Module Name: src Committed By: riastradh Date: Wed Aug 28 17:47:08 UTC 2013
Modified Files: src/common/lib/libc/string: consttime_memequal.c explicit_memset.c src/crypto/external/bsd/libsaslc/dist/src: dict.c src/crypto/external/bsd/openssh/dist: dns.c src/include: string.h src/lib/libc/include: namespace.h src/lib/libcrypt: bcrypt.c crypt-sha1.c md5crypt.c Log Message: Publish explicit_memset and consttime_memequal in userland libc. Remove the double-underscore from the userland versions, and do the weak alias dance instead, now that these are public parts of libc. As discussed on tech-userlevel: https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html (option 3) To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/common/lib/libc/string/consttime_memequal.c \ src/common/lib/libc/string/explicit_memset.c cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/libsaslc/dist/src/dict.c cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/dist/dns.c cvs rdiff -u -r1.47 -r1.48 src/include/string.h cvs rdiff -u -r1.168 -r1.169 src/lib/libc/include/namespace.h cvs rdiff -u -r1.18 -r1.19 src/lib/libcrypt/bcrypt.c cvs rdiff -u -r1.7 -r1.8 src/lib/libcrypt/crypt-sha1.c cvs rdiff -u -r1.13 -r1.14 src/lib/libcrypt/md5crypt.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/common/lib/libc/string/consttime_memequal.c diff -u src/common/lib/libc/string/consttime_memequal.c:1.2 src/common/lib/libc/string/consttime_memequal.c:1.3 --- src/common/lib/libc/string/consttime_memequal.c:1.2 Wed Aug 28 15:24:41 2013 +++ src/common/lib/libc/string/consttime_memequal.c Wed Aug 28 17:47:07 2013 @@ -1,8 +1,11 @@ -/* $NetBSD: consttime_memequal.c,v 1.2 2013/08/28 15:24:41 riastradh Exp $ */ +/* $NetBSD: consttime_memequal.c,v 1.3 2013/08/28 17:47:07 riastradh Exp $ */ #if !defined(_KERNEL) && !defined(_STANDALONE) +#include "namespace.h" #include <string.h> -#define consttime_memequal __consttime_memequal +#ifdef __weak_alias +__weak_alias(consttime_memequal,_consttime_memequal) +#endif #else #include <lib/libkern/libkern.h> #endif Index: src/common/lib/libc/string/explicit_memset.c diff -u src/common/lib/libc/string/explicit_memset.c:1.2 src/common/lib/libc/string/explicit_memset.c:1.3 --- src/common/lib/libc/string/explicit_memset.c:1.2 Wed Aug 28 15:46:23 2013 +++ src/common/lib/libc/string/explicit_memset.c Wed Aug 28 17:47:07 2013 @@ -1,8 +1,11 @@ -/* $NetBSD: explicit_memset.c,v 1.2 2013/08/28 15:46:23 riastradh Exp $ */ +/* $NetBSD: explicit_memset.c,v 1.3 2013/08/28 17:47:07 riastradh Exp $ */ #if !defined(_KERNEL) && !defined(_STANDALONE) +#include "namespace.h" #include <string.h> -#define explicit_memset __explicit_memset +#ifdef __weak_alias +__weak_alias(explicit_memset,_explicit_memset) +#endif #define explicit_memset_impl __explicit_memset_impl #else #include <lib/libkern/libkern.h> Index: src/crypto/external/bsd/libsaslc/dist/src/dict.c diff -u src/crypto/external/bsd/libsaslc/dist/src/dict.c:1.8 src/crypto/external/bsd/libsaslc/dist/src/dict.c:1.9 --- src/crypto/external/bsd/libsaslc/dist/src/dict.c:1.8 Mon Jun 24 04:21:19 2013 +++ src/crypto/external/bsd/libsaslc/dist/src/dict.c Wed Aug 28 17:47:07 2013 @@ -1,4 +1,4 @@ -/* $NetBSD: dict.c,v 1.8 2013/06/24 04:21:19 riastradh Exp $ */ +/* $NetBSD: dict.c,v 1.9 2013/08/28 17:47:07 riastradh Exp $ */ /* Copyright (c) 2010 The NetBSD Foundation, Inc. * All rights reserved. @@ -35,7 +35,7 @@ * POSSIBILITY OF SUCH DAMAGE. */ #include <sys/cdefs.h> -__RCSID("$NetBSD: dict.c,v 1.8 2013/06/24 04:21:19 riastradh Exp $"); +__RCSID("$NetBSD: dict.c,v 1.9 2013/08/28 17:47:07 riastradh Exp $"); #include <sys/queue.h> @@ -136,7 +136,7 @@ saslc__dict_list_node_destroy(saslc__dic free(node->key); /* zero value, it may contain sensitive data */ - __explicit_memset(node->value, 0, node->value_len); + explicit_memset(node->value, 0, node->value_len); free(node->value); LIST_REMOVE(node, nodes); free(node); Index: src/crypto/external/bsd/openssh/dist/dns.c diff -u src/crypto/external/bsd/openssh/dist/dns.c:1.7 src/crypto/external/bsd/openssh/dist/dns.c:1.8 --- src/crypto/external/bsd/openssh/dist/dns.c:1.7 Wed Aug 28 15:24:41 2013 +++ src/crypto/external/bsd/openssh/dist/dns.c Wed Aug 28 17:47:07 2013 @@ -1,4 +1,4 @@ -/* $NetBSD: dns.c,v 1.7 2013/08/28 15:24:41 riastradh Exp $ */ +/* $NetBSD: dns.c,v 1.8 2013/08/28 17:47:07 riastradh Exp $ */ /* $OpenBSD: dns.c,v 1.28 2012/05/23 03:28:28 djm Exp $ */ /* @@ -27,7 +27,7 @@ */ #include "includes.h" -__RCSID("$NetBSD: dns.c,v 1.7 2013/08/28 15:24:41 riastradh Exp $"); +__RCSID("$NetBSD: dns.c,v 1.8 2013/08/28 17:47:07 riastradh Exp $"); #include <sys/types.h> #include <sys/socket.h> @@ -278,7 +278,7 @@ verify_host_key_dns(const char *hostname if (hostkey_algorithm == dnskey_algorithm && hostkey_digest_type == dnskey_digest_type) { if (hostkey_digest_len == dnskey_digest_len && - __consttime_memequal(hostkey_digest, dnskey_digest, + consttime_memequal(hostkey_digest, dnskey_digest, hostkey_digest_len)) *flags |= DNS_VERIFY_MATCH; } Index: src/include/string.h diff -u src/include/string.h:1.47 src/include/string.h:1.48 --- src/include/string.h:1.47 Wed Aug 28 15:46:23 2013 +++ src/include/string.h Wed Aug 28 17:47:07 2013 @@ -1,4 +1,4 @@ -/* $NetBSD: string.h,v 1.47 2013/08/28 15:46:23 riastradh Exp $ */ +/* $NetBSD: string.h,v 1.48 2013/08/28 17:47:07 riastradh Exp $ */ /*- * Copyright (c) 1990, 1993 @@ -103,8 +103,8 @@ char *strsep(char **, const char *); char *stresep(char **, const char *, int); char *strndup(const char *, size_t); void *memrchr(const void *, int, size_t); -void *__explicit_memset(void *, int, size_t); -int __consttime_memequal(const void *, const void *, size_t); +void *explicit_memset(void *, int, size_t); +int consttime_memequal(const void *, const void *, size_t); __END_DECLS #endif Index: src/lib/libc/include/namespace.h diff -u src/lib/libc/include/namespace.h:1.168 src/lib/libc/include/namespace.h:1.169 --- src/lib/libc/include/namespace.h:1.168 Mon Aug 19 13:03:12 2013 +++ src/lib/libc/include/namespace.h Wed Aug 28 17:47:07 2013 @@ -1,4 +1,4 @@ -/* $NetBSD: namespace.h,v 1.168 2013/08/19 13:03:12 joerg Exp $ */ +/* $NetBSD: namespace.h,v 1.169 2013/08/28 17:47:07 riastradh Exp $ */ /*- * Copyright (c) 1997-2004 The NetBSD Foundation, Inc. @@ -233,6 +233,7 @@ #define closelog _closelog #define closelog_r _closelog_r #define confstr _confstr +#define consttime_memequal _consttime_memequal #define csetexpandtc _csetexpandtc #define ctermid _ctermid #define ctime_r _ctime_r @@ -272,6 +273,7 @@ #define execlp _execlp #define execv _execv #define execvp _execvp +#define explicit_memset _explicit_memset #define fdopen _fdopen #define fgetln _fgetln #define fgetwln _fgetwln Index: src/lib/libcrypt/bcrypt.c diff -u src/lib/libcrypt/bcrypt.c:1.18 src/lib/libcrypt/bcrypt.c:1.19 --- src/lib/libcrypt/bcrypt.c:1.18 Mon Jun 24 04:21:20 2013 +++ src/lib/libcrypt/bcrypt.c Wed Aug 28 17:47:07 2013 @@ -1,4 +1,4 @@ -/* $NetBSD: bcrypt.c,v 1.18 2013/06/24 04:21:20 riastradh Exp $ */ +/* $NetBSD: bcrypt.c,v 1.19 2013/08/28 17:47:07 riastradh Exp $ */ /* $OpenBSD: bcrypt.c,v 1.16 2002/02/19 19:39:36 millert Exp $ */ /* @@ -46,7 +46,7 @@ * */ #include <sys/cdefs.h> -__RCSID("$NetBSD: bcrypt.c,v 1.18 2013/06/24 04:21:20 riastradh Exp $"); +__RCSID("$NetBSD: bcrypt.c,v 1.19 2013/08/28 17:47:07 riastradh Exp $"); #include <stdio.h> #include <stdlib.h> @@ -314,7 +314,7 @@ __bcrypt(const char *key, const char *sa encode_base64((u_int8_t *) encrypted + i + 3, csalt, BCRYPT_MAXSALT); encode_base64((u_int8_t *) encrypted + strlen(encrypted), ciphertext, 4 * BCRYPT_BLOCKS - 1); - __explicit_memset(&state, 0, sizeof(state)); + explicit_memset(&state, 0, sizeof(state)); return encrypted; } Index: src/lib/libcrypt/crypt-sha1.c diff -u src/lib/libcrypt/crypt-sha1.c:1.7 src/lib/libcrypt/crypt-sha1.c:1.8 --- src/lib/libcrypt/crypt-sha1.c:1.7 Sat Aug 10 18:42:29 2013 +++ src/lib/libcrypt/crypt-sha1.c Wed Aug 28 17:47:07 2013 @@ -1,4 +1,4 @@ -/* $NetBSD: crypt-sha1.c,v 1.7 2013/08/10 18:42:29 dholland Exp $ */ +/* $NetBSD: crypt-sha1.c,v 1.8 2013/08/28 17:47:07 riastradh Exp $ */ /* * Copyright (c) 2004, Juniper Networks, Inc. @@ -31,7 +31,7 @@ #include <sys/cdefs.h> #if !defined(lint) -__RCSID("$NetBSD: crypt-sha1.c,v 1.7 2013/08/10 18:42:29 dholland Exp $"); +__RCSID("$NetBSD: crypt-sha1.c,v 1.8 2013/08/28 17:47:07 riastradh Exp $"); #endif /* not lint */ #include <stdlib.h> @@ -192,7 +192,7 @@ __crypt_sha1 (const char *pw, const char *ep = '\0'; /* Don't leave anything around in vm they could use. */ - __explicit_memset(hmac_buf, 0, sizeof hmac_buf); + explicit_memset(hmac_buf, 0, sizeof hmac_buf); return passwd; } Index: src/lib/libcrypt/md5crypt.c diff -u src/lib/libcrypt/md5crypt.c:1.13 src/lib/libcrypt/md5crypt.c:1.14 --- src/lib/libcrypt/md5crypt.c:1.13 Mon Jun 24 04:21:20 2013 +++ src/lib/libcrypt/md5crypt.c Wed Aug 28 17:47:07 2013 @@ -1,4 +1,4 @@ -/* $NetBSD: md5crypt.c,v 1.13 2013/06/24 04:21:20 riastradh Exp $ */ +/* $NetBSD: md5crypt.c,v 1.14 2013/08/28 17:47:07 riastradh Exp $ */ /* * ---------------------------------------------------------------------------- @@ -15,7 +15,7 @@ #include <sys/cdefs.h> #if !defined(lint) -__RCSID("$NetBSD: md5crypt.c,v 1.13 2013/06/24 04:21:20 riastradh Exp $"); +__RCSID("$NetBSD: md5crypt.c,v 1.14 2013/08/28 17:47:07 riastradh Exp $"); #endif /* not lint */ #include <unistd.h> @@ -143,6 +143,6 @@ __md5crypt(const char *pw, const char *s *p = '\0'; /* Don't leave anything around in vm they could use. */ - __explicit_memset(final, 0, sizeof(final)); + explicit_memset(final, 0, sizeof(final)); return (passwd); }