summaryrefslogtreecommitdiff
path: root/openbsd-compat
diff options
context:
space:
mode:
Diffstat (limited to 'openbsd-compat')
-rw-r--r--openbsd-compat/Makefile.in2
-rw-r--r--openbsd-compat/bsd-closefrom.c88
-rw-r--r--openbsd-compat/bsd-misc.c4
-rw-r--r--openbsd-compat/bsd-openpty.c9
-rw-r--r--openbsd-compat/bsd-setres_id.c12
-rw-r--r--openbsd-compat/bsd-signal.c1
-rw-r--r--openbsd-compat/memmem.c69
-rw-r--r--openbsd-compat/openbsd-compat.h24
-rw-r--r--openbsd-compat/port-irix.c2
-rw-r--r--openbsd-compat/port-solaris.c6
-rw-r--r--openbsd-compat/pwcache.c4
-rw-r--r--openbsd-compat/realpath.c229
-rw-r--r--openbsd-compat/regress/snprintftest.c3
-rw-r--r--openbsd-compat/regress/utimensattest.c33
-rw-r--r--openbsd-compat/setproctitle.c1
-rw-r--r--openbsd-compat/sha1.c13
-rw-r--r--openbsd-compat/sha2.c334
-rw-r--r--openbsd-compat/sha2.h138
18 files changed, 521 insertions, 451 deletions
diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in
index c1e14cbd0..1162dc550 100644
--- a/openbsd-compat/Makefile.in
+++ b/openbsd-compat/Makefile.in
@@ -34,11 +34,11 @@ OPENBSD=base64.o \
34 inet_ntoa.o \ 34 inet_ntoa.o \
35 inet_ntop.o \ 35 inet_ntop.o \
36 md5.o \ 36 md5.o \
37 memmem.o \
37 mktemp.o \ 38 mktemp.o \
38 pwcache.o \ 39 pwcache.o \
39 readpassphrase.o \ 40 readpassphrase.o \
40 reallocarray.o \ 41 reallocarray.o \
41 realpath.o \
42 recallocarray.o \ 42 recallocarray.o \
43 rmd160.o \ 43 rmd160.o \
44 rresvport.o \ 44 rresvport.o \
diff --git a/openbsd-compat/bsd-closefrom.c b/openbsd-compat/bsd-closefrom.c
index b56476a2d..8fadca2da 100644
--- a/openbsd-compat/bsd-closefrom.c
+++ b/openbsd-compat/bsd-closefrom.c
@@ -46,6 +46,9 @@
46# include <ndir.h> 46# include <ndir.h>
47# endif 47# endif
48#endif 48#endif
49#if defined(HAVE_LIBPROC_H)
50# include <libproc.h>
51#endif
49 52
50#ifndef OPEN_MAX 53#ifndef OPEN_MAX
51# define OPEN_MAX 256 54# define OPEN_MAX 256
@@ -55,21 +58,73 @@
55__unused static const char rcsid[] = "$Sudo: closefrom.c,v 1.11 2006/08/17 15:26:54 millert Exp $"; 58__unused static const char rcsid[] = "$Sudo: closefrom.c,v 1.11 2006/08/17 15:26:54 millert Exp $";
56#endif /* lint */ 59#endif /* lint */
57 60
61#ifndef HAVE_FCNTL_CLOSEM
58/* 62/*
59 * Close all file descriptors greater than or equal to lowfd. 63 * Close all file descriptors greater than or equal to lowfd.
60 */ 64 */
65static void
66closefrom_fallback(int lowfd)
67{
68 long fd, maxfd;
69
70 /*
71 * Fall back on sysconf() or getdtablesize(). We avoid checking
72 * resource limits since it is possible to open a file descriptor
73 * and then drop the rlimit such that it is below the open fd.
74 */
75#ifdef HAVE_SYSCONF
76 maxfd = sysconf(_SC_OPEN_MAX);
77#else
78 maxfd = getdtablesize();
79#endif /* HAVE_SYSCONF */
80 if (maxfd < 0)
81 maxfd = OPEN_MAX;
82
83 for (fd = lowfd; fd < maxfd; fd++)
84 (void) close((int) fd);
85}
86#endif /* HAVE_FCNTL_CLOSEM */
87
61#ifdef HAVE_FCNTL_CLOSEM 88#ifdef HAVE_FCNTL_CLOSEM
62void 89void
63closefrom(int lowfd) 90closefrom(int lowfd)
64{ 91{
65 (void) fcntl(lowfd, F_CLOSEM, 0); 92 (void) fcntl(lowfd, F_CLOSEM, 0);
66} 93}
67#else 94#elif defined(HAVE_LIBPROC_H) && defined(HAVE_PROC_PIDINFO)
68void 95void
69closefrom(int lowfd) 96closefrom(int lowfd)
70{ 97{
71 long fd, maxfd; 98 int i, r, sz;
72#if defined(HAVE_DIRFD) && defined(HAVE_PROC_PID) 99 pid_t pid = getpid();
100 struct proc_fdinfo *fdinfo_buf = NULL;
101
102 sz = proc_pidinfo(pid, PROC_PIDLISTFDS, 0, NULL, 0);
103 if (sz == 0)
104 return; /* no fds, really? */
105 else if (sz == -1)
106 goto fallback;
107 if ((fdinfo_buf = malloc(sz)) == NULL)
108 goto fallback;
109 r = proc_pidinfo(pid, PROC_PIDLISTFDS, 0, fdinfo_buf, sz);
110 if (r < 0 || r > sz)
111 goto fallback;
112 for (i = 0; i < r / (int)PROC_PIDLISTFD_SIZE; i++) {
113 if (fdinfo_buf[i].proc_fd >= lowfd)
114 close(fdinfo_buf[i].proc_fd);
115 }
116 free(fdinfo_buf);
117 return;
118 fallback:
119 free(fdinfo_buf);
120 closefrom_fallback(lowfd);
121 return;
122}
123#elif defined(HAVE_DIRFD) && defined(HAVE_PROC_PID)
124void
125closefrom(int lowfd)
126{
127 long fd;
73 char fdpath[PATH_MAX], *endp; 128 char fdpath[PATH_MAX], *endp;
74 struct dirent *dent; 129 struct dirent *dent;
75 DIR *dirp; 130 DIR *dirp;
@@ -85,25 +140,16 @@ closefrom(int lowfd)
85 (void) close((int) fd); 140 (void) close((int) fd);
86 } 141 }
87 (void) closedir(dirp); 142 (void) closedir(dirp);
88 } else 143 return;
89#endif
90 {
91 /*
92 * Fall back on sysconf() or getdtablesize(). We avoid checking
93 * resource limits since it is possible to open a file descriptor
94 * and then drop the rlimit such that it is below the open fd.
95 */
96#ifdef HAVE_SYSCONF
97 maxfd = sysconf(_SC_OPEN_MAX);
98#else
99 maxfd = getdtablesize();
100#endif /* HAVE_SYSCONF */
101 if (maxfd < 0)
102 maxfd = OPEN_MAX;
103
104 for (fd = lowfd; fd < maxfd; fd++)
105 (void) close((int) fd);
106 } 144 }
145 /* /proc/$$/fd strategy failed, fall back to brute force closure */
146 closefrom_fallback(lowfd);
147}
148#else
149void
150closefrom(int lowfd)
151{
152 closefrom_fallback(lowfd);
107} 153}
108#endif /* !HAVE_FCNTL_CLOSEM */ 154#endif /* !HAVE_FCNTL_CLOSEM */
109#endif /* HAVE_CLOSEFROM */ 155#endif /* HAVE_CLOSEFROM */
diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c
index aa1c7d7a3..7a26ee40c 100644
--- a/openbsd-compat/bsd-misc.c
+++ b/openbsd-compat/bsd-misc.c
@@ -172,7 +172,7 @@ fchownat(int fd, const char *path, uid_t owner, gid_t group, int flag)
172 return -1; 172 return -1;
173 } 173 }
174# ifndef HAVE_FCHOWN 174# ifndef HAVE_FCHOWN
175 return chown(pathname, owner, group); 175 return chown(path, owner, group);
176# else 176# else
177# ifdef O_NOFOLLOW 177# ifdef O_NOFOLLOW
178 if (flag & AT_SYMLINK_NOFOLLOW) 178 if (flag & AT_SYMLINK_NOFOLLOW)
@@ -203,7 +203,7 @@ fchmodat(int fd, const char *path, mode_t mode, int flag)
203 return -1; 203 return -1;
204 } 204 }
205# ifndef HAVE_FCHMOD 205# ifndef HAVE_FCHMOD
206 return chown(pathname, owner, group); 206 return chmod(path, mode);
207# else 207# else
208# ifdef O_NOFOLLOW 208# ifdef O_NOFOLLOW
209 if (flag & AT_SYMLINK_NOFOLLOW) 209 if (flag & AT_SYMLINK_NOFOLLOW)
diff --git a/openbsd-compat/bsd-openpty.c b/openbsd-compat/bsd-openpty.c
index e8ad542f8..123a9be56 100644
--- a/openbsd-compat/bsd-openpty.c
+++ b/openbsd-compat/bsd-openpty.c
@@ -121,6 +121,15 @@ openpty(int *amaster, int *aslave, char *name, struct termios *termp,
121 return (-1); 121 return (-1);
122 } 122 }
123 123
124# if defined(I_FIND) && defined(__SVR4)
125 /*
126 * If the streams modules have already been pushed then there
127 * is no more work to do here.
128 */
129 if (ioctl(*aslave, I_FIND, "ptem") != 0)
130 return 0;
131# endif
132
124 /* 133 /*
125 * Try to push the appropriate streams modules, as described 134 * Try to push the appropriate streams modules, as described
126 * in Solaris pts(7). 135 * in Solaris pts(7).
diff --git a/openbsd-compat/bsd-setres_id.c b/openbsd-compat/bsd-setres_id.c
index 696ae7b28..04752d5af 100644
--- a/openbsd-compat/bsd-setres_id.c
+++ b/openbsd-compat/bsd-setres_id.c
@@ -37,20 +37,20 @@ setresgid(gid_t rgid, gid_t egid, gid_t sgid)
37#if defined(HAVE_SETREGID) && !defined(BROKEN_SETREGID) 37#if defined(HAVE_SETREGID) && !defined(BROKEN_SETREGID)
38 if (setregid(rgid, egid) < 0) { 38 if (setregid(rgid, egid) < 0) {
39 saved_errno = errno; 39 saved_errno = errno;
40 error("setregid %u: %.100s", rgid, strerror(errno)); 40 error("setregid %lu: %.100s", (u_long)rgid, strerror(errno));
41 errno = saved_errno; 41 errno = saved_errno;
42 ret = -1; 42 ret = -1;
43 } 43 }
44#else 44#else
45 if (setegid(egid) < 0) { 45 if (setegid(egid) < 0) {
46 saved_errno = errno; 46 saved_errno = errno;
47 error("setegid %u: %.100s", (u_int)egid, strerror(errno)); 47 error("setegid %lu: %.100s", (u_long)egid, strerror(errno));
48 errno = saved_errno; 48 errno = saved_errno;
49 ret = -1; 49 ret = -1;
50 } 50 }
51 if (setgid(rgid) < 0) { 51 if (setgid(rgid) < 0) {
52 saved_errno = errno; 52 saved_errno = errno;
53 error("setgid %u: %.100s", rgid, strerror(errno)); 53 error("setgid %lu: %.100s", (u_long)rgid, strerror(errno));
54 errno = saved_errno; 54 errno = saved_errno;
55 ret = -1; 55 ret = -1;
56 } 56 }
@@ -72,7 +72,7 @@ setresuid(uid_t ruid, uid_t euid, uid_t suid)
72#if defined(HAVE_SETREUID) && !defined(BROKEN_SETREUID) 72#if defined(HAVE_SETREUID) && !defined(BROKEN_SETREUID)
73 if (setreuid(ruid, euid) < 0) { 73 if (setreuid(ruid, euid) < 0) {
74 saved_errno = errno; 74 saved_errno = errno;
75 error("setreuid %u: %.100s", ruid, strerror(errno)); 75 error("setreuid %lu: %.100s", (u_long)ruid, strerror(errno));
76 errno = saved_errno; 76 errno = saved_errno;
77 ret = -1; 77 ret = -1;
78 } 78 }
@@ -81,14 +81,14 @@ setresuid(uid_t ruid, uid_t euid, uid_t suid)
81# ifndef SETEUID_BREAKS_SETUID 81# ifndef SETEUID_BREAKS_SETUID
82 if (seteuid(euid) < 0) { 82 if (seteuid(euid) < 0) {
83 saved_errno = errno; 83 saved_errno = errno;
84 error("seteuid %u: %.100s", euid, strerror(errno)); 84 error("seteuid %lu: %.100s", (u_long)euid, strerror(errno));
85 errno = saved_errno; 85 errno = saved_errno;
86 ret = -1; 86 ret = -1;
87 } 87 }
88# endif 88# endif
89 if (setuid(ruid) < 0) { 89 if (setuid(ruid) < 0) {
90 saved_errno = errno; 90 saved_errno = errno;
91 error("setuid %u: %.100s", ruid, strerror(errno)); 91 error("setuid %lu: %.100s", (u_long)ruid, strerror(errno));
92 errno = saved_errno; 92 errno = saved_errno;
93 ret = -1; 93 ret = -1;
94 } 94 }
diff --git a/openbsd-compat/bsd-signal.c b/openbsd-compat/bsd-signal.c
index 979010e84..0b816a3a6 100644
--- a/openbsd-compat/bsd-signal.c
+++ b/openbsd-compat/bsd-signal.c
@@ -17,6 +17,7 @@
17#include "includes.h" 17#include "includes.h"
18 18
19#include <signal.h> 19#include <signal.h>
20#include <stdio.h>
20#include <string.h> 21#include <string.h>
21#include <unistd.h> 22#include <unistd.h>
22 23
diff --git a/openbsd-compat/memmem.c b/openbsd-compat/memmem.c
new file mode 100644
index 000000000..3e5e6b5e6
--- /dev/null
+++ b/openbsd-compat/memmem.c
@@ -0,0 +1,69 @@
1/* $OpenBSD: memmem.c,v 1.4 2015/08/31 02:53:57 guenther Exp $ */
2/*-
3 * Copyright (c) 2005 Pascal Gloor <pascal.gloor@spale.com>
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. The name of the author may not be used to endorse or promote
14 * products derived from this software without specific prior written
15 * permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 */
29
30#include "includes.h"
31
32#ifndef HAVE_MEMMEM
33
34#include <string.h>
35
36/*
37 * Find the first occurrence of the byte string s in byte string l.
38 */
39
40void *
41memmem(const void *l, size_t l_len, const void *s, size_t s_len)
42{
43 const char *cur, *last;
44 const char *cl = l;
45 const char *cs = s;
46
47 /* a zero length needle should just return the haystack */
48 if (s_len == 0)
49 return (void *)cl;
50
51 /* "s" must be smaller or equal to "l" */
52 if (l_len < s_len)
53 return NULL;
54
55 /* special case where s_len == 1 */
56 if (s_len == 1)
57 return memchr(l, *cs, l_len);
58
59 /* the last position where its possible to find "s" in "l" */
60 last = cl + l_len - s_len;
61
62 for (cur = cl; cur <= last; cur++)
63 if (cur[0] == cs[0] && memcmp(cur, cs, s_len) == 0)
64 return (void *)cur;
65
66 return NULL;
67}
68DEF_WEAK(memmem);
69#endif /* HAVE_MEMMEM */
diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
index 865aaee53..fda6706f8 100644
--- a/openbsd-compat/openbsd-compat.h
+++ b/openbsd-compat/openbsd-compat.h
@@ -73,6 +73,10 @@ int getpagesize(void);
73char *getcwd(char *pt, size_t size); 73char *getcwd(char *pt, size_t size);
74#endif 74#endif
75 75
76#ifdef HAVE_MEMMEM
77void *memmem(const void *, size_t, const void *, size_t);
78#endif
79
76#ifndef HAVE_REALLOCARRAY 80#ifndef HAVE_REALLOCARRAY
77void *reallocarray(void *, size_t, size_t); 81void *reallocarray(void *, size_t, size_t);
78#endif 82#endif
@@ -81,18 +85,6 @@ void *reallocarray(void *, size_t, size_t);
81void *recallocarray(void *, size_t, size_t, size_t); 85void *recallocarray(void *, size_t, size_t, size_t);
82#endif 86#endif
83 87
84#if !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH)
85/*
86 * glibc's FORTIFY_SOURCE can redefine this and prevent us picking up the
87 * compat version.
88 */
89# ifdef BROKEN_REALPATH
90# define realpath(x, y) _ssh_compat_realpath(x, y)
91# endif
92
93char *realpath(const char *path, char *resolved);
94#endif
95
96#ifndef HAVE_RRESVPORT_AF 88#ifndef HAVE_RRESVPORT_AF
97int rresvport_af(int *alport, sa_family_t af); 89int rresvport_af(int *alport, sa_family_t af);
98#endif 90#endif
@@ -109,6 +101,14 @@ size_t strlcat(char *dst, const char *src, size_t siz);
109char *strcasestr(const char *, const char *); 101char *strcasestr(const char *, const char *);
110#endif 102#endif
111 103
104#ifndef HAVE_STRNLEN
105size_t strnlen(const char *, size_t);
106#endif
107
108#ifndef HAVE_STRNDUP
109char *strndup(const char *s, size_t n);
110#endif
111
112#ifndef HAVE_SETENV 112#ifndef HAVE_SETENV
113int setenv(register const char *name, register const char *value, int rewrite); 113int setenv(register const char *name, register const char *value, int rewrite);
114#endif 114#endif
diff --git a/openbsd-compat/port-irix.c b/openbsd-compat/port-irix.c
index 525b02909..aebffb014 100644
--- a/openbsd-compat/port-irix.c
+++ b/openbsd-compat/port-irix.c
@@ -43,6 +43,8 @@
43# include <sat.h> 43# include <sat.h>
44#endif /* WITH_IRIX_AUDIT */ 44#endif /* WITH_IRIX_AUDIT */
45 45
46#include "log.h"
47
46void 48void
47irix_setusercontext(struct passwd *pw) 49irix_setusercontext(struct passwd *pw)
48{ 50{
diff --git a/openbsd-compat/port-solaris.c b/openbsd-compat/port-solaris.c
index 0e89dc326..7d5a28cd0 100644
--- a/openbsd-compat/port-solaris.c
+++ b/openbsd-compat/port-solaris.c
@@ -284,11 +284,10 @@ solaris_drop_privs_pinfo_net_fork_exec(void)
284 priv_addset(npset, PRIV_FILE_OWNER) != 0) 284 priv_addset(npset, PRIV_FILE_OWNER) != 0)
285 fatal("priv_addset: %s", strerror(errno)); 285 fatal("priv_addset: %s", strerror(errno));
286 286
287 if (priv_delset(npset, PRIV_FILE_LINK_ANY) != 0 || 287 if (priv_delset(npset, PRIV_PROC_EXEC) != 0 ||
288#ifdef PRIV_NET_ACCESS 288#ifdef PRIV_NET_ACCESS
289 priv_delset(npset, PRIV_NET_ACCESS) != 0 || 289 priv_delset(npset, PRIV_NET_ACCESS) != 0 ||
290#endif 290#endif
291 priv_delset(npset, PRIV_PROC_EXEC) != 0 ||
292 priv_delset(npset, PRIV_PROC_FORK) != 0 || 291 priv_delset(npset, PRIV_PROC_FORK) != 0 ||
293 priv_delset(npset, PRIV_PROC_INFO) != 0 || 292 priv_delset(npset, PRIV_PROC_INFO) != 0 ||
294 priv_delset(npset, PRIV_PROC_SESSION) != 0) 293 priv_delset(npset, PRIV_PROC_SESSION) != 0)
@@ -348,8 +347,7 @@ solaris_drop_privs_root_pinfo_net_exec(void)
348 priv_delset(pset, PRIV_NET_ACCESS) != 0 || 347 priv_delset(pset, PRIV_NET_ACCESS) != 0 ||
349#endif 348#endif
350 priv_delset(pset, PRIV_PROC_EXEC) != 0 || 349 priv_delset(pset, PRIV_PROC_EXEC) != 0 ||
351 priv_delset(pset, PRIV_PROC_INFO) != 0 || 350 priv_delset(pset, PRIV_PROC_INFO) != 0)
352 priv_delset(pset, PRIV_PROC_SESSION) != 0)
353 fatal("priv_delset: %s", strerror(errno)); 351 fatal("priv_delset: %s", strerror(errno));
354 352
355 if (setppriv(PRIV_SET, PRIV_PERMITTED, pset) != 0 || 353 if (setppriv(PRIV_SET, PRIV_PERMITTED, pset) != 0 ||
diff --git a/openbsd-compat/pwcache.c b/openbsd-compat/pwcache.c
index 5a8b78801..826c2378b 100644
--- a/openbsd-compat/pwcache.c
+++ b/openbsd-compat/pwcache.c
@@ -67,7 +67,7 @@ user_from_uid(uid_t uid, int nouser)
67 if ((pw = getpwuid(uid)) == NULL) { 67 if ((pw = getpwuid(uid)) == NULL) {
68 if (nouser) 68 if (nouser)
69 return (NULL); 69 return (NULL);
70 (void)snprintf(nbuf, sizeof(nbuf), "%u", uid); 70 (void)snprintf(nbuf, sizeof(nbuf), "%lu", (u_long)uid);
71 } 71 }
72 cp->uid = uid; 72 cp->uid = uid;
73 if (cp->name != NULL) 73 if (cp->name != NULL)
@@ -102,7 +102,7 @@ group_from_gid(gid_t gid, int nogroup)
102 if ((gr = getgrgid(gid)) == NULL) { 102 if ((gr = getgrgid(gid)) == NULL) {
103 if (nogroup) 103 if (nogroup)
104 return (NULL); 104 return (NULL);
105 (void)snprintf(nbuf, sizeof(nbuf), "%u", gid); 105 (void)snprintf(nbuf, sizeof(nbuf), "%lu", (u_long)gid);
106 } 106 }
107 cp->gid = gid; 107 cp->gid = gid;
108 if (cp->name != NULL) 108 if (cp->name != NULL)
diff --git a/openbsd-compat/realpath.c b/openbsd-compat/realpath.c
deleted file mode 100644
index a2f090e55..000000000
--- a/openbsd-compat/realpath.c
+++ /dev/null
@@ -1,229 +0,0 @@
1/* $OpenBSD: realpath.c,v 1.20 2015/10/13 20:55:37 millert Exp $ */
2/*
3 * Copyright (c) 2003 Constantin S. Svintsoff <kostik@iclub.nsu.ru>
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. The names of the authors may not be used to endorse or promote
14 * products derived from this software without specific prior written
15 * permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 */
29
30/* OPENBSD ORIGINAL: lib/libc/stdlib/realpath.c */
31
32#include "includes.h"
33
34#if !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH)
35
36#include <sys/types.h>
37#include <sys/param.h>
38#include <sys/stat.h>
39
40#include <errno.h>
41#include <stdlib.h>
42#include <stddef.h>
43#include <string.h>
44#include <unistd.h>
45#include <limits.h>
46
47#ifndef SYMLOOP_MAX
48# define SYMLOOP_MAX 32
49#endif
50
51/* A slightly modified copy of this file exists in libexec/ld.so */
52
53/*
54 * char *realpath(const char *path, char resolved[PATH_MAX]);
55 *
56 * Find the real name of path, by removing all ".", ".." and symlink
57 * components. Returns (resolved) on success, or (NULL) on failure,
58 * in which case the path which caused trouble is left in (resolved).
59 */
60char *
61realpath(const char *path, char *resolved)
62{
63 struct stat sb;
64 char *p, *q, *s;
65 size_t left_len, resolved_len;
66 unsigned symlinks;
67 int serrno, slen, mem_allocated;
68 char left[PATH_MAX], next_token[PATH_MAX], symlink[PATH_MAX];
69
70 if (path[0] == '\0') {
71 errno = ENOENT;
72 return (NULL);
73 }
74
75 serrno = errno;
76
77 if (resolved == NULL) {
78 resolved = malloc(PATH_MAX);
79 if (resolved == NULL)
80 return (NULL);
81 mem_allocated = 1;
82 } else
83 mem_allocated = 0;
84
85 symlinks = 0;
86 if (path[0] == '/') {
87 resolved[0] = '/';
88 resolved[1] = '\0';
89 if (path[1] == '\0')
90 return (resolved);
91 resolved_len = 1;
92 left_len = strlcpy(left, path + 1, sizeof(left));
93 } else {
94 if (getcwd(resolved, PATH_MAX) == NULL) {
95 if (mem_allocated)
96 free(resolved);
97 else
98 strlcpy(resolved, ".", PATH_MAX);
99 return (NULL);
100 }
101 resolved_len = strlen(resolved);
102 left_len = strlcpy(left, path, sizeof(left));
103 }
104 if (left_len >= sizeof(left) || resolved_len >= PATH_MAX) {
105 errno = ENAMETOOLONG;
106 goto err;
107 }
108
109 /*
110 * Iterate over path components in `left'.
111 */
112 while (left_len != 0) {
113 /*
114 * Extract the next path component and adjust `left'
115 * and its length.
116 */
117 p = strchr(left, '/');
118 s = p ? p : left + left_len;
119 if (s - left >= (ptrdiff_t)sizeof(next_token)) {
120 errno = ENAMETOOLONG;
121 goto err;
122 }
123 memcpy(next_token, left, s - left);
124 next_token[s - left] = '\0';
125 left_len -= s - left;
126 if (p != NULL)
127 memmove(left, s + 1, left_len + 1);
128 if (resolved[resolved_len - 1] != '/') {
129 if (resolved_len + 1 >= PATH_MAX) {
130 errno = ENAMETOOLONG;
131 goto err;
132 }
133 resolved[resolved_len++] = '/';
134 resolved[resolved_len] = '\0';
135 }
136 if (next_token[0] == '\0')
137 continue;
138 else if (strcmp(next_token, ".") == 0)
139 continue;
140 else if (strcmp(next_token, "..") == 0) {
141 /*
142 * Strip the last path component except when we have
143 * single "/"
144 */
145 if (resolved_len > 1) {
146 resolved[resolved_len - 1] = '\0';
147 q = strrchr(resolved, '/') + 1;
148 *q = '\0';
149 resolved_len = q - resolved;
150 }
151 continue;
152 }
153
154 /*
155 * Append the next path component and lstat() it. If
156 * lstat() fails we still can return successfully if
157 * there are no more path components left.
158 */
159 resolved_len = strlcat(resolved, next_token, PATH_MAX);
160 if (resolved_len >= PATH_MAX) {
161 errno = ENAMETOOLONG;
162 goto err;
163 }
164 if (lstat(resolved, &sb) != 0) {
165 if (errno == ENOENT && p == NULL) {
166 errno = serrno;
167 return (resolved);
168 }
169 goto err;
170 }
171 if (S_ISLNK(sb.st_mode)) {
172 if (symlinks++ > SYMLOOP_MAX) {
173 errno = ELOOP;
174 goto err;
175 }
176 slen = readlink(resolved, symlink, sizeof(symlink) - 1);
177 if (slen < 0)
178 goto err;
179 symlink[slen] = '\0';
180 if (symlink[0] == '/') {
181 resolved[1] = 0;
182 resolved_len = 1;
183 } else if (resolved_len > 1) {
184 /* Strip the last path component. */
185 resolved[resolved_len - 1] = '\0';
186 q = strrchr(resolved, '/') + 1;
187 *q = '\0';
188 resolved_len = q - resolved;
189 }
190
191 /*
192 * If there are any path components left, then
193 * append them to symlink. The result is placed
194 * in `left'.
195 */
196 if (p != NULL) {
197 if (symlink[slen - 1] != '/') {
198 if (slen + 1 >=
199 (ptrdiff_t)sizeof(symlink)) {
200 errno = ENAMETOOLONG;
201 goto err;
202 }
203 symlink[slen] = '/';
204 symlink[slen + 1] = 0;
205 }
206 left_len = strlcat(symlink, left, sizeof(symlink));
207 if (left_len >= sizeof(symlink)) {
208 errno = ENAMETOOLONG;
209 goto err;
210 }
211 }
212 left_len = strlcpy(left, symlink, sizeof(left));
213 }
214 }
215
216 /*
217 * Remove trailing slash except when the resolved pathname
218 * is a single "/".
219 */
220 if (resolved_len > 1 && resolved[resolved_len - 1] == '/')
221 resolved[resolved_len - 1] = '\0';
222 return (resolved);
223
224err:
225 if (mem_allocated)
226 free(resolved);
227 return (NULL);
228}
229#endif /* !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH) */
diff --git a/openbsd-compat/regress/snprintftest.c b/openbsd-compat/regress/snprintftest.c
index 4ca63e180..6dc2e222a 100644
--- a/openbsd-compat/regress/snprintftest.c
+++ b/openbsd-compat/regress/snprintftest.c
@@ -47,7 +47,7 @@ int
47main(void) 47main(void)
48{ 48{
49 char b[5]; 49 char b[5];
50 char *src; 50 char *src = NULL;
51 51
52 snprintf(b,5,"123456789"); 52 snprintf(b,5,"123456789");
53 if (b[4] != '\0') 53 if (b[4] != '\0')
@@ -69,5 +69,6 @@ main(void)
69 if (x_snprintf(b, 1, "%s %d", "hello", 12345) != 11) 69 if (x_snprintf(b, 1, "%s %d", "hello", 12345) != 11)
70 fail("vsnprintf does not return required length"); 70 fail("vsnprintf does not return required length");
71 71
72 free(src);
72 return failed; 73 return failed;
73} 74}
diff --git a/openbsd-compat/regress/utimensattest.c b/openbsd-compat/regress/utimensattest.c
index a7bc7634b..24312e5d8 100644
--- a/openbsd-compat/regress/utimensattest.c
+++ b/openbsd-compat/regress/utimensattest.c
@@ -33,7 +33,14 @@
33 33
34int utimensat(int, const char *, const struct timespec[2], int); 34int utimensat(int, const char *, const struct timespec[2], int);
35 35
36void 36static void
37cleanup(void)
38{
39 (void)unlink(TMPFILE);
40 (void)unlink(TMPFILE2);
41}
42
43static void
37fail(char *msg, long expect, long got) 44fail(char *msg, long expect, long got)
38{ 45{
39 int saved_errno = errno; 46 int saved_errno = errno;
@@ -44,6 +51,7 @@ fail(char *msg, long expect, long got)
44 else 51 else
45 fprintf(stderr, "utimensat: %s: expected %ld got %ld\n", 52 fprintf(stderr, "utimensat: %s: expected %ld got %ld\n",
46 msg, expect, got); 53 msg, expect, got);
54 cleanup();
47 exit(1); 55 exit(1);
48} 56}
49 57
@@ -54,6 +62,7 @@ main(void)
54 struct stat sb; 62 struct stat sb;
55 struct timespec ts[2]; 63 struct timespec ts[2];
56 64
65 cleanup();
57 if ((fd = open(TMPFILE, O_CREAT, 0600)) == -1) 66 if ((fd = open(TMPFILE, O_CREAT, 0600)) == -1)
58 fail("open", 0, 0); 67 fail("open", 0, 0);
59 close(fd); 68 close(fd);
@@ -83,15 +92,27 @@ main(void)
83 fail("mtim.tv_nsec", 45678000, sb.st_mtim.tv_nsec); 92 fail("mtim.tv_nsec", 45678000, sb.st_mtim.tv_nsec);
84#endif 93#endif
85 94
95 /*
96 * POSIX specifies that when given a symlink, AT_SYMLINK_NOFOLLOW
97 * should update the symlink and not the destination. The compat
98 * code doesn't have a way to do this, so where possible it fails
99 * with instead of following a symlink when explicitly asked not to.
100 * Here we just test that it does not update the destination.
101 */
86 if (rename(TMPFILE, TMPFILE2) == -1) 102 if (rename(TMPFILE, TMPFILE2) == -1)
87 fail("rename", 0, 0); 103 fail("rename", 0, 0);
88 if (symlink(TMPFILE2, TMPFILE) == -1) 104 if (symlink(TMPFILE2, TMPFILE) == -1)
89 fail("symlink", 0, 0); 105 fail("symlink", 0, 0);
106 ts[0].tv_sec = 11223344;
107 ts[1].tv_sec = 55667788;
108 (void)utimensat(AT_FDCWD, TMPFILE, ts, AT_SYMLINK_NOFOLLOW);
109 if (stat(TMPFILE2, &sb) == -1)
110 fail("stat", 0, 0 );
111 if (sb.st_atime == 11223344)
112 fail("utimensat symlink st_atime", 0, 0 );
113 if (sb.st_mtime == 55667788)
114 fail("utimensat symlink st_mtime", 0, 0 );
90 115
91 if (utimensat(AT_FDCWD, TMPFILE, ts, AT_SYMLINK_NOFOLLOW) != -1) 116 cleanup();
92 fail("utimensat followed symlink", 0, 0);
93
94 if (!(unlink(TMPFILE) == 0 && unlink(TMPFILE2) == 0))
95 fail("unlink", 0, 0);
96 exit(0); 117 exit(0);
97} 118}
diff --git a/openbsd-compat/setproctitle.c b/openbsd-compat/setproctitle.c
index dbd1a95a0..e4064323a 100644
--- a/openbsd-compat/setproctitle.c
+++ b/openbsd-compat/setproctitle.c
@@ -36,6 +36,7 @@
36#ifndef HAVE_SETPROCTITLE 36#ifndef HAVE_SETPROCTITLE
37 37
38#include <stdarg.h> 38#include <stdarg.h>
39#include <stdio.h>
39#include <stdlib.h> 40#include <stdlib.h>
40#include <unistd.h> 41#include <unistd.h>
41#ifdef HAVE_SYS_PSTAT_H 42#ifdef HAVE_SYS_PSTAT_H
diff --git a/openbsd-compat/sha1.c b/openbsd-compat/sha1.c
index 4b5381f87..73f897485 100644
--- a/openbsd-compat/sha1.c
+++ b/openbsd-compat/sha1.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sha1.c,v 1.23 2014/01/08 06:14:57 tedu Exp $ */ 1/* $OpenBSD: sha1.c,v 1.27 2019/06/07 22:56:36 dtucker Exp $ */
2 2
3/* 3/*
4 * SHA-1 in C 4 * SHA-1 in C
@@ -18,7 +18,7 @@
18 18
19#ifndef WITH_OPENSSL 19#ifndef WITH_OPENSSL
20 20
21#include <sys/param.h> 21#include <sys/types.h>
22#include <string.h> 22#include <string.h>
23 23
24#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits)))) 24#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
@@ -101,6 +101,7 @@ SHA1Transform(u_int32_t state[5], const u_int8_t buffer[SHA1_BLOCK_LENGTH])
101 /* Wipe variables */ 101 /* Wipe variables */
102 a = b = c = d = e = 0; 102 a = b = c = d = e = 0;
103} 103}
104DEF_WEAK(SHA1Transform);
104 105
105 106
106/* 107/*
@@ -118,6 +119,7 @@ SHA1Init(SHA1_CTX *context)
118 context->state[3] = 0x10325476; 119 context->state[3] = 0x10325476;
119 context->state[4] = 0xC3D2E1F0; 120 context->state[4] = 0xC3D2E1F0;
120} 121}
122DEF_WEAK(SHA1Init);
121 123
122 124
123/* 125/*
@@ -129,7 +131,7 @@ SHA1Update(SHA1_CTX *context, const u_int8_t *data, size_t len)
129 size_t i, j; 131 size_t i, j;
130 132
131 j = (size_t)((context->count >> 3) & 63); 133 j = (size_t)((context->count >> 3) & 63);
132 context->count += (len << 3); 134 context->count += ((u_int64_t)len << 3);
133 if ((j + len) > 63) { 135 if ((j + len) > 63) {
134 (void)memcpy(&context->buffer[j], data, (i = 64-j)); 136 (void)memcpy(&context->buffer[j], data, (i = 64-j));
135 SHA1Transform(context->state, context->buffer); 137 SHA1Transform(context->state, context->buffer);
@@ -141,6 +143,7 @@ SHA1Update(SHA1_CTX *context, const u_int8_t *data, size_t len)
141 } 143 }
142 (void)memcpy(&context->buffer[j], &data[i], len - i); 144 (void)memcpy(&context->buffer[j], &data[i], len - i);
143} 145}
146DEF_WEAK(SHA1Update);
144 147
145 148
146/* 149/*
@@ -161,6 +164,7 @@ SHA1Pad(SHA1_CTX *context)
161 SHA1Update(context, (u_int8_t *)"\0", 1); 164 SHA1Update(context, (u_int8_t *)"\0", 1);
162 SHA1Update(context, finalcount, 8); /* Should cause a SHA1Transform() */ 165 SHA1Update(context, finalcount, 8); /* Should cause a SHA1Transform() */
163} 166}
167DEF_WEAK(SHA1Pad);
164 168
165void 169void
166SHA1Final(u_int8_t digest[SHA1_DIGEST_LENGTH], SHA1_CTX *context) 170SHA1Final(u_int8_t digest[SHA1_DIGEST_LENGTH], SHA1_CTX *context)
@@ -172,6 +176,7 @@ SHA1Final(u_int8_t digest[SHA1_DIGEST_LENGTH], SHA1_CTX *context)
172 digest[i] = (u_int8_t) 176 digest[i] = (u_int8_t)
173 ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255); 177 ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
174 } 178 }
175 memset(context, 0, sizeof(*context)); 179 explicit_bzero(context, sizeof(*context));
176} 180}
181DEF_WEAK(SHA1Final);
177#endif /* !WITH_OPENSSL */ 182#endif /* !WITH_OPENSSL */
diff --git a/openbsd-compat/sha2.c b/openbsd-compat/sha2.c
index b55ea30ac..e63324c99 100644
--- a/openbsd-compat/sha2.c
+++ b/openbsd-compat/sha2.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sha2.c,v 1.11 2005/08/08 08:05:35 espie Exp */ 1/* $OpenBSD: sha2.c,v 1.28 2019/07/23 12:35:22 dtucker Exp $ */
2 2
3/* 3/*
4 * FILE: sha2.c 4 * FILE: sha2.c
@@ -38,18 +38,14 @@
38 38
39#include "includes.h" 39#include "includes.h"
40 40
41#ifdef WITH_OPENSSL 41#if !defined(HAVE_SHA256UPDATE) || !defined(HAVE_SHA384UPDATE) || \
42# include <openssl/opensslv.h> 42 !defined(HAVE_SHA512UPDATE)
43# if !defined(HAVE_EVP_SHA256) && (OPENSSL_VERSION_NUMBER >= 0x00907000L)
44# define _NEED_SHA2 1
45# endif
46#else
47# define _NEED_SHA2 1
48#endif
49 43
50#if defined(_NEED_SHA2) && !defined(HAVE_SHA256_UPDATE) 44/* no-op out, similar to DEF_WEAK but only needed here */
45#define MAKE_CLONE(x, y) void __ssh_compat_make_clone_##x_##y(void);
51 46
52#include <string.h> 47#include <string.h>
48#include <sha2.h>
53 49
54/* 50/*
55 * UNROLLED TRANSFORM LOOP NOTE: 51 * UNROLLED TRANSFORM LOOP NOTE:
@@ -64,8 +60,13 @@
64 * #define SHA2_UNROLL_TRANSFORM 60 * #define SHA2_UNROLL_TRANSFORM
65 * 61 *
66 */ 62 */
63#ifndef SHA2_SMALL
64#if defined(__amd64__) || defined(__i386__)
65#define SHA2_UNROLL_TRANSFORM
66#endif
67#endif
67 68
68/*** SHA-256/384/512 Machine Architecture Definitions *****************/ 69/*** SHA-224/256/384/512 Machine Architecture Definitions *****************/
69/* 70/*
70 * BYTE_ORDER NOTE: 71 * BYTE_ORDER NOTE:
71 * 72 *
@@ -98,8 +99,9 @@
98#endif 99#endif
99 100
100 101
101/*** SHA-256/384/512 Various Length Definitions ***********************/ 102/*** SHA-224/256/384/512 Various Length Definitions ***********************/
102/* NOTE: Most of these are in sha2.h */ 103/* NOTE: Most of these are in sha2.h */
104#define SHA224_SHORT_BLOCK_LENGTH (SHA224_BLOCK_LENGTH - 8)
103#define SHA256_SHORT_BLOCK_LENGTH (SHA256_BLOCK_LENGTH - 8) 105#define SHA256_SHORT_BLOCK_LENGTH (SHA256_BLOCK_LENGTH - 8)
104#define SHA384_SHORT_BLOCK_LENGTH (SHA384_BLOCK_LENGTH - 16) 106#define SHA384_SHORT_BLOCK_LENGTH (SHA384_BLOCK_LENGTH - 16)
105#define SHA512_SHORT_BLOCK_LENGTH (SHA512_BLOCK_LENGTH - 16) 107#define SHA512_SHORT_BLOCK_LENGTH (SHA512_BLOCK_LENGTH - 16)
@@ -152,22 +154,22 @@
152 * Bit shifting and rotation (used by the six SHA-XYZ logical functions: 154 * Bit shifting and rotation (used by the six SHA-XYZ logical functions:
153 * 155 *
154 * NOTE: The naming of R and S appears backwards here (R is a SHIFT and 156 * NOTE: The naming of R and S appears backwards here (R is a SHIFT and
155 * S is a ROTATION) because the SHA-256/384/512 description document 157 * S is a ROTATION) because the SHA-224/256/384/512 description document
156 * (see http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf) uses this 158 * (see http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf) uses this
157 * same "backwards" definition. 159 * same "backwards" definition.
158 */ 160 */
159/* Shift-right (used in SHA-256, SHA-384, and SHA-512): */ 161/* Shift-right (used in SHA-224, SHA-256, SHA-384, and SHA-512): */
160#define R(b,x) ((x) >> (b)) 162#define R(b,x) ((x) >> (b))
161/* 32-bit Rotate-right (used in SHA-256): */ 163/* 32-bit Rotate-right (used in SHA-224 and SHA-256): */
162#define S32(b,x) (((x) >> (b)) | ((x) << (32 - (b)))) 164#define S32(b,x) (((x) >> (b)) | ((x) << (32 - (b))))
163/* 64-bit Rotate-right (used in SHA-384 and SHA-512): */ 165/* 64-bit Rotate-right (used in SHA-384 and SHA-512): */
164#define S64(b,x) (((x) >> (b)) | ((x) << (64 - (b)))) 166#define S64(b,x) (((x) >> (b)) | ((x) << (64 - (b))))
165 167
166/* Two of six logical functions used in SHA-256, SHA-384, and SHA-512: */ 168/* Two of six logical functions used in SHA-224, SHA-256, SHA-384, and SHA-512: */
167#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z))) 169#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
168#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) 170#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
169 171
170/* Four of six logical functions used in SHA-256: */ 172/* Four of six logical functions used in SHA-224 and SHA-256: */
171#define Sigma0_256(x) (S32(2, (x)) ^ S32(13, (x)) ^ S32(22, (x))) 173#define Sigma0_256(x) (S32(2, (x)) ^ S32(13, (x)) ^ S32(22, (x)))
172#define Sigma1_256(x) (S32(6, (x)) ^ S32(11, (x)) ^ S32(25, (x))) 174#define Sigma1_256(x) (S32(6, (x)) ^ S32(11, (x)) ^ S32(25, (x)))
173#define sigma0_256(x) (S32(7, (x)) ^ S32(18, (x)) ^ R(3 , (x))) 175#define sigma0_256(x) (S32(7, (x)) ^ S32(18, (x)) ^ R(3 , (x)))
@@ -181,8 +183,8 @@
181 183
182 184
183/*** SHA-XYZ INITIAL HASH VALUES AND CONSTANTS ************************/ 185/*** SHA-XYZ INITIAL HASH VALUES AND CONSTANTS ************************/
184/* Hash constant words K for SHA-256: */ 186/* Hash constant words K for SHA-224 and SHA-256: */
185const static u_int32_t K256[64] = { 187static const u_int32_t K256[64] = {
186 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, 188 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL,
187 0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, 189 0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL,
188 0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL, 190 0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL,
@@ -202,7 +204,7 @@ const static u_int32_t K256[64] = {
202}; 204};
203 205
204/* Initial hash value H for SHA-256: */ 206/* Initial hash value H for SHA-256: */
205const static u_int32_t sha256_initial_hash_value[8] = { 207static const u_int32_t sha256_initial_hash_value[8] = {
206 0x6a09e667UL, 208 0x6a09e667UL,
207 0xbb67ae85UL, 209 0xbb67ae85UL,
208 0x3c6ef372UL, 210 0x3c6ef372UL,
@@ -214,7 +216,7 @@ const static u_int32_t sha256_initial_hash_value[8] = {
214}; 216};
215 217
216/* Hash constant words K for SHA-384 and SHA-512: */ 218/* Hash constant words K for SHA-384 and SHA-512: */
217const static u_int64_t K512[80] = { 219static const u_int64_t K512[80] = {
218 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 220 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL,
219 0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL, 221 0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL,
220 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL, 222 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL,
@@ -257,8 +259,35 @@ const static u_int64_t K512[80] = {
257 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL 259 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL
258}; 260};
259 261
262/* Initial hash value H for SHA-512 */
263static const u_int64_t sha512_initial_hash_value[8] = {
264 0x6a09e667f3bcc908ULL,
265 0xbb67ae8584caa73bULL,
266 0x3c6ef372fe94f82bULL,
267 0xa54ff53a5f1d36f1ULL,
268 0x510e527fade682d1ULL,
269 0x9b05688c2b3e6c1fULL,
270 0x1f83d9abfb41bd6bULL,
271 0x5be0cd19137e2179ULL
272};
273
274#if !defined(SHA2_SMALL)
275#if 0
276/* Initial hash value H for SHA-224: */
277static const u_int32_t sha224_initial_hash_value[8] = {
278 0xc1059ed8UL,
279 0x367cd507UL,
280 0x3070dd17UL,
281 0xf70e5939UL,
282 0xffc00b31UL,
283 0x68581511UL,
284 0x64f98fa7UL,
285 0xbefa4fa4UL
286};
287#endif /* 0 */
288
260/* Initial hash value H for SHA-384 */ 289/* Initial hash value H for SHA-384 */
261const static u_int64_t sha384_initial_hash_value[8] = { 290static const u_int64_t sha384_initial_hash_value[8] = {
262 0xcbbb9d5dc1059ed8ULL, 291 0xcbbb9d5dc1059ed8ULL,
263 0x629a292a367cd507ULL, 292 0x629a292a367cd507ULL,
264 0x9159015a3070dd17ULL, 293 0x9159015a3070dd17ULL,
@@ -269,30 +298,67 @@ const static u_int64_t sha384_initial_hash_value[8] = {
269 0x47b5481dbefa4fa4ULL 298 0x47b5481dbefa4fa4ULL
270}; 299};
271 300
272/* Initial hash value H for SHA-512 */ 301#if 0
273const static u_int64_t sha512_initial_hash_value[8] = { 302/* Initial hash value H for SHA-512-256 */
274 0x6a09e667f3bcc908ULL, 303static const u_int64_t sha512_256_initial_hash_value[8] = {
275 0xbb67ae8584caa73bULL, 304 0x22312194fc2bf72cULL,
276 0x3c6ef372fe94f82bULL, 305 0x9f555fa3c84c64c2ULL,
277 0xa54ff53a5f1d36f1ULL, 306 0x2393b86b6f53b151ULL,
278 0x510e527fade682d1ULL, 307 0x963877195940eabdULL,
279 0x9b05688c2b3e6c1fULL, 308 0x96283ee2a88effe3ULL,
280 0x1f83d9abfb41bd6bULL, 309 0xbe5e1e2553863992ULL,
281 0x5be0cd19137e2179ULL 310 0x2b0199fc2c85b8aaULL,
311 0x0eb72ddc81c52ca2ULL
282}; 312};
283 313
314/*** SHA-224: *********************************************************/
315void
316SHA224Init(SHA2_CTX *context)
317{
318 memcpy(context->state.st32, sha224_initial_hash_value,
319 sizeof(sha224_initial_hash_value));
320 memset(context->buffer, 0, sizeof(context->buffer));
321 context->bitcount[0] = 0;
322}
323DEF_WEAK(SHA224Init);
324
325MAKE_CLONE(SHA224Transform, SHA256Transform);
326MAKE_CLONE(SHA224Update, SHA256Update);
327MAKE_CLONE(SHA224Pad, SHA256Pad);
328DEF_WEAK(SHA224Transform);
329DEF_WEAK(SHA224Update);
330DEF_WEAK(SHA224Pad);
331
332void
333SHA224Final(u_int8_t digest[SHA224_DIGEST_LENGTH], SHA2_CTX *context)
334{
335 SHA224Pad(context);
336
337#if BYTE_ORDER == LITTLE_ENDIAN
338 int i;
339
340 /* Convert TO host byte order */
341 for (i = 0; i < 7; i++)
342 BE_32_TO_8(digest + i * 4, context->state.st32[i]);
343#else
344 memcpy(digest, context->state.st32, SHA224_DIGEST_LENGTH);
345#endif
346 explicit_bzero(context, sizeof(*context));
347}
348DEF_WEAK(SHA224Final);
349#endif /* !defined(SHA2_SMALL) */
350#endif /* 0 */
284 351
285/*** SHA-256: *********************************************************/ 352/*** SHA-256: *********************************************************/
286void 353void
287SHA256_Init(SHA256_CTX *context) 354SHA256Init(SHA2_CTX *context)
288{ 355{
289 if (context == NULL) 356 memcpy(context->state.st32, sha256_initial_hash_value,
290 return;
291 memcpy(context->state, sha256_initial_hash_value,
292 sizeof(sha256_initial_hash_value)); 357 sizeof(sha256_initial_hash_value));
293 memset(context->buffer, 0, sizeof(context->buffer)); 358 memset(context->buffer, 0, sizeof(context->buffer));
294 context->bitcount = 0; 359 context->bitcount[0] = 0;
295} 360}
361DEF_WEAK(SHA256Init);
296 362
297#ifdef SHA2_UNROLL_TRANSFORM 363#ifdef SHA2_UNROLL_TRANSFORM
298 364
@@ -320,7 +386,7 @@ SHA256_Init(SHA256_CTX *context)
320} while(0) 386} while(0)
321 387
322void 388void
323SHA256_Transform(u_int32_t state[8], const u_int8_t data[SHA256_BLOCK_LENGTH]) 389SHA256Transform(u_int32_t state[8], const u_int8_t data[SHA256_BLOCK_LENGTH])
324{ 390{
325 u_int32_t a, b, c, d, e, f, g, h, s0, s1; 391 u_int32_t a, b, c, d, e, f, g, h, s0, s1;
326 u_int32_t T1, W256[16]; 392 u_int32_t T1, W256[16];
@@ -378,7 +444,7 @@ SHA256_Transform(u_int32_t state[8], const u_int8_t data[SHA256_BLOCK_LENGTH])
378#else /* SHA2_UNROLL_TRANSFORM */ 444#else /* SHA2_UNROLL_TRANSFORM */
379 445
380void 446void
381SHA256_Transform(u_int32_t state[8], const u_int8_t data[SHA256_BLOCK_LENGTH]) 447SHA256Transform(u_int32_t state[8], const u_int8_t data[SHA256_BLOCK_LENGTH])
382{ 448{
383 u_int32_t a, b, c, d, e, f, g, h, s0, s1; 449 u_int32_t a, b, c, d, e, f, g, h, s0, s1;
384 u_int32_t T1, T2, W256[16]; 450 u_int32_t T1, T2, W256[16];
@@ -451,17 +517,18 @@ SHA256_Transform(u_int32_t state[8], const u_int8_t data[SHA256_BLOCK_LENGTH])
451} 517}
452 518
453#endif /* SHA2_UNROLL_TRANSFORM */ 519#endif /* SHA2_UNROLL_TRANSFORM */
520DEF_WEAK(SHA256Transform);
454 521
455void 522void
456SHA256_Update(SHA256_CTX *context, const u_int8_t *data, size_t len) 523SHA256Update(SHA2_CTX *context, const u_int8_t *data, size_t len)
457{ 524{
458 size_t freespace, usedspace; 525 u_int64_t freespace, usedspace;
459 526
460 /* Calling with no data is valid (we do nothing) */ 527 /* Calling with no data is valid (we do nothing) */
461 if (len == 0) 528 if (len == 0)
462 return; 529 return;
463 530
464 usedspace = (context->bitcount >> 3) % SHA256_BLOCK_LENGTH; 531 usedspace = (context->bitcount[0] >> 3) % SHA256_BLOCK_LENGTH;
465 if (usedspace > 0) { 532 if (usedspace > 0) {
466 /* Calculate how much free space is available in the buffer */ 533 /* Calculate how much free space is available in the buffer */
467 freespace = SHA256_BLOCK_LENGTH - usedspace; 534 freespace = SHA256_BLOCK_LENGTH - usedspace;
@@ -469,14 +536,14 @@ SHA256_Update(SHA256_CTX *context, const u_int8_t *data, size_t len)
469 if (len >= freespace) { 536 if (len >= freespace) {
470 /* Fill the buffer completely and process it */ 537 /* Fill the buffer completely and process it */
471 memcpy(&context->buffer[usedspace], data, freespace); 538 memcpy(&context->buffer[usedspace], data, freespace);
472 context->bitcount += freespace << 3; 539 context->bitcount[0] += freespace << 3;
473 len -= freespace; 540 len -= freespace;
474 data += freespace; 541 data += freespace;
475 SHA256_Transform(context->state, context->buffer); 542 SHA256Transform(context->state.st32, context->buffer);
476 } else { 543 } else {
477 /* The buffer is not yet full */ 544 /* The buffer is not yet full */
478 memcpy(&context->buffer[usedspace], data, len); 545 memcpy(&context->buffer[usedspace], data, len);
479 context->bitcount += len << 3; 546 context->bitcount[0] += (u_int64_t)len << 3;
480 /* Clean up: */ 547 /* Clean up: */
481 usedspace = freespace = 0; 548 usedspace = freespace = 0;
482 return; 549 return;
@@ -484,26 +551,27 @@ SHA256_Update(SHA256_CTX *context, const u_int8_t *data, size_t len)
484 } 551 }
485 while (len >= SHA256_BLOCK_LENGTH) { 552 while (len >= SHA256_BLOCK_LENGTH) {
486 /* Process as many complete blocks as we can */ 553 /* Process as many complete blocks as we can */
487 SHA256_Transform(context->state, data); 554 SHA256Transform(context->state.st32, data);
488 context->bitcount += SHA256_BLOCK_LENGTH << 3; 555 context->bitcount[0] += SHA256_BLOCK_LENGTH << 3;
489 len -= SHA256_BLOCK_LENGTH; 556 len -= SHA256_BLOCK_LENGTH;
490 data += SHA256_BLOCK_LENGTH; 557 data += SHA256_BLOCK_LENGTH;
491 } 558 }
492 if (len > 0) { 559 if (len > 0) {
493 /* There's left-overs, so save 'em */ 560 /* There's left-overs, so save 'em */
494 memcpy(context->buffer, data, len); 561 memcpy(context->buffer, data, len);
495 context->bitcount += len << 3; 562 context->bitcount[0] += len << 3;
496 } 563 }
497 /* Clean up: */ 564 /* Clean up: */
498 usedspace = freespace = 0; 565 usedspace = freespace = 0;
499} 566}
567DEF_WEAK(SHA256Update);
500 568
501void 569void
502SHA256_Pad(SHA256_CTX *context) 570SHA256Pad(SHA2_CTX *context)
503{ 571{
504 unsigned int usedspace; 572 unsigned int usedspace;
505 573
506 usedspace = (context->bitcount >> 3) % SHA256_BLOCK_LENGTH; 574 usedspace = (context->bitcount[0] >> 3) % SHA256_BLOCK_LENGTH;
507 if (usedspace > 0) { 575 if (usedspace > 0) {
508 /* Begin padding with a 1 bit: */ 576 /* Begin padding with a 1 bit: */
509 context->buffer[usedspace++] = 0x80; 577 context->buffer[usedspace++] = 0x80;
@@ -518,7 +586,7 @@ SHA256_Pad(SHA256_CTX *context)
518 SHA256_BLOCK_LENGTH - usedspace); 586 SHA256_BLOCK_LENGTH - usedspace);
519 } 587 }
520 /* Do second-to-last transform: */ 588 /* Do second-to-last transform: */
521 SHA256_Transform(context->state, context->buffer); 589 SHA256Transform(context->state.st32, context->buffer);
522 590
523 /* Prepare for last transform: */ 591 /* Prepare for last transform: */
524 memset(context->buffer, 0, SHA256_SHORT_BLOCK_LENGTH); 592 memset(context->buffer, 0, SHA256_SHORT_BLOCK_LENGTH);
@@ -532,47 +600,45 @@ SHA256_Pad(SHA256_CTX *context)
532 } 600 }
533 /* Store the length of input data (in bits) in big endian format: */ 601 /* Store the length of input data (in bits) in big endian format: */
534 BE_64_TO_8(&context->buffer[SHA256_SHORT_BLOCK_LENGTH], 602 BE_64_TO_8(&context->buffer[SHA256_SHORT_BLOCK_LENGTH],
535 context->bitcount); 603 context->bitcount[0]);
536 604
537 /* Final transform: */ 605 /* Final transform: */
538 SHA256_Transform(context->state, context->buffer); 606 SHA256Transform(context->state.st32, context->buffer);
539 607
540 /* Clean up: */ 608 /* Clean up: */
541 usedspace = 0; 609 usedspace = 0;
542} 610}
611DEF_WEAK(SHA256Pad);
543 612
544void 613void
545SHA256_Final(u_int8_t digest[SHA256_DIGEST_LENGTH], SHA256_CTX *context) 614SHA256Final(u_int8_t digest[SHA256_DIGEST_LENGTH], SHA2_CTX *context)
546{ 615{
547 SHA256_Pad(context); 616 SHA256Pad(context);
548 617
549 /* If no digest buffer is passed, we don't bother doing this: */
550 if (digest != NULL) {
551#if BYTE_ORDER == LITTLE_ENDIAN 618#if BYTE_ORDER == LITTLE_ENDIAN
552 int i; 619 int i;
553 620
554 /* Convert TO host byte order */ 621 /* Convert TO host byte order */
555 for (i = 0; i < 8; i++) 622 for (i = 0; i < 8; i++)
556 BE_32_TO_8(digest + i * 4, context->state[i]); 623 BE_32_TO_8(digest + i * 4, context->state.st32[i]);
557#else 624#else
558 memcpy(digest, context->state, SHA256_DIGEST_LENGTH); 625 memcpy(digest, context->state.st32, SHA256_DIGEST_LENGTH);
559#endif 626#endif
560 memset(context, 0, sizeof(*context)); 627 explicit_bzero(context, sizeof(*context));
561 }
562} 628}
629DEF_WEAK(SHA256Final);
563 630
564 631
565/*** SHA-512: *********************************************************/ 632/*** SHA-512: *********************************************************/
566void 633void
567SHA512_Init(SHA512_CTX *context) 634SHA512Init(SHA2_CTX *context)
568{ 635{
569 if (context == NULL) 636 memcpy(context->state.st64, sha512_initial_hash_value,
570 return;
571 memcpy(context->state, sha512_initial_hash_value,
572 sizeof(sha512_initial_hash_value)); 637 sizeof(sha512_initial_hash_value));
573 memset(context->buffer, 0, sizeof(context->buffer)); 638 memset(context->buffer, 0, sizeof(context->buffer));
574 context->bitcount[0] = context->bitcount[1] = 0; 639 context->bitcount[0] = context->bitcount[1] = 0;
575} 640}
641DEF_WEAK(SHA512Init);
576 642
577#ifdef SHA2_UNROLL_TRANSFORM 643#ifdef SHA2_UNROLL_TRANSFORM
578 644
@@ -601,7 +667,7 @@ SHA512_Init(SHA512_CTX *context)
601} while(0) 667} while(0)
602 668
603void 669void
604SHA512_Transform(u_int64_t state[8], const u_int8_t data[SHA512_BLOCK_LENGTH]) 670SHA512Transform(u_int64_t state[8], const u_int8_t data[SHA512_BLOCK_LENGTH])
605{ 671{
606 u_int64_t a, b, c, d, e, f, g, h, s0, s1; 672 u_int64_t a, b, c, d, e, f, g, h, s0, s1;
607 u_int64_t T1, W512[16]; 673 u_int64_t T1, W512[16];
@@ -659,7 +725,7 @@ SHA512_Transform(u_int64_t state[8], const u_int8_t data[SHA512_BLOCK_LENGTH])
659#else /* SHA2_UNROLL_TRANSFORM */ 725#else /* SHA2_UNROLL_TRANSFORM */
660 726
661void 727void
662SHA512_Transform(u_int64_t state[8], const u_int8_t data[SHA512_BLOCK_LENGTH]) 728SHA512Transform(u_int64_t state[8], const u_int8_t data[SHA512_BLOCK_LENGTH])
663{ 729{
664 u_int64_t a, b, c, d, e, f, g, h, s0, s1; 730 u_int64_t a, b, c, d, e, f, g, h, s0, s1;
665 u_int64_t T1, T2, W512[16]; 731 u_int64_t T1, T2, W512[16];
@@ -732,9 +798,10 @@ SHA512_Transform(u_int64_t state[8], const u_int8_t data[SHA512_BLOCK_LENGTH])
732} 798}
733 799
734#endif /* SHA2_UNROLL_TRANSFORM */ 800#endif /* SHA2_UNROLL_TRANSFORM */
801DEF_WEAK(SHA512Transform);
735 802
736void 803void
737SHA512_Update(SHA512_CTX *context, const u_int8_t *data, size_t len) 804SHA512Update(SHA2_CTX *context, const u_int8_t *data, size_t len)
738{ 805{
739 size_t freespace, usedspace; 806 size_t freespace, usedspace;
740 807
@@ -753,7 +820,7 @@ SHA512_Update(SHA512_CTX *context, const u_int8_t *data, size_t len)
753 ADDINC128(context->bitcount, freespace << 3); 820 ADDINC128(context->bitcount, freespace << 3);
754 len -= freespace; 821 len -= freespace;
755 data += freespace; 822 data += freespace;
756 SHA512_Transform(context->state, context->buffer); 823 SHA512Transform(context->state.st64, context->buffer);
757 } else { 824 } else {
758 /* The buffer is not yet full */ 825 /* The buffer is not yet full */
759 memcpy(&context->buffer[usedspace], data, len); 826 memcpy(&context->buffer[usedspace], data, len);
@@ -765,7 +832,7 @@ SHA512_Update(SHA512_CTX *context, const u_int8_t *data, size_t len)
765 } 832 }
766 while (len >= SHA512_BLOCK_LENGTH) { 833 while (len >= SHA512_BLOCK_LENGTH) {
767 /* Process as many complete blocks as we can */ 834 /* Process as many complete blocks as we can */
768 SHA512_Transform(context->state, data); 835 SHA512Transform(context->state.st64, data);
769 ADDINC128(context->bitcount, SHA512_BLOCK_LENGTH << 3); 836 ADDINC128(context->bitcount, SHA512_BLOCK_LENGTH << 3);
770 len -= SHA512_BLOCK_LENGTH; 837 len -= SHA512_BLOCK_LENGTH;
771 data += SHA512_BLOCK_LENGTH; 838 data += SHA512_BLOCK_LENGTH;
@@ -778,9 +845,10 @@ SHA512_Update(SHA512_CTX *context, const u_int8_t *data, size_t len)
778 /* Clean up: */ 845 /* Clean up: */
779 usedspace = freespace = 0; 846 usedspace = freespace = 0;
780} 847}
848DEF_WEAK(SHA512Update);
781 849
782void 850void
783SHA512_Pad(SHA512_CTX *context) 851SHA512Pad(SHA2_CTX *context)
784{ 852{
785 unsigned int usedspace; 853 unsigned int usedspace;
786 854
@@ -797,7 +865,7 @@ SHA512_Pad(SHA512_CTX *context)
797 memset(&context->buffer[usedspace], 0, SHA512_BLOCK_LENGTH - usedspace); 865 memset(&context->buffer[usedspace], 0, SHA512_BLOCK_LENGTH - usedspace);
798 } 866 }
799 /* Do second-to-last transform: */ 867 /* Do second-to-last transform: */
800 SHA512_Transform(context->state, context->buffer); 868 SHA512Transform(context->state.st64, context->buffer);
801 869
802 /* And set-up for the last transform: */ 870 /* And set-up for the last transform: */
803 memset(context->buffer, 0, SHA512_BLOCK_LENGTH - 2); 871 memset(context->buffer, 0, SHA512_BLOCK_LENGTH - 2);
@@ -816,89 +884,127 @@ SHA512_Pad(SHA512_CTX *context)
816 context->bitcount[0]); 884 context->bitcount[0]);
817 885
818 /* Final transform: */ 886 /* Final transform: */
819 SHA512_Transform(context->state, context->buffer); 887 SHA512Transform(context->state.st64, context->buffer);
820 888
821 /* Clean up: */ 889 /* Clean up: */
822 usedspace = 0; 890 usedspace = 0;
823} 891}
892DEF_WEAK(SHA512Pad);
824 893
825void 894void
826SHA512_Final(u_int8_t digest[SHA512_DIGEST_LENGTH], SHA512_CTX *context) 895SHA512Final(u_int8_t digest[SHA512_DIGEST_LENGTH], SHA2_CTX *context)
827{ 896{
828 SHA512_Pad(context); 897 SHA512Pad(context);
829 898
830 /* If no digest buffer is passed, we don't bother doing this: */
831 if (digest != NULL) {
832#if BYTE_ORDER == LITTLE_ENDIAN 899#if BYTE_ORDER == LITTLE_ENDIAN
833 int i; 900 int i;
834 901
835 /* Convert TO host byte order */ 902 /* Convert TO host byte order */
836 for (i = 0; i < 8; i++) 903 for (i = 0; i < 8; i++)
837 BE_64_TO_8(digest + i * 8, context->state[i]); 904 BE_64_TO_8(digest + i * 8, context->state.st64[i]);
838#else 905#else
839 memcpy(digest, context->state, SHA512_DIGEST_LENGTH); 906 memcpy(digest, context->state.st64, SHA512_DIGEST_LENGTH);
840#endif 907#endif
841 memset(context, 0, sizeof(*context)); 908 explicit_bzero(context, sizeof(*context));
842 }
843} 909}
910DEF_WEAK(SHA512Final);
844 911
912#if !defined(SHA2_SMALL)
845 913
846/*** SHA-384: *********************************************************/ 914/*** SHA-384: *********************************************************/
847void 915void
848SHA384_Init(SHA384_CTX *context) 916SHA384Init(SHA2_CTX *context)
849{ 917{
850 if (context == NULL) 918 memcpy(context->state.st64, sha384_initial_hash_value,
851 return;
852 memcpy(context->state, sha384_initial_hash_value,
853 sizeof(sha384_initial_hash_value)); 919 sizeof(sha384_initial_hash_value));
854 memset(context->buffer, 0, sizeof(context->buffer)); 920 memset(context->buffer, 0, sizeof(context->buffer));
855 context->bitcount[0] = context->bitcount[1] = 0; 921 context->bitcount[0] = context->bitcount[1] = 0;
856} 922}
923DEF_WEAK(SHA384Init);
857 924
858#if 0 925MAKE_CLONE(SHA384Transform, SHA512Transform);
859__weak_alias(SHA384_Transform, SHA512_Transform); 926MAKE_CLONE(SHA384Update, SHA512Update);
860__weak_alias(SHA384_Update, SHA512_Update); 927MAKE_CLONE(SHA384Pad, SHA512Pad);
861__weak_alias(SHA384_Pad, SHA512_Pad); 928DEF_WEAK(SHA384Transform);
862#endif 929DEF_WEAK(SHA384Update);
930DEF_WEAK(SHA384Pad);
863 931
932/* Equivalent of MAKE_CLONE (which is a no-op) for SHA384 funcs */
864void 933void
865SHA384_Transform(u_int64_t state[8], const u_int8_t data[SHA512_BLOCK_LENGTH]) 934SHA384Transform(u_int64_t state[8], const u_int8_t data[SHA512_BLOCK_LENGTH])
866{ 935{
867 return SHA512_Transform(state, data); 936 SHA512Transform(state, data);
868} 937}
869 938
870void 939void
871SHA384_Update(SHA512_CTX *context, const u_int8_t *data, size_t len) 940SHA384Update(SHA2_CTX *context, const u_int8_t *data, size_t len)
872{ 941{
873 SHA512_Update(context, data, len); 942 SHA512Update(context, data, len);
874} 943}
875 944
876void 945void
877SHA384_Pad(SHA512_CTX *context) 946SHA384Pad(SHA2_CTX *context)
878{ 947{
879 SHA512_Pad(context); 948 SHA512Pad(context);
880} 949}
881 950
882void 951void
883SHA384_Final(u_int8_t digest[SHA384_DIGEST_LENGTH], SHA384_CTX *context) 952SHA384Final(u_int8_t digest[SHA384_DIGEST_LENGTH], SHA2_CTX *context)
884{ 953{
885 SHA384_Pad(context); 954 SHA384Pad(context);
886 955
887 /* If no digest buffer is passed, we don't bother doing this: */
888 if (digest != NULL) {
889#if BYTE_ORDER == LITTLE_ENDIAN 956#if BYTE_ORDER == LITTLE_ENDIAN
890 int i; 957 int i;
891 958
892 /* Convert TO host byte order */ 959 /* Convert TO host byte order */
893 for (i = 0; i < 6; i++) 960 for (i = 0; i < 6; i++)
894 BE_64_TO_8(digest + i * 8, context->state[i]); 961 BE_64_TO_8(digest + i * 8, context->state.st64[i]);
895#else 962#else
896 memcpy(digest, context->state, SHA384_DIGEST_LENGTH); 963 memcpy(digest, context->state.st64, SHA384_DIGEST_LENGTH);
897#endif 964#endif
898 } 965 /* Zero out state data */
966 explicit_bzero(context, sizeof(*context));
967}
968DEF_WEAK(SHA384Final);
969
970#if 0
971/*** SHA-512/256: *********************************************************/
972void
973SHA512_256Init(SHA2_CTX *context)
974{
975 memcpy(context->state.st64, sha512_256_initial_hash_value,
976 sizeof(sha512_256_initial_hash_value));
977 memset(context->buffer, 0, sizeof(context->buffer));
978 context->bitcount[0] = context->bitcount[1] = 0;
979}
980DEF_WEAK(SHA512_256Init);
899 981
982MAKE_CLONE(SHA512_256Transform, SHA512Transform);
983MAKE_CLONE(SHA512_256Update, SHA512Update);
984MAKE_CLONE(SHA512_256Pad, SHA512Pad);
985DEF_WEAK(SHA512_256Transform);
986DEF_WEAK(SHA512_256Update);
987DEF_WEAK(SHA512_256Pad);
988
989void
990SHA512_256Final(u_int8_t digest[SHA512_256_DIGEST_LENGTH], SHA2_CTX *context)
991{
992 SHA512_256Pad(context);
993
994#if BYTE_ORDER == LITTLE_ENDIAN
995 int i;
996
997 /* Convert TO host byte order */
998 for (i = 0; i < 4; i++)
999 BE_64_TO_8(digest + i * 8, context->state.st64[i]);
1000#else
1001 memcpy(digest, context->state.st64, SHA512_256_DIGEST_LENGTH);
1002#endif
900 /* Zero out state data */ 1003 /* Zero out state data */
901 memset(context, 0, sizeof(*context)); 1004 explicit_bzero(context, sizeof(*context));
902} 1005}
1006DEF_WEAK(SHA512_256Final);
1007#endif /* !defined(SHA2_SMALL) */
1008#endif /* 0 */
903 1009
904#endif /* defined(_NEED_SHA2) && !defined(HAVE_SHA256_UPDATE) */ 1010#endif /* HAVE_SHA{256,384,512}UPDATE */
diff --git a/openbsd-compat/sha2.h b/openbsd-compat/sha2.h
index c6e6c97a5..d051e96e8 100644
--- a/openbsd-compat/sha2.h
+++ b/openbsd-compat/sha2.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: sha2.h,v 1.6 2004/06/22 01:57:30 jfb Exp */ 1/* $OpenBSD: sha2.h,v 1.10 2016/09/03 17:00:29 tedu Exp $ */
2 2
3/* 3/*
4 * FILE: sha2.h 4 * FILE: sha2.h
@@ -41,18 +41,13 @@
41 41
42#include "includes.h" 42#include "includes.h"
43 43
44#ifdef WITH_OPENSSL 44#if !defined(HAVE_SHA256UPDATE) || !defined(HAVE_SHA384UPDATE) || \
45# include <openssl/opensslv.h> 45 !defined(HAVE_SHA512UPDATE)
46# if !defined(HAVE_EVP_SHA256) && (OPENSSL_VERSION_NUMBER >= 0x00907000L)
47# define _NEED_SHA2 1
48# endif
49#else
50# define _NEED_SHA2 1
51#endif
52
53#if defined(_NEED_SHA2) && !defined(HAVE_SHA256_UPDATE)
54 46
55/*** SHA-256/384/512 Various Length Definitions ***********************/ 47/*** SHA-256/384/512 Various Length Definitions ***********************/
48#define SHA224_BLOCK_LENGTH 64
49#define SHA224_DIGEST_LENGTH 28
50#define SHA224_DIGEST_STRING_LENGTH (SHA224_DIGEST_LENGTH * 2 + 1)
56#define SHA256_BLOCK_LENGTH 64 51#define SHA256_BLOCK_LENGTH 64
57#define SHA256_DIGEST_LENGTH 32 52#define SHA256_DIGEST_LENGTH 32
58#define SHA256_DIGEST_STRING_LENGTH (SHA256_DIGEST_LENGTH * 2 + 1) 53#define SHA256_DIGEST_STRING_LENGTH (SHA256_DIGEST_LENGTH * 2 + 1)
@@ -62,73 +57,118 @@
62#define SHA512_BLOCK_LENGTH 128 57#define SHA512_BLOCK_LENGTH 128
63#define SHA512_DIGEST_LENGTH 64 58#define SHA512_DIGEST_LENGTH 64
64#define SHA512_DIGEST_STRING_LENGTH (SHA512_DIGEST_LENGTH * 2 + 1) 59#define SHA512_DIGEST_STRING_LENGTH (SHA512_DIGEST_LENGTH * 2 + 1)
60#define SHA512_256_BLOCK_LENGTH 128
61#define SHA512_256_DIGEST_LENGTH 32
62#define SHA512_256_DIGEST_STRING_LENGTH (SHA512_256_DIGEST_LENGTH * 2 + 1)
65 63
66 64
67/*** SHA-256/384/512 Context Structures *******************************/ 65/*** SHA-224/256/384/512 Context Structure *******************************/
68typedef struct _SHA256_CTX { 66typedef struct _SHA2_CTX {
69 u_int32_t state[8]; 67 union {
70 u_int64_t bitcount; 68 u_int32_t st32[8];
71 u_int8_t buffer[SHA256_BLOCK_LENGTH]; 69 u_int64_t st64[8];
72} SHA256_CTX; 70 } state;
73typedef struct _SHA512_CTX {
74 u_int64_t state[8];
75 u_int64_t bitcount[2]; 71 u_int64_t bitcount[2];
76 u_int8_t buffer[SHA512_BLOCK_LENGTH]; 72 u_int8_t buffer[SHA512_BLOCK_LENGTH];
77} SHA512_CTX; 73} SHA2_CTX;
78 74
79typedef SHA512_CTX SHA384_CTX; 75#if 0
76__BEGIN_DECLS
77void SHA224Init(SHA2_CTX *);
78void SHA224Transform(u_int32_t state[8], const u_int8_t [SHA224_BLOCK_LENGTH]);
79void SHA224Update(SHA2_CTX *, const u_int8_t *, size_t)
80 __attribute__((__bounded__(__string__,2,3)));
81void SHA224Pad(SHA2_CTX *);
82void SHA224Final(u_int8_t [SHA224_DIGEST_LENGTH], SHA2_CTX *)
83 __attribute__((__bounded__(__minbytes__,1,SHA224_DIGEST_LENGTH)));
84char *SHA224End(SHA2_CTX *, char *)
85 __attribute__((__bounded__(__minbytes__,2,SHA224_DIGEST_STRING_LENGTH)));
86char *SHA224File(const char *, char *)
87 __attribute__((__bounded__(__minbytes__,2,SHA224_DIGEST_STRING_LENGTH)));
88char *SHA224FileChunk(const char *, char *, off_t, off_t)
89 __attribute__((__bounded__(__minbytes__,2,SHA224_DIGEST_STRING_LENGTH)));
90char *SHA224Data(const u_int8_t *, size_t, char *)
91 __attribute__((__bounded__(__string__,1,2)))
92 __attribute__((__bounded__(__minbytes__,3,SHA224_DIGEST_STRING_LENGTH)));
93#endif /* 0 */
80 94
81void SHA256_Init(SHA256_CTX *); 95#ifndef HAVE_SHA256UPDATE
82void SHA256_Transform(u_int32_t state[8], const u_int8_t [SHA256_BLOCK_LENGTH]); 96void SHA256Init(SHA2_CTX *);
83void SHA256_Update(SHA256_CTX *, const u_int8_t *, size_t) 97void SHA256Transform(u_int32_t state[8], const u_int8_t [SHA256_BLOCK_LENGTH]);
98void SHA256Update(SHA2_CTX *, const u_int8_t *, size_t)
84 __attribute__((__bounded__(__string__,2,3))); 99 __attribute__((__bounded__(__string__,2,3)));
85void SHA256_Pad(SHA256_CTX *); 100void SHA256Pad(SHA2_CTX *);
86void SHA256_Final(u_int8_t [SHA256_DIGEST_LENGTH], SHA256_CTX *) 101void SHA256Final(u_int8_t [SHA256_DIGEST_LENGTH], SHA2_CTX *)
87 __attribute__((__bounded__(__minbytes__,1,SHA256_DIGEST_LENGTH))); 102 __attribute__((__bounded__(__minbytes__,1,SHA256_DIGEST_LENGTH)));
88char *SHA256_End(SHA256_CTX *, char *) 103char *SHA256End(SHA2_CTX *, char *)
89 __attribute__((__bounded__(__minbytes__,2,SHA256_DIGEST_STRING_LENGTH))); 104 __attribute__((__bounded__(__minbytes__,2,SHA256_DIGEST_STRING_LENGTH)));
90char *SHA256_File(const char *, char *) 105char *SHA256File(const char *, char *)
91 __attribute__((__bounded__(__minbytes__,2,SHA256_DIGEST_STRING_LENGTH))); 106 __attribute__((__bounded__(__minbytes__,2,SHA256_DIGEST_STRING_LENGTH)));
92char *SHA256_FileChunk(const char *, char *, off_t, off_t) 107char *SHA256FileChunk(const char *, char *, off_t, off_t)
93 __attribute__((__bounded__(__minbytes__,2,SHA256_DIGEST_STRING_LENGTH))); 108 __attribute__((__bounded__(__minbytes__,2,SHA256_DIGEST_STRING_LENGTH)));
94char *SHA256_Data(const u_int8_t *, size_t, char *) 109char *SHA256Data(const u_int8_t *, size_t, char *)
95 __attribute__((__bounded__(__string__,1,2))) 110 __attribute__((__bounded__(__string__,1,2)))
96 __attribute__((__bounded__(__minbytes__,3,SHA256_DIGEST_STRING_LENGTH))); 111 __attribute__((__bounded__(__minbytes__,3,SHA256_DIGEST_STRING_LENGTH)));
112#endif /* HAVE_SHA256UPDATE */
97 113
98void SHA384_Init(SHA384_CTX *); 114#ifndef HAVE_SHA384UPDATE
99void SHA384_Transform(u_int64_t state[8], const u_int8_t [SHA384_BLOCK_LENGTH]); 115void SHA384Init(SHA2_CTX *);
100void SHA384_Update(SHA384_CTX *, const u_int8_t *, size_t) 116void SHA384Transform(u_int64_t state[8], const u_int8_t [SHA384_BLOCK_LENGTH]);
117void SHA384Update(SHA2_CTX *, const u_int8_t *, size_t)
101 __attribute__((__bounded__(__string__,2,3))); 118 __attribute__((__bounded__(__string__,2,3)));
102void SHA384_Pad(SHA384_CTX *); 119void SHA384Pad(SHA2_CTX *);
103void SHA384_Final(u_int8_t [SHA384_DIGEST_LENGTH], SHA384_CTX *) 120void SHA384Final(u_int8_t [SHA384_DIGEST_LENGTH], SHA2_CTX *)
104 __attribute__((__bounded__(__minbytes__,1,SHA384_DIGEST_LENGTH))); 121 __attribute__((__bounded__(__minbytes__,1,SHA384_DIGEST_LENGTH)));
105char *SHA384_End(SHA384_CTX *, char *) 122char *SHA384End(SHA2_CTX *, char *)
106 __attribute__((__bounded__(__minbytes__,2,SHA384_DIGEST_STRING_LENGTH))); 123 __attribute__((__bounded__(__minbytes__,2,SHA384_DIGEST_STRING_LENGTH)));
107char *SHA384_File(const char *, char *) 124char *SHA384File(const char *, char *)
108 __attribute__((__bounded__(__minbytes__,2,SHA384_DIGEST_STRING_LENGTH))); 125 __attribute__((__bounded__(__minbytes__,2,SHA384_DIGEST_STRING_LENGTH)));
109char *SHA384_FileChunk(const char *, char *, off_t, off_t) 126char *SHA384FileChunk(const char *, char *, off_t, off_t)
110 __attribute__((__bounded__(__minbytes__,2,SHA384_DIGEST_STRING_LENGTH))); 127 __attribute__((__bounded__(__minbytes__,2,SHA384_DIGEST_STRING_LENGTH)));
111char *SHA384_Data(const u_int8_t *, size_t, char *) 128char *SHA384Data(const u_int8_t *, size_t, char *)
112 __attribute__((__bounded__(__string__,1,2))) 129 __attribute__((__bounded__(__string__,1,2)))
113 __attribute__((__bounded__(__minbytes__,3,SHA384_DIGEST_STRING_LENGTH))); 130 __attribute__((__bounded__(__minbytes__,3,SHA384_DIGEST_STRING_LENGTH)));
131#endif /* HAVE_SHA384UPDATE */
114 132
115void SHA512_Init(SHA512_CTX *); 133#ifndef HAVE_SHA512UPDATE
116void SHA512_Transform(u_int64_t state[8], const u_int8_t [SHA512_BLOCK_LENGTH]); 134void SHA512Init(SHA2_CTX *);
117void SHA512_Update(SHA512_CTX *, const u_int8_t *, size_t) 135void SHA512Transform(u_int64_t state[8], const u_int8_t [SHA512_BLOCK_LENGTH]);
136void SHA512Update(SHA2_CTX *, const u_int8_t *, size_t)
118 __attribute__((__bounded__(__string__,2,3))); 137 __attribute__((__bounded__(__string__,2,3)));
119void SHA512_Pad(SHA512_CTX *); 138void SHA512Pad(SHA2_CTX *);
120void SHA512_Final(u_int8_t [SHA512_DIGEST_LENGTH], SHA512_CTX *) 139void SHA512Final(u_int8_t [SHA512_DIGEST_LENGTH], SHA2_CTX *)
121 __attribute__((__bounded__(__minbytes__,1,SHA512_DIGEST_LENGTH))); 140 __attribute__((__bounded__(__minbytes__,1,SHA512_DIGEST_LENGTH)));
122char *SHA512_End(SHA512_CTX *, char *) 141char *SHA512End(SHA2_CTX *, char *)
123 __attribute__((__bounded__(__minbytes__,2,SHA512_DIGEST_STRING_LENGTH))); 142 __attribute__((__bounded__(__minbytes__,2,SHA512_DIGEST_STRING_LENGTH)));
124char *SHA512_File(const char *, char *) 143char *SHA512File(const char *, char *)
125 __attribute__((__bounded__(__minbytes__,2,SHA512_DIGEST_STRING_LENGTH))); 144 __attribute__((__bounded__(__minbytes__,2,SHA512_DIGEST_STRING_LENGTH)));
126char *SHA512_FileChunk(const char *, char *, off_t, off_t) 145char *SHA512FileChunk(const char *, char *, off_t, off_t)
127 __attribute__((__bounded__(__minbytes__,2,SHA512_DIGEST_STRING_LENGTH))); 146 __attribute__((__bounded__(__minbytes__,2,SHA512_DIGEST_STRING_LENGTH)));
128char *SHA512_Data(const u_int8_t *, size_t, char *) 147char *SHA512Data(const u_int8_t *, size_t, char *)
129 __attribute__((__bounded__(__string__,1,2))) 148 __attribute__((__bounded__(__string__,1,2)))
130 __attribute__((__bounded__(__minbytes__,3,SHA512_DIGEST_STRING_LENGTH))); 149 __attribute__((__bounded__(__minbytes__,3,SHA512_DIGEST_STRING_LENGTH)));
150#endif /* HAVE_SHA512UPDATE */
151
152#if 0
153void SHA512_256Init(SHA2_CTX *);
154void SHA512_256Transform(u_int64_t state[8], const u_int8_t [SHA512_256_BLOCK_LENGTH]);
155void SHA512_256Update(SHA2_CTX *, const u_int8_t *, size_t)
156 __attribute__((__bounded__(__string__,2,3)));
157void SHA512_256Pad(SHA2_CTX *);
158void SHA512_256Final(u_int8_t [SHA512_256_DIGEST_LENGTH], SHA2_CTX *)
159 __attribute__((__bounded__(__minbytes__,1,SHA512_256_DIGEST_LENGTH)));
160char *SHA512_256End(SHA2_CTX *, char *)
161 __attribute__((__bounded__(__minbytes__,2,SHA512_256_DIGEST_STRING_LENGTH)));
162char *SHA512_256File(const char *, char *)
163 __attribute__((__bounded__(__minbytes__,2,SHA512_256_DIGEST_STRING_LENGTH)));
164char *SHA512_256FileChunk(const char *, char *, off_t, off_t)
165 __attribute__((__bounded__(__minbytes__,2,SHA512_256_DIGEST_STRING_LENGTH)));
166char *SHA512_256Data(const u_int8_t *, size_t, char *)
167 __attribute__((__bounded__(__string__,1,2)))
168 __attribute__((__bounded__(__minbytes__,3,SHA512_256_DIGEST_STRING_LENGTH)));
169__END_DECLS
170#endif /* 0 */
131 171
132#endif /* defined(_NEED_SHA2) && !defined(HAVE_SHA256_UPDATE) */ 172#endif /* HAVE_SHA{256,384,512}UPDATE */
133 173
134#endif /* _SSHSHA2_H */ 174#endif /* _SSHSHA2_H */
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-10 20:53:06 +0000