diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | chacha.h | 12 | ||||
-rw-r--r-- | cipher-chachapoly.h | 6 | ||||
-rw-r--r-- | defines.h | 20 | ||||
-rw-r--r-- | digest.h | 12 | ||||
-rw-r--r-- | hmac.h | 8 | ||||
-rw-r--r-- | kex.h | 10 | ||||
-rw-r--r-- | kexc25519.c | 8 | ||||
-rw-r--r-- | misc.h | 18 | ||||
-rw-r--r-- | poly1305.h | 8 | ||||
-rw-r--r-- | ssh-pkcs11.c | 4 |
11 files changed, 49 insertions, 62 deletions
@@ -71,6 +71,11 @@ | |||
71 | UMAC can use our local fallback implementation of AES when OpenSSL isn't | 71 | UMAC can use our local fallback implementation of AES when OpenSSL isn't |
72 | available. Glue code straight from Ted Krovetz's original umac.c. | 72 | available. Glue code straight from Ted Krovetz's original umac.c. |
73 | ok markus@ | 73 | ok markus@ |
74 | - djm@cvs.openbsd.org 2014/05/02 03:27:54 | ||
75 | [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c] | ||
76 | [misc.h poly1305.h ssh-pkcs11.c defines.h] | ||
77 | revert __bounded change; it causes way more problems for portable than | ||
78 | it solves; pointed out by dtucker@ | ||
74 | 79 | ||
75 | 20140430 | 80 | 20140430 |
76 | - (dtucker) [defines.h] Define __GNUC_PREREQ__ macro if we don't already | 81 | - (dtucker) [defines.h] Define __GNUC_PREREQ__ macro if we don't already |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: chacha.h,v 1.2 2014/03/26 04:55:35 djm Exp $ */ | 1 | /* $OpenBSD: chacha.h,v 1.3 2014/05/02 03:27:54 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | chacha-merged.c version 20080118 | 4 | chacha-merged.c version 20080118 |
@@ -22,14 +22,14 @@ struct chacha_ctx { | |||
22 | #define CHACHA_BLOCKLEN 64 | 22 | #define CHACHA_BLOCKLEN 64 |
23 | 23 | ||
24 | void chacha_keysetup(struct chacha_ctx *x, const u_char *k, u_int kbits) | 24 | void chacha_keysetup(struct chacha_ctx *x, const u_char *k, u_int kbits) |
25 | __bounded((__minbytes__, 2, CHACHA_MINKEYLEN)); | 25 | __attribute__((__bounded__(__minbytes__, 2, CHACHA_MINKEYLEN))); |
26 | void chacha_ivsetup(struct chacha_ctx *x, const u_char *iv, const u_char *ctr) | 26 | void chacha_ivsetup(struct chacha_ctx *x, const u_char *iv, const u_char *ctr) |
27 | __bounded((__minbytes__, 2, CHACHA_NONCELEN)) | 27 | __attribute__((__bounded__(__minbytes__, 2, CHACHA_NONCELEN))) |
28 | __bounded((__minbytes__, 3, CHACHA_CTRLEN)); | 28 | __attribute__((__bounded__(__minbytes__, 3, CHACHA_CTRLEN))); |
29 | void chacha_encrypt_bytes(struct chacha_ctx *x, const u_char *m, | 29 | void chacha_encrypt_bytes(struct chacha_ctx *x, const u_char *m, |
30 | u_char *c, u_int bytes) | 30 | u_char *c, u_int bytes) |
31 | __bounded((__buffer__, 2, 4)) | 31 | __attribute__((__bounded__(__buffer__, 2, 4))) |
32 | __bounded((__buffer__, 3, 4)); | 32 | __attribute__((__bounded__(__buffer__, 3, 4))); |
33 | 33 | ||
34 | #endif /* CHACHA_H */ | 34 | #endif /* CHACHA_H */ |
35 | 35 | ||
diff --git a/cipher-chachapoly.h b/cipher-chachapoly.h index 35326b9a3..7948dcdcd 100644 --- a/cipher-chachapoly.h +++ b/cipher-chachapoly.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: cipher-chachapoly.h,v 1.2 2014/03/26 04:55:35 djm Exp $ */ | 1 | /* $OpenBSD: cipher-chachapoly.h,v 1.3 2014/05/02 03:27:54 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) Damien Miller 2013 <djm@mindrot.org> | 4 | * Copyright (c) Damien Miller 2013 <djm@mindrot.org> |
@@ -30,12 +30,12 @@ struct chachapoly_ctx { | |||
30 | 30 | ||
31 | void chachapoly_init(struct chachapoly_ctx *cpctx, | 31 | void chachapoly_init(struct chachapoly_ctx *cpctx, |
32 | const u_char *key, u_int keylen) | 32 | const u_char *key, u_int keylen) |
33 | __bounded((__buffer__, 2, 3)); | 33 | __attribute__((__bounded__(__buffer__, 2, 3))); |
34 | int chachapoly_crypt(struct chachapoly_ctx *cpctx, u_int seqnr, | 34 | int chachapoly_crypt(struct chachapoly_ctx *cpctx, u_int seqnr, |
35 | u_char *dest, const u_char *src, u_int len, u_int aadlen, u_int authlen, | 35 | u_char *dest, const u_char *src, u_int len, u_int aadlen, u_int authlen, |
36 | int do_encrypt); | 36 | int do_encrypt); |
37 | int chachapoly_get_length(struct chachapoly_ctx *cpctx, | 37 | int chachapoly_get_length(struct chachapoly_ctx *cpctx, |
38 | u_int *plenp, u_int seqnr, const u_char *cp, u_int len) | 38 | u_int *plenp, u_int seqnr, const u_char *cp, u_int len) |
39 | __bounded((__buffer__, 4, 5)); | 39 | __attribute__((__bounded__(__buffer__, 4, 5))); |
40 | 40 | ||
41 | #endif /* CHACHA_POLY_AEAD_H */ | 41 | #endif /* CHACHA_POLY_AEAD_H */ |
@@ -25,7 +25,7 @@ | |||
25 | #ifndef _DEFINES_H | 25 | #ifndef _DEFINES_H |
26 | #define _DEFINES_H | 26 | #define _DEFINES_H |
27 | 27 | ||
28 | /* $Id: defines.h,v 1.178 2014/04/30 16:24:35 dtucker Exp $ */ | 28 | /* $Id: defines.h,v 1.179 2014/05/15 04:37:04 djm Exp $ */ |
29 | 29 | ||
30 | 30 | ||
31 | /* Constants */ | 31 | /* Constants */ |
@@ -826,22 +826,4 @@ struct winsize { | |||
826 | # define arc4random_stir() | 826 | # define arc4random_stir() |
827 | #endif | 827 | #endif |
828 | 828 | ||
829 | /* Macro to test if we're using a specific version of gcc or later. */ | ||
830 | #if defined(__GNUC__) && !defined(__GNUC_PREREQ__) | ||
831 | #define __GNUC_PREREQ__(ma, mi) \ | ||
832 | ((__GNUC__ > (ma)) || (__GNUC__ == (ma) && __GNUC_MINOR__ >= (mi))) | ||
833 | #else | ||
834 | #define __GNUC_PREREQ__(ma, mi) 0 | ||
835 | #endif | ||
836 | |||
837 | /* __bounded macro */ | ||
838 | #ifndef __bounded | ||
839 | # if defined(__GNUC__) && __GNUC_PREREQ__(3,3) && !defined(__clang__) | ||
840 | # define __bounded(args) __attribute__ ((__bounded__ args )) | ||
841 | # else | ||
842 | # define __bounded(args) /* delete */ | ||
843 | # endif /* __GNUC_PREREQ__(3,3) && !defined(__clang__) */ | ||
844 | #endif | ||
845 | |||
846 | |||
847 | #endif /* _DEFINES_H */ | 829 | #endif /* _DEFINES_H */ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: digest.h,v 1.3 2014/03/26 04:55:35 djm Exp $ */ | 1 | /* $OpenBSD: digest.h,v 1.4 2014/05/02 03:27:54 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2013 Damien Miller <djm@mindrot.org> | 3 | * Copyright (c) 2013 Damien Miller <djm@mindrot.org> |
4 | * | 4 | * |
@@ -45,18 +45,18 @@ int ssh_digest_copy_state(struct ssh_digest_ctx *from, | |||
45 | /* One-shot API */ | 45 | /* One-shot API */ |
46 | int ssh_digest_memory(int alg, const void *m, size_t mlen, | 46 | int ssh_digest_memory(int alg, const void *m, size_t mlen, |
47 | u_char *d, size_t dlen) | 47 | u_char *d, size_t dlen) |
48 | __bounded((__buffer__, 2, 3)) | 48 | __attribute__((__bounded__(__buffer__, 2, 3))) |
49 | __bounded((__buffer__, 4, 5)); | 49 | __attribute__((__bounded__(__buffer__, 4, 5))); |
50 | int ssh_digest_buffer(int alg, const Buffer *b, u_char *d, size_t dlen) | 50 | int ssh_digest_buffer(int alg, const Buffer *b, u_char *d, size_t dlen) |
51 | __bounded((__buffer__, 3, 4)); | 51 | __attribute__((__bounded__(__buffer__, 3, 4))); |
52 | 52 | ||
53 | /* Update API */ | 53 | /* Update API */ |
54 | struct ssh_digest_ctx *ssh_digest_start(int alg); | 54 | struct ssh_digest_ctx *ssh_digest_start(int alg); |
55 | int ssh_digest_update(struct ssh_digest_ctx *ctx, const void *m, size_t mlen) | 55 | int ssh_digest_update(struct ssh_digest_ctx *ctx, const void *m, size_t mlen) |
56 | __bounded((__buffer__, 2, 3)); | 56 | __attribute__((__bounded__(__buffer__, 2, 3))); |
57 | int ssh_digest_update_buffer(struct ssh_digest_ctx *ctx, const Buffer *b); | 57 | int ssh_digest_update_buffer(struct ssh_digest_ctx *ctx, const Buffer *b); |
58 | int ssh_digest_final(struct ssh_digest_ctx *ctx, u_char *d, size_t dlen) | 58 | int ssh_digest_final(struct ssh_digest_ctx *ctx, u_char *d, size_t dlen) |
59 | __bounded((__buffer__, 2, 3)); | 59 | __attribute__((__bounded__(__buffer__, 2, 3))); |
60 | void ssh_digest_free(struct ssh_digest_ctx *ctx); | 60 | void ssh_digest_free(struct ssh_digest_ctx *ctx); |
61 | 61 | ||
62 | #endif /* _DIGEST_H */ | 62 | #endif /* _DIGEST_H */ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: hmac.h,v 1.7 2014/03/26 04:55:35 djm Exp $ */ | 1 | /* $OpenBSD: hmac.h,v 1.8 2014/05/02 03:27:54 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2014 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2014 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -26,12 +26,12 @@ struct ssh_hmac_ctx *ssh_hmac_start(int alg); | |||
26 | 26 | ||
27 | /* Sets the state of the HMAC or resets the state if key == NULL */ | 27 | /* Sets the state of the HMAC or resets the state if key == NULL */ |
28 | int ssh_hmac_init(struct ssh_hmac_ctx *ctx, const void *key, size_t klen) | 28 | int ssh_hmac_init(struct ssh_hmac_ctx *ctx, const void *key, size_t klen) |
29 | __bounded((__buffer__, 2, 3)); | 29 | __attribute__((__bounded__(__buffer__, 2, 3))); |
30 | int ssh_hmac_update(struct ssh_hmac_ctx *ctx, const void *m, size_t mlen) | 30 | int ssh_hmac_update(struct ssh_hmac_ctx *ctx, const void *m, size_t mlen) |
31 | __bounded((__buffer__, 2, 3)); | 31 | __attribute__((__bounded__(__buffer__, 2, 3))); |
32 | int ssh_hmac_update_buffer(struct ssh_hmac_ctx *ctx, const Buffer *b); | 32 | int ssh_hmac_update_buffer(struct ssh_hmac_ctx *ctx, const Buffer *b); |
33 | int ssh_hmac_final(struct ssh_hmac_ctx *ctx, u_char *d, size_t dlen) | 33 | int ssh_hmac_final(struct ssh_hmac_ctx *ctx, u_char *d, size_t dlen) |
34 | __bounded((__buffer__, 2, 3)); | 34 | __attribute__((__bounded__(__buffer__, 2, 3))); |
35 | void ssh_hmac_free(struct ssh_hmac_ctx *ctx); | 35 | void ssh_hmac_free(struct ssh_hmac_ctx *ctx); |
36 | 36 | ||
37 | #endif /* _HMAC_H */ | 37 | #endif /* _HMAC_H */ |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kex.h,v 1.63 2014/03/26 04:55:35 djm Exp $ */ | 1 | /* $OpenBSD: kex.h,v 1.64 2014/05/02 03:27:54 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
@@ -187,12 +187,12 @@ kex_c25519_hash(int, char *, char *, char *, int, | |||
187 | 187 | ||
188 | #define CURVE25519_SIZE 32 | 188 | #define CURVE25519_SIZE 32 |
189 | void kexc25519_keygen(u_char[CURVE25519_SIZE], u_char[CURVE25519_SIZE]) | 189 | void kexc25519_keygen(u_char[CURVE25519_SIZE], u_char[CURVE25519_SIZE]) |
190 | __bounded((__minbytes__, 1, CURVE25519_SIZE)) | 190 | __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) |
191 | __bounded((__minbytes__, 2, CURVE25519_SIZE)); | 191 | __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); |
192 | void kexc25519_shared_key(const u_char key[CURVE25519_SIZE], | 192 | void kexc25519_shared_key(const u_char key[CURVE25519_SIZE], |
193 | const u_char pub[CURVE25519_SIZE], Buffer *out) | 193 | const u_char pub[CURVE25519_SIZE], Buffer *out) |
194 | __bounded((__minbytes__, 1, CURVE25519_SIZE)) | 194 | __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) |
195 | __bounded((__minbytes__, 2, CURVE25519_SIZE)); | 195 | __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); |
196 | 196 | ||
197 | void | 197 | void |
198 | derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]); | 198 | derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]); |
diff --git a/kexc25519.c b/kexc25519.c index 4dc842c44..e3afa0055 100644 --- a/kexc25519.c +++ b/kexc25519.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: kexc25519.c,v 1.6 2014/03/26 04:55:35 djm Exp $ */ | 1 | /* $OpenBSD: kexc25519.c,v 1.7 2014/05/02 03:27:54 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001, 2013 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001, 2013 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2010 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2010 Damien Miller. All rights reserved. |
@@ -45,9 +45,9 @@ | |||
45 | 45 | ||
46 | extern int crypto_scalarmult_curve25519(u_char a[CURVE25519_SIZE], | 46 | extern int crypto_scalarmult_curve25519(u_char a[CURVE25519_SIZE], |
47 | const u_char b[CURVE25519_SIZE], const u_char c[CURVE25519_SIZE]) | 47 | const u_char b[CURVE25519_SIZE], const u_char c[CURVE25519_SIZE]) |
48 | __bounded((__minbytes__, 1, CURVE25519_SIZE)) | 48 | __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) |
49 | __bounded((__minbytes__, 2, CURVE25519_SIZE)) | 49 | __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))) |
50 | __bounded((__minbytes__, 3, CURVE25519_SIZE)); | 50 | __attribute__((__bounded__(__minbytes__, 3, CURVE25519_SIZE))); |
51 | 51 | ||
52 | void | 52 | void |
53 | kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) | 53 | kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: misc.h,v 1.52 2014/04/20 02:30:25 djm Exp $ */ | 1 | /* $OpenBSD: misc.h,v 1.53 2014/05/02 03:27:54 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -70,23 +70,23 @@ int tun_open(int, int); | |||
70 | 70 | ||
71 | /* Functions to extract or store big-endian words of various sizes */ | 71 | /* Functions to extract or store big-endian words of various sizes */ |
72 | u_int64_t get_u64(const void *) | 72 | u_int64_t get_u64(const void *) |
73 | __bounded(( __minbytes__, 1, 8)); | 73 | __attribute__((__bounded__( __minbytes__, 1, 8))); |
74 | u_int32_t get_u32(const void *) | 74 | u_int32_t get_u32(const void *) |
75 | __bounded(( __minbytes__, 1, 4)); | 75 | __attribute__((__bounded__( __minbytes__, 1, 4))); |
76 | u_int16_t get_u16(const void *) | 76 | u_int16_t get_u16(const void *) |
77 | __bounded(( __minbytes__, 1, 2)); | 77 | __attribute__((__bounded__( __minbytes__, 1, 2))); |
78 | void put_u64(void *, u_int64_t) | 78 | void put_u64(void *, u_int64_t) |
79 | __bounded(( __minbytes__, 1, 8)); | 79 | __attribute__((__bounded__( __minbytes__, 1, 8))); |
80 | void put_u32(void *, u_int32_t) | 80 | void put_u32(void *, u_int32_t) |
81 | __bounded(( __minbytes__, 1, 4)); | 81 | __attribute__((__bounded__( __minbytes__, 1, 4))); |
82 | void put_u16(void *, u_int16_t) | 82 | void put_u16(void *, u_int16_t) |
83 | __bounded(( __minbytes__, 1, 2)); | 83 | __attribute__((__bounded__( __minbytes__, 1, 2))); |
84 | 84 | ||
85 | /* Little-endian store/load, used by umac.c */ | 85 | /* Little-endian store/load, used by umac.c */ |
86 | u_int32_t get_u32_le(const void *) | 86 | u_int32_t get_u32_le(const void *) |
87 | __bounded(( __minbytes__, 1, 4)); | 87 | __attribute__((__bounded__(__minbytes__, 1, 4))); |
88 | void put_u32_le(void *, u_int32_t) | 88 | void put_u32_le(void *, u_int32_t) |
89 | __bounded(( __minbytes__, 1, 4)); | 89 | __attribute__((__bounded__(__minbytes__, 1, 4))); |
90 | 90 | ||
91 | struct bwlimit { | 91 | struct bwlimit { |
92 | size_t buflen; | 92 | size_t buflen; |
diff --git a/poly1305.h b/poly1305.h index 82373e6af..f7db5f8d7 100644 --- a/poly1305.h +++ b/poly1305.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: poly1305.h,v 1.3 2014/03/26 04:55:35 djm Exp $ */ | 1 | /* $OpenBSD: poly1305.h,v 1.4 2014/05/02 03:27:54 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Public Domain poly1305 from Andrew Moon | 4 | * Public Domain poly1305 from Andrew Moon |
@@ -15,8 +15,8 @@ | |||
15 | 15 | ||
16 | void poly1305_auth(u_char out[POLY1305_TAGLEN], const u_char *m, size_t inlen, | 16 | void poly1305_auth(u_char out[POLY1305_TAGLEN], const u_char *m, size_t inlen, |
17 | const u_char key[POLY1305_KEYLEN]) | 17 | const u_char key[POLY1305_KEYLEN]) |
18 | __bounded((__minbytes__, 1, POLY1305_TAGLEN)) | 18 | __attribute__((__bounded__(__minbytes__, 1, POLY1305_TAGLEN))) |
19 | __bounded((__buffer__, 2, 3)) | 19 | __attribute__((__bounded__(__buffer__, 2, 3))) |
20 | __bounded((__minbytes__, 4, POLY1305_KEYLEN)); | 20 | __attribute__((__bounded__(__minbytes__, 4, POLY1305_KEYLEN))); |
21 | 21 | ||
22 | #endif /* POLY1305_H */ | 22 | #endif /* POLY1305_H */ |
diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index ed5268c12..d3e877291 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-pkcs11.c,v 1.12 2014/03/26 04:55:35 djm Exp $ */ | 1 | /* $OpenBSD: ssh-pkcs11.c,v 1.13 2014/05/02 03:27:54 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -386,7 +386,7 @@ pkcs11_open_session(struct pkcs11_provider *p, CK_ULONG slotidx, char *pin) | |||
386 | */ | 386 | */ |
387 | static int pkcs11_fetch_keys_filter(struct pkcs11_provider *, CK_ULONG, | 387 | static int pkcs11_fetch_keys_filter(struct pkcs11_provider *, CK_ULONG, |
388 | CK_ATTRIBUTE [], CK_ATTRIBUTE [3], Key ***, int *) | 388 | CK_ATTRIBUTE [], CK_ATTRIBUTE [3], Key ***, int *) |
389 | __bounded((__minbytes__,4, 3 * sizeof(CK_ATTRIBUTE))); | 389 | __attribute__((__bounded__(__minbytes__,4, 3 * sizeof(CK_ATTRIBUTE)))); |
390 | 390 | ||
391 | static int | 391 | static int |
392 | pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, | 392 | pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, |