fw_update(8) improve verbose output
After getting fw_update(8) into a state where it could get some testing, I found that the man page indicated that -v should indicate different levels of verbosity and I currently only had one. This was useful as I didn't really like the output anyway. Now one -v prints out an additional line when it's doing something to the firmware. Two add a progress bar and mentions "detecting". Three provide a bit more debugging mostly from ftp(1). Also a couple extra small improvements, hiding errors from killing the ftp subprocess which could happen if it exits before we do, just using `firmware_devicename "$_d"` instead of `echo "${...}"`, and using a normal [=] comparison instead of [[=]] because we don't want pattern matching there. Comments, OK? Index: usr.sbin/fw_update/fw_update.sh === RCS file: /cvs/src/usr.sbin/fw_update/fw_update.sh,v retrieving revision 1.24 diff -u -p -r1.24 fw_update.sh --- usr.sbin/fw_update/fw_update.sh 5 Jan 2022 16:32:46 - 1.24 +++ usr.sbin/fw_update/fw_update.sh 6 Jan 2022 01:28:03 - @@ -35,7 +35,7 @@ FWURL=http://firmware.openbsd.org/firmwa FWPUB_KEY=${DESTDIR}/etc/signify/openbsd-${VERSION}-fw.pub DRYRUN=false -VERBOSE=false +VERBOSE=0 DELETE=false DOWNLOAD=true INSTALL=true @@ -75,14 +75,17 @@ fetch() { # we have su(1) and doas(1) is unlikely to be configured. set -o monitor # make sure ftp gets its own process group ( - flags=-VM - "$VERBOSE" && flags=-vm + _flags=-vm + case "$VERBOSE" in + 0|1) _flags=-VM ;; + 2) _flags=-Vm ;; + esac if [ -x /usr/bin/su ]; then exec /usr/bin/su -s /bin/ksh "$_user" -c \ - "/usr/bin/ftp -N '${0##/}' -D 'Get/Verify' $flags -o- '$_src'" > "$_dst" + "/usr/bin/ftp -N '${0##/}' -D 'Get/Verify' $_flags -o- '$_src'" > "$_dst" else exec /usr/bin/doas -u "$_user" \ - /usr/bin/ftp -N "${0##/}" -D 'Get/Verify' $flags -o- "$_src" > "$_dst" + /usr/bin/ftp -N "${0##/}" -D 'Get/Verify' $_flags -o- "$_src" > "$_dst" fi ) & FTPPID=$! set +o monitor @@ -97,7 +100,7 @@ fetch() { SECONDS=0 sleep 1 else - kill -INT -"$FTPPID" + kill -INT -"$FTPPID" 2>/dev/null _error=" (timed out)" fi else @@ -183,24 +186,28 @@ detect_firmware() { set -sA _devices -- $( firmware_in_dmesg for _d in $( installed_firmware '*' '-firmware-' '*' ); do - echo "$( firmware_devicename "$_d" )" + firmware_devicename "$_d" done ) [ "${_devices[*]:-}" ] || return 0 for _d in "${_devices[@]}"; do - [[ $_last = $_d ]] && continue - echo $_d + [ "$_last" = "$_d" ] && continue + echo "$_d" _last="$_d" done } add_firmware () { - local _f="${1##*/}" _pkgname + local _f="${1##*/}" _m="${2:-Install}" _pkgname FWPKGTMP="$( tmpdir "${DESTDIR}/var/db/pkg/.firmware" )" - local flags=-VM - "$VERBOSE" && flags=-vm - ftp -N "${0##/}" -D "Install" "$flags" -o- "file:${1}" | + local _flags=-vm + case "$VERBOSE" in + 0|1) _flags=-VM ;; + 2|3) _flags=-Vm ;; + esac + + ftp -N "${0##/}" -D "$_m" "$_flags" -o- "file:${1}" | tar -s ",^\+,${FWPKGTMP}/+," \ -s ",^firmware,${DESTDIR}/etc/firmware," \ -C / -zxphf - "+*" "firmware/*" @@ -232,7 +239,7 @@ delete_firmware() { local _cwd _pkg="$1" _pkgdir="${DESTDIR}/var/db/pkg" # TODO: Check hash for files before deleting - "$VERBOSE" && echo "Uninstalling $_pkg" + [ "$VERBOSE" -gt 2 ] && echo -n "Uninstall $_pkg ..." _cwd="${_pkgdir}/$_pkg" if [ ! -e "$_cwd/+CONTENTS" ] || @@ -267,6 +274,10 @@ delete_firmware() { rm -f "$_r" fi done + + [ "$VERBOSE" -gt 2 ] && echo " done." + + return 0 } usage() { @@ -284,7 +295,7 @@ do D) OPT_D=true ;; n) DRYRUN=true ;; p) LOCALSRC="$OPTARG" ;; - v) VERBOSE=true ;; + v) VERBOSE=$(( VERBOSE + 1 )) ;; :) echo "${0##*/}: option requires an argument -- -$OPTARG" >&2 usage 2 @@ -327,6 +338,9 @@ set -sA devices -- "$@" if "$DELETE"; then [ "$OPT_D" ] && usage 22 + # Show the "Uninstalling" message when just deleting not upgrading + [ "$VERBOSE" -gt 1 ] && VEROBOSE=3 + set -A installed if [ "${devices[*]:-}" ]; then "$ALL" && usage 22 @@ -354,7 +368,7 @@
msk(4): handle status ring entries as a single 64bit word
and then shift and mask the interesting bits out. this works on an overdrive 1000, where i discovered that arm64 appears to have a single instruction for shift/mask. maybe too much churn to be worth it? Index: if_msk.c === RCS file: /cvs/src/sys/dev/pci/if_msk.c,v retrieving revision 1.137 diff -u -p -r1.137 if_msk.c --- if_msk.c5 Jan 2022 03:53:26 - 1.137 +++ if_msk.c6 Jan 2022 00:38:18 - @@ -120,6 +120,53 @@ #include #include +#define MSK_STATUS_OWN_SHIFT 63 +#define MSK_STATUS_OWN_MASK0x1 +#define MSK_STATUS_OPCODE_SHIFT56 +#define MSK_STATUS_OPCODE_MASK 0x7f + +#define MSK_STATUS_OWN(_d) \ +(((_d) >> MSK_STATUS_OWN_SHIFT) & MSK_STATUS_OWN_MASK) +#define MSK_STATUS_OPCODE(_d) \ +(((_d) >> MSK_STATUS_OPCODE_SHIFT) & MSK_STATUS_OPCODE_MASK) + +#define MSK_STATUS_OPCODE_RXSTAT 0x60 +#define MSK_STATUS_OPCODE_RXTIMESTAMP 0x61 +#define MSK_STATUS_OPCODE_RXVLAN 0x62 +#define MSK_STATUS_OPCODE_RXCKSUM 0x64 +#define MSK_STATUS_OPCODE_RXCKSUMVLAN \ +(MSK_STATUS_OPCODE_RXVLAN | MSK_STATUS_OPCODE_RXCKSUM) +#define MSK_STATUS_OPCODE_RXTIMEVLAN \ +(MSK_STATUS_OPCODE_RXVLAN | MSK_STATUS_OPCODE_RXTIMESTAMP) +#define MSK_STATUS_OPCODE_RSS_HASH 0x65 +#define MSK_STATUS_OPCODE_TXIDX0x68 +#define MSK_STATUS_OPCODE_MACSEC 0x6c +#define MSK_STATUS_OPCODE_PUTIDX 0x70 + +#define MSK_STATUS_RXSTAT_PORT_SHIFT 48 +#define MSK_STATUS_RXSTAT_PORT_MASK0x1 +#define MSK_STATUS_RXSTAT_LEN_SHIFT32 +#define MSK_STATUS_RXSTAT_LEN_MASK 0x +#define MSK_STATUS_RXSTAT_STATUS_SHIFT 0 +#define MSK_STATUS_RXSTAT_STATUS_MASK 0x + +#define MSK_STATUS_RXSTAT_PORT(_d) \ +(((_d) >> MSK_STATUS_RXSTAT_PORT_SHIFT) & MSK_STATUS_RXSTAT_PORT_MASK) +#define MSK_STATUS_RXSTAT_LEN(_d) \ +(((_d) >> MSK_STATUS_RXSTAT_LEN_SHIFT) & MSK_STATUS_RXSTAT_LEN_MASK) +#define MSK_STATUS_RXSTAT_STATUS(_d) \ +(((_d) >> MSK_STATUS_RXSTAT_STATUS_SHIFT) & MSK_STATUS_RXSTAT_STATUS_MASK) + +#define MSK_STATUS_TXIDX_PORTA_SHIFT 0 +#define MSK_STATUS_TXIDX_PORTA_MASK0xfff +#define MSK_STATUS_TXIDX_PORTB_SHIFT 24 +#define MSK_STATUS_TXIDX_PORTB_MASK0xfff + +#define MSK_STATUS_TXIDX_PORTA(_d) \ +(((_d) >> MSK_STATUS_TXIDX_PORTA_SHIFT) & MSK_STATUS_TXIDX_PORTA_MASK) +#define MSK_STATUS_TXIDX_PORTB(_d) \ +(((_d) >> MSK_STATUS_TXIDX_PORTB_SHIFT) & MSK_STATUS_TXIDX_PORTB_MASK) + int mskc_probe(struct device *, void *, void *); void mskc_attach(struct device *, struct device *self, void *aux); int mskc_detach(struct device *, int); @@ -624,6 +671,7 @@ mskc_reset(struct sk_softc *sc) { u_int32_t imtimer_ticks, reg1; int reg; + unsigned int i; DPRINTFN(2, ("mskc_reset\n")); @@ -758,8 +806,8 @@ mskc_reset(struct sk_softc *sc) } /* Reset status ring. */ - bzero(sc->sk_status_ring, - MSK_STATUS_RING_CNT * sizeof(struct msk_status_desc)); + for (i = 0; i < MSK_STATUS_RING_CNT; i++) + sc->sk_status_ring[i] = htole64(0); sc->sk_status_idx = 0; sk_win_write_4(sc, SK_STAT_BMU_CSR, SK_STAT_BMU_RESET); @@ -1138,8 +1186,8 @@ mskc_attach(struct device *parent, struc sc->sk_pc = pc; if (bus_dmamem_alloc(sc->sc_dmatag, - MSK_STATUS_RING_CNT * sizeof(struct msk_status_desc), - MSK_STATUS_RING_CNT * sizeof(struct msk_status_desc), + MSK_STATUS_RING_CNT * sizeof(uint64_t), + MSK_STATUS_RING_CNT * sizeof(uint64_t), 0, &sc->sk_status_seg, 1, &sc->sk_status_nseg, BUS_DMA_NOWAIT | BUS_DMA_ZERO)) { printf(": can't alloc status buffers\n"); @@ -1148,27 +1196,27 @@ mskc_attach(struct device *parent, struc if (bus_dmamem_map(sc->sc_dmatag, &sc->sk_status_seg, sc->sk_status_nseg, - MSK_STATUS_RING_CNT * sizeof(struct msk_status_desc), + MSK_STATUS_RING_CNT * sizeof(uint64_t), &kva, BUS_DMA_NOWAIT)) { - printf(": can't map dma buffers (%lu bytes)\n", - (ulong)(MSK_STATUS_RING_CNT * sizeof(struct msk_status_desc))); + printf(": can't map dma buffers (%zu bytes)\n", + MSK_STATUS_RING_CNT * sizeof(uint64_t)); goto fail_3; } if (bus_dmamap_create(sc->sc_dmatag, - MSK_STATUS_RING_CNT * sizeof(struct msk_status_desc), 1, - MSK_STATUS_RING_CNT * sizeof(struct msk_status_desc), 0, + MSK_STATUS_RING_CNT * sizeof(uint64_t), 1, + MSK_STATUS_RING_CNT * sizeof(uint64_t), 0, BUS_DMA_NOWAIT | BUS_DMA_ALLOCNOW | BUS_DMA_64BIT, &sc->sk_status_map)) { printf(": can't create dma map\n"); goto fail_4; } if (bus_dmamap_load(sc->sc_dmatag, sc->sk_status_map, kva, - MSK_STATUS_RING_CNT * sizeof(struct
Re: snmpd(8): New application layer - step towards agentx support
On Wed, Jan 05, 2022 at 06:17:46PM +0100, Martijn van Duren wrote: > Problem found: The code was compiled on -stable, which I apparently > misread. There's changes in libutil in current that this diff needs. > > Pending Joel's results: Anyone else wanting to chime in? > I installed -current on a VM, grabbed -current sources and applied your patches. Then I ran the patched snmpd using my "standard configuration" which implies authenticated v3 only. Targetting the patched snmpd: - Using "-current snmp walk" from that VM works properly. - Using "-stable snmpwalk" from my 7.0-stable laptop works properly. - Using "snmpwalk" from a Synology works properly. - Using "telegraf inputs.snmp" from Docker works properly. Regards, Joel C.
Re: hi?
On Wed, Jan 05, 2022 at 03:51:32PM -0500, fo...@dnmx.org wrote: > Hello? I am new to mailing lists You are successfully subscribed to the list and your posts are being received.
hi?
Hello? I am new to mailing lists
Re: snmpd(8): New application layer - step towards agentx support
Problem found: The code was compiled on -stable, which I apparently misread. There's changes in libutil in current that this diff needs. Pending Joel's results: Anyone else wanting to chime in? On Mon, 2022-01-03 at 15:09 +0100, Joel Carnat wrote: > Hello, > > I have just patched my snmpd from -current ; everything else is > 7.0-stable. I'm not sure what happens but I use the same snmpd.conf and > connects to snmpd from another machine using > > # snmpwalk -v 3 -a SHA -A "changeme" -l authPriv -u telegraf \ > -x AES -X "changeme" server > > But using the patched snmpd, I get the following error: > mib_2 = No Such Object available on this agent at this OID. Using the > 7.0 version, it works perfectly. > > I can send full snmpd logs if you think it's usefull. > > Regards, > Joel C. > > On 1/3/22 13:57, Martijn van Duren wrote: > > On Sun, 2021-11-21 at 14:58 +0100, Martijn van Duren wrote: > > > On Sun, 2021-11-14 at 14:35 +, Stuart Henderson wrote: > > > > On 2021/11/14 11:49, Martijn van Duren wrote: > > > > > sthen@ found an issue when using this diff with netsnmp tools. > > > > > > > > > > The problem was that I put the requestID in the msgID, resulting > > > > > in a mismatch upon receiving the reply. The reason that snmp(1) > > > > > works is because msgID and requestID are the same. > > > > > Diff below fixes things. > > > > > > > > This version works for me, and the runtime increase with librenms > > > > fetches and polls (which use a mixture of get/bulkwalk) is acceptable > > > > (10% or so). > > > > > > > Anyone else put this through a test? I want to move forward with this. > > > > > > martijn@ > > > > > 2 month ping. > > So far I only have gotten test results from sthen@. > > Should I just put this in or is someone planning to actually look into > > the code? > > > > martijn@
Re: npppd: move EVP_* to heap
On Wed, 05 Jan 2022 17:37:19 +0100, Theo Buehler wrote: > Right, thanks. Changed to use EVP_DigestInit_ex, EVP_DigestFinal_ex and > dropping EVP_MD_CTX_reset() which is no longer needed. > > I included the radiusctl diff here since it is really the same diff. Looks good to me. OK millert@ - todd
Re: npppd: move EVP_* to heap
On Wed, Jan 05, 2022 at 09:00:32AM -0700, Todd C. Miller wrote: > On Wed, 05 Jan 2022 10:56:02 +0100, Theo Buehler wrote: > > > Another change needed for the upcoming libcrypto bump. Unfortunately, > > the code is structured in a way that it makes error checking hard since > > there are several layers of void functions. > > Should this not be using EVP_DigestInit_ex() instead? > Otherwise there is a useless call to EVP_MD_CTX_init(). Right, thanks. Changed to use EVP_DigestInit_ex, EVP_DigestFinal_ex and dropping EVP_MD_CTX_reset() which is no longer needed. I included the radiusctl diff here since it is really the same diff. Index: usr.sbin/npppd/npppd/chap_ms.c === RCS file: /cvs/src/usr.sbin/npppd/npppd/chap_ms.c,v retrieving revision 1.8 diff -u -p -r1.8 chap_ms.c --- usr.sbin/npppd/npppd/chap_ms.c 29 Mar 2021 03:54:39 - 1.8 +++ usr.sbin/npppd/npppd/chap_ms.c 5 Jan 2022 16:35:45 - @@ -134,19 +134,21 @@ mschap_challenge_response(u_int8_t *chal void mschap_ntpassword_hash(u_int8_t *in, int inlen, u_int8_t *hash) { - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx; u_intmdlen; - EVP_DigestInit(&ctx, EVP_md4()); - EVP_DigestUpdate(&ctx, in, inlen); - EVP_DigestFinal(&ctx, hash, &mdlen); + ctx = EVP_MD_CTX_new(); + EVP_DigestInit_ex(ctx, EVP_md4(), NULL); + EVP_DigestUpdate(ctx, in, inlen); + EVP_DigestFinal_ex(ctx, hash, &mdlen); + EVP_MD_CTX_free(ctx); } void mschap_challenge_hash(u_int8_t *peer_challenge, u_int8_t *auth_challenge, u_int8_t *username, int usernamelen, u_int8_t *challenge) { - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx; u_int8_t md[SHA_DIGEST_LENGTH]; u_intmdlen; u_int8_t*name; @@ -156,11 +158,13 @@ mschap_challenge_hash(u_int8_t *peer_cha else name++; - EVP_DigestInit(&ctx, EVP_sha1()); - EVP_DigestUpdate(&ctx, peer_challenge, MSCHAPV2_CHALLENGE_SZ); - EVP_DigestUpdate(&ctx, auth_challenge, MSCHAPV2_CHALLENGE_SZ); - EVP_DigestUpdate(&ctx, name, strlen(name)); - EVP_DigestFinal(&ctx, md, &mdlen); + ctx = EVP_MD_CTX_new(); + EVP_DigestInit_ex(ctx, EVP_sha1(), NULL); + EVP_DigestUpdate(ctx, peer_challenge, MSCHAPV2_CHALLENGE_SZ); + EVP_DigestUpdate(ctx, auth_challenge, MSCHAPV2_CHALLENGE_SZ); + EVP_DigestUpdate(ctx, name, strlen(name)); + EVP_DigestFinal_ex(ctx, md, &mdlen); + EVP_MD_CTX_free(ctx); memcpy(challenge, md, MSCHAP_CHALLENGE_SZ); } @@ -185,7 +189,7 @@ mschap_auth_response(u_int8_t *password, u_int8_t *ntresponse, u_int8_t *auth_challenge, u_int8_t *peer_challenge, u_int8_t *username, int usernamelen, u_int8_t *auth_response) { - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx; u_int8_t password_hash[MSCHAP_HASH_SZ]; u_int8_t password_hash2[MSCHAP_HASH_SZ]; u_int8_t challenge[MSCHAP_CHALLENGE_SZ]; @@ -210,20 +214,22 @@ mschap_auth_response(u_int8_t *password, mschap_ntpassword_hash(password, passwordlen, password_hash); mschap_ntpassword_hash(password_hash, MSCHAP_HASH_SZ, password_hash2); - EVP_DigestInit(&ctx, EVP_sha1()); - EVP_DigestUpdate(&ctx, password_hash2, sizeof(password_hash2)); - EVP_DigestUpdate(&ctx, ntresponse, 24); - EVP_DigestUpdate(&ctx, magic1, 39); - EVP_DigestFinal(&ctx, md, &mdlen); + ctx = EVP_MD_CTX_new(); + EVP_DigestInit_ex(ctx, EVP_sha1(), NULL); + EVP_DigestUpdate(ctx, password_hash2, sizeof(password_hash2)); + EVP_DigestUpdate(ctx, ntresponse, 24); + EVP_DigestUpdate(ctx, magic1, 39); + EVP_DigestFinal_ex(ctx, md, &mdlen); mschap_challenge_hash(peer_challenge, auth_challenge, username, usernamelen, challenge); - EVP_DigestInit(&ctx, EVP_sha1()); - EVP_DigestUpdate(&ctx, md, sizeof(md)); - EVP_DigestUpdate(&ctx, challenge, sizeof(challenge)); - EVP_DigestUpdate(&ctx, magic2, 41); - EVP_DigestFinal(&ctx, md, &mdlen); + EVP_DigestInit_ex(ctx, EVP_sha1(), NULL); + EVP_DigestUpdate(ctx, md, sizeof(md)); + EVP_DigestUpdate(ctx, challenge, sizeof(challenge)); + EVP_DigestUpdate(ctx, magic2, 41); + EVP_DigestFinal_ex(ctx, md, &mdlen); + EVP_MD_CTX_free(ctx); /* * Encode the value of 'Digest' as "S=" followed by @@ -247,18 +253,20 @@ mschap_masterkey(u_int8_t *password_hash { u_int8_t md[SHA_DIGEST_LENGTH]; u_intmdlen; - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx; static u_int8_t magic1[27] = { 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x74, 0x68, 0x65, 0x20, 0x4d, 0x50, 0x50, 0x45, 0x20, 0x4d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x20, 0x4b, 0x65
Re: fpos_t in funopen(3)
On Wed, 29 Dec 2021 15:28:57 -0600, Joe Nelson wrote: > Here's a patch. That looks correct to me. Since fpos_t just an alias for off_t on OpenBSD I don't think we need any shared library version bumps. - todd
Re: npppd: move EVP_* to heap
On Wed, 05 Jan 2022 10:56:02 +0100, Theo Buehler wrote: > Another change needed for the upcoming libcrypto bump. Unfortunately, > the code is structured in a way that it makes error checking hard since > there are several layers of void functions. Should this not be using EVP_DigestInit_ex() instead? Otherwise there is a useless call to EVP_MD_CTX_init(). - todd
Re: rpki-client parser refactor
On Wed, Jan 05, 2022 at 11:45:55AM +0100, Claudio Jeker wrote: > This changes the last proc_parser function over to not pass the entity to > the function. In this case apart from file we also need to pass the public > key of the TA and the tal identifier. > > Change is mechanical and makes all callers work the same way. ok tb > -- > :wq Claudio > > Index: parser.c > === > RCS file: /cvs/src/usr.sbin/rpki-client/parser.c,v > retrieving revision 1.32 > diff -u -p -r1.32 parser.c > --- parser.c 4 Jan 2022 18:41:32 - 1.32 > +++ parser.c 5 Jan 2022 09:49:07 - > @@ -246,8 +246,7 @@ proc_parser_mft(char *file, const unsign > * parse failure. > */ > static struct cert * > -proc_parser_cert(char *file, const unsigned char *der, > -size_t len) > +proc_parser_cert(char *file, const unsigned char *der, size_t len) > { > struct cert *cert; > X509*x509; > @@ -325,8 +324,8 @@ proc_parser_cert(char *file, const unsig > * parse failure. > */ > static struct cert * > -proc_parser_root_cert(const struct entity *entp, const unsigned char *der, > -size_t len) > +proc_parser_root_cert(char *file, const unsigned char *der, size_t len, > +unsigned char *pkey, size_t pkeysz, int talid) > { > charsubject[256]; > ASN1_TIME *notBefore, *notAfter; > @@ -334,52 +333,49 @@ proc_parser_root_cert(const struct entit > struct cert *cert; > X509*x509; > > - assert(entp->data != NULL); > - > /* Extract certificate data and X509. */ > > - cert = ta_parse(&x509, entp->file, der, len, entp->data, entp->datasz); > + cert = ta_parse(&x509, file, der, len, pkey, pkeysz); > if (cert == NULL) > return NULL; > > if ((name = X509_get_subject_name(x509)) == NULL) { > - warnx("%s Unable to get certificate subject", entp->file); > + warnx("%s Unable to get certificate subject", file); > goto badcert; > } > if (X509_NAME_oneline(name, subject, sizeof(subject)) == NULL) { > - warnx("%s: Unable to parse certificate subject name", > - entp->file); > + warnx("%s: Unable to parse certificate subject name", file); > goto badcert; > } > if ((notBefore = X509_get_notBefore(x509)) == NULL) { > warnx("%s: certificate has invalid notBefore, subject='%s'", > - entp->file, subject); > + file, subject); > goto badcert; > } > if ((notAfter = X509_get_notAfter(x509)) == NULL) { > warnx("%s: certificate has invalid notAfter, subject='%s'", > - entp->file, subject); > + file, subject); > goto badcert; > } > if (X509_cmp_current_time(notBefore) != -1) { > - warnx("%s: certificate not yet valid, subject='%s'", entp->file, > + warnx("%s: certificate not yet valid, subject='%s'", file, > subject); > goto badcert; > } > if (X509_cmp_current_time(notAfter) != 1) { > - warnx("%s: certificate has expired, subject='%s'", entp->file, > + warnx("%s: certificate has expired, subject='%s'", file, > subject); > goto badcert; > } > - if (!valid_ta(entp->file, &auths, cert)) { > + if (!valid_ta(file, &auths, cert)) { > warnx("%s: certificate not a valid ta, subject='%s'", > - entp->file, subject); > + file, subject); > goto badcert; > } > > X509_free(x509); > > - cert->talid = entp->talid; > + cert->talid = talid; > > /* >* Add valid roots to the RPKI auth tree. > @@ -589,7 +585,9 @@ parse_entity(struct entityq *q, struct m > break; > case RTYPE_CER: > if (entp->data != NULL) > - cert = proc_parser_root_cert(entp, f, flen); > + cert = proc_parser_root_cert(entp->file, > + f, flen, entp->data, entp->datasz, > + entp->talid); > else > cert = proc_parser_cert(entp->file, f, flen); > c = (cert != NULL); >
rpki-client parser refactor
This changes the last proc_parser function over to not pass the entity to the function. In this case apart from file we also need to pass the public key of the TA and the tal identifier. Change is mechanical and makes all callers work the same way. -- :wq Claudio Index: parser.c === RCS file: /cvs/src/usr.sbin/rpki-client/parser.c,v retrieving revision 1.32 diff -u -p -r1.32 parser.c --- parser.c4 Jan 2022 18:41:32 - 1.32 +++ parser.c5 Jan 2022 09:49:07 - @@ -246,8 +246,7 @@ proc_parser_mft(char *file, const unsign * parse failure. */ static struct cert * -proc_parser_cert(char *file, const unsigned char *der, -size_t len) +proc_parser_cert(char *file, const unsigned char *der, size_t len) { struct cert *cert; X509*x509; @@ -325,8 +324,8 @@ proc_parser_cert(char *file, const unsig * parse failure. */ static struct cert * -proc_parser_root_cert(const struct entity *entp, const unsigned char *der, -size_t len) +proc_parser_root_cert(char *file, const unsigned char *der, size_t len, +unsigned char *pkey, size_t pkeysz, int talid) { charsubject[256]; ASN1_TIME *notBefore, *notAfter; @@ -334,52 +333,49 @@ proc_parser_root_cert(const struct entit struct cert *cert; X509*x509; - assert(entp->data != NULL); - /* Extract certificate data and X509. */ - cert = ta_parse(&x509, entp->file, der, len, entp->data, entp->datasz); + cert = ta_parse(&x509, file, der, len, pkey, pkeysz); if (cert == NULL) return NULL; if ((name = X509_get_subject_name(x509)) == NULL) { - warnx("%s Unable to get certificate subject", entp->file); + warnx("%s Unable to get certificate subject", file); goto badcert; } if (X509_NAME_oneline(name, subject, sizeof(subject)) == NULL) { - warnx("%s: Unable to parse certificate subject name", - entp->file); + warnx("%s: Unable to parse certificate subject name", file); goto badcert; } if ((notBefore = X509_get_notBefore(x509)) == NULL) { warnx("%s: certificate has invalid notBefore, subject='%s'", - entp->file, subject); + file, subject); goto badcert; } if ((notAfter = X509_get_notAfter(x509)) == NULL) { warnx("%s: certificate has invalid notAfter, subject='%s'", - entp->file, subject); + file, subject); goto badcert; } if (X509_cmp_current_time(notBefore) != -1) { - warnx("%s: certificate not yet valid, subject='%s'", entp->file, + warnx("%s: certificate not yet valid, subject='%s'", file, subject); goto badcert; } if (X509_cmp_current_time(notAfter) != 1) { - warnx("%s: certificate has expired, subject='%s'", entp->file, + warnx("%s: certificate has expired, subject='%s'", file, subject); goto badcert; } - if (!valid_ta(entp->file, &auths, cert)) { + if (!valid_ta(file, &auths, cert)) { warnx("%s: certificate not a valid ta, subject='%s'", - entp->file, subject); + file, subject); goto badcert; } X509_free(x509); - cert->talid = entp->talid; + cert->talid = talid; /* * Add valid roots to the RPKI auth tree. @@ -589,7 +585,9 @@ parse_entity(struct entityq *q, struct m break; case RTYPE_CER: if (entp->data != NULL) - cert = proc_parser_root_cert(entp, f, flen); + cert = proc_parser_root_cert(entp->file, + f, flen, entp->data, entp->datasz, + entp->talid); else cert = proc_parser_cert(entp->file, f, flen); c = (cert != NULL);
Re: snmp(d): move EVP_* to heap
On Wed, Jan 05, 2022 at 10:43:33AM +0100, Theo Buehler wrote: > This is needed for the upcoming libcrypto bump. While it would be better > to do error checking for EVP_Digest* (for example EVP_DigestInit* > usually allocates internally), I kept the change as mechanical as > possible and left that one for someone else to fix. Here's a better diff. As found by martijn, one EVP_MD_CTX_free() should have been a EVP_MD_CTX_reset(). Index: usr.bin/snmp/usm.c === RCS file: /cvs/src/usr.bin/snmp/usm.c,v retrieving revision 1.5 diff -u -p -r1.5 usm.c --- usr.bin/snmp/usm.c 24 Oct 2019 12:39:26 - 1.5 +++ usr.bin/snmp/usm.c 5 Jan 2022 09:37:40 - @@ -252,7 +252,7 @@ static char * usm_crypt(const EVP_CIPHER *cipher, int do_enc, char *key, struct usm_cookie *cookie, char *serialpdu, size_t pdulen, size_t *outlen) { - EVP_CIPHER_CTX ctx; + EVP_CIPHER_CTX *ctx; size_t i; char iv[EVP_MAX_IV_LENGTH]; char *salt = (char *)&(cookie->salt); @@ -279,28 +279,34 @@ usm_crypt(const EVP_CIPHER *cipher, int return NULL; } - bzero(&ctx, sizeof(ctx)); - if (!EVP_CipherInit(&ctx, cipher, key, iv, do_enc)) + if ((ctx = EVP_CIPHER_CTX_new()) == NULL) return NULL; - EVP_CIPHER_CTX_set_padding(&ctx, do_enc); + if (!EVP_CipherInit(ctx, cipher, key, iv, do_enc)) { + EVP_CIPHER_CTX_free(ctx); + return NULL; + } + + EVP_CIPHER_CTX_set_padding(ctx, do_enc); bs = EVP_CIPHER_block_size(cipher); /* Maximum output size */ *outlen = pdulen + (bs - (pdulen % bs)); - if ((outtext = malloc(*outlen)) == NULL) + if ((outtext = malloc(*outlen)) == NULL) { + EVP_CIPHER_CTX_free(ctx); return NULL; + } - if (EVP_CipherUpdate(&ctx, outtext, &len, serialpdu, pdulen) && - EVP_CipherFinal_ex(&ctx, outtext + len, &len2)) + if (EVP_CipherUpdate(ctx, outtext, &len, serialpdu, pdulen) && + EVP_CipherFinal_ex(ctx, outtext + len, &len2)) *outlen = len + len2; else { free(outtext); outtext = NULL; } - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_free(ctx); return outtext; } @@ -616,7 +622,7 @@ usm_setbootstime(struct snmp_sec *sec, u static char * usm_passwd2mkey(const EVP_MD *md, const char *passwd) { - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx; int i, count; const u_char *pw; u_char *c; @@ -624,8 +630,9 @@ usm_passwd2mkey(const EVP_MD *md, const unsigned dlen; char *key; - bzero(&ctx, sizeof(ctx)); - EVP_DigestInit_ex(&ctx, md, NULL); + if ((ctx = EVP_MD_CTX_new()) == NULL) + return NULL; + EVP_DigestInit_ex(ctx, md, NULL); pw = (const u_char *)passwd; for (count = 0; count < 1048576; count += 64) { c = keybuf; @@ -634,10 +641,10 @@ usm_passwd2mkey(const EVP_MD *md, const pw = (const u_char *)passwd; *c++ = *pw++; } - EVP_DigestUpdate(&ctx, keybuf, 64); + EVP_DigestUpdate(ctx, keybuf, 64); } - EVP_DigestFinal_ex(&ctx, keybuf, &dlen); - EVP_MD_CTX_cleanup(&ctx); + EVP_DigestFinal_ex(ctx, keybuf, &dlen); + EVP_MD_CTX_free(ctx); if ((key = malloc(dlen)) == NULL) return NULL; @@ -648,20 +655,21 @@ usm_passwd2mkey(const EVP_MD *md, const static char * usm_mkey2lkey(struct usm_sec *usm, const EVP_MD *md, const char *mkey) { - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx; u_char buf[EVP_MAX_MD_SIZE]; u_char *lkey; unsigned lklen; - bzero(&ctx, sizeof(ctx)); - EVP_DigestInit_ex(&ctx, md, NULL); + if ((ctx = EVP_MD_CTX_new()) == NULL) + return NULL; + EVP_DigestInit_ex(ctx, md, NULL); - EVP_DigestUpdate(&ctx, mkey, EVP_MD_size(md)); - EVP_DigestUpdate(&ctx, usm->engineid, usm->engineidlen); - EVP_DigestUpdate(&ctx, mkey, EVP_MD_size(md)); + EVP_DigestUpdate(ctx, mkey, EVP_MD_size(md)); + EVP_DigestUpdate(ctx, usm->engineid, usm->engineidlen); + EVP_DigestUpdate(ctx, mkey, EVP_MD_size(md)); - EVP_DigestFinal_ex(&ctx, buf, &lklen); - EVP_MD_CTX_cleanup(&ctx); + EVP_DigestFinal_ex(ctx, buf, &lklen); + EVP_MD_CTX_free(ctx); if ((lkey = malloc(lklen)) == NULL) return NULL; Index: usr.sbin/snmpd/usm.c === RCS file: /cvs/src/usr.sbin/snmpd/usm.c,v retrieving revision 1.21 diff -u -p -r1.21 usm.c --- usr.sbin/snmpd/usm.c1 Aug 2021 11:30:56 - 1.21 +++ usr.sbin/snmpd/usm.c5 Jan 2022 10:25:44 - @@ -650,7 +650,7 @@ usm_crypt(struct sn
radiusctl: move EVP_* to heap
This is needed for the upcoming libcrypto bump. The code is essentially the same as in npppd(8), so it has the same issue: several layers of void functions that make error checking hard to add. Index: usr.sbin/radiusctl/chap_ms.c === RCS file: /cvs/src/usr.sbin/radiusctl/chap_ms.c,v retrieving revision 1.1 diff -u -p -r1.1 chap_ms.c --- usr.sbin/radiusctl/chap_ms.c21 Jul 2015 04:06:04 - 1.1 +++ usr.sbin/radiusctl/chap_ms.c5 Jan 2022 09:57:43 - @@ -134,19 +134,21 @@ mschap_challenge_response(u_int8_t *chal void mschap_ntpassword_hash(u_int8_t *in, int inlen, u_int8_t *hash) { - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx; u_intmdlen; - EVP_DigestInit(&ctx, EVP_md4()); - EVP_DigestUpdate(&ctx, in, inlen); - EVP_DigestFinal(&ctx, hash, &mdlen); + ctx = EVP_MD_CTX_new(); + EVP_DigestInit(ctx, EVP_md4()); + EVP_DigestUpdate(ctx, in, inlen); + EVP_DigestFinal(ctx, hash, &mdlen); + EVP_MD_CTX_free(ctx); } void mschap_challenge_hash(u_int8_t *peer_challenge, u_int8_t *auth_challenge, u_int8_t *username, int usernamelen, u_int8_t *challenge) { - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx; u_int8_t md[SHA_DIGEST_LENGTH]; u_intmdlen; u_int8_t*name; @@ -156,11 +158,13 @@ mschap_challenge_hash(u_int8_t *peer_cha else name++; - EVP_DigestInit(&ctx, EVP_sha1()); - EVP_DigestUpdate(&ctx, peer_challenge, MSCHAPV2_CHALLENGE_SZ); - EVP_DigestUpdate(&ctx, auth_challenge, MSCHAPV2_CHALLENGE_SZ); - EVP_DigestUpdate(&ctx, name, strlen(name)); - EVP_DigestFinal(&ctx, md, &mdlen); + ctx = EVP_MD_CTX_new(); + EVP_DigestInit(ctx, EVP_sha1()); + EVP_DigestUpdate(ctx, peer_challenge, MSCHAPV2_CHALLENGE_SZ); + EVP_DigestUpdate(ctx, auth_challenge, MSCHAPV2_CHALLENGE_SZ); + EVP_DigestUpdate(ctx, name, strlen(name)); + EVP_DigestFinal(ctx, md, &mdlen); + EVP_MD_CTX_free(ctx); memcpy(challenge, md, MSCHAP_CHALLENGE_SZ); } @@ -185,7 +189,7 @@ mschap_auth_response(u_int8_t *password, u_int8_t *ntresponse, u_int8_t *auth_challenge, u_int8_t *peer_challenge, u_int8_t *username, int usernamelen, u_int8_t *auth_response) { - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx; u_int8_t password_hash[MSCHAP_HASH_SZ]; u_int8_t password_hash2[MSCHAP_HASH_SZ]; u_int8_t challenge[MSCHAP_CHALLENGE_SZ]; @@ -210,20 +214,23 @@ mschap_auth_response(u_int8_t *password, mschap_ntpassword_hash(password, passwordlen, password_hash); mschap_ntpassword_hash(password_hash, MSCHAP_HASH_SZ, password_hash2); - EVP_DigestInit(&ctx, EVP_sha1()); - EVP_DigestUpdate(&ctx, password_hash2, sizeof(password_hash2)); - EVP_DigestUpdate(&ctx, ntresponse, 24); - EVP_DigestUpdate(&ctx, magic1, 39); - EVP_DigestFinal(&ctx, md, &mdlen); + ctx = EVP_MD_CTX_new(); + EVP_DigestInit(ctx, EVP_sha1()); + EVP_DigestUpdate(ctx, password_hash2, sizeof(password_hash2)); + EVP_DigestUpdate(ctx, ntresponse, 24); + EVP_DigestUpdate(ctx, magic1, 39); + EVP_DigestFinal(ctx, md, &mdlen); + EVP_MD_CTX_reset(ctx); mschap_challenge_hash(peer_challenge, auth_challenge, username, usernamelen, challenge); - EVP_DigestInit(&ctx, EVP_sha1()); - EVP_DigestUpdate(&ctx, md, sizeof(md)); - EVP_DigestUpdate(&ctx, challenge, sizeof(challenge)); - EVP_DigestUpdate(&ctx, magic2, 41); - EVP_DigestFinal(&ctx, md, &mdlen); + EVP_DigestInit(ctx, EVP_sha1()); + EVP_DigestUpdate(ctx, md, sizeof(md)); + EVP_DigestUpdate(ctx, challenge, sizeof(challenge)); + EVP_DigestUpdate(ctx, magic2, 41); + EVP_DigestFinal(ctx, md, &mdlen); + EVP_MD_CTX_free(ctx); /* * Encode the value of 'Digest' as "S=" followed by @@ -247,18 +254,20 @@ mschap_masterkey(u_int8_t *password_hash { u_int8_t md[SHA_DIGEST_LENGTH]; u_intmdlen; - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx; static u_int8_t magic1[27] = { 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x74, 0x68, 0x65, 0x20, 0x4d, 0x50, 0x50, 0x45, 0x20, 0x4d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x20, 0x4b, 0x65, 0x79 }; - EVP_DigestInit(&ctx, EVP_sha1()); - EVP_DigestUpdate(&ctx, password_hash2, MSCHAP_HASH_SZ); - EVP_DigestUpdate(&ctx, ntresponse, 24); - EVP_DigestUpdate(&ctx, magic1, 27); - EVP_DigestFinal(&ctx, md, &mdlen); + ctx = EVP_MD_CTX_new(); + EVP_DigestInit(ctx, EVP_sha1()); + EVP_DigestUpdate(ctx, password_hash2, MSCHAP_HASH_SZ); + EVP_DigestUpdate(ctx, ntresponse, 24); + EVP_DigestUpd
npppd: move EVP_* to heap
Another change needed for the upcoming libcrypto bump. Unfortunately, the code is structured in a way that it makes error checking hard since there are several layers of void functions. This now does two unchecked allocations per stanza instead of just one. Index: usr.sbin/npppd/npppd/chap_ms.c === RCS file: /cvs/src/usr.sbin/npppd/npppd/chap_ms.c,v retrieving revision 1.8 diff -u -p -r1.8 chap_ms.c --- usr.sbin/npppd/npppd/chap_ms.c 29 Mar 2021 03:54:39 - 1.8 +++ usr.sbin/npppd/npppd/chap_ms.c 5 Jan 2022 09:49:33 - @@ -134,19 +134,21 @@ mschap_challenge_response(u_int8_t *chal void mschap_ntpassword_hash(u_int8_t *in, int inlen, u_int8_t *hash) { - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx; u_intmdlen; - EVP_DigestInit(&ctx, EVP_md4()); - EVP_DigestUpdate(&ctx, in, inlen); - EVP_DigestFinal(&ctx, hash, &mdlen); + ctx = EVP_MD_CTX_new(); + EVP_DigestInit(ctx, EVP_md4()); + EVP_DigestUpdate(ctx, in, inlen); + EVP_DigestFinal(ctx, hash, &mdlen); + EVP_MD_CTX_free(ctx); } void mschap_challenge_hash(u_int8_t *peer_challenge, u_int8_t *auth_challenge, u_int8_t *username, int usernamelen, u_int8_t *challenge) { - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx; u_int8_t md[SHA_DIGEST_LENGTH]; u_intmdlen; u_int8_t*name; @@ -156,11 +158,13 @@ mschap_challenge_hash(u_int8_t *peer_cha else name++; - EVP_DigestInit(&ctx, EVP_sha1()); - EVP_DigestUpdate(&ctx, peer_challenge, MSCHAPV2_CHALLENGE_SZ); - EVP_DigestUpdate(&ctx, auth_challenge, MSCHAPV2_CHALLENGE_SZ); - EVP_DigestUpdate(&ctx, name, strlen(name)); - EVP_DigestFinal(&ctx, md, &mdlen); + ctx = EVP_MD_CTX_new(); + EVP_DigestInit(ctx, EVP_sha1()); + EVP_DigestUpdate(ctx, peer_challenge, MSCHAPV2_CHALLENGE_SZ); + EVP_DigestUpdate(ctx, auth_challenge, MSCHAPV2_CHALLENGE_SZ); + EVP_DigestUpdate(ctx, name, strlen(name)); + EVP_DigestFinal(ctx, md, &mdlen); + EVP_MD_CTX_free(ctx); memcpy(challenge, md, MSCHAP_CHALLENGE_SZ); } @@ -185,7 +189,7 @@ mschap_auth_response(u_int8_t *password, u_int8_t *ntresponse, u_int8_t *auth_challenge, u_int8_t *peer_challenge, u_int8_t *username, int usernamelen, u_int8_t *auth_response) { - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx; u_int8_t password_hash[MSCHAP_HASH_SZ]; u_int8_t password_hash2[MSCHAP_HASH_SZ]; u_int8_t challenge[MSCHAP_CHALLENGE_SZ]; @@ -210,20 +214,23 @@ mschap_auth_response(u_int8_t *password, mschap_ntpassword_hash(password, passwordlen, password_hash); mschap_ntpassword_hash(password_hash, MSCHAP_HASH_SZ, password_hash2); - EVP_DigestInit(&ctx, EVP_sha1()); - EVP_DigestUpdate(&ctx, password_hash2, sizeof(password_hash2)); - EVP_DigestUpdate(&ctx, ntresponse, 24); - EVP_DigestUpdate(&ctx, magic1, 39); - EVP_DigestFinal(&ctx, md, &mdlen); + ctx = EVP_MD_CTX_new(); + EVP_DigestInit(ctx, EVP_sha1()); + EVP_DigestUpdate(ctx, password_hash2, sizeof(password_hash2)); + EVP_DigestUpdate(ctx, ntresponse, 24); + EVP_DigestUpdate(ctx, magic1, 39); + EVP_DigestFinal(ctx, md, &mdlen); + EVP_MD_CTX_reset(ctx); mschap_challenge_hash(peer_challenge, auth_challenge, username, usernamelen, challenge); - EVP_DigestInit(&ctx, EVP_sha1()); - EVP_DigestUpdate(&ctx, md, sizeof(md)); - EVP_DigestUpdate(&ctx, challenge, sizeof(challenge)); - EVP_DigestUpdate(&ctx, magic2, 41); - EVP_DigestFinal(&ctx, md, &mdlen); + EVP_DigestInit(ctx, EVP_sha1()); + EVP_DigestUpdate(ctx, md, sizeof(md)); + EVP_DigestUpdate(ctx, challenge, sizeof(challenge)); + EVP_DigestUpdate(ctx, magic2, 41); + EVP_DigestFinal(ctx, md, &mdlen); + EVP_MD_CTX_free(ctx); /* * Encode the value of 'Digest' as "S=" followed by @@ -247,18 +254,20 @@ mschap_masterkey(u_int8_t *password_hash { u_int8_t md[SHA_DIGEST_LENGTH]; u_intmdlen; - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx; static u_int8_t magic1[27] = { 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x74, 0x68, 0x65, 0x20, 0x4d, 0x50, 0x50, 0x45, 0x20, 0x4d, 0x61, 0x73, 0x74, 0x65, 0x72, 0x20, 0x4b, 0x65, 0x79 }; - EVP_DigestInit(&ctx, EVP_sha1()); - EVP_DigestUpdate(&ctx, password_hash2, MSCHAP_HASH_SZ); - EVP_DigestUpdate(&ctx, ntresponse, 24); - EVP_DigestUpdate(&ctx, magic1, 27); - EVP_DigestFinal(&ctx, md, &mdlen); + ctx = EVP_MD_CTX_new(); + EVP_DigestInit(ctx, EVP_sha1()); + EVP_DigestUpdate(ctx, password_hash2, MSCHAP_HASH_SZ);
dhcpd: move HMAC_CTX to heap, add error checking
This fairly mechanical conversion is needed for the upcoming libcrypto bump. This is similar to the changes made in libexec/spamd/sync.c a while back. Index: usr.sbin/dhcpd/sync.c === RCS file: /cvs/src/usr.sbin/dhcpd/sync.c,v retrieving revision 1.23 diff -u -p -r1.23 sync.c --- usr.sbin/dhcpd/sync.c 13 Feb 2017 23:04:05 - 1.23 +++ usr.sbin/dhcpd/sync.c 5 Jan 2022 09:44:21 - @@ -393,7 +393,7 @@ sync_lease(struct lease *lease) char pad[DHCP_ALIGNBYTES]; u_int16_t leaselen, padlen; int i = 0; - HMAC_CTX ctx; + HMAC_CTX *ctx; u_int hmac_len; if (sync_key == NULL) @@ -403,8 +403,10 @@ sync_lease(struct lease *lease) memset(&lv, 0, sizeof(lv)); memset(&pad, 0, sizeof(pad)); - HMAC_CTX_init(&ctx); - HMAC_Init(&ctx, sync_key, strlen(sync_key), EVP_sha1()); + if ((ctx = HMAC_CTX_new()) == NULL) + goto bad; + if (!HMAC_Init_ex(ctx, sync_key, strlen(sync_key), EVP_sha1(), NULL)) + goto bad; leaselen = sizeof(lv); padlen = DHCP_ALIGN(leaselen) - leaselen; @@ -416,7 +418,8 @@ sync_lease(struct lease *lease) hdr.sh_length = htons(sizeof(hdr) + sizeof(lv) + padlen + sizeof(end)); iov[i].iov_base = &hdr; iov[i].iov_len = sizeof(hdr); - HMAC_Update(&ctx, iov[i].iov_base, iov[i].iov_len); + if (!HMAC_Update(ctx, iov[i].iov_base, iov[i].iov_len)) + goto bad; i++; /* Add single DHCP sync address entry */ @@ -434,12 +437,14 @@ sync_lease(struct lease *lease) piaddr(lease->ip_addr), ntohl(lv.lv_starts), ntohl(lv.lv_ends)); iov[i].iov_base = &lv; iov[i].iov_len = sizeof(lv); - HMAC_Update(&ctx, iov[i].iov_base, iov[i].iov_len); + if (!HMAC_Update(ctx, iov[i].iov_base, iov[i].iov_len)) + goto bad; i++; iov[i].iov_base = pad; iov[i].iov_len = padlen; - HMAC_Update(&ctx, iov[i].iov_base, iov[i].iov_len); + if (!HMAC_Update(ctx, iov[i].iov_base, iov[i].iov_len)) + goto bad; i++; /* Add end marker */ @@ -447,12 +452,16 @@ sync_lease(struct lease *lease) end.st_length = htons(sizeof(end)); iov[i].iov_base = &end; iov[i].iov_len = sizeof(end); - HMAC_Update(&ctx, iov[i].iov_base, iov[i].iov_len); + if (!HMAC_Update(ctx, iov[i].iov_base, iov[i].iov_len)) + goto bad; i++; - HMAC_Final(&ctx, hdr.sh_hmac, &hmac_len); + if (!HMAC_Final(ctx, hdr.sh_hmac, &hmac_len)) + goto bad; /* Send message to the target hosts */ sync_send(iov, i); - HMAC_CTX_cleanup(&ctx); + + bad: + HMAC_CTX_free(ctx); }
snmp(d): move EVP_* to heap
This is needed for the upcoming libcrypto bump. While it would be better to do error checking for EVP_Digest* (for example EVP_DigestInit* usually allocates internally), I kept the change as mechanical as possible and left that one for someone else to fix. Index: usr.bin/snmp/usm.c === RCS file: /cvs/src/usr.bin/snmp/usm.c,v retrieving revision 1.5 diff -u -p -r1.5 usm.c --- usr.bin/snmp/usm.c 24 Oct 2019 12:39:26 - 1.5 +++ usr.bin/snmp/usm.c 5 Jan 2022 09:37:40 - @@ -252,7 +252,7 @@ static char * usm_crypt(const EVP_CIPHER *cipher, int do_enc, char *key, struct usm_cookie *cookie, char *serialpdu, size_t pdulen, size_t *outlen) { - EVP_CIPHER_CTX ctx; + EVP_CIPHER_CTX *ctx; size_t i; char iv[EVP_MAX_IV_LENGTH]; char *salt = (char *)&(cookie->salt); @@ -279,28 +279,34 @@ usm_crypt(const EVP_CIPHER *cipher, int return NULL; } - bzero(&ctx, sizeof(ctx)); - if (!EVP_CipherInit(&ctx, cipher, key, iv, do_enc)) + if ((ctx = EVP_CIPHER_CTX_new()) == NULL) return NULL; - EVP_CIPHER_CTX_set_padding(&ctx, do_enc); + if (!EVP_CipherInit(ctx, cipher, key, iv, do_enc)) { + EVP_CIPHER_CTX_free(ctx); + return NULL; + } + + EVP_CIPHER_CTX_set_padding(ctx, do_enc); bs = EVP_CIPHER_block_size(cipher); /* Maximum output size */ *outlen = pdulen + (bs - (pdulen % bs)); - if ((outtext = malloc(*outlen)) == NULL) + if ((outtext = malloc(*outlen)) == NULL) { + EVP_CIPHER_CTX_free(ctx); return NULL; + } - if (EVP_CipherUpdate(&ctx, outtext, &len, serialpdu, pdulen) && - EVP_CipherFinal_ex(&ctx, outtext + len, &len2)) + if (EVP_CipherUpdate(ctx, outtext, &len, serialpdu, pdulen) && + EVP_CipherFinal_ex(ctx, outtext + len, &len2)) *outlen = len + len2; else { free(outtext); outtext = NULL; } - EVP_CIPHER_CTX_cleanup(&ctx); + EVP_CIPHER_CTX_free(ctx); return outtext; } @@ -616,7 +622,7 @@ usm_setbootstime(struct snmp_sec *sec, u static char * usm_passwd2mkey(const EVP_MD *md, const char *passwd) { - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx; int i, count; const u_char *pw; u_char *c; @@ -624,8 +630,9 @@ usm_passwd2mkey(const EVP_MD *md, const unsigned dlen; char *key; - bzero(&ctx, sizeof(ctx)); - EVP_DigestInit_ex(&ctx, md, NULL); + if ((ctx = EVP_MD_CTX_new()) == NULL) + return NULL; + EVP_DigestInit_ex(ctx, md, NULL); pw = (const u_char *)passwd; for (count = 0; count < 1048576; count += 64) { c = keybuf; @@ -634,10 +641,10 @@ usm_passwd2mkey(const EVP_MD *md, const pw = (const u_char *)passwd; *c++ = *pw++; } - EVP_DigestUpdate(&ctx, keybuf, 64); + EVP_DigestUpdate(ctx, keybuf, 64); } - EVP_DigestFinal_ex(&ctx, keybuf, &dlen); - EVP_MD_CTX_cleanup(&ctx); + EVP_DigestFinal_ex(ctx, keybuf, &dlen); + EVP_MD_CTX_free(ctx); if ((key = malloc(dlen)) == NULL) return NULL; @@ -648,20 +655,21 @@ usm_passwd2mkey(const EVP_MD *md, const static char * usm_mkey2lkey(struct usm_sec *usm, const EVP_MD *md, const char *mkey) { - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx; u_char buf[EVP_MAX_MD_SIZE]; u_char *lkey; unsigned lklen; - bzero(&ctx, sizeof(ctx)); - EVP_DigestInit_ex(&ctx, md, NULL); + if ((ctx = EVP_MD_CTX_new()) == NULL) + return NULL; + EVP_DigestInit_ex(ctx, md, NULL); - EVP_DigestUpdate(&ctx, mkey, EVP_MD_size(md)); - EVP_DigestUpdate(&ctx, usm->engineid, usm->engineidlen); - EVP_DigestUpdate(&ctx, mkey, EVP_MD_size(md)); + EVP_DigestUpdate(ctx, mkey, EVP_MD_size(md)); + EVP_DigestUpdate(ctx, usm->engineid, usm->engineidlen); + EVP_DigestUpdate(ctx, mkey, EVP_MD_size(md)); - EVP_DigestFinal_ex(&ctx, buf, &lklen); - EVP_MD_CTX_cleanup(&ctx); + EVP_DigestFinal_ex(ctx, buf, &lklen); + EVP_MD_CTX_free(ctx); if ((lkey = malloc(lklen)) == NULL) return NULL; Index: usr.sbin/snmpd/usm.c === RCS file: /cvs/src/usr.sbin/snmpd/usm.c,v retrieving revision 1.21 diff -u -p -r1.21 usm.c --- usr.sbin/snmpd/usm.c1 Aug 2021 11:30:56 - 1.21 +++ usr.sbin/snmpd/usm.c5 Jan 2022 09:37:53 - @@ -650,7 +650,7 @@ usm_crypt(struct snmp_message *msg, u_ch int do_encrypt) { const EVP_CIPHER*cipher; - EVP_CIPHER_CTX ctx; + EVP_CIPHER_CTX *ctx; u