diff options
author | Damien Miller <djm@mindrot.org> | 2014-04-20 13:21:22 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2014-04-20 13:21:22 +1000 |
commit | 4f40209aa4060b9c066a2f0d9332ace7b8dfb391 (patch) | |
tree | 3f023418e3afa0ae151339aecae6d72b978014b8 | |
parent | 9235a030ad1b16903fb495d81544e0f7c7449523 (diff) |
- djm@cvs.openbsd.org 2014/03/26 04:55:35
[chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c
[misc.h poly1305.h ssh-pkcs11.c]
use __bounded(...) attribute recently added to sys/cdefs.h instead of
longform __attribute__(__bounded(...));
for brevity and a warning free compilation with llvm/clang
-rw-r--r-- | ChangeLog | 7 | ||||
-rw-r--r-- | chacha.h | 12 | ||||
-rw-r--r-- | cipher-chachapoly.h | 6 | ||||
-rw-r--r-- | defines.h | 12 | ||||
-rw-r--r-- | digest.h | 12 | ||||
-rw-r--r-- | hmac.h | 8 | ||||
-rw-r--r-- | kex.h | 10 | ||||
-rw-r--r-- | kexc25519.c | 8 | ||||
-rw-r--r-- | misc.h | 14 | ||||
-rw-r--r-- | poly1305.h | 8 | ||||
-rw-r--r-- | ssh-pkcs11.c | 4 |
11 files changed, 59 insertions, 42 deletions
@@ -51,6 +51,13 @@ | |||
51 | - markus@cvs.openbsd.org 2014/03/27 23:01:27 | 51 | - markus@cvs.openbsd.org 2014/03/27 23:01:27 |
52 | [myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] | 52 | [myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] |
53 | disable weak proposals in sshd, but keep them in ssh; ok djm@ | 53 | disable weak proposals in sshd, but keep them in ssh; ok djm@ |
54 | - djm@cvs.openbsd.org 2014/03/26 04:55:35 | ||
55 | [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c | ||
56 | [misc.h poly1305.h ssh-pkcs11.c] | ||
57 | use __bounded(...) attribute recently added to sys/cdefs.h instead of | ||
58 | longform __attribute__(__bounded(...)); | ||
59 | |||
60 | for brevity and a warning free compilation with llvm/clang | ||
54 | 61 | ||
55 | 20140401 | 62 | 20140401 |
56 | - (djm) On platforms that support it, use prctl() to prevent sftp-server | 63 | - (djm) On platforms that support it, use prctl() to prevent sftp-server |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: chacha.h,v 1.1 2013/11/21 00:45:44 djm Exp $ */ | 1 | /* $OpenBSD: chacha.h,v 1.2 2014/03/26 04:55:35 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | chacha-merged.c version 20080118 | 4 | chacha-merged.c version 20080118 |
@@ -22,14 +22,14 @@ struct chacha_ctx { | |||
22 | #define CHACHA_BLOCKLEN 64 | 22 | #define CHACHA_BLOCKLEN 64 |
23 | 23 | ||
24 | void chacha_keysetup(struct chacha_ctx *x, const u_char *k, u_int kbits) | 24 | void chacha_keysetup(struct chacha_ctx *x, const u_char *k, u_int kbits) |
25 | __attribute__((__bounded__(__minbytes__, 2, CHACHA_MINKEYLEN))); | 25 | __bounded((__minbytes__, 2, CHACHA_MINKEYLEN)); |
26 | void chacha_ivsetup(struct chacha_ctx *x, const u_char *iv, const u_char *ctr) | 26 | void chacha_ivsetup(struct chacha_ctx *x, const u_char *iv, const u_char *ctr) |
27 | __attribute__((__bounded__(__minbytes__, 2, CHACHA_NONCELEN))) | 27 | __bounded((__minbytes__, 2, CHACHA_NONCELEN)) |
28 | __attribute__((__bounded__(__minbytes__, 3, CHACHA_CTRLEN))); | 28 | __bounded((__minbytes__, 3, CHACHA_CTRLEN)); |
29 | void chacha_encrypt_bytes(struct chacha_ctx *x, const u_char *m, | 29 | void chacha_encrypt_bytes(struct chacha_ctx *x, const u_char *m, |
30 | u_char *c, u_int bytes) | 30 | u_char *c, u_int bytes) |
31 | __attribute__((__bounded__(__buffer__, 2, 4))) | 31 | __bounded((__buffer__, 2, 4)) |
32 | __attribute__((__bounded__(__buffer__, 3, 4))); | 32 | __bounded((__buffer__, 3, 4)); |
33 | 33 | ||
34 | #endif /* CHACHA_H */ | 34 | #endif /* CHACHA_H */ |
35 | 35 | ||
diff --git a/cipher-chachapoly.h b/cipher-chachapoly.h index 1628693b2..35326b9a3 100644 --- a/cipher-chachapoly.h +++ b/cipher-chachapoly.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: cipher-chachapoly.h,v 1.1 2013/11/21 00:45:44 djm Exp $ */ | 1 | /* $OpenBSD: cipher-chachapoly.h,v 1.2 2014/03/26 04:55:35 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) Damien Miller 2013 <djm@mindrot.org> | 4 | * Copyright (c) Damien Miller 2013 <djm@mindrot.org> |
@@ -30,12 +30,12 @@ struct chachapoly_ctx { | |||
30 | 30 | ||
31 | void chachapoly_init(struct chachapoly_ctx *cpctx, | 31 | void chachapoly_init(struct chachapoly_ctx *cpctx, |
32 | const u_char *key, u_int keylen) | 32 | const u_char *key, u_int keylen) |
33 | __attribute__((__bounded__(__buffer__, 2, 3))); | 33 | __bounded((__buffer__, 2, 3)); |
34 | int chachapoly_crypt(struct chachapoly_ctx *cpctx, u_int seqnr, | 34 | int chachapoly_crypt(struct chachapoly_ctx *cpctx, u_int seqnr, |
35 | u_char *dest, const u_char *src, u_int len, u_int aadlen, u_int authlen, | 35 | u_char *dest, const u_char *src, u_int len, u_int aadlen, u_int authlen, |
36 | int do_encrypt); | 36 | int do_encrypt); |
37 | int chachapoly_get_length(struct chachapoly_ctx *cpctx, | 37 | int chachapoly_get_length(struct chachapoly_ctx *cpctx, |
38 | u_int *plenp, u_int seqnr, const u_char *cp, u_int len) | 38 | u_int *plenp, u_int seqnr, const u_char *cp, u_int len) |
39 | __attribute__((__bounded__(__buffer__, 4, 5))); | 39 | __bounded((__buffer__, 4, 5)); |
40 | 40 | ||
41 | #endif /* CHACHA_POLY_AEAD_H */ | 41 | #endif /* CHACHA_POLY_AEAD_H */ |
@@ -25,7 +25,7 @@ | |||
25 | #ifndef _DEFINES_H | 25 | #ifndef _DEFINES_H |
26 | #define _DEFINES_H | 26 | #define _DEFINES_H |
27 | 27 | ||
28 | /* $Id: defines.h,v 1.176 2014/01/17 13:12:38 dtucker Exp $ */ | 28 | /* $Id: defines.h,v 1.177 2014/04/20 03:21:23 djm Exp $ */ |
29 | 29 | ||
30 | 30 | ||
31 | /* Constants */ | 31 | /* Constants */ |
@@ -826,4 +826,14 @@ struct winsize { | |||
826 | # define arc4random_stir() | 826 | # define arc4random_stir() |
827 | #endif | 827 | #endif |
828 | 828 | ||
829 | /* __bounded macro */ | ||
830 | #ifndef __bounded | ||
831 | # if __GNUC_PREREQ__(3,3) && !defined(__clang__) | ||
832 | # define __bounded(args) __attribute__ ((__bounded__ args )) | ||
833 | # else | ||
834 | # define __bounded(args) /* delete */ | ||
835 | # endif /* __GNUC_PREREQ__(3,3) && !defined(__clang__) */ | ||
836 | #endif | ||
837 | |||
838 | |||
829 | #endif /* _DEFINES_H */ | 839 | #endif /* _DEFINES_H */ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: digest.h,v 1.2 2014/01/27 18:58:14 markus Exp $ */ | 1 | /* $OpenBSD: digest.h,v 1.3 2014/03/26 04:55:35 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2013 Damien Miller <djm@mindrot.org> | 3 | * Copyright (c) 2013 Damien Miller <djm@mindrot.org> |
4 | * | 4 | * |
@@ -45,18 +45,18 @@ int ssh_digest_copy_state(struct ssh_digest_ctx *from, | |||
45 | /* One-shot API */ | 45 | /* One-shot API */ |
46 | int ssh_digest_memory(int alg, const void *m, size_t mlen, | 46 | int ssh_digest_memory(int alg, const void *m, size_t mlen, |
47 | u_char *d, size_t dlen) | 47 | u_char *d, size_t dlen) |
48 | __attribute__((__bounded__(__buffer__, 2, 3))) | 48 | __bounded((__buffer__, 2, 3)) |
49 | __attribute__((__bounded__(__buffer__, 4, 5))); | 49 | __bounded((__buffer__, 4, 5)); |
50 | int ssh_digest_buffer(int alg, const Buffer *b, u_char *d, size_t dlen) | 50 | int ssh_digest_buffer(int alg, const Buffer *b, u_char *d, size_t dlen) |
51 | __attribute__((__bounded__(__buffer__, 3, 4))); | 51 | __bounded((__buffer__, 3, 4)); |
52 | 52 | ||
53 | /* Update API */ | 53 | /* Update API */ |
54 | struct ssh_digest_ctx *ssh_digest_start(int alg); | 54 | struct ssh_digest_ctx *ssh_digest_start(int alg); |
55 | int ssh_digest_update(struct ssh_digest_ctx *ctx, const void *m, size_t mlen) | 55 | int ssh_digest_update(struct ssh_digest_ctx *ctx, const void *m, size_t mlen) |
56 | __attribute__((__bounded__(__buffer__, 2, 3))); | 56 | __bounded((__buffer__, 2, 3)); |
57 | int ssh_digest_update_buffer(struct ssh_digest_ctx *ctx, const Buffer *b); | 57 | int ssh_digest_update_buffer(struct ssh_digest_ctx *ctx, const Buffer *b); |
58 | int ssh_digest_final(struct ssh_digest_ctx *ctx, u_char *d, size_t dlen) | 58 | int ssh_digest_final(struct ssh_digest_ctx *ctx, u_char *d, size_t dlen) |
59 | __attribute__((__bounded__(__buffer__, 2, 3))); | 59 | __bounded((__buffer__, 2, 3)); |
60 | void ssh_digest_free(struct ssh_digest_ctx *ctx); | 60 | void ssh_digest_free(struct ssh_digest_ctx *ctx); |
61 | 61 | ||
62 | #endif /* _DIGEST_H */ | 62 | #endif /* _DIGEST_H */ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: hmac.h,v 1.6 2014/01/27 18:58:14 markus Exp $ */ | 1 | /* $OpenBSD: hmac.h,v 1.7 2014/03/26 04:55:35 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2014 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2014 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -26,12 +26,12 @@ struct ssh_hmac_ctx *ssh_hmac_start(int alg); | |||
26 | 26 | ||
27 | /* Sets the state of the HMAC or resets the state if key == NULL */ | 27 | /* Sets the state of the HMAC or resets the state if key == NULL */ |
28 | int ssh_hmac_init(struct ssh_hmac_ctx *ctx, const void *key, size_t klen) | 28 | int ssh_hmac_init(struct ssh_hmac_ctx *ctx, const void *key, size_t klen) |
29 | __attribute__((__bounded__(__buffer__, 2, 3))); | 29 | __bounded((__buffer__, 2, 3)); |
30 | int ssh_hmac_update(struct ssh_hmac_ctx *ctx, const void *m, size_t mlen) | 30 | int ssh_hmac_update(struct ssh_hmac_ctx *ctx, const void *m, size_t mlen) |
31 | __attribute__((__bounded__(__buffer__, 2, 3))); | 31 | __bounded((__buffer__, 2, 3)); |
32 | int ssh_hmac_update_buffer(struct ssh_hmac_ctx *ctx, const Buffer *b); | 32 | int ssh_hmac_update_buffer(struct ssh_hmac_ctx *ctx, const Buffer *b); |
33 | int ssh_hmac_final(struct ssh_hmac_ctx *ctx, u_char *d, size_t dlen) | 33 | int ssh_hmac_final(struct ssh_hmac_ctx *ctx, u_char *d, size_t dlen) |
34 | __attribute__((__bounded__(__buffer__, 2, 3))); | 34 | __bounded((__buffer__, 2, 3)); |
35 | void ssh_hmac_free(struct ssh_hmac_ctx *ctx); | 35 | void ssh_hmac_free(struct ssh_hmac_ctx *ctx); |
36 | 36 | ||
37 | #endif /* _HMAC_H */ | 37 | #endif /* _HMAC_H */ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.h,v 1.62 2014/01/27 18:58:14 markus Exp $ */ | 1 | /* $OpenBSD: kex.h,v 1.63 2014/03/26 04:55:35 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
@@ -187,12 +187,12 @@ kex_c25519_hash(int, char *, char *, char *, int, | |||
187 | 187 | ||
188 | #define CURVE25519_SIZE 32 | 188 | #define CURVE25519_SIZE 32 |
189 | void kexc25519_keygen(u_char[CURVE25519_SIZE], u_char[CURVE25519_SIZE]) | 189 | void kexc25519_keygen(u_char[CURVE25519_SIZE], u_char[CURVE25519_SIZE]) |
190 | __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) | 190 | __bounded((__minbytes__, 1, CURVE25519_SIZE)) |
191 | __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); | 191 | __bounded((__minbytes__, 2, CURVE25519_SIZE)); |
192 | void kexc25519_shared_key(const u_char key[CURVE25519_SIZE], | 192 | void kexc25519_shared_key(const u_char key[CURVE25519_SIZE], |
193 | const u_char pub[CURVE25519_SIZE], Buffer *out) | 193 | const u_char pub[CURVE25519_SIZE], Buffer *out) |
194 | __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) | 194 | __bounded((__minbytes__, 1, CURVE25519_SIZE)) |
195 | __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); | 195 | __bounded((__minbytes__, 2, CURVE25519_SIZE)); |
196 | 196 | ||
197 | void | 197 | void |
198 | derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]); | 198 | derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]); |
diff --git a/kexc25519.c b/kexc25519.c index ee79b4327..4dc842c44 100644 --- a/kexc25519.c +++ b/kexc25519.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kexc25519.c,v 1.5 2014/01/31 16:39:19 tedu Exp $ */ | 1 | /* $OpenBSD: kexc25519.c,v 1.6 2014/03/26 04:55:35 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001, 2013 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001, 2013 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2010 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2010 Damien Miller. All rights reserved. |
@@ -45,9 +45,9 @@ | |||
45 | 45 | ||
46 | extern int crypto_scalarmult_curve25519(u_char a[CURVE25519_SIZE], | 46 | extern int crypto_scalarmult_curve25519(u_char a[CURVE25519_SIZE], |
47 | const u_char b[CURVE25519_SIZE], const u_char c[CURVE25519_SIZE]) | 47 | const u_char b[CURVE25519_SIZE], const u_char c[CURVE25519_SIZE]) |
48 | __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) | 48 | __bounded((__minbytes__, 1, CURVE25519_SIZE)) |
49 | __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))) | 49 | __bounded((__minbytes__, 2, CURVE25519_SIZE)) |
50 | __attribute__((__bounded__(__minbytes__, 3, CURVE25519_SIZE))); | 50 | __bounded((__minbytes__, 3, CURVE25519_SIZE)); |
51 | 51 | ||
52 | void | 52 | void |
53 | kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) | 53 | kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: misc.h,v 1.50 2013/10/14 23:28:23 djm Exp $ */ | 1 | /* $OpenBSD: misc.h,v 1.51 2014/03/26 04:55:35 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -70,17 +70,17 @@ int tun_open(int, int); | |||
70 | 70 | ||
71 | /* Functions to extract or store big-endian words of various sizes */ | 71 | /* Functions to extract or store big-endian words of various sizes */ |
72 | u_int64_t get_u64(const void *) | 72 | u_int64_t get_u64(const void *) |
73 | __attribute__((__bounded__( __minbytes__, 1, 8))); | 73 | __bounded(( __minbytes__, 1, 8)); |
74 | u_int32_t get_u32(const void *) | 74 | u_int32_t get_u32(const void *) |
75 | __attribute__((__bounded__( __minbytes__, 1, 4))); | 75 | __bounded(( __minbytes__, 1, 4)); |
76 | u_int16_t get_u16(const void *) | 76 | u_int16_t get_u16(const void *) |
77 | __attribute__((__bounded__( __minbytes__, 1, 2))); | 77 | __bounded(( __minbytes__, 1, 2)); |
78 | void put_u64(void *, u_int64_t) | 78 | void put_u64(void *, u_int64_t) |
79 | __attribute__((__bounded__( __minbytes__, 1, 8))); | 79 | __bounded(( __minbytes__, 1, 8)); |
80 | void put_u32(void *, u_int32_t) | 80 | void put_u32(void *, u_int32_t) |
81 | __attribute__((__bounded__( __minbytes__, 1, 4))); | 81 | __bounded(( __minbytes__, 1, 4)); |
82 | void put_u16(void *, u_int16_t) | 82 | void put_u16(void *, u_int16_t) |
83 | __attribute__((__bounded__( __minbytes__, 1, 2))); | 83 | __bounded(( __minbytes__, 1, 2)); |
84 | 84 | ||
85 | struct bwlimit { | 85 | struct bwlimit { |
86 | size_t buflen; | 86 | size_t buflen; |
diff --git a/poly1305.h b/poly1305.h index 221efc462..82373e6af 100644 --- a/poly1305.h +++ b/poly1305.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: poly1305.h,v 1.2 2013/12/19 22:57:13 djm Exp $ */ | 1 | /* $OpenBSD: poly1305.h,v 1.3 2014/03/26 04:55:35 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Public Domain poly1305 from Andrew Moon | 4 | * Public Domain poly1305 from Andrew Moon |
@@ -15,8 +15,8 @@ | |||
15 | 15 | ||
16 | void poly1305_auth(u_char out[POLY1305_TAGLEN], const u_char *m, size_t inlen, | 16 | void poly1305_auth(u_char out[POLY1305_TAGLEN], const u_char *m, size_t inlen, |
17 | const u_char key[POLY1305_KEYLEN]) | 17 | const u_char key[POLY1305_KEYLEN]) |
18 | __attribute__((__bounded__(__minbytes__, 1, POLY1305_TAGLEN))) | 18 | __bounded((__minbytes__, 1, POLY1305_TAGLEN)) |
19 | __attribute__((__bounded__(__buffer__, 2, 3))) | 19 | __bounded((__buffer__, 2, 3)) |
20 | __attribute__((__bounded__(__minbytes__, 4, POLY1305_KEYLEN))); | 20 | __bounded((__minbytes__, 4, POLY1305_KEYLEN)); |
21 | 21 | ||
22 | #endif /* POLY1305_H */ | 22 | #endif /* POLY1305_H */ |
diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index c49cbf42b..ed5268c12 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-pkcs11.c,v 1.11 2013/11/13 13:48:20 markus Exp $ */ | 1 | /* $OpenBSD: ssh-pkcs11.c,v 1.12 2014/03/26 04:55:35 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -386,7 +386,7 @@ pkcs11_open_session(struct pkcs11_provider *p, CK_ULONG slotidx, char *pin) | |||
386 | */ | 386 | */ |
387 | static int pkcs11_fetch_keys_filter(struct pkcs11_provider *, CK_ULONG, | 387 | static int pkcs11_fetch_keys_filter(struct pkcs11_provider *, CK_ULONG, |
388 | CK_ATTRIBUTE [], CK_ATTRIBUTE [3], Key ***, int *) | 388 | CK_ATTRIBUTE [], CK_ATTRIBUTE [3], Key ***, int *) |
389 | __attribute__((__bounded__(__minbytes__,4, 3 * sizeof(CK_ATTRIBUTE)))); | 389 | __bounded((__minbytes__,4, 3 * sizeof(CK_ATTRIBUTE))); |
390 | 390 | ||
391 | static int | 391 | static int |
392 | pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, | 392 | pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, |