sync with OpenBSD -current
This commit is contained in:
parent
4cca26dc5a
commit
3110dbb17d
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: ed.h,v 1.22 2016/03/27 00:43:38 mmcc Exp $ */
|
||||
/* $OpenBSD: ed.h,v 1.23 2024/07/16 05:01:10 deraadt Exp $ */
|
||||
/* $NetBSD: ed.h,v 1.23 1995/03/21 09:04:40 cgd Exp $ */
|
||||
|
||||
/* ed.h: type and constant definitions for the ed editor. */
|
||||
@ -88,8 +88,6 @@ typedef struct undo {
|
||||
#define SPL0() \
|
||||
do { \
|
||||
if (--mutex == 0) { \
|
||||
if (sighup) \
|
||||
handle_hup(SIGHUP); \
|
||||
if (sigint) \
|
||||
handle_int(SIGINT); \
|
||||
} \
|
||||
@ -160,7 +158,7 @@ char *get_extended_line(int *, int);
|
||||
int get_line_node_addr(line_t *);
|
||||
char *get_sbuf_line(line_t *);
|
||||
int get_tty_line(void);
|
||||
void handle_hup(int);
|
||||
void handle_hup(void);
|
||||
void handle_int(int);
|
||||
int has_trailing_escape(char *, char *);
|
||||
void init_buffers(void);
|
||||
|
10
bin/ed/io.c
10
bin/ed/io.c
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: io.c,v 1.25 2022/11/18 14:52:03 millert Exp $ */
|
||||
/* $OpenBSD: io.c,v 1.26 2024/07/16 05:01:10 deraadt Exp $ */
|
||||
/* $NetBSD: io.c,v 1.2 1995/03/21 09:04:43 cgd Exp $ */
|
||||
|
||||
/* io.c: This file contains the i/o routines for the ed line editor */
|
||||
@ -30,6 +30,7 @@
|
||||
|
||||
#include <regex.h>
|
||||
#include <signal.h>
|
||||
#include <errno.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
@ -261,7 +262,9 @@ get_tty_line(void)
|
||||
int i = 0;
|
||||
int c;
|
||||
|
||||
for (;;)
|
||||
for (;;) {
|
||||
if (sighup)
|
||||
handle_hup();
|
||||
switch (c = getchar()) {
|
||||
default:
|
||||
oi = 0;
|
||||
@ -274,6 +277,8 @@ get_tty_line(void)
|
||||
ibufp = ibuf;
|
||||
return i;
|
||||
case EOF:
|
||||
if (sighup)
|
||||
handle_hup();
|
||||
if (ferror(stdin)) {
|
||||
perror("stdin");
|
||||
seterrmsg("cannot read stdin");
|
||||
@ -291,6 +296,7 @@ get_tty_line(void)
|
||||
return i;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: main.c,v 1.68 2022/11/18 14:52:03 millert Exp $ */
|
||||
/* $OpenBSD: main.c,v 1.69 2024/07/16 05:01:10 deraadt Exp $ */
|
||||
/* $NetBSD: main.c,v 1.3 1995/03/21 09:04:44 cgd Exp $ */
|
||||
|
||||
/* main.c: This file contains the main control and user-interface routines
|
||||
@ -44,6 +44,7 @@
|
||||
#include <sys/ioctl.h>
|
||||
#include <sys/stat.h>
|
||||
#include <sys/wait.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include <ctype.h>
|
||||
#include <err.h>
|
||||
@ -180,6 +181,7 @@ top:
|
||||
signal(SIGWINCH, handle_winch);
|
||||
}
|
||||
signal(SIGHUP, signal_hup);
|
||||
siginterrupt(SIGHUP, 1);
|
||||
signal(SIGQUIT, SIG_IGN);
|
||||
signal(SIGINT, signal_int);
|
||||
if (sigsetjmp(env, 1)) {
|
||||
@ -1327,45 +1329,34 @@ strip_escapes(char *s)
|
||||
void
|
||||
signal_hup(int signo)
|
||||
{
|
||||
int save_errno = errno;
|
||||
|
||||
if (mutex)
|
||||
sighup = 1;
|
||||
else
|
||||
handle_hup(signo);
|
||||
errno = save_errno;
|
||||
sighup = 1;
|
||||
}
|
||||
|
||||
|
||||
void
|
||||
signal_int(int signo)
|
||||
{
|
||||
int save_errno = errno;
|
||||
|
||||
if (mutex)
|
||||
sigint = 1;
|
||||
else
|
||||
handle_int(signo);
|
||||
errno = save_errno;
|
||||
handle_int(signo); /* XXX quite unsafe */
|
||||
}
|
||||
|
||||
|
||||
void
|
||||
handle_hup(int signo)
|
||||
handle_hup(void)
|
||||
{
|
||||
char hup[PATH_MAX];
|
||||
|
||||
if (!sigactive)
|
||||
quit(1); /* XXX signal race */
|
||||
signal(SIGHUP, SIG_IGN);
|
||||
sighup = 0;
|
||||
/* XXX signal race */
|
||||
if (addr_last && write_file("ed.hup", "w", 1, addr_last) < 0 &&
|
||||
home != NULL && home[0] == '/') {
|
||||
if (strlcpy(hup, home, sizeof(hup)) < sizeof(hup) &&
|
||||
strlcat(hup, "/ed.hup", sizeof(hup)) < sizeof(hup))
|
||||
write_file(hup, "w", 1, addr_last);
|
||||
}
|
||||
_exit(2);
|
||||
exit(2);
|
||||
}
|
||||
|
||||
|
||||
|
@ -2510,6 +2510,8 @@
|
||||
./usr/libexec/ntalkd
|
||||
./usr/libexec/radiusd
|
||||
./usr/libexec/radiusd/radiusd_bsdauth
|
||||
./usr/libexec/radiusd/radiusd_eap2mschap
|
||||
./usr/libexec/radiusd/radiusd_file
|
||||
./usr/libexec/radiusd/radiusd_ipcp
|
||||
./usr/libexec/radiusd/radiusd_radius
|
||||
./usr/libexec/radiusd/radiusd_standard
|
||||
|
@ -2615,6 +2615,8 @@
|
||||
./usr/share/man/man8/radiusctl.8
|
||||
./usr/share/man/man8/radiusd.8
|
||||
./usr/share/man/man8/radiusd_bsdauth.8
|
||||
./usr/share/man/man8/radiusd_eap2mschap.8
|
||||
./usr/share/man/man8/radiusd_file.8
|
||||
./usr/share/man/man8/radiusd_ipcp.8
|
||||
./usr/share/man/man8/radiusd_radius.8
|
||||
./usr/share/man/man8/radiusd_standard.8
|
||||
|
@ -1,4 +1,4 @@
|
||||
.\" $OpenBSD: SSL_CIPHER_get_name.3,v 1.16 2024/07/15 00:11:59 jsg Exp $
|
||||
.\" $OpenBSD: SSL_CIPHER_get_name.3,v 1.17 2024/07/16 10:19:38 tb Exp $
|
||||
.\" full merge up to: OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100
|
||||
.\" selective merge up to: OpenSSL 61f805c1 Jan 16 01:01:46 2018 +0800
|
||||
.\"
|
||||
@ -52,7 +52,7 @@
|
||||
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.Dd $Mdocdate: July 15 2024 $
|
||||
.Dd $Mdocdate: July 16 2024 $
|
||||
.Dt SSL_CIPHER_GET_NAME 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -388,7 +388,7 @@ first appeared in OpenSSL 1.1.0 and has been available since
|
||||
.Ox 7.0 .
|
||||
.Fn SSL_CIPHER_get_handshake_digest
|
||||
first appeared in OpenSSL 1.1.1 and has been available since
|
||||
.Ox 7.5 .
|
||||
.Ox 7.6 .
|
||||
.Sh BUGS
|
||||
If
|
||||
.Fn SSL_CIPHER_description
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: s3_lib.c,v 1.253 2024/07/15 14:45:15 jsing Exp $ */
|
||||
/* $OpenBSD: s3_lib.c,v 1.254 2024/07/16 14:38:04 jsing Exp $ */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
@ -183,7 +183,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_MD5,
|
||||
.algorithm_ssl = SSL_SSLV3,
|
||||
.algo_strength = SSL_STRONG_NONE,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 0,
|
||||
.alg_bits = 0,
|
||||
},
|
||||
@ -199,7 +199,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_SSLV3,
|
||||
.algo_strength = SSL_STRONG_NONE,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 0,
|
||||
.alg_bits = 0,
|
||||
},
|
||||
@ -215,7 +215,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_MD5,
|
||||
.algorithm_ssl = SSL_SSLV3,
|
||||
.algo_strength = SSL_LOW,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 128,
|
||||
.alg_bits = 128,
|
||||
},
|
||||
@ -231,7 +231,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_SSLV3,
|
||||
.algo_strength = SSL_LOW,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 128,
|
||||
.alg_bits = 128,
|
||||
},
|
||||
@ -247,7 +247,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_SSLV3,
|
||||
.algo_strength = SSL_MEDIUM,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 112,
|
||||
.alg_bits = 168,
|
||||
},
|
||||
@ -267,7 +267,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_SSLV3,
|
||||
.algo_strength = SSL_MEDIUM,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 112,
|
||||
.alg_bits = 168,
|
||||
},
|
||||
@ -283,7 +283,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_MD5,
|
||||
.algorithm_ssl = SSL_SSLV3,
|
||||
.algo_strength = SSL_LOW,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 128,
|
||||
.alg_bits = 128,
|
||||
},
|
||||
@ -299,7 +299,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_SSLV3,
|
||||
.algo_strength = SSL_MEDIUM,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 112,
|
||||
.alg_bits = 168,
|
||||
},
|
||||
@ -319,7 +319,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_HIGH,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 128,
|
||||
.alg_bits = 128,
|
||||
},
|
||||
@ -335,7 +335,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_HIGH,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 128,
|
||||
.alg_bits = 128,
|
||||
},
|
||||
@ -351,7 +351,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_HIGH,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 128,
|
||||
.alg_bits = 128,
|
||||
},
|
||||
@ -367,7 +367,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_HIGH,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 256,
|
||||
.alg_bits = 256,
|
||||
},
|
||||
@ -383,7 +383,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_HIGH,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 256,
|
||||
.alg_bits = 256,
|
||||
},
|
||||
@ -399,7 +399,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_HIGH,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 256,
|
||||
.alg_bits = 256,
|
||||
},
|
||||
@ -467,7 +467,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_HIGH,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 128,
|
||||
.alg_bits = 128,
|
||||
},
|
||||
@ -483,7 +483,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_HIGH,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 128,
|
||||
.alg_bits = 128,
|
||||
},
|
||||
@ -499,7 +499,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_HIGH,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 128,
|
||||
.alg_bits = 128,
|
||||
},
|
||||
@ -584,7 +584,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_HIGH,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 256,
|
||||
.alg_bits = 256,
|
||||
},
|
||||
@ -600,7 +600,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_HIGH,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 256,
|
||||
.alg_bits = 256,
|
||||
},
|
||||
@ -616,7 +616,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_HIGH,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 256,
|
||||
.alg_bits = 256,
|
||||
},
|
||||
@ -887,7 +887,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_STRONG_NONE,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 0,
|
||||
.alg_bits = 0,
|
||||
},
|
||||
@ -903,7 +903,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_LOW,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 128,
|
||||
.alg_bits = 128,
|
||||
},
|
||||
@ -919,7 +919,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_MEDIUM,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 112,
|
||||
.alg_bits = 168,
|
||||
},
|
||||
@ -935,7 +935,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_HIGH,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 128,
|
||||
.alg_bits = 128,
|
||||
},
|
||||
@ -951,7 +951,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_HIGH,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 256,
|
||||
.alg_bits = 256,
|
||||
},
|
||||
@ -967,7 +967,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_STRONG_NONE,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 0,
|
||||
.alg_bits = 0,
|
||||
},
|
||||
@ -983,7 +983,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_LOW,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 128,
|
||||
.alg_bits = 128,
|
||||
},
|
||||
@ -999,7 +999,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_MEDIUM,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 112,
|
||||
.alg_bits = 168,
|
||||
},
|
||||
@ -1015,7 +1015,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_HIGH,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 128,
|
||||
.alg_bits = 128,
|
||||
},
|
||||
@ -1031,7 +1031,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_HIGH,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 256,
|
||||
.alg_bits = 256,
|
||||
},
|
||||
@ -1047,7 +1047,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_STRONG_NONE,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 0,
|
||||
.alg_bits = 0,
|
||||
},
|
||||
@ -1063,7 +1063,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_LOW,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 128,
|
||||
.alg_bits = 128,
|
||||
},
|
||||
@ -1079,7 +1079,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_MEDIUM,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 112,
|
||||
.alg_bits = 168,
|
||||
},
|
||||
@ -1095,7 +1095,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_HIGH,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 128,
|
||||
.alg_bits = 128,
|
||||
},
|
||||
@ -1111,7 +1111,7 @@ const SSL_CIPHER ssl3_ciphers[] = {
|
||||
.algorithm_mac = SSL_SHA1,
|
||||
.algorithm_ssl = SSL_TLSV1,
|
||||
.algo_strength = SSL_HIGH,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT,
|
||||
.algorithm2 = SSL_HANDSHAKE_MAC_SHA256,
|
||||
.strength_bits = 256,
|
||||
.alg_bits = 256,
|
||||
},
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: ssl_ciph.c,v 1.143 2024/07/14 15:39:36 tb Exp $ */
|
||||
/* $OpenBSD: ssl_ciph.c,v 1.144 2024/07/16 14:38:04 jsing Exp $ */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
@ -515,24 +515,12 @@ ssl_cipher_get_evp_aead(const SSL_SESSION *ss, const EVP_AEAD **aead)
|
||||
int
|
||||
ssl_get_handshake_evp_md(SSL *s, const EVP_MD **md)
|
||||
{
|
||||
unsigned long handshake_mac;
|
||||
|
||||
*md = NULL;
|
||||
|
||||
if (s->s3->hs.cipher == NULL)
|
||||
return 0;
|
||||
|
||||
handshake_mac = s->s3->hs.cipher->algorithm2 & SSL_HANDSHAKE_MAC_MASK;
|
||||
|
||||
/* XXX - can we simplify this now that TLSv1.0 and TLSv1.1 are gone? */
|
||||
/* For TLSv1.2 we upgrade the default MD5+SHA1 MAC to SHA256. */
|
||||
if (SSL_USE_SHA256_PRF(s) && handshake_mac == SSL_HANDSHAKE_MAC_DEFAULT)
|
||||
handshake_mac = SSL_HANDSHAKE_MAC_SHA256;
|
||||
|
||||
switch (handshake_mac) {
|
||||
case SSL_HANDSHAKE_MAC_DEFAULT:
|
||||
*md = EVP_md5_sha1();
|
||||
return 1;
|
||||
switch (s->s3->hs.cipher->algorithm2 & SSL_HANDSHAKE_MAC_MASK) {
|
||||
case SSL_HANDSHAKE_MAC_SHA256:
|
||||
*md = EVP_sha256();
|
||||
return 1;
|
||||
@ -1629,7 +1617,6 @@ const EVP_MD *
|
||||
SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c)
|
||||
{
|
||||
switch (c->algorithm2 & SSL_HANDSHAKE_MAC_MASK) {
|
||||
case SSL_HANDSHAKE_MAC_DEFAULT:
|
||||
case SSL_HANDSHAKE_MAC_SHA256:
|
||||
return EVP_sha256();
|
||||
case SSL_HANDSHAKE_MAC_SHA384:
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: ssl_local.h,v 1.18 2024/07/15 14:45:15 jsing Exp $ */
|
||||
/* $OpenBSD: ssl_local.h,v 1.19 2024/07/16 14:38:04 jsing Exp $ */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
@ -246,11 +246,8 @@ __BEGIN_HIDDEN_DECLS
|
||||
/* Bits for algorithm2 (handshake digests and other extra flags) */
|
||||
|
||||
#define SSL_HANDSHAKE_MAC_MASK 0xff0
|
||||
#define SSL_HANDSHAKE_MAC_MD5 0x010
|
||||
#define SSL_HANDSHAKE_MAC_SHA 0x020
|
||||
#define SSL_HANDSHAKE_MAC_SHA256 0x080
|
||||
#define SSL_HANDSHAKE_MAC_SHA384 0x100
|
||||
#define SSL_HANDSHAKE_MAC_DEFAULT (SSL_HANDSHAKE_MAC_MD5 | SSL_HANDSHAKE_MAC_SHA)
|
||||
|
||||
#define SSL3_CK_ID 0x03000000
|
||||
#define SSL3_CK_VALUE_MASK 0x0000ffff
|
||||
@ -274,10 +271,6 @@ __BEGIN_HIDDEN_DECLS
|
||||
#define SSL_USE_SIGALGS(s) \
|
||||
(s->method->enc_flags & SSL_ENC_FLAG_SIGALGS)
|
||||
|
||||
/* See if we use SHA256 default PRF. */
|
||||
#define SSL_USE_SHA256_PRF(s) \
|
||||
(s->method->enc_flags & SSL_ENC_FLAG_SHA256_PRF)
|
||||
|
||||
/* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2. */
|
||||
#define SSL_USE_TLS1_2_CIPHERS(s) \
|
||||
(s->method->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS)
|
||||
@ -1188,9 +1181,6 @@ typedef struct ssl3_state_st {
|
||||
/* Uses signature algorithms extension. */
|
||||
#define SSL_ENC_FLAG_SIGALGS (1 << 1)
|
||||
|
||||
/* Uses SHA256 default PRF. */
|
||||
#define SSL_ENC_FLAG_SHA256_PRF (1 << 2)
|
||||
|
||||
/* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2. */
|
||||
#define SSL_ENC_FLAG_TLS1_2_CIPHERS (1 << 4)
|
||||
|
||||
@ -1200,7 +1190,6 @@ typedef struct ssl3_state_st {
|
||||
#define TLSV1_ENC_FLAGS 0
|
||||
#define TLSV1_1_ENC_FLAGS 0
|
||||
#define TLSV1_2_ENC_FLAGS (SSL_ENC_FLAG_SIGALGS | \
|
||||
SSL_ENC_FLAG_SHA256_PRF | \
|
||||
SSL_ENC_FLAG_TLS1_2_CIPHERS)
|
||||
#define TLSV1_3_ENC_FLAGS (SSL_ENC_FLAG_SIGALGS | \
|
||||
SSL_ENC_FLAG_TLS1_3_CIPHERS)
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: tls_prf.c,v 1.10 2024/06/05 04:50:36 tb Exp $ */
|
||||
/* $OpenBSD: tls_prf.c,v 1.11 2024/07/16 14:38:59 jsing Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
|
||||
*
|
||||
@ -35,30 +35,7 @@ struct tls_prf_test {
|
||||
|
||||
static const struct tls_prf_test tls_prf_tests[] = {
|
||||
{
|
||||
.desc = "MD5+SHA1",
|
||||
.ssl_method = TLSv1_method,
|
||||
.cipher_value = 0x0033,
|
||||
.out = {
|
||||
0x03, 0xa1, 0xc1, 0x7d, 0x2c, 0xa5, 0x3d, 0xe8,
|
||||
0x9d, 0x59, 0x5e, 0x30, 0xf5, 0x71, 0xbb, 0x96,
|
||||
0xde, 0x5c, 0x8e, 0xdc, 0x25, 0x8a, 0x7c, 0x05,
|
||||
0x9f, 0x7d, 0x35, 0x29, 0x45, 0xae, 0x56, 0xad,
|
||||
0x9f, 0x57, 0x15, 0x5c, 0xdb, 0x83, 0x3a, 0xac,
|
||||
0x19, 0xa8, 0x2b, 0x40, 0x72, 0x38, 0x1e, 0xed,
|
||||
0xf3, 0x25, 0xde, 0x84, 0x84, 0xd8, 0xd1, 0xfc,
|
||||
0x31, 0x85, 0x81, 0x12, 0x55, 0x4d, 0x12, 0xb5,
|
||||
0xed, 0x78, 0x5e, 0xba, 0xc8, 0xec, 0x8d, 0x28,
|
||||
0xa1, 0x21, 0x1e, 0x6e, 0x07, 0xf1, 0xfc, 0xf5,
|
||||
0xbf, 0xe4, 0x8e, 0x8e, 0x97, 0x15, 0x93, 0x85,
|
||||
0x75, 0xdd, 0x87, 0x09, 0xd0, 0x4e, 0xe5, 0xd5,
|
||||
0x9e, 0x1f, 0xd6, 0x1c, 0x3b, 0xe9, 0xad, 0xba,
|
||||
0xe0, 0x16, 0x56, 0x62, 0x90, 0xd6, 0x82, 0x84,
|
||||
0xec, 0x8a, 0x22, 0xbe, 0xdc, 0x6a, 0x5e, 0x05,
|
||||
0x12, 0x44, 0xec, 0x60, 0x61, 0xd1, 0x8a, 0x66,
|
||||
},
|
||||
},
|
||||
{
|
||||
.desc = "SHA256 (via TLSv1.2)",
|
||||
.desc = "SHA256",
|
||||
.ssl_method = TLSv1_2_method,
|
||||
.cipher_value = 0x0033,
|
||||
.out = {
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: eap2mschap_local.h,v 1.1 2024/07/14 16:09:23 yasuoka Exp $ */
|
||||
/* $OpenBSD: eap2mschap_local.h,v 1.2 2024/07/16 06:18:20 miod Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2024 Internet Initiative Japan Inc.
|
||||
@ -70,9 +70,11 @@ struct eap_mschap_challenge {
|
||||
uint8_t chall[16];
|
||||
char chap_name[0];
|
||||
} __packed;
|
||||
#if defined(__STDC_VERSION__) && __STDC_VERSION >= 201112L
|
||||
static_assert(sizeof(struct eap_mschap_challenge) == 26, "");
|
||||
static_assert(offsetof(struct eap_mschap_challenge, chap) == 5, "");
|
||||
static_assert(offsetof(struct eap_mschap_challenge, chall) == 10, "");
|
||||
#endif
|
||||
|
||||
struct eap_mschap_response {
|
||||
struct eap eap;
|
||||
@ -85,9 +87,11 @@ struct eap_mschap_response {
|
||||
uint8_t flags;
|
||||
uint8_t chap_name[0];
|
||||
} __packed;
|
||||
#if defined(__STDC_VERSION__) && __STDC_VERSION >= 201112L
|
||||
static_assert(sizeof(struct eap_mschap_response) == 59, "");
|
||||
static_assert(offsetof(struct eap_mschap_response, chap) == 5, "");
|
||||
static_assert(offsetof(struct eap_mschap_response, peerchall) == 10, "");
|
||||
#endif
|
||||
|
||||
struct radius_ms_chap2_response {
|
||||
uint8_t ident;
|
||||
|
Loading…
Reference in New Issue
Block a user