[openssl] master update
The branch master has been updated
via 3b1978e4860770089b6244c549059c43bd9cc4da (commit)
from 4aaed2a5fb06ea327f60eea9f17a8f31a664eb99 (commit)
- Log -
commit 3b1978e4860770089b6244c549059c43bd9cc4da
Author: Shane Lontis
Date: Mon Jun 21 14:01:36 2021 +1000
Change self test for AES_CGM to perform both an encrypt and decrypt.
This is a request from the lab that changes the AES_GCM test back to
perform both a encrypt and
decrypt. (This makes no logical sense since this is not an inverse cipher).
I have left the AES_ECB decrypt test in (although it may not be needed)
since it is actually testing the inverse cipher case.
Reviewed-by: Tim Hudson
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/15844)
---
Summary of changes:
doc/man7/OSSL_PROVIDER-FIPS.pod| 2 +-
include/openssl/self_test.h| 2 +-
providers/fips/self_test_data.inc | 2 +-
test/recipes/03-test_fipsinstall.t | 2 +-
4 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/doc/man7/OSSL_PROVIDER-FIPS.pod b/doc/man7/OSSL_PROVIDER-FIPS.pod
index b70d22749c..04aaa454df 100644
--- a/doc/man7/OSSL_PROVIDER-FIPS.pod
+++ b/doc/man7/OSSL_PROVIDER-FIPS.pod
@@ -267,7 +267,7 @@ Key generation tests used with the
"Pairwise_Consistency_Test" type.
"KAT_AsymmetricCipher" uses this to indicate an encrypt or decrypt KAT.
-=item "AES_GCM_Encrypt" (B)
+=item "AES_GCM" (B)
=item "AES_ECB_Decrypt" (B)
diff --git a/include/openssl/self_test.h b/include/openssl/self_test.h
index cc5278243b..b970d1b949 100644
--- a/include/openssl/self_test.h
+++ b/include/openssl/self_test.h
@@ -44,7 +44,7 @@ extern "C" {
# define OSSL_SELF_TEST_DESC_PCT_RSA_PKCS1 "RSA"
# define OSSL_SELF_TEST_DESC_PCT_ECDSA "ECDSA"
# define OSSL_SELF_TEST_DESC_PCT_DSA"DSA"
-# define OSSL_SELF_TEST_DESC_CIPHER_AES_GCM "AES_GCM_Encrypt"
+# define OSSL_SELF_TEST_DESC_CIPHER_AES_GCM "AES_GCM"
# define OSSL_SELF_TEST_DESC_CIPHER_AES_ECB "AES_ECB_Decrypt"
# define OSSL_SELF_TEST_DESC_CIPHER_TDES"TDES"
# define OSSL_SELF_TEST_DESC_ASYM_RSA_ENC "RSA_Encrypt"
diff --git a/providers/fips/self_test_data.inc
b/providers/fips/self_test_data.inc
index 7b6226574c..8c28144405 100644
--- a/providers/fips/self_test_data.inc
+++ b/providers/fips/self_test_data.inc
@@ -255,7 +255,7 @@ static const ST_KAT_CIPHER st_kat_cipher_tests[] = {
ITM(aes_256_gcm_pt),
ITM(aes_256_gcm_ct)
},
-CIPHER_MODE_ENCRYPT,
+CIPHER_MODE_ENCRYPT | CIPHER_MODE_DECRYPT,
ITM(aes_256_gcm_key),
ITM(aes_256_gcm_iv),
ITM(aes_256_gcm_aad),
diff --git a/test/recipes/03-test_fipsinstall.t
b/test/recipes/03-test_fipsinstall.t
index c243b3b3af..db64362538 100644
--- a/test/recipes/03-test_fipsinstall.t
+++ b/test/recipes/03-test_fipsinstall.t
@@ -195,7 +195,7 @@ ok(!run(app(['openssl', 'fipsinstall', '-out',
'fips_fail.cnf', '-module', $infi
ok(!run(app(['openssl', 'fipsinstall', '-out', 'fips_fail.cnf', '-module',
$infile,
'-provider_name', 'fips', '-mac_name', 'HMAC',
'-macopt', 'digest:SHA256', '-macopt', "hexkey:$fipskey",
-'-section_name', 'fips_sect', '-corrupt_desc',
'AES_GCM_Encrypt'])),
+'-section_name', 'fips_sect', '-corrupt_desc', 'AES_GCM'])),
"fipsinstall fails when the AES_GCM result is corrupted");
# corrupt cipher decrypt test
[web] master update
The branch master has been updated via 1570fc29ed21a46e7a7a3dd7c64f58a8ff976c29 (commit) from 9076297127056a7f2127e1040fb35bbefb7f8611 (commit) - Log - commit 1570fc29ed21a46e7a7a3dd7c64f58a8ff976c29 Author: Pauli Date: Wed Jun 9 12:53:31 2021 +1000 platform policy: add new targets Allow platforms that add but do not otherwise modify configuration to be added to LTS releases. Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte Reviewed-by: Tim Hudson Reviewed-by: Mark J. Cox (Merged from https://github.com/openssl/web/pull/243) --- Summary of changes: policies/releasestrat.html | 4 1 file changed, 4 insertions(+) diff --git a/policies/releasestrat.html b/policies/releasestrat.html index 4b3f4f0..5db0a0b 100644 --- a/policies/releasestrat.html +++ b/policies/releasestrat.html @@ -88,6 +88,10 @@ fixes. Before that, bug and security fixes will be applied as appropriate. + The addition of new platforms to LTS branches is acceptable so + long as the required changes consist solely of additions to + configuration. +
[openssl] master update
The branch master has been updated
via 4aaed2a5fb06ea327f60eea9f17a8f31a664eb99 (commit)
from d65d2963839433bb4f15525df37d0f4f799466e5 (commit)
- Log -
commit 4aaed2a5fb06ea327f60eea9f17a8f31a664eb99
Author: Shane Lontis
Date: Mon Jun 21 11:12:43 2021 +1000
Fix aes_core to use U64() macro..
AIX reported warnings of the form:
1506-207 (W) Integer constant 0x8080808080808080u out of range.
This truncation causes all startup self tests related to AES to fail.
Reviewed-by: Tomas Mraz
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/15842)
---
Summary of changes:
crypto/aes/aes_core.c | 293 ++
1 file changed, 151 insertions(+), 142 deletions(-)
diff --git a/crypto/aes/aes_core.c b/crypto/aes/aes_core.c
index 0c4f6115db..7b9989fd47 100644
--- a/crypto/aes/aes_core.c
+++ b/crypto/aes/aes_core.c
@@ -51,6 +51,15 @@
#include "aes_local.h"
#if !defined(OPENSSL_NO_AES_CONST_TIME) && !defined(AES_ASM)
+
+# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+# define U64(C) C##UI64
+# elif defined(__arch64__)
+# define U64(C) C##UL
+# else
+# define U64(C) C##ULL
+# endif
+
typedef union {
unsigned char b[8];
u32 w[2];
@@ -79,10 +88,10 @@ static void XtimeLong(u64 *w)
u64 a, b;
a = *w;
-b = a & 0x8080808080808080u;
+b = a & U64(0x8080808080808080);
a ^= b;
b -= b >> 7;
-b &= 0x1B1B1B1B1B1B1B1Bu;
+b &= U64(0x1B1B1B1B1B1B1B1B);
b ^= a << 1;
*w = b;
}
@@ -229,89 +238,89 @@ static void SubLong(u64 *w)
u64 x, y, a1, a2, a3, a4, a5, a6;
x = *w;
-y = ((x & 0xFEFEFEFEFEFEFEFEu) >> 1) | ((x & 0x0101010101010101u) << 7);
-x &= 0xu;
-x ^= y & 0x5757575757575757u;
-y = ((y & 0xFEFEFEFEFEFEFEFEu) >> 1) | ((y & 0x0101010101010101u) << 7);
-x ^= y & 0x1C1C1C1C1C1C1C1Cu;
-y = ((y & 0xFEFEFEFEFEFEFEFEu) >> 1) | ((y & 0x0101010101010101u) << 7);
-x ^= y & 0x4A4A4A4A4A4A4A4Au;
-y = ((y & 0xFEFEFEFEFEFEFEFEu) >> 1) | ((y & 0x0101010101010101u) << 7);
-x ^= y & 0x4242424242424242u;
-y = ((y & 0xFEFEFEFEFEFEFEFEu) >> 1) | ((y & 0x0101010101010101u) << 7);
-x ^= y & 0x6464646464646464u;
-y = ((y & 0xFEFEFEFEFEFEFEFEu) >> 1) | ((y & 0x0101010101010101u) << 7);
-x ^= y & 0xE0E0E0E0E0E0E0E0u;
+y = ((x & U64(0xFEFEFEFEFEFEFEFE)) >> 1) | ((x & U64(0x0101010101010101))
<< 7);
+x &= U64(0x);
+x ^= y & U64(0x5757575757575757);
+y = ((y & U64(0xFEFEFEFEFEFEFEFE)) >> 1) | ((y & U64(0x0101010101010101))
<< 7);
+x ^= y & U64(0x1C1C1C1C1C1C1C1C);
+y = ((y & U64(0xFEFEFEFEFEFEFEFE)) >> 1) | ((y & U64(0x0101010101010101))
<< 7);
+x ^= y & U64(0x4A4A4A4A4A4A4A4A);
+y = ((y & U64(0xFEFEFEFEFEFEFEFE)) >> 1) | ((y & U64(0x0101010101010101))
<< 7);
+x ^= y & U64(0x4242424242424242);
+y = ((y & U64(0xFEFEFEFEFEFEFEFE)) >> 1) | ((y & U64(0x0101010101010101))
<< 7);
+x ^= y & U64(0x6464646464646464);
+y = ((y & U64(0xFEFEFEFEFEFEFEFE)) >> 1) | ((y & U64(0x0101010101010101))
<< 7);
+x ^= y & U64(0xE0E0E0E0E0E0E0E0);
a1 = x;
-a1 ^= (x & 0xF0F0F0F0F0F0F0F0u) >> 4;
-a2 = ((x & 0xu) >> 2) | ((x & 0xu) << 2);
+a1 ^= (x & U64(0xF0F0F0F0F0F0F0F0)) >> 4;
+a2 = ((x & U64(0x)) >> 2) | ((x & U64(0x))
<< 2);
a3 = x & a1;
-a3 ^= (a3 & 0xu) >> 1;
-a3 ^= (((x << 1) & a1) ^ ((a1 << 1) & x)) & 0xu;
+a3 ^= (a3 & U64(0x)) >> 1;
+a3 ^= (((x << 1) & a1) ^ ((a1 << 1) & x)) & U64(0x);
a4 = a2 & a1;
-a4 ^= (a4 & 0xu) >> 1;
-a4 ^= (((a2 << 1) & a1) ^ ((a1 << 1) & a2)) & 0xu;
-a5 = (a3 & 0xu) >> 2;
-a3 ^= ((a4 << 2) ^ a4) & 0xu;
-a4 = a5 & 0xu;
+a4 ^= (a4 & U64(0x)) >> 1;
+a4 ^= (((a2 << 1) & a1) ^ ((a1 << 1) & a2)) & U64(0x);
+a5 = (a3 & U64(0x)) >> 2;
+a3 ^= ((a4 << 2) ^ a4) & U64(0x);
+a4 = a5 & U64(0x);
a4 |= a4 >> 1;
-a4 ^= (a5 << 1) & 0xu;
+a4 ^= (a5 << 1) & U64(0x);
a3 ^= a4;
-a5 = a3 & 0xA0A0A0A0A0A0A0A0u;
+a5 = a3 & U64(0xA0A0A0A0A0A0A0A0);
a5 |= a5 >> 1;
-a5 ^= (a3 << 1) & 0xA0A0A0A0A0A0A0A0u;
-a4 = a5 & 0xC0C0C0C0C0C0C0C0u;
+a5 ^= (a3 << 1) & U64(0xA0A0A0A0A0A0A0A0);
+a4 = a5 & U64(0xC0C0C0C0C0C0C0C0);
a6 = a4 >> 2;
-a4 ^= (a5 << 2) & 0xC0C0C0C0C0C0C0C0u;
-a5 = a6 & 0x2020202020202020u;
+a4 ^= (a5 << 2) & U64(0xC0C0C0C0C0C0C0C0);
+a5 = a6 & U64(0x2020202020202020);
a5 |= a5 >> 1;
-a5 ^= (a6 << 1) &
[openssl] master update
The branch master has been updated
via d65d2963839433bb4f15525df37d0f4f799466e5 (commit)
from 0c7ec1d2c3a47235ed1e5f9c65769955a41b8b26 (commit)
- Log -
commit d65d2963839433bb4f15525df37d0f4f799466e5
Author: Pauli
Date: Mon Jun 21 10:33:10 2021 +1000
asn1: properly clean up on failed BIO creation
Fixes coverity 1486070 through 1486077 and 1486079
Reviewed-by: Shane Lontis
Reviewed-by: Tomas Mraz
(Merged from https://github.com/openssl/openssl/pull/15841)
---
Summary of changes:
crypto/asn1/asn1_parse.c | 9 +
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/crypto/asn1/asn1_parse.c b/crypto/asn1/asn1_parse.c
index a131713d73..04d7ef66cf 100644
--- a/crypto/asn1/asn1_parse.c
+++ b/crypto/asn1/asn1_parse.c
@@ -27,6 +27,7 @@ static int asn1_print_info(BIO *bp, long offset, int depth,
int hl, long len,
int pop_f_prefix = 0;
long saved_indent = -1;
int i = 0;
+BIO *bio = NULL;
if (constructed & V_ASN1_CONSTRUCTED)
p = "cons: ";
@@ -43,7 +44,8 @@ static int asn1_print_info(BIO *bp, long offset, int depth,
int hl, long len,
}
if (bp != NULL) {
if (BIO_set_prefix(bp, str) <= 0) {
-if ((bp = BIO_push(BIO_new(BIO_f_prefix()), bp)) == NULL)
+if ((bio = BIO_new(BIO_f_prefix())) == NULL
+|| (bp = BIO_push(bio, bp)) == NULL)
goto err;
pop_f_prefix = 1;
}
@@ -72,10 +74,9 @@ static int asn1_print_info(BIO *bp, long offset, int depth,
int hl, long len,
err:
if (saved_indent >= 0)
BIO_set_indent(bp, saved_indent);
-if (pop_f_prefix) {
+if (pop_f_prefix)
BIO_pop(bp);
-BIO_free(bp);
-}
+BIO_free(bio);
return i;
}
[openssl] master update
The branch master has been updated
via 0c7ec1d2c3a47235ed1e5f9c65769955a41b8b26 (commit)
from 86f4e260262aad7524cd6a097592530fc818d3d4 (commit)
- Log -
commit 0c7ec1d2c3a47235ed1e5f9c65769955a41b8b26
Author: Pauli
Date: Mon Jun 21 10:06:50 2021 +1000
test: put the new DHE auto test in the correct place
Reviewed-by: Shane Lontis
(Merged from https://github.com/openssl/openssl/pull/15840)
---
Summary of changes:
test/recipes/80-test_ssl_old.t | 9 +++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/test/recipes/80-test_ssl_old.t b/test/recipes/80-test_ssl_old.t
index a69f53b606..b144bc9fb9 100644
--- a/test/recipes/80-test_ssl_old.t
+++ b/test/recipes/80-test_ssl_old.t
@@ -549,7 +549,7 @@ sub testssl {
}
SKIP: {
-skip "skipping PSK tests", 3
+skip "skipping PSK tests", 2
if ($no_psk);
ok(run(test([@ssltest, "-tls1", "-cipher", "PSK", "-psk",
"abc123"])),
@@ -557,10 +557,15 @@ sub testssl {
ok(run(test([@ssltest, "-bio_pair", "-tls1", "-cipher", "PSK",
"-psk", "abc123"])),
'test tls1 with PSK via BIO pair');
+ }
+
+SKIP: {
+skip "skipping auto DH PSK tests", 1
+if ($no_dh || $no_psk);
ok(run(test(['ssl_old_test', '-psk', '0102030405', '-cipher',
'@SECLEVEL=2:DHE-PSK-AES128-CCM'])),
'test auto DH meets security strength');
- }
+ }
}
};
[openssl] master update
The branch master has been updated
via 86f4e260262aad7524cd6a097592530fc818d3d4 (commit)
via 005505fbf84a93e6f1871c70cfc60bd1f3b86101 (commit)
from 11bac1b4c40464850c96225f92a9dc8ac54c35de (commit)
- Log -
commit 86f4e260262aad7524cd6a097592530fc818d3d4
Author: Matt Caswell
Date: Wed Jun 16 16:57:18 2021 +0100
Add a test for a custom rand provider
Reviewed-by: Tomas Mraz
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/15810)
commit 005505fbf84a93e6f1871c70cfc60bd1f3b86101
Author: Matt Caswell
Date: Thu Jun 17 11:44:10 2021 +0100
Ensure we remove libctx DRBG state before removing the provider store
Otherwise a heap use-after-free can result.
Fixes #15766
Reviewed-by: Tomas Mraz
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/15810)
---
Summary of changes:
crypto/rand/rand_lib.c | 2 +-
test/provfetchtest.c | 102 -
2 files changed, 102 insertions(+), 2 deletions(-)
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index 62bd1d6796..8f76c8a5f0 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -492,7 +492,7 @@ static void rand_ossl_ctx_free(void *vdgbl)
}
static const OSSL_LIB_CTX_METHOD rand_drbg_ossl_ctx_method = {
-OSSL_LIB_CTX_METHOD_DEFAULT_PRIORITY,
+OSSL_LIB_CTX_METHOD_PRIORITY_2,
rand_ossl_ctx_new,
rand_ossl_ctx_free,
};
diff --git a/test/provfetchtest.c b/test/provfetchtest.c
index 8570beecff..8717a03bc1 100644
--- a/test/provfetchtest.c
+++ b/test/provfetchtest.c
@@ -12,6 +12,8 @@
#include
#include
#include
+#include
+#include
#include "testutil.h"
static int dummy_decoder_decode(void *ctx, OSSL_CORE_BIO *cin, int selection,
@@ -84,6 +86,95 @@ static const OSSL_ALGORITHM dummy_store[] = {
{ NULL, NULL, NULL }
};
+static void *dummy_rand_newctx(void *provctx, void *parent,
+ const OSSL_DISPATCH *parent_calls)
+{
+return provctx;
+}
+
+static void dummy_rand_freectx(void *vctx)
+{
+}
+
+static int dummy_rand_instantiate(void *vdrbg, unsigned int strength,
+ int prediction_resistance,
+ const unsigned char *pstr, size_t pstr_len,
+ const OSSL_PARAM params[])
+{
+return 1;
+}
+
+static int dummy_rand_uninstantiate(void *vdrbg)
+{
+return 1;
+}
+
+static int dummy_rand_generate(void *vctx, unsigned char *out, size_t outlen,
+ unsigned int strength, int
prediction_resistance,
+ const unsigned char *addin, size_t addin_len)
+{
+size_t i;
+
+for (i = 0; i
[openssl] master update
The branch master has been updated
via 11bac1b4c40464850c96225f92a9dc8ac54c35de (commit)
via e1fdd5262e4a45ce3aaa631768e877ee7b6da21b (commit)
from b6c276e77295e6d9f99b83c64c3c7df5ca8c5d97 (commit)
- Log -
commit 11bac1b4c40464850c96225f92a9dc8ac54c35de
Author: John Baldwin
Date: Wed Dec 23 16:15:01 2020 -0800
Add tests for KTLS with Chacha20-Poly1035.
Reviewed-by: Matt Caswell
Reviewed-by: Tomas Mraz
(Merged from https://github.com/openssl/openssl/pull/15814)
commit e1fdd5262e4a45ce3aaa631768e877ee7b6da21b
Author: John Baldwin
Date: Wed Dec 23 15:28:34 2020 -0800
Refactor KTLS tests to better support TLS 1.3.
- Use SSL_set_ciphersuites for TLS 1.3 tests instead of using
SSL_set_cipher_list.
- Don't bother passing a sequence number size to KTLS test functions.
These functions always test TLS (and not DTLS) for which the
sequence size is always the same. In addition, even for DTLS the
check in question (verifying that the sequence number fields in SSL
do not change) should still pass when doing a before/after
comparison of the field.
- Define a helper structure to hold the TLS version and cipher name
for a single KTLS test.
- Define an array of such structures with valid KTLS ciphers and move
#ifdef's for TLS versions and supported ciphers out of test
functions and instead use them to define the valid members of this
array. This also permits using TLS 1.3 cipher suite names for
TLS 1.3 tests.
- Use separate tests per cipher for test_ktls to give more
fine-grained pass/fail results as is already done for
test_ktls_sendfile.
- While here, rename test_ktls_sendfile to execute_test_ktls_sendfile
and test_ktls_sendfile_anytls to test_ktls_sendfile. This is more
consistent with the naming used for test_ktls as well as other tests
in this file.
- Close the file descriptors used for temporary sockets in ktls tests.
- Don't assume that KTLS is supported for all compile-time supported
cipher suites at runtime. If the kernel fails to offload a given
cipher suite, skip the test rather than failing it. FreeBSD kernels
may not offload all of the cipher suites supported by its KTLS if a
suitable driver or KTLS backend is not present.
Reviewed-by: Matt Caswell
Reviewed-by: Tomas Mraz
(Merged from https://github.com/openssl/openssl/pull/15814)
---
Summary of changes:
include/internal/ktls.h | 6 -
test/helpers/ssltestlib.c | 35 +++--
test/sslapitest.c | 330 +-
3 files changed, 195 insertions(+), 176 deletions(-)
diff --git a/include/internal/ktls.h b/include/internal/ktls.h
index b572e681c5..95492fd065 100644
--- a/include/internal/ktls.h
+++ b/include/internal/ktls.h
@@ -41,12 +41,6 @@
# define OPENSSL_KTLS_AES_GCM_256
# define OPENSSL_KTLS_TLS13
-/*
- * Only used by the tests in sslapitest.c.
- */
-# define TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE 8
-# define TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE 8
-
typedef struct tls_enable ktls_crypto_info_t;
/*
diff --git a/test/helpers/ssltestlib.c b/test/helpers/ssltestlib.c
index 52b1799b68..2d992cde23 100644
--- a/test/helpers/ssltestlib.c
+++ b/test/helpers/ssltestlib.c
@@ -774,16 +774,13 @@ static int set_nb(int fd)
return flags;
}
-int create_test_sockets(int *cfd, int *sfd)
+int create_test_sockets(int *cfdp, int *sfdp)
{
struct sockaddr_in sin;
const char *host = "127.0.0.1";
int cfd_connected = 0, ret = 0;
socklen_t slen = sizeof(sin);
-int afd = -1;
-
-*cfd = -1;
-*sfd = -1;
+int afd = -1, cfd = -1, sfd = -1;
memset ((char *) , 0, sizeof(sin));
sin.sin_family = AF_INET;
@@ -802,37 +799,39 @@ int create_test_sockets(int *cfd, int *sfd)
if (listen(afd, 1) < 0)
goto out;
-*cfd = socket(AF_INET, SOCK_STREAM, 0);
-if (*cfd < 0)
+cfd = socket(AF_INET, SOCK_STREAM, 0);
+if (cfd < 0)
goto out;
if (set_nb(afd) == -1)
goto out;
-while (*sfd == -1 || !cfd_connected ) {
-*sfd = accept(afd, NULL, 0);
-if (*sfd == -1 && errno != EAGAIN)
+while (sfd == -1 || !cfd_connected ) {
+sfd = accept(afd, NULL, 0);
+if (sfd == -1 && errno != EAGAIN)
goto out;
-if (!cfd_connected && connect(*cfd, (struct sockaddr*),
sizeof(sin)) < 0)
+if (!cfd_connected && connect(cfd, (struct sockaddr*),
sizeof(sin)) < 0)
goto out;
else
cfd_connected = 1;
}
-if (set_nb(*cfd) == -1 || set_nb(*sfd) == -1)
+if (set_nb(cfd) == -1 || set_nb(sfd) == -1)
goto out;
ret = 1;
+
