if !exists("cpp_no_cpp11") +- syn keyword cppType override final ++ syn keyword cppModifier override final ++ syn keyword cppType nullptr_t auto + syn keyword cppExceptions noexcept +- syn keyword cppStorageClass constexpr decltype ++ syn keyword cppStorageClass constexpr decltype thread_local + syn keyword cppConstant nullptr ++ syn keyword cppConstant ATOMIC_FLAG_INIT ATOMIC_VAR_INIT ++ syn keyword cppConstant ATOMIC_BOOL_LOCK_FREE ATOMIC_CHAR_LOCK_FREE ++ syn keyword cppConstant ATOMIC_CHAR16_T_LOCK_FREE ATOMIC_CHAR32_T_LOCK_FREE ++ syn keyword cppConstant ATOMIC_WCHAR_T_LOCK_FREE ATOMIC_SHORT_LOCK_FREE ++ syn keyword cppConstant ATOMIC_INT_LOCK_FREE ATOMIC_LONG_LOCK_FREE ++ syn keyword cppConstant ATOMIC_LLONG_LOCK_FREE ATOMIC_POINTER_LOCK_FREE ++ syn region cppRawString matchgroup=cppRawStringDelimiter start=+\%(u8\|[uLU]\)\=R"\z([[:alnum:]_{}[\]#<>%:;.?*\+\-/\^&|~!=,"']\{,16}\)(+ end=+)\z1"+ contains=@Spell ++endif ++ ++" C++ 14 extensions ++if !exists("cpp_no_cpp14") ++ syn case ignore ++ syn match cppNumber display "\<0b[01]\('\=[01]\+\)*\(u\=l\{0,2}\|ll\=u\)\>" ++ syn match cppNumber display "\<[1-9]\('\=\d\+\)*\(u\=l\{0,2}\|ll\=u\)\>" contains=cFloat ++ syn match cppNumber display "\<0x\x\('\=\x\+\)*\(u\=l\{0,2}\|ll\=u\)\>" ++ syn case match + endif + + " The minimum and maximum operators in GNU C++ + syn match cppMinMax "[<>]?" + + " Default highlighting +-if version >= 508 || !exists("did_cpp_syntax_inits") +- if version < 508 +- let did_cpp_syntax_inits = 1 +- command -nargs=+ HiLink hi link +- else +- command -nargs=+ HiLink hi def link +- endif +- HiLink cppAccess cppStatement +- HiLink cppCast cppStatement +- HiLink cppExceptions Exception +- HiLink cppOperator Operator +- HiLink cppStatement Statement +- HiLink cppType Type +- HiLink cppStorageClass StorageClass +- HiLink cppStructure Structure +- HiLink cppBoolean Boolean +- HiLink cppConstant Constant +- delcommand HiLink +-endif ++hi def link cppAccess cppStatement ++hi def link cppCast cppStatement ++hi def link cppExceptions Exception ++hi def link cppOperator Operator ++hi def link cppStatement Statement ++hi def link cppModifier Type ++hi def link cppType Type ++hi def link cppStorageClass StorageClass ++hi def link cppStructure Structure ++hi def link cppBoolean Boolean ++hi def link cppConstant Constant ++hi def link cppRawStringDelimiter Delimiter ++hi def link cppRawString String ++hi def link cppNumber Number + + let b:current_syntax = "cpp" + diff --git a/SPECS/vim.spec b/SPECS/vim.spec index 3cc96c2..cb03cb2 100644 --- a/SPECS/vim.spec +++ b/SPECS/vim.spec @@ -20,7 +20,7 @@ Summary: The VIM editor URL: http://www.vim.org/ Name: vim Version: %{baseversion}.%{patchlevel} -Release: 2%{?dist} +Release: 4%{?dist} License: Vim Group: Applications/Editors Source0: ftp://ftp.vim.org/pub/vim/unix/vim-%{baseversion}.tar.bz2 @@ -222,6 +222,10 @@ Patch3013: vim-7.3-xsubpp-path.patch Patch3014: vim-manpagefixes-948566.patch Patch3015: vim-7.4-CVE-2016-1248.patch Patch3016: vim-7.4-yamlsyntax.patch +# 1267826 - Include c++11 syntax highlighting in vim +Patch3017: vim-7.4-c++11.patch +# 1319760 - [RFE] Vim should support blowfish2, plus ensure that RHEL6 encrypted files can be opened in RHEL7 +Patch3018: vim-7.4-blowfish2.patch Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: python-devel ncurses-devel gettext perl-devel @@ -537,6 +541,8 @@ perl -pi -e "s,bin/nawk,bin/awk,g" runtime/tools/mve.awk %patch3014 -p1 %patch3015 -p1 %patch3016 -p1 +%patch3017 -p1 +%patch3018 -p1 %build cp -f %{SOURCE5} . @@ -746,8 +752,8 @@ sed -i -e "s/augroup fedora/augroup redhat/" %{buildroot}/%{_sysconfdir}/vimrc sed -i -e "s/augroup fedora/augroup redhat/" %{buildroot}/%{_sysconfdir}/virc %endif (cd %{buildroot}/%{_datadir}/%{name}/%{vimdir}/doc; - gzip -9 *.txt - gzip -d help.txt.gz version7.txt.gz sponsor.txt.gz + gzip -n -9 *.txt + gzip -n -d help.txt.gz version7.txt.gz sponsor.txt.gz cp %{SOURCE12} . cat tags | sed -e 's/\t\(.*.txt\)\t/\t\1.gz\t/;s/\thelp.txt.gz\t/\thelp.txt\t/;s/\tversion7.txt.gz\t/\tversion7.txt\t/;s/\tsponsor.txt.gz\t/\tsponsor.txt\t/' > tags.new; mv -f tags.new tags cat >> tags << EOF @@ -1020,6 +1026,13 @@ rm -rf %{buildroot} %{_datadir}/icons/hicolor/*/apps/* %changelog +* Tue Sep 05 2017 Zdenek Dohnal - 2:7.4.160-4 +- fixed upstream tests, which failed after last build + +* Wed Aug 23 2017 Zdenek Dohnal - 2:7.4.160-3 +- 1267826 - Include c++11 syntax highlighting in vim +- 1319760 - [RFE] Vim should support blowfish2, plus ensure that RHEL6 encrypted files can be opened in RHEL7 + * Fri Jan 20 2017 Zdenek Dohnal - 2:7.4.160-2 - 1383902 - CPU spikes to 100% and timeouts observed in strace when opening yaml extensions using vim