diff --git a/bin/ls/cmp.c b/bin/ls/cmp.c index fa4f11aed..d52062fe0 100644 --- a/bin/ls/cmp.c +++ b/bin/ls/cmp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cmp.c,v 1.6 2009/10/27 23:59:21 deraadt Exp $ */ +/* $OpenBSD: cmp.c,v 1.7 2023/08/08 04:45:44 guenther Exp $ */ /* $NetBSD: cmp.c,v 1.10 1996/07/08 10:32:01 mycroft Exp $ */ /* @@ -61,9 +61,9 @@ modcmp(const FTSENT *a, const FTSENT *b) return (1); else if (b->fts_statp->st_mtime < a->fts_statp->st_mtime) return (-1); - else if (b->fts_statp->st_mtimensec > a->fts_statp->st_mtimensec) + else if (b->fts_statp->st_mtim.tv_nsec > a->fts_statp->st_mtim.tv_nsec) return (1); - else if (b->fts_statp->st_mtimensec < a->fts_statp->st_mtimensec) + else if (b->fts_statp->st_mtim.tv_nsec < a->fts_statp->st_mtim.tv_nsec) return (-1); else return (namecmp(a, b)); @@ -76,9 +76,9 @@ revmodcmp(const FTSENT *a, const FTSENT *b) return (-1); else if (b->fts_statp->st_mtime < a->fts_statp->st_mtime) return (1); - else if (b->fts_statp->st_mtimensec > a->fts_statp->st_mtimensec) + else if (b->fts_statp->st_mtim.tv_nsec > a->fts_statp->st_mtim.tv_nsec) return (-1); - else if (b->fts_statp->st_mtimensec < a->fts_statp->st_mtimensec) + else if (b->fts_statp->st_mtim.tv_nsec < a->fts_statp->st_mtim.tv_nsec) return (1); else return (revnamecmp(a, b)); @@ -91,9 +91,9 @@ acccmp(const FTSENT *a, const FTSENT *b) return (1); else if (b->fts_statp->st_atime < a->fts_statp->st_atime) return (-1); - else if (b->fts_statp->st_atimensec > a->fts_statp->st_atimensec) + else if (b->fts_statp->st_atim.tv_nsec > a->fts_statp->st_atim.tv_nsec) return (1); - else if (b->fts_statp->st_atimensec < a->fts_statp->st_atimensec) + else if (b->fts_statp->st_atim.tv_nsec < a->fts_statp->st_atim.tv_nsec) return (-1); else return (namecmp(a, b)); @@ -106,9 +106,9 @@ revacccmp(const FTSENT *a, const FTSENT *b) return (-1); else if (b->fts_statp->st_atime < a->fts_statp->st_atime) return (1); - else if (b->fts_statp->st_atimensec > a->fts_statp->st_atimensec) + else if (b->fts_statp->st_atim.tv_nsec > a->fts_statp->st_atim.tv_nsec) return (-1); - else if (b->fts_statp->st_atimensec < a->fts_statp->st_atimensec) + else if (b->fts_statp->st_atim.tv_nsec < a->fts_statp->st_atim.tv_nsec) return (1); else return (revnamecmp(a, b)); @@ -121,9 +121,9 @@ statcmp(const FTSENT *a, const FTSENT *b) return (1); else if (b->fts_statp->st_ctime < a->fts_statp->st_ctime) return (-1); - else if (b->fts_statp->st_ctimensec > a->fts_statp->st_ctimensec) + else if (b->fts_statp->st_ctim.tv_nsec > a->fts_statp->st_ctim.tv_nsec) return (1); - else if (b->fts_statp->st_ctimensec < a->fts_statp->st_ctimensec) + else if (b->fts_statp->st_ctim.tv_nsec < a->fts_statp->st_ctim.tv_nsec) return (-1); else return (namecmp(a, b)); @@ -136,9 +136,9 @@ revstatcmp(const FTSENT *a, const FTSENT *b) return (-1); else if (b->fts_statp->st_ctime < a->fts_statp->st_ctime) return (1); - else if (b->fts_statp->st_ctimensec > a->fts_statp->st_ctimensec) + else if (b->fts_statp->st_ctim.tv_nsec > a->fts_statp->st_ctim.tv_nsec) return (-1); - else if (b->fts_statp->st_ctimensec < a->fts_statp->st_ctimensec) + else if (b->fts_statp->st_ctim.tv_nsec < a->fts_statp->st_ctim.tv_nsec) return (1); else return (revnamecmp(a, b)); diff --git a/distrib/miniroot/install.sub b/distrib/miniroot/install.sub index cb5532aac..2ce11ae7f 100644 --- a/distrib/miniroot/install.sub +++ b/distrib/miniroot/install.sub @@ -1,5 +1,5 @@ #!/bin/ksh -# $OpenBSD: install.sub,v 1.1252 2023/08/02 08:51:16 kn Exp $ +# $OpenBSD: install.sub,v 1.1253 2023/08/10 17:09:34 kn Exp $ # # Copyright (c) 1997-2015 Todd Miller, Theo de Raadt, Ken Westerback # Copyright (c) 2015, Robert Peichaer @@ -3100,7 +3100,7 @@ encrypt_root() { md_prep_fdisk $_chunk echo 'RAID *' | disklabel -w -A -T- $_chunk - until bioctl -c C -l ${_chunk}a softraid0 >/dev/null; do + until bioctl -Cforce -cC -l${_chunk}a softraid0 >/dev/null; do # Most likely botched passphrases, silently retry twice. ((++_tries < 3)) || exit done diff --git a/distrib/sets/lists/comp/mi b/distrib/sets/lists/comp/mi index 60bdb81a8..cae605669 100644 --- a/distrib/sets/lists/comp/mi +++ b/distrib/sets/lists/comp/mi @@ -987,6 +987,7 @@ ./usr/include/net/if_ppp.h ./usr/include/net/if_pppoe.h ./usr/include/net/if_pppvar.h +./usr/include/net/if_sec.h ./usr/include/net/if_sppp.h ./usr/include/net/if_trunk.h ./usr/include/net/if_tun.h diff --git a/distrib/sets/lists/man/mi b/distrib/sets/lists/man/mi index 56d6d9b05..451722b59 100644 --- a/distrib/sets/lists/man/mi +++ b/distrib/sets/lists/man/mi @@ -1918,6 +1918,7 @@ ./usr/share/man/man4/sdmmc.4 ./usr/share/man/man4/sdtemp.4 ./usr/share/man/man4/se.4 +./usr/share/man/man4/sec.4 ./usr/share/man/man4/ses.4 ./usr/share/man/man4/sf.4 ./usr/share/man/man4/sili.4 diff --git a/etc/root/root.mail b/etc/root/root.mail index aaa509668..ea86c0bc2 100644 --- a/etc/root/root.mail +++ b/etc/root/root.mail @@ -1,6 +1,6 @@ -From purplerain@secbsd.org Tue Aug 8 00:00:00 UTC 2023 +From purplerain@secbsd.org Fri Aug 11 00:00:00 UTC 2023 Return-Path: root -Date: Aug 8 00:00:00 UTC 2023 +Date: Aug 11 00:00:00 UTC 2023 From: purplerain@secbsd.org (Purple Rain) To: root Subject: Welcome to SecBSD 1.3! diff --git a/etc/skel/dot.version b/etc/skel/dot.version index 223b70683..263556c96 100644 --- a/etc/skel/dot.version +++ b/etc/skel/dot.version @@ -1 +1 @@ -# SecBSD 1.3-637dfdf: Tue Aug 8 00:00:00 UTC 2023 (Tezcatlipoca) +# SecBSD 1.3-7d242c1: Fri Aug 11 00:00:00 UTC 2023 (Tezcatlipoca) diff --git a/lib/libcrypto/Makefile b/lib/libcrypto/Makefile index c882c1a9d..2040428ce 100644 --- a/lib/libcrypto/Makefile +++ b/lib/libcrypto/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.153 2023/07/29 06:46:20 tb Exp $ +# $OpenBSD: Makefile,v 1.155 2023/08/09 09:32:22 tb Exp $ LIB= crypto LIBREBUILD=y @@ -168,7 +168,6 @@ SRCS+= bss_sock.c # bn/ SRCS+= bn_add.c -SRCS+= bn_blind.c SRCS+= bn_bpsw.c SRCS+= bn_const.c SRCS+= bn_convert.c @@ -534,8 +533,8 @@ SRCS+= ripemd.c # rsa/ SRCS+= rsa_ameth.c SRCS+= rsa_asn1.c +SRCS+= rsa_blinding.c SRCS+= rsa_chk.c -SRCS+= rsa_crpt.c SRCS+= rsa_eay.c SRCS+= rsa_err.c SRCS+= rsa_gen.c diff --git a/lib/libcrypto/bn/bn_local.h b/lib/libcrypto/bn/bn_local.h index 5b7e852d7..a9ce466db 100644 --- a/lib/libcrypto/bn/bn_local.h +++ b/lib/libcrypto/bn/bn_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_local.h,v 1.33 2023/08/03 18:53:55 tb Exp $ */ +/* $OpenBSD: bn_local.h,v 1.38 2023/08/09 09:23:03 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -292,17 +292,6 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, BN_RECP_CTX *recp, BN_CTX *ctx); -void BN_BLINDING_free(BN_BLINDING *b); -int BN_BLINDING_convert(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *); -int BN_BLINDING_invert(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *); - -CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *); -BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b, - const BIGNUM *e, BIGNUM *m, BN_CTX *ctx, - int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), - BN_MONT_CTX *m_ctx); - /* Explicitly const time / non-const time versions for internal use */ int BN_mod_exp_ct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx); diff --git a/lib/libcrypto/dh/dh_ameth.c b/lib/libcrypto/dh/dh_ameth.c index cc594cfd3..4a600b3bb 100644 --- a/lib/libcrypto/dh/dh_ameth.c +++ b/lib/libcrypto/dh/dh_ameth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh_ameth.c,v 1.30 2023/07/08 15:29:03 beck Exp $ */ +/* $OpenBSD: dh_ameth.c,v 1.33 2023/08/10 16:57:15 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -130,50 +130,53 @@ err: static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { - DH *dh; - int ptype; - unsigned char *penc = NULL; - int penclen; - ASN1_STRING *str; - ASN1_INTEGER *pub_key = NULL; + const DH *dh = pkey->pkey.dh; + ASN1_STRING *params = NULL; + int ptype = V_ASN1_SEQUENCE; + ASN1_INTEGER *key = NULL; + ASN1_OBJECT *aobj; + unsigned char *params_der = NULL, *key_der = NULL; + int params_len = 0, key_len = 0; + int ret = 0; - dh=pkey->pkey.dh; - - str = ASN1_STRING_new(); - if (str == NULL) { + if ((params_len = i2d_DHparams(dh, ¶ms_der)) <= 0) { + DHerror(ERR_R_MALLOC_FAILURE); + params_len = 0; + goto err; + } + if ((params = ASN1_STRING_new()) == NULL) { DHerror(ERR_R_MALLOC_FAILURE); goto err; } + ASN1_STRING_set0(params, params_der, params_len); + params_der = NULL; + params_len = 0; - str->length = i2d_DHparams(dh, &str->data); - if (str->length <= 0) { + if ((key = BN_to_ASN1_INTEGER(dh->pub_key, NULL)) == NULL) + goto err; + if ((key_len = i2d_ASN1_INTEGER(key, &key_der)) <= 0) { DHerror(ERR_R_MALLOC_FAILURE); + key_len = 0; goto err; } - ptype = V_ASN1_SEQUENCE; - pub_key = BN_to_ASN1_INTEGER(dh->pub_key, NULL); - if (!pub_key) + if ((aobj = OBJ_nid2obj(EVP_PKEY_DH)) == NULL) goto err; - - penclen = i2d_ASN1_INTEGER(pub_key, &penc); - - ASN1_INTEGER_free(pub_key); - - if (penclen <= 0) { - DHerror(ERR_R_MALLOC_FAILURE); + if (!X509_PUBKEY_set0_param(pk, aobj, ptype, params, key_der, key_len)) goto err; - } + params = NULL; + key_der = NULL; + key_len = 0; - if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DH), ptype, - (void *)str, penc, penclen)) - return 1; + ret = 1; -err: - free(penc); - ASN1_STRING_free(str); + err: + ASN1_STRING_free(params); + ASN1_INTEGER_free(key); + freezero(params_der, params_len); + freezero(key_der, key_len); - return 0; + return ret; } /* @@ -236,49 +239,55 @@ dherr: static int dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { + const DH *dh = pkey->pkey.dh; ASN1_STRING *params = NULL; - ASN1_INTEGER *prkey = NULL; - unsigned char *dp = NULL; - int dplen; + int ptype = V_ASN1_SEQUENCE; + ASN1_INTEGER *key = NULL; + ASN1_OBJECT *aobj; + unsigned char *params_der = NULL, *key_der = NULL; + int params_len = 0, key_len = 0; + int ret = 0; - params = ASN1_STRING_new(); - - if (!params) { + if ((params_len = i2d_DHparams(dh, ¶ms_der)) <= 0) { + DHerror(ERR_R_MALLOC_FAILURE); + params_len = 0; + goto err; + } + if ((params = ASN1_STRING_type_new(V_ASN1_SEQUENCE)) == NULL) { DHerror(ERR_R_MALLOC_FAILURE); goto err; } + ASN1_STRING_set0(params, params_der, params_len); + params_der = NULL; + params_len = 0; - params->length = i2d_DHparams(pkey->pkey.dh, ¶ms->data); - if (params->length <= 0) { - DHerror(ERR_R_MALLOC_FAILURE); - goto err; - } - params->type = V_ASN1_SEQUENCE; - - /* Get private key into integer */ - prkey = BN_to_ASN1_INTEGER(pkey->pkey.dh->priv_key, NULL); - - if (!prkey) { + if ((key = BN_to_ASN1_INTEGER(dh->priv_key, NULL)) == NULL) { DHerror(DH_R_BN_ERROR); goto err; } - - dplen = i2d_ASN1_INTEGER(prkey, &dp); - - ASN1_INTEGER_free(prkey); - prkey = NULL; - - if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dhKeyAgreement), 0, - V_ASN1_SEQUENCE, params, dp, dplen)) + if ((key_len = i2d_ASN1_INTEGER(key, &key_der)) <= 0) { + DHerror(ERR_R_MALLOC_FAILURE); + key_len = 0; goto err; + } - return 1; + if ((aobj = OBJ_nid2obj(NID_dhKeyAgreement)) == NULL) + goto err; + if (!PKCS8_pkey_set0(p8, aobj, 0, ptype, params, key_der, key_len)) + goto err; + params = NULL; + key_der = NULL; + key_len = 0; -err: - free(dp); + ret = 1; + + err: ASN1_STRING_free(params); - ASN1_INTEGER_free(prkey); - return 0; + ASN1_INTEGER_free(key); + freezero(params_der, params_len); + freezero(key_der, key_len); + + return ret; } static int diff --git a/lib/libcrypto/dsa/dsa_ameth.c b/lib/libcrypto/dsa/dsa_ameth.c index 5a0c3116a..28aafebc0 100644 --- a/lib/libcrypto/dsa/dsa_ameth.c +++ b/lib/libcrypto/dsa/dsa_ameth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_ameth.c,v 1.43 2023/07/07 06:59:18 tb Exp $ */ +/* $OpenBSD: dsa_ameth.c,v 1.46 2023/08/10 16:57:15 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -138,49 +138,58 @@ err: static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { - DSA *dsa; - ASN1_INTEGER *pubint = NULL; - ASN1_STRING *str = NULL; + const DSA *dsa = pkey->pkey.dsa; + ASN1_STRING *params = NULL; int ptype = V_ASN1_UNDEF; - unsigned char *penc = NULL; - int penclen; + ASN1_INTEGER *key = NULL; + ASN1_OBJECT *aobj; + unsigned char *params_der = NULL, *key_der = NULL; + int params_len = 0, key_len = 0; + int ret = 0; - dsa = pkey->pkey.dsa; if (pkey->save_parameters && dsa->p && dsa->q && dsa->g) { - if ((str = ASN1_STRING_new()) == NULL) { - DSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - str->length = i2d_DSAparams(dsa, &str->data); - if (str->length <= 0) { + if ((params_len = i2d_DSAparams(dsa, ¶ms_der)) <= 0) { + DSAerror(ERR_R_MALLOC_FAILURE); + params_len = 0; + goto err; + } + if ((params = ASN1_STRING_new()) == NULL) { DSAerror(ERR_R_MALLOC_FAILURE); goto err; } + ASN1_STRING_set0(params, params_der, params_len); + params_der = NULL; + params_len = 0; ptype = V_ASN1_SEQUENCE; } - if ((pubint = BN_to_ASN1_INTEGER(dsa->pub_key, NULL)) == NULL) { + if ((key = BN_to_ASN1_INTEGER(dsa->pub_key, NULL)) == NULL) { DSAerror(ERR_R_MALLOC_FAILURE); goto err; } - - penclen = i2d_ASN1_INTEGER(pubint, &penc); - ASN1_INTEGER_free(pubint); - - if (penclen <= 0) { + if ((key_len = i2d_ASN1_INTEGER(key, &key_der)) <= 0) { DSAerror(ERR_R_MALLOC_FAILURE); + key_len = 0; goto err; } - if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA), ptype, str, - penc, penclen)) - return 1; + if ((aobj = OBJ_nid2obj(EVP_PKEY_DSA)) == NULL) + goto err; + if (!X509_PUBKEY_set0_param(pk, aobj, ptype, params, key_der, key_len)) + goto err; + params = NULL; + key_der = NULL; + key_len = 0; + + ret = 1; err: - free(penc); - ASN1_STRING_free(str); + ASN1_STRING_free(params); + ASN1_INTEGER_free(key); + freezero(params_der, params_len); + freezero(key_der, key_len); - return 0; + return ret; } /* In PKCS#8 DSA: you just get a private key integer and parameters in the @@ -265,47 +274,55 @@ done: static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { + const DSA *dsa = pkey->pkey.dsa; ASN1_STRING *params = NULL; - ASN1_INTEGER *prkey = NULL; - unsigned char *dp = NULL; - int dplen; + int ptype = V_ASN1_SEQUENCE; + ASN1_INTEGER *key = NULL; + ASN1_OBJECT *aobj; + unsigned char *params_der = NULL, *key_der = NULL; + int params_len = 0, key_len = 0; + int ret = 0; - params = ASN1_STRING_new(); - if (!params) { + if ((params_len = i2d_DSAparams(dsa, ¶ms_der)) <= 0) { + DSAerror(ERR_R_MALLOC_FAILURE); + params_len = 0; + goto err; + } + if ((params = ASN1_STRING_type_new(V_ASN1_SEQUENCE)) == NULL) { DSAerror(ERR_R_MALLOC_FAILURE); goto err; } + ASN1_STRING_set0(params, params_der, params_len); + params_der = NULL; + params_len = 0; - params->length = i2d_DSAparams(pkey->pkey.dsa, ¶ms->data); - if (params->length <= 0) { - DSAerror(ERR_R_MALLOC_FAILURE); - goto err; - } - params->type = V_ASN1_SEQUENCE; - - /* Get private key into integer */ - prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL); - if (!prkey) { + if ((key = BN_to_ASN1_INTEGER(dsa->priv_key, NULL)) == NULL) { DSAerror(DSA_R_BN_ERROR); goto err; } - - dplen = i2d_ASN1_INTEGER(prkey, &dp); - - ASN1_INTEGER_free(prkey); - prkey = NULL; - - if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0, V_ASN1_SEQUENCE, - params, dp, dplen)) + if ((key_len = i2d_ASN1_INTEGER(key, &key_der)) <= 0) { + DSAerror(ERR_R_MALLOC_FAILURE); + key_len = 0; goto err; + } - return 1; + if ((aobj = OBJ_nid2obj(NID_dsa)) == NULL) + goto err; + if (!PKCS8_pkey_set0(p8, aobj, 0, ptype, params, key_der, key_len)) + goto err; + params = NULL; + key_der = NULL; + key_len = 0; -err: - free(dp); + ret = 1; + + err: ASN1_STRING_free(params); - ASN1_INTEGER_free(prkey); - return 0; + ASN1_INTEGER_free(key); + freezero(params_der, params_len); + freezero(key_der, key_len); + + return ret; } static int diff --git a/lib/libcrypto/ec/ec.h b/lib/libcrypto/ec/ec.h index 85951f0b9..9e3354df4 100644 --- a/lib/libcrypto/ec/ec.h +++ b/lib/libcrypto/ec/ec.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ec.h,v 1.45 2023/07/28 09:28:37 tb Exp $ */ +/* $OpenBSD: ec.h,v 1.46 2023/08/11 04:45:27 tb Exp $ */ /* * Originally written by Bodo Moeller for the OpenSSL project. */ @@ -262,9 +262,6 @@ int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off); #endif int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off); -typedef struct ec_key_st EC_KEY; -typedef struct ec_key_method_st EC_KEY_METHOD; - #define EC_PKEY_NO_PARAMETERS 0x001 #define EC_PKEY_NO_PUBKEY 0x002 diff --git a/lib/libcrypto/ecdsa/ecdsa.c b/lib/libcrypto/ecdsa/ecdsa.c index 8160014b3..52f504499 100644 --- a/lib/libcrypto/ecdsa/ecdsa.c +++ b/lib/libcrypto/ecdsa/ecdsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ecdsa.c,v 1.17 2023/08/03 18:53:56 tb Exp $ */ +/* $OpenBSD: ecdsa.c,v 1.18 2023/08/08 13:09:28 tb Exp $ */ /* ==================================================================== * Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved. * @@ -341,27 +341,6 @@ ecdsa_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv, BIGNUM **out_r) if (!bn_rand_interval(k, 1, order)) goto err; - /* - * We do not want timing information to leak the length of k, - * so we compute G * k using an equivalent scalar of fixed - * bit-length. - * - * We unconditionally perform both of these additions to prevent - * a small timing information leakage. We then choose the sum - * that is one bit longer than the order. This guarantees the - * code path used in the constant time implementations - * elsewhere. - * - * TODO: revisit the bn_copy aiming for a memory access agnostic - * conditional copy. - */ - if (!BN_add(r, k, order) || - !BN_add(x, r, order) || - !bn_copy(k, BN_num_bits(r) > order_bits ? r : x)) - goto err; - - BN_set_flags(k, BN_FLG_CONSTTIME); - /* Step 5: P = k * G. */ if (!EC_POINT_mul(group, point, k, NULL, NULL, ctx)) { ECerror(ERR_R_EC_LIB); diff --git a/lib/libcrypto/evp/evp_local.h b/lib/libcrypto/evp/evp_local.h index 9905b82dd..e0a8afd6b 100644 --- a/lib/libcrypto/evp/evp_local.h +++ b/lib/libcrypto/evp/evp_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: evp_local.h,v 1.3 2023/03/01 11:16:06 tb Exp $ */ +/* $OpenBSD: evp_local.h,v 1.4 2023/08/11 05:10:35 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -115,7 +115,7 @@ struct evp_pkey_st { STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ } /* EVP_PKEY */; -struct env_md_st { +struct evp_md_st { int type; int pkey_type; int md_size; @@ -132,7 +132,7 @@ struct env_md_st { int (*md_ctrl)(EVP_MD_CTX *ctx, int cmd, int p1, void *p2); } /* EVP_MD */; -struct env_md_ctx_st { +struct evp_md_ctx_st { const EVP_MD *digest; ENGINE *engine; /* functional reference if 'digest' is ENGINE-provided */ unsigned long flags; diff --git a/lib/libcrypto/hkdf/hkdf.h b/lib/libcrypto/hkdf/hkdf.h index 34450f9dd..6cec526e3 100644 --- a/lib/libcrypto/hkdf/hkdf.h +++ b/lib/libcrypto/hkdf/hkdf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: hkdf.h,v 1.2 2018/04/03 13:33:53 tb Exp $ */ +/* $OpenBSD: hkdf.h,v 1.3 2023/08/11 04:52:08 tb Exp $ */ /* Copyright (c) 2014, Google Inc. * * Permission to use, copy, modify, and/or distribute this software for any @@ -33,7 +33,7 @@ extern "C" { * a key from a password. */ -int HKDF(uint8_t *out_key, size_t out_len, const struct env_md_st *digest, +int HKDF(uint8_t *out_key, size_t out_len, const EVP_MD *digest, const uint8_t *secret, size_t secret_len, const uint8_t *salt, size_t salt_len, const uint8_t *info, size_t info_len); @@ -43,9 +43,9 @@ int HKDF(uint8_t *out_key, size_t out_len, const struct env_md_st *digest, * and outputs |out_len| bytes to |out_key|. The maximum output size * is |EVP_MAX_MD_SIZE|. It returns one on success and zero on error. */ -int HKDF_extract(uint8_t *out_key, size_t *out_len, - const struct env_md_st *digest, const uint8_t *secret, - size_t secret_len, const uint8_t *salt, size_t salt_len); +int HKDF_extract(uint8_t *out_key, size_t *out_len, const EVP_MD *digest, + const uint8_t *secret, size_t secret_len, + const uint8_t *salt, size_t salt_len); /* * HKDF_expand computes a HKDF OKM (as specified by RFC 5869) of diff --git a/lib/libcrypto/man/X509_STORE_CTX_set_verify.3 b/lib/libcrypto/man/X509_STORE_CTX_set_verify.3 index b2febbde2..2c0bd692a 100644 --- a/lib/libcrypto/man/X509_STORE_CTX_set_verify.3 +++ b/lib/libcrypto/man/X509_STORE_CTX_set_verify.3 @@ -1,6 +1,7 @@ -.\" $OpenBSD: X509_STORE_CTX_set_verify.3,v 1.6 2023/03/18 08:20:20 jsg Exp $ +.\" $OpenBSD: X509_STORE_CTX_set_verify.3,v 1.7 2023/08/10 16:15:42 schwarze Exp $ .\" .\" Copyright (c) 2021, 2022 Ingo Schwarze +.\" Copyright (c) 2023 Job Snijders .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -14,7 +15,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: March 18 2023 $ +.Dd $Mdocdate: August 10 2023 $ .Dt X509_STORE_CTX_SET_VERIFY 3 .Os .Sh NAME @@ -24,6 +25,7 @@ .Nm X509_STORE_set_verify , .Nm X509_STORE_set_verify_func , .Nm X509_STORE_get_verify , +.Nm X509_STORE_CTX_check_issued_fn , .Nm X509_STORE_set_check_issued , .Nm X509_STORE_get_check_issued , .Nm X509_STORE_CTX_get_check_issued diff --git a/lib/libcrypto/man/X509_STORE_get_by_subject.3 b/lib/libcrypto/man/X509_STORE_get_by_subject.3 index 6c8b8f8b5..3fb6c1c25 100644 --- a/lib/libcrypto/man/X509_STORE_get_by_subject.3 +++ b/lib/libcrypto/man/X509_STORE_get_by_subject.3 @@ -1,6 +1,6 @@ -.\" $OpenBSD: X509_STORE_get_by_subject.3,v 1.3 2021/11/12 14:05:28 schwarze Exp $ +.\" $OpenBSD: X509_STORE_get_by_subject.3,v 1.4 2023/08/10 14:15:16 schwarze Exp $ .\" -.\" Copyright (c) 2021 Ingo Schwarze +.\" Copyright (c) 2021, 2023 Ingo Schwarze .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -14,16 +14,18 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: November 12 2021 $ +.Dd $Mdocdate: August 10 2023 $ .Dt X509_STORE_GET_BY_SUBJECT 3 .Os .Sh NAME .Nm X509_STORE_CTX_get_by_subject , .Nm X509_STORE_CTX_get_obj_by_subject , +.Nm X509_STORE_CTX_get1_certs , +.Nm X509_STORE_CTX_get1_crls , +.Nm X509_STORE_CTX_get1_issuer , .Nm X509_STORE_get_by_subject , .Nm X509_STORE_get1_certs , -.Nm X509_STORE_get1_crls , -.Nm X509_STORE_CTX_get1_issuer +.Nm X509_STORE_get1_crls .Nd retrieve objects from a certificate store .Sh SYNOPSIS .In openssl/x509_vfy.h @@ -40,6 +42,22 @@ .Fa "X509_LOOKUP_TYPE type" .Fa "X509_NAME *name" .Fc +.Ft STACK_OF(X509) * +.Fo X509_STORE_CTX_get1_certs +.Fa "X509_STORE_CTX *ctx" +.Fa "X509_NAME *name" +.Fc +.Ft STACK_OF(X509_CRL) * +.Fo X509_STORE_CTX_get1_crls +.Fa "X509_STORE_CTX *ctx" +.Fa "X509_NAME *name" +.Fc +.Ft int +.Fo X509_STORE_CTX_get1_issuer +.Fa "X509 **issuer" +.Fa "X509_STORE_CTX *ctx" +.Fa "X509 *certificate" +.Fc .Ft int .Fo X509_STORE_get_by_subject .Fa "X509_STORE_CTX *ctx" @@ -57,12 +75,6 @@ .Fa "X509_STORE_CTX *ctx" .Fa "X509_NAME *name" .Fc -.Ft int -.Fo X509_STORE_CTX_get1_issuer -.Fa "X509 **issuer" -.Fa "X509_STORE_CTX *ctx" -.Fa "X509 *certificate" -.Fc .Sh DESCRIPTION .Fn X509_STORE_CTX_get_by_subject retrieves the first object having a matching @@ -101,11 +113,7 @@ is empty is the responsibility of the caller. .Fn X509_STORE_CTX_get_obj_by_subject is similar except that a new object is allocated and returned. .Pp -.Fn X509_STORE_get_by_subject -is a deprecated alias for -.Fn X509_STORE_CTX_get_by_subject . -.Pp -.Fn X509_STORE_get1_certs +.Fn X509_STORE_CTX_get1_certs retrieves all certificates matching the subject .Vt name from the @@ -113,15 +121,15 @@ from the associated with .Fa ctx . If there are none yet, -.Fn X509_STORE_get_by_subject +.Fn X509_STORE_CTX_get_by_subject is called to try and add some. In case of success, the reference counts of all certificates added to the returned array are incremented by 1. .Pp -.Fn X509_STORE_get1_crls +.Fn X509_STORE_CTX_get1_crls is similar except that it operates on certificate revocation lists rather than on certificates and that it always calls -.Fn X509_STORE_get_by_subject , +.Fn X509_STORE_CTX_get_by_subject , even if the .Vt X509_STORE already contains a matching revocation list. @@ -138,7 +146,7 @@ associated with Internally, the issuer name is retrieved with .Xr X509_get_issuer_name 3 and the candidate issuer CA certificate with -.Fn X509_STORE_get_by_subject +.Fn X509_STORE_X509_get_by_subject using that issuer name. .Xr X509_check_issued 3 or a user-supplied replacement function is used to check whether the @@ -151,6 +159,13 @@ If verification parameters associated with encourage checking of validity times, CAs with a valid time are preferred, but if no matching CA has a valid time, one with an invalid time is accepted anyway. +.Pp +The following are deprecated aliases: +.Bl -column X509_STORE_get_by_subject F X509_STORE_CTX_get_by_subject +.It Fn X509_STORE_get_by_subject Ta for Ta Fn X509_STORE_CTX_get_by_subject +.It Fn X509_STORE_get1_certs Ta for Ta Fn X509_STORE_CTX_get1_certs +.It Fn X509_STORE_get1_crls Ta for Ta Fn X509_STORE_CTX_get1_crls +.El .Sh RETURN VALUES .Fn X509_STORE_CTX_get_by_subject and @@ -167,20 +182,24 @@ returns the new object or .Dv NULL on failure, in particular if no match is found or memory allocation fails. .Pp +.Fn X509_STORE_CTX_get1_certs +and .Fn X509_STORE_get1_certs -returns a newly allocated and populated array of certificates or +return a newly allocated and populated array of certificates or .Dv NULL on failure. -It fails if no match is found, if -.Fn X509_STORE_get_by_subject +They fail if no match is found, if +.Fn X509_STORE_CTX_get_by_subject fails, or if memory allocation fails. .Pp +.Fn X509_STORE_CTX_get1_crls +and .Fn X509_STORE_get1_crls -returns a newly allocated and populated array of CRLs or +return a newly allocated and populated array of CRLs or .Dv NULL on failure. -It fails if -.Fn X509_STORE_get_by_subject +They fail if +.Fn X509_STORE_CTX_get_by_subject finds no new match, even if the associated .Vt X509_STORE already contains matching CRLs, or if memory allocation fails. @@ -222,3 +241,9 @@ and .Fn X509_STORE_CTX_get_obj_by_subject first appeared in OpenSSL 1.1.0 and have been available since .Ox 7.1 . +.Pp +.Fn X509_STORE_CTX_get1_certs +and +.Fn X509_STORE_CTX_get1_crls +first appeared in OpenSSL 1.1.0 and have been available since +.Ox 7.4 . diff --git a/lib/libcrypto/man/a2d_ASN1_OBJECT.3 b/lib/libcrypto/man/a2d_ASN1_OBJECT.3 index 274d93cbd..7d36a54be 100644 --- a/lib/libcrypto/man/a2d_ASN1_OBJECT.3 +++ b/lib/libcrypto/man/a2d_ASN1_OBJECT.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: a2d_ASN1_OBJECT.3,v 1.2 2022/01/01 02:06:07 jsg Exp $ +.\" $OpenBSD: a2d_ASN1_OBJECT.3,v 1.3 2023/08/09 17:34:39 schwarze Exp $ .\" .\" Copyright (c) 2021 Ingo Schwarze .\" @@ -14,13 +14,14 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: January 1 2022 $ +.Dd $Mdocdate: August 9 2023 $ .Dt A2D_ASN1_OBJECT 3 .Os .Sh NAME .Nm a2d_ASN1_OBJECT .Nd DER content octets of an ASN.1 object identifier .Sh SYNOPSIS +.In openssl/asn1.h .Ft int .Fo a2d_ASN1_OBJECT .Fa "unsigned char *der_out" @@ -55,7 +56,7 @@ If .Fa der_out is a .Dv NULL -pointer, writing the content objects is skipped +pointer, writing the content octets is skipped and only the return value is calculated. .Sh RETURN VALUES .Fn a2d_ASN1_OBJECT diff --git a/lib/libcrypto/man/d2i_ASN1_OBJECT.3 b/lib/libcrypto/man/d2i_ASN1_OBJECT.3 index a555490f6..cf750162e 100644 --- a/lib/libcrypto/man/d2i_ASN1_OBJECT.3 +++ b/lib/libcrypto/man/d2i_ASN1_OBJECT.3 @@ -1,6 +1,6 @@ -.\" $OpenBSD: d2i_ASN1_OBJECT.3,v 1.13 2022/09/12 14:33:47 tb Exp $ +.\" $OpenBSD: d2i_ASN1_OBJECT.3,v 1.14 2023/08/09 17:27:26 schwarze Exp $ .\" -.\" Copyright (c) 2017, 2022 Ingo Schwarze +.\" Copyright (c) 2017, 2022, 2023 Ingo Schwarze .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -14,12 +14,14 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: September 12 2022 $ +.Dd $Mdocdate: August 9 2023 $ .Dt D2I_ASN1_OBJECT 3 .Os .Sh NAME .Nm d2i_ASN1_OBJECT , -.Nm i2d_ASN1_OBJECT +.Nm i2d_ASN1_OBJECT , +.Nm OBJ_get0_data , +.Nm OBJ_length .Nd decode and encode ASN.1 object identifiers .Sh SYNOPSIS .In openssl/asn1.h @@ -34,6 +36,11 @@ .Fa "const ASN1_OBJECT *val_in" .Fa "unsigned char **der_out" .Fc +.In openssl/objects.h +.Ft const unsigned char * +.Fn OBJ_get0_data "const ASN1_OBJECT *val_in" +.Ft size_t +.Fn OBJ_length "const ASN1_OBJECT *val_in" .Sh DESCRIPTION These functions decode and encode ASN.1 object identifiers. For details about the semantics, examples, caveats, and bugs, see @@ -60,6 +67,16 @@ and the data contained in them are always marked as dynamically allocated, so when they are no longer needed, .Xr ASN1_OBJECT_free 3 can be called on them. +.Pp +.Fn i2d_ASN1_OBJECT +encodes the object identifier pointed to by +.Fa val_in +into DER format. +.Fn OBJ_get0_data +and +.Fn OBJ_length +only deal with the content octets of that DER encoding, +without taking the identifier and length octets into account. .Sh RETURN VALUES .Fn d2i_ASN1_OBJECT returns a pointer to the new @@ -71,12 +88,38 @@ With other implementations, it might return a pointer to the reused .Vt ASN1_OBJECT . .Pp .Fn i2d_ASN1_OBJECT -returns the number of bytes successfully encoded +returns the number of octets successfully encoded or a value <= 0 if an error occurs. +.Pp +.Fn OBJ_get0_data +returns an internal pointer to the first content octet of the DER +encoding of +.Fa val_in . +The other content octets follow the returned pointer contiguously. +.Fn OBJ_length +returns the number of content octets contained in the DER encoding of +.Fa val_in . +This number is always smaller than the total length of the encoding +returned by +.Xr ASN1_object_size 3 . +.Pp +If +.Fa val_in +is a +.Dv NULL +pointer or points to an empty object, for example one freshly created with +.Xr ASN1_OBJECT_new 3 , +.Fn OBJ_get0_data +returns +.Dv NULL +and +.Fn OBJ_length +returns zero. .Sh SEE ALSO .Xr a2d_ASN1_OBJECT 3 , .Xr ASN1_item_d2i 3 , .Xr ASN1_OBJECT_new 3 , +.Xr ASN1_put_object 3 , .Xr OBJ_nid2obj 3 .Sh STANDARDS ITU-T Recommendation X.690, also known as ISO/IEC 8825-1: @@ -90,6 +133,12 @@ and .Fn i2d_ASN1_OBJECT first appeared in SSLeay 0.5.1 and have been available since .Ox 2.4 . +.Pp +.Fn OBJ_get0_data +and +.Fn OBJ_length +first appeared in OpenSSL 1.1.0 and have been available since +.Ox 7.1 . .Sh CAVEATS .Fn d2i_ASN1_OBJECT never sets the long and short names of the object, not even if the @@ -102,3 +151,14 @@ on the returned object, and then and .Xr OBJ_nid2ln 3 on the result. +.Pp +Calling +.Fn OBJ_get0_data +and then accessing memory in front of the returned pointer +results in undefined behaviour. +In particular, it is not possible to find the identifier or +length octets in that way; use +.Xr ASN1_put_object 3 +or +.Fn i2d_ASN1_OBJECT +instead. diff --git a/lib/libcrypto/md32_common.h b/lib/libcrypto/md32_common.h index ccd6db53f..f61c49f03 100644 --- a/lib/libcrypto/md32_common.h +++ b/lib/libcrypto/md32_common.h @@ -1,4 +1,4 @@ -/* $OpenBSD: md32_common.h,v 1.25 2023/05/27 18:33:34 jsing Exp $ */ +/* $OpenBSD: md32_common.h,v 1.26 2023/08/10 07:15:23 jsing Exp $ */ /* ==================================================================== * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. * @@ -307,35 +307,3 @@ int HASH_FINAL (unsigned char *md, HASH_CTX *c) return 1; } #endif - -#ifndef MD32_REG_T -#if defined(__alpha) || defined(__sparcv9) || defined(__mips) -#define MD32_REG_T long -/* - * This comment was originally written for MD5, which is why it - * discusses A-D. But it basically applies to all 32-bit digests, - * which is why it was moved to common header file. - * - * In case you wonder why A-D are declared as long and not - * as MD5_LONG. Doing so results in slight performance - * boost on LP64 architectures. The catch is we don't - * really care if 32 MSBs of a 64-bit register get polluted - * with eventual overflows as we *save* only 32 LSBs in - * *either* case. Now declaring 'em long excuses the compiler - * from keeping 32 MSBs zeroed resulting in 13% performance - * improvement under SPARC Solaris7/64 and 5% under AlphaLinux. - * Well, to be honest it should say that this *prevents* - * performance degradation. - * - */ -#else -/* - * Above is not absolute and there are LP64 compilers that - * generate better code if MD32_REG_T is defined int. The above - * pre-processor condition reflects the circumstances under which - * the conclusion was made and is subject to further extension. - * - */ -#define MD32_REG_T int -#endif -#endif diff --git a/lib/libcrypto/md4/md4.c b/lib/libcrypto/md4/md4.c index a60196e5b..12e3ac71d 100644 --- a/lib/libcrypto/md4/md4.c +++ b/lib/libcrypto/md4/md4.c @@ -1,4 +1,4 @@ -/* $OpenBSD: md4.c,v 1.5 2023/07/28 11:04:41 jsing Exp $ */ +/* $OpenBSD: md4.c,v 1.7 2023/08/10 13:41:56 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -57,11 +57,9 @@ */ #include -#include -#include - #include #include + #include #include @@ -146,8 +144,8 @@ void md4_block_data_order(MD4_CTX *c, const void *data_, size_t num) { const unsigned char *data = data_; - unsigned MD32_REG_T A, B, C, D, l; - unsigned MD32_REG_T X0, X1, X2, X3, X4, X5, X6, X7, + unsigned int A, B, C, D, l; + unsigned int X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X12, X13, X14, X15; A = c->A; diff --git a/lib/libcrypto/md5/md5.c b/lib/libcrypto/md5/md5.c index 06516781a..f5d062b8c 100644 --- a/lib/libcrypto/md5/md5.c +++ b/lib/libcrypto/md5/md5.c @@ -1,4 +1,4 @@ -/* $OpenBSD: md5.c,v 1.6 2023/07/28 11:06:28 jsing Exp $ */ +/* $OpenBSD: md5.c,v 1.13 2023/08/10 14:04:54 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -57,9 +57,6 @@ */ #include -#include -#include - #include #include @@ -90,19 +87,13 @@ __END_HIDDEN_DECLS #define HASH_UPDATE MD5_Update #define HASH_TRANSFORM MD5_Transform #define HASH_FINAL MD5_Final -#define HASH_MAKE_STRING(c,s) do { \ - unsigned long ll; \ - ll=(c)->A; HOST_l2c(ll,(s)); \ - ll=(c)->B; HOST_l2c(ll,(s)); \ - ll=(c)->C; HOST_l2c(ll,(s)); \ - ll=(c)->D; HOST_l2c(ll,(s)); \ - } while (0) #define HASH_BLOCK_DATA_ORDER md5_block_data_order +#define HASH_NO_UPDATE +#define HASH_NO_TRANSFORM +#define HASH_NO_FINAL + #include "md32_common.h" -LCRYPTO_ALIAS(MD5_Update); -LCRYPTO_ALIAS(MD5_Transform); -LCRYPTO_ALIAS(MD5_Final); /* #define F(x,y,z) (((x) & (y)) | ((~(x)) & (z))) @@ -141,33 +132,13 @@ LCRYPTO_ALIAS(MD5_Final); /* Implemented from RFC1321 The MD5 Message-Digest Algorithm */ -#define INIT_DATA_A (unsigned long)0x67452301L -#define INIT_DATA_B (unsigned long)0xefcdab89L -#define INIT_DATA_C (unsigned long)0x98badcfeL -#define INIT_DATA_D (unsigned long)0x10325476L - -int -MD5_Init(MD5_CTX *c) -{ - memset (c, 0, sizeof(*c)); - c->A = INIT_DATA_A; - c->B = INIT_DATA_B; - c->C = INIT_DATA_C; - c->D = INIT_DATA_D; - return 1; -} -LCRYPTO_ALIAS(MD5_Init); - #ifndef md5_block_data_order -#ifdef X -#undef X -#endif void md5_block_data_order(MD5_CTX *c, const void *data_, size_t num) { const unsigned char *data = data_; - unsigned MD32_REG_T A, B, C, D, l; - unsigned MD32_REG_T X0, X1, X2, X3, X4, X5, X6, X7, + unsigned int A, B, C, D, l; + unsigned int X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X12, X13, X14, X15; A = c->A; @@ -285,6 +256,128 @@ md5_block_data_order(MD5_CTX *c, const void *data_, size_t num) } #endif +#define INIT_DATA_A (unsigned long)0x67452301L +#define INIT_DATA_B (unsigned long)0xefcdab89L +#define INIT_DATA_C (unsigned long)0x98badcfeL +#define INIT_DATA_D (unsigned long)0x10325476L + +int +MD5_Init(MD5_CTX *c) +{ + memset (c, 0, sizeof(*c)); + c->A = INIT_DATA_A; + c->B = INIT_DATA_B; + c->C = INIT_DATA_C; + c->D = INIT_DATA_D; + return 1; +} +LCRYPTO_ALIAS(MD5_Init); + +int +MD5_Update(MD5_CTX *c, const void *data_, size_t len) +{ + const unsigned char *data = data_; + unsigned char *p; + MD5_LONG l; + size_t n; + + if (len == 0) + return 1; + + l = (c->Nl + (((MD5_LONG)len) << 3))&0xffffffffUL; + /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to + * Wei Dai for pointing it out. */ + if (l < c->Nl) /* overflow */ + c->Nh++; + c->Nh+=(MD5_LONG)(len>>29); /* might cause compiler warning on 16-bit */ + c->Nl = l; + + n = c->num; + if (n != 0) { + p = (unsigned char *)c->data; + + if (len >= MD5_CBLOCK || len + n >= MD5_CBLOCK) { + memcpy(p + n, data, MD5_CBLOCK - n); + md5_block_data_order(c, p, 1); + n = MD5_CBLOCK - n; + data += n; + len -= n; + c->num = 0; + memset(p, 0, MD5_CBLOCK); /* keep it zeroed */ + } else { + memcpy(p + n, data, len); + c->num += (unsigned int)len; + return 1; + } + } + + n = len/MD5_CBLOCK; + if (n > 0) { + md5_block_data_order (c, data, n); + n *= MD5_CBLOCK; + data += n; + len -= n; + } + + if (len != 0) { + p = (unsigned char *)c->data; + c->num = (unsigned int)len; + memcpy (p, data, len); + } + return 1; +} +LCRYPTO_ALIAS(MD5_Update); + +void +MD5_Transform(MD5_CTX *c, const unsigned char *data) +{ + md5_block_data_order(c, data, 1); +} +LCRYPTO_ALIAS(MD5_Transform); + +int +MD5_Final(unsigned char *md, MD5_CTX *c) +{ + unsigned char *p = (unsigned char *)c->data; + unsigned long ll; + size_t n = c->num; + + p[n] = 0x80; /* there is always room for one */ + n++; + + if (n > (MD5_CBLOCK - 8)) { + memset(p + n, 0, MD5_CBLOCK - n); + n = 0; + md5_block_data_order(c, p, 1); + } + memset(p + n, 0, MD5_CBLOCK - 8 - n); + + p += MD5_CBLOCK - 8; +#if defined(DATA_ORDER_IS_BIG_ENDIAN) + HOST_l2c(c->Nh, p); + HOST_l2c(c->Nl, p); +#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) + HOST_l2c(c->Nl, p); + HOST_l2c(c->Nh, p); +#endif + p -= MD5_CBLOCK; + md5_block_data_order(c, p, 1); + c->num = 0; + memset(p, 0, MD5_CBLOCK); + + ll = c->A; + HOST_l2c(ll, md); + ll = c->B; + HOST_l2c(ll, md); + ll = c->C; + HOST_l2c(ll, md); + ll = c->D; + HOST_l2c(ll, md); + + return 1; +} +LCRYPTO_ALIAS(MD5_Final); + unsigned char * MD5(const unsigned char *d, size_t n, unsigned char *md) { diff --git a/lib/libcrypto/modes/gcm128.c b/lib/libcrypto/modes/gcm128.c index c4fc5cb94..cbda8ad09 100644 --- a/lib/libcrypto/modes/gcm128.c +++ b/lib/libcrypto/modes/gcm128.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gcm128.c,v 1.25 2023/07/08 14:56:54 beck Exp $ */ +/* $OpenBSD: gcm128.c,v 1.26 2023/08/10 07:18:43 jsing Exp $ */ /* ==================================================================== * Copyright (c) 2010 The OpenSSL Project. All rights reserved. * @@ -64,8 +64,6 @@ /* redefine, because alignment is ensured */ #undef GETU32 #define GETU32(p) BSWAP4(*(const u32 *)(p)) -#undef PUTU32 -#define PUTU32(p,v) *(u32 *)(p) = BSWAP4(v) #endif #define PACK(s) ((size_t)(s)<<(sizeof(size_t)*8-16)) @@ -234,26 +232,8 @@ gcm_gmult_8bit(u64 Xi[2], const u128 Htable[256]) #endif } -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP8 - Xi[0] = BSWAP8(Z.hi); - Xi[1] = BSWAP8(Z.lo); -#else - u8 *p = (u8 *)Xi; - u32 v; - v = (u32)(Z.hi >> 32); - PUTU32(p, v); - v = (u32)(Z.hi); - PUTU32(p + 4, v); - v = (u32)(Z.lo >> 32); - PUTU32(p + 8, v); - v = (u32)(Z.lo); - PUTU32(p + 12, v); -#endif -#else /* BIG_ENDIAN */ - Xi[0] = Z.hi; - Xi[1] = Z.lo; -#endif + Xi[0] = htobe64(Z.hi); + Xi[1] = htobe64(Z.lo); } #define GCM_MUL(ctx,Xi) gcm_gmult_8bit(ctx->Xi.u,ctx->Htable) @@ -389,26 +369,8 @@ gcm_gmult_4bit(u64 Xi[2], const u128 Htable[16]) Z.lo ^= Htable[nlo].lo; } -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP8 - Xi[0] = BSWAP8(Z.hi); - Xi[1] = BSWAP8(Z.lo); -#else - u8 *p = (u8 *)Xi; - u32 v; - v = (u32)(Z.hi >> 32); - PUTU32(p, v); - v = (u32)(Z.hi); - PUTU32(p + 4, v); - v = (u32)(Z.lo >> 32); - PUTU32(p + 8, v); - v = (u32)(Z.lo); - PUTU32(p + 12, v); -#endif -#else /* BIG_ENDIAN */ - Xi[0] = Z.hi; - Xi[1] = Z.lo; -#endif + Xi[0] = htobe64(Z.hi); + Xi[1] = htobe64(Z.lo); } #if !defined(OPENSSL_SMALL_FOOTPRINT) @@ -563,26 +525,8 @@ gcm_ghash_4bit(u64 Xi[2], const u128 Htable[16], Z.hi ^= ((u64)rem_8bit[rem << 4]) << 48; #endif -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP8 - Xi[0] = BSWAP8(Z.hi); - Xi[1] = BSWAP8(Z.lo); -#else - u8 *p = (u8 *)Xi; - u32 v; - v = (u32)(Z.hi >> 32); - PUTU32(p, v); - v = (u32)(Z.hi); - PUTU32(p + 4, v); - v = (u32)(Z.lo >> 32); - PUTU32(p + 8, v); - v = (u32)(Z.lo); - PUTU32(p + 12, v); -#endif -#else /* BIG_ENDIAN */ - Xi[0] = Z.hi; - Xi[1] = Z.lo; -#endif + Xi[0] = htobe64(Z.hi); + Xi[1] = htobe64(Z.lo); } while (inp += 16, len -= 16); } #endif @@ -640,26 +584,8 @@ gcm_gmult_1bit(u64 Xi[2], const u64 H[2]) } } -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP8 - Xi[0] = BSWAP8(Z.hi); - Xi[1] = BSWAP8(Z.lo); -#else - u8 *p = (u8 *)Xi; - u32 v; - v = (u32)(Z.hi >> 32); - PUTU32(p, v); - v = (u32)(Z.hi); - PUTU32(p + 4, v); - v = (u32)(Z.lo >> 32); - PUTU32(p + 8, v); - v = (u32)(Z.lo); - PUTU32(p + 12, v); -#endif -#else /* BIG_ENDIAN */ - Xi[0] = Z.hi; - Xi[1] = Z.lo; -#endif + Xi[0] = htobe64(Z.hi); + Xi[1] = htobe64(Z.lo); } #define GCM_MUL(ctx,Xi) gcm_gmult_1bit(ctx->Xi.u,ctx->H.u) @@ -724,20 +650,9 @@ CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block) (*block)(ctx->H.c, ctx->H.c, key); -#if BYTE_ORDER == LITTLE_ENDIAN /* H is stored in host byte order */ -#ifdef BSWAP8 - ctx->H.u[0] = BSWAP8(ctx->H.u[0]); - ctx->H.u[1] = BSWAP8(ctx->H.u[1]); -#else - u8 *p = ctx->H.c; - u64 hi, lo; - hi = (u64)GETU32(p) << 32|GETU32(p + 4); - lo = (u64)GETU32(p + 8) << 32|GETU32(p + 12); - ctx->H.u[0] = hi; - ctx->H.u[1] = lo; -#endif -#endif + ctx->H.u[0] = be64toh(ctx->H.u[0]); + ctx->H.u[1] = be64toh(ctx->H.u[1]); #if TABLE_BITS==8 gcm_init_8bit(ctx->Htable, ctx->H.u); @@ -824,47 +739,16 @@ CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const unsigned char *iv, size_t len) GCM_MUL(ctx, Yi); } len0 <<= 3; -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP8 - ctx->Yi.u[1] ^= BSWAP8(len0); -#else - ctx->Yi.c[8] ^= (u8)(len0 >> 56); - ctx->Yi.c[9] ^= (u8)(len0 >> 48); - ctx->Yi.c[10] ^= (u8)(len0 >> 40); - ctx->Yi.c[11] ^= (u8)(len0 >> 32); - ctx->Yi.c[12] ^= (u8)(len0 >> 24); - ctx->Yi.c[13] ^= (u8)(len0 >> 16); - ctx->Yi.c[14] ^= (u8)(len0 >> 8); - ctx->Yi.c[15] ^= (u8)(len0); -#endif -#else /* BIG_ENDIAN */ - ctx->Yi.u[1] ^= len0; -#endif + ctx->Yi.u[1] ^= htobe64(len0); GCM_MUL(ctx, Yi); -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP4 - ctr = BSWAP4(ctx->Yi.d[3]); -#else - ctr = GETU32(ctx->Yi.c + 12); -#endif -#else /* BIG_ENDIAN */ - ctr = ctx->Yi.d[3]; -#endif + ctr = be32toh(ctx->Yi.d[3]); } (*ctx->block)(ctx->Yi.c, ctx->EK0.c, ctx->key); ++ctr; -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP4 - ctx->Yi.d[3] = BSWAP4(ctr); -#else - PUTU32(ctx->Yi.c + 12, ctr); -#endif -#else /* BIG_ENDIAN */ - ctx->Yi.d[3] = ctr; -#endif + ctx->Yi.d[3] = htobe32(ctr); } LCRYPTO_ALIAS(CRYPTO_gcm128_setiv); @@ -960,15 +844,7 @@ CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, ctx->ares = 0; } -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP4 - ctr = BSWAP4(ctx->Yi.d[3]); -#else - ctr = GETU32(ctx->Yi.c + 12); -#endif -#else /* BIG_ENDIAN */ - ctr = ctx->Yi.d[3]; -#endif + ctr = be32toh(ctx->Yi.d[3]); n = ctx->mres; #if !defined(OPENSSL_SMALL_FOOTPRINT) @@ -1002,15 +878,8 @@ CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, (*block)(ctx->Yi.c, ctx->EKi.c, key); ++ctr; -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP4 - ctx->Yi.d[3] = BSWAP4(ctr); -#else - PUTU32(ctx->Yi.c + 12, ctr); -#endif -#else /* BIG_ENDIAN */ - ctx->Yi.d[3] = ctr; -#endif + ctx->Yi.d[3] = htobe32(ctr); + for (i = 0; i < 16/sizeof(size_t); ++i) out_t[i] = in_t[i] ^ ctx->EKi.t[i]; @@ -1030,15 +899,8 @@ CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, (*block)(ctx->Yi.c, ctx->EKi.c, key); ++ctr; -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP4 - ctx->Yi.d[3] = BSWAP4(ctr); -#else - PUTU32(ctx->Yi.c + 12, ctr); -#endif -#else /* BIG_ENDIAN */ - ctx->Yi.d[3] = ctr; -#endif + ctx->Yi.d[3] = htobe32(ctr); + for (i = 0; i < 16/sizeof(size_t); ++i) out_t[i] = in_t[i] ^ ctx->EKi.t[i]; @@ -1055,15 +917,8 @@ CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, (*block)(ctx->Yi.c, ctx->EKi.c, key); ++ctr; -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP4 - ctx->Yi.d[3] = BSWAP4(ctr); -#else - PUTU32(ctx->Yi.c + 12, ctr); -#endif -#else /* BIG_ENDIAN */ - ctx->Yi.d[3] = ctr; -#endif + ctx->Yi.d[3] = htobe32(ctr); + for (i = 0; i < 16/sizeof(size_t); ++i) ctx->Xi.t[i] ^= out_t[i] = in_t[i] ^ ctx->EKi.t[i]; @@ -1076,15 +931,8 @@ CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, if (len) { (*block)(ctx->Yi.c, ctx->EKi.c, key); ++ctr; -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP4 - ctx->Yi.d[3] = BSWAP4(ctr); -#else - PUTU32(ctx->Yi.c + 12, ctr); -#endif -#else /* BIG_ENDIAN */ - ctx->Yi.d[3] = ctr; -#endif + ctx->Yi.d[3] = htobe32(ctr); + while (len--) { ctx->Xi.c[n] ^= out[n] = in[n] ^ ctx->EKi.c[n]; @@ -1100,15 +948,7 @@ CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx, if (n == 0) { (*block)(ctx->Yi.c, ctx->EKi.c, key); ++ctr; -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP4 - ctx->Yi.d[3] = BSWAP4(ctr); -#else - PUTU32(ctx->Yi.c + 12, ctr); -#endif -#else /* BIG_ENDIAN */ - ctx->Yi.d[3] = ctr; -#endif + ctx->Yi.d[3] = htobe32(ctr); } ctx->Xi.c[n] ^= out[i] = in[i] ^ ctx->EKi.c[n]; n = (n + 1) % 16; @@ -1150,15 +990,7 @@ CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, ctx->ares = 0; } -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP4 - ctr = BSWAP4(ctx->Yi.d[3]); -#else - ctr = GETU32(ctx->Yi.c + 12); -#endif -#else /* BIG_ENDIAN */ - ctr = ctx->Yi.d[3]; -#endif + ctr = be32toh(ctx->Yi.d[3]); n = ctx->mres; #if !defined(OPENSSL_SMALL_FOOTPRINT) @@ -1194,15 +1026,8 @@ CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, (*block)(ctx->Yi.c, ctx->EKi.c, key); ++ctr; -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP4 - ctx->Yi.d[3] = BSWAP4(ctr); -#else - PUTU32(ctx->Yi.c + 12, ctr); -#endif -#else /* BIG_ENDIAN */ - ctx->Yi.d[3] = ctr; -#endif + ctx->Yi.d[3] = htobe32(ctr); + for (i = 0; i < 16/sizeof(size_t); ++i) out_t[i] = in_t[i] ^ ctx->EKi.t[i]; @@ -1220,15 +1045,8 @@ CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, (*block)(ctx->Yi.c, ctx->EKi.c, key); ++ctr; -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP4 - ctx->Yi.d[3] = BSWAP4(ctr); -#else - PUTU32(ctx->Yi.c + 12, ctr); -#endif -#else /* BIG_ENDIAN */ - ctx->Yi.d[3] = ctr; -#endif + ctx->Yi.d[3] = htobe32(ctr); + for (i = 0; i < 16/sizeof(size_t); ++i) out_t[i] = in_t[i] ^ ctx->EKi.t[i]; @@ -1244,15 +1062,8 @@ CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, (*block)(ctx->Yi.c, ctx->EKi.c, key); ++ctr; -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP4 - ctx->Yi.d[3] = BSWAP4(ctr); -#else - PUTU32(ctx->Yi.c + 12, ctr); -#endif -#else /* BIG_ENDIAN */ - ctx->Yi.d[3] = ctr; -#endif + ctx->Yi.d[3] = htobe32(ctr); + for (i = 0; i < 16/sizeof(size_t); ++i) { size_t c = in[i]; out[i] = c ^ ctx->EKi.t[i]; @@ -1267,15 +1078,8 @@ CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, if (len) { (*block)(ctx->Yi.c, ctx->EKi.c, key); ++ctr; -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP4 - ctx->Yi.d[3] = BSWAP4(ctr); -#else - PUTU32(ctx->Yi.c + 12, ctr); -#endif -#else /* BIG_ENDIAN */ - ctx->Yi.d[3] = ctr; -#endif + ctx->Yi.d[3] = htobe32(ctr); + while (len--) { u8 c = in[n]; ctx->Xi.c[n] ^= c; @@ -1293,15 +1097,7 @@ CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx, if (n == 0) { (*block)(ctx->Yi.c, ctx->EKi.c, key); ++ctr; -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP4 - ctx->Yi.d[3] = BSWAP4(ctr); -#else - PUTU32(ctx->Yi.c + 12, ctr); -#endif -#else /* BIG_ENDIAN */ - ctx->Yi.d[3] = ctr; -#endif + ctx->Yi.d[3] = htobe32(ctr); } c = in[i]; out[i] = c ^ ctx->EKi.c[n]; @@ -1344,15 +1140,7 @@ CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, ctx->ares = 0; } -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP4 - ctr = BSWAP4(ctx->Yi.d[3]); -#else - ctr = GETU32(ctx->Yi.c + 12); -#endif -#else /* BIG_ENDIAN */ - ctr = ctx->Yi.d[3]; -#endif + ctr = be32toh(ctx->Yi.d[3]); n = ctx->mres; if (n) { @@ -1372,15 +1160,7 @@ CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, while (len >= GHASH_CHUNK) { (*stream)(in, out, GHASH_CHUNK/16, key, ctx->Yi.c); ctr += GHASH_CHUNK/16; -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP4 - ctx->Yi.d[3] = BSWAP4(ctr); -#else - PUTU32(ctx->Yi.c + 12, ctr); -#endif -#else /* BIG_ENDIAN */ - ctx->Yi.d[3] = ctr; -#endif + ctx->Yi.d[3] = htobe32(ctr); GHASH(ctx, out, GHASH_CHUNK); out += GHASH_CHUNK; in += GHASH_CHUNK; @@ -1392,15 +1172,7 @@ CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, (*stream)(in, out, j, key, ctx->Yi.c); ctr += (unsigned int)j; -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP4 - ctx->Yi.d[3] = BSWAP4(ctr); -#else - PUTU32(ctx->Yi.c + 12, ctr); -#endif -#else /* BIG_ENDIAN */ - ctx->Yi.d[3] = ctr; -#endif + ctx->Yi.d[3] = htobe32(ctr); in += i; len -= i; #if defined(GHASH) @@ -1418,15 +1190,7 @@ CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx, if (len) { (*ctx->block)(ctx->Yi.c, ctx->EKi.c, key); ++ctr; -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP4 - ctx->Yi.d[3] = BSWAP4(ctr); -#else - PUTU32(ctx->Yi.c + 12, ctr); -#endif -#else /* BIG_ENDIAN */ - ctx->Yi.d[3] = ctr; -#endif + ctx->Yi.d[3] = htobe32(ctr); while (len--) { ctx->Xi.c[n] ^= out[n] = in[n] ^ ctx->EKi.c[n]; ++n; @@ -1466,15 +1230,7 @@ CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, ctx->ares = 0; } -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP4 - ctr = BSWAP4(ctx->Yi.d[3]); -#else - ctr = GETU32(ctx->Yi.c + 12); -#endif -#else /* BIG_ENDIAN */ - ctr = ctx->Yi.d[3]; -#endif + ctr = be32toh(ctx->Yi.d[3]); n = ctx->mres; if (n) { @@ -1497,15 +1253,7 @@ CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, GHASH(ctx, in, GHASH_CHUNK); (*stream)(in, out, GHASH_CHUNK/16, key, ctx->Yi.c); ctr += GHASH_CHUNK/16; -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP4 - ctx->Yi.d[3] = BSWAP4(ctr); -#else - PUTU32(ctx->Yi.c + 12, ctr); -#endif -#else /* BIG_ENDIAN */ - ctx->Yi.d[3] = ctr; -#endif + ctx->Yi.d[3] = htobe32(ctr); out += GHASH_CHUNK; in += GHASH_CHUNK; len -= GHASH_CHUNK; @@ -1529,15 +1277,7 @@ CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, #endif (*stream)(in, out, j, key, ctx->Yi.c); ctr += (unsigned int)j; -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP4 - ctx->Yi.d[3] = BSWAP4(ctr); -#else - PUTU32(ctx->Yi.c + 12, ctr); -#endif -#else /* BIG_ENDIAN */ - ctx->Yi.d[3] = ctr; -#endif + ctx->Yi.d[3] = htobe32(ctr); out += i; in += i; len -= i; @@ -1545,15 +1285,7 @@ CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, if (len) { (*ctx->block)(ctx->Yi.c, ctx->EKi.c, key); ++ctr; -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP4 - ctx->Yi.d[3] = BSWAP4(ctr); -#else - PUTU32(ctx->Yi.c + 12, ctr); -#endif -#else /* BIG_ENDIAN */ - ctx->Yi.d[3] = ctr; -#endif + ctx->Yi.d[3] = htobe32(ctr); while (len--) { u8 c = in[n]; ctx->Xi.c[n] ^= c; @@ -1580,25 +1312,8 @@ CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const unsigned char *tag, if (ctx->mres || ctx->ares) GCM_MUL(ctx, Xi); -#if BYTE_ORDER == LITTLE_ENDIAN -#ifdef BSWAP8 - alen = BSWAP8(alen); - clen = BSWAP8(clen); -#else - { - u8 *p = ctx->len.c; - - ctx->len.u[0] = alen; - ctx->len.u[1] = clen; - - alen = (u64)GETU32(p) << 32|GETU32(p + 4); - clen = (u64)GETU32(p + 8) << 32|GETU32(p + 12); - } -#endif -#endif - - ctx->Xi.u[0] ^= alen; - ctx->Xi.u[1] ^= clen; + ctx->Xi.u[0] ^= htobe64(alen); + ctx->Xi.u[1] ^= htobe64(clen); GCM_MUL(ctx, Xi); ctx->Xi.u[0] ^= ctx->EK0.u[0]; diff --git a/lib/libcrypto/ossl_typ.h b/lib/libcrypto/ossl_typ.h index 5da4243f8..237a8d967 100644 --- a/lib/libcrypto/ossl_typ.h +++ b/lib/libcrypto/ossl_typ.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ossl_typ.h,v 1.28 2023/07/28 10:21:01 tb Exp $ */ +/* $OpenBSD: ossl_typ.h,v 1.30 2023/08/11 05:10:35 tb Exp $ */ /* ==================================================================== * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. * @@ -99,8 +99,8 @@ typedef struct comp_method_st COMP_METHOD; typedef struct evp_cipher_st EVP_CIPHER; typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX; -typedef struct env_md_st EVP_MD; -typedef struct env_md_ctx_st EVP_MD_CTX; +typedef struct evp_md_st EVP_MD; +typedef struct evp_md_ctx_st EVP_MD_CTX; typedef struct evp_pkey_st EVP_PKEY; typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD; @@ -118,6 +118,9 @@ typedef struct dh_method DH_METHOD; typedef struct dsa_st DSA; typedef struct dsa_method DSA_METHOD; +typedef struct ec_key_st EC_KEY; +typedef struct ec_key_method_st EC_KEY_METHOD; + typedef struct rsa_st RSA; typedef struct rsa_meth_st RSA_METHOD; typedef struct rsa_pss_params_st RSA_PSS_PARAMS; diff --git a/lib/libcrypto/ripemd/ripemd.c b/lib/libcrypto/ripemd/ripemd.c index 4edf3de4d..344d9f668 100644 --- a/lib/libcrypto/ripemd/ripemd.c +++ b/lib/libcrypto/ripemd/ripemd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ripemd.c,v 1.1 2023/07/28 11:08:01 jsing Exp $ */ +/* $OpenBSD: ripemd.c,v 1.7 2023/08/10 12:27:35 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -125,30 +125,40 @@ __END_HIDDEN_DECLS #define RIPEMD160_D 0x10325476L #define RIPEMD160_E 0xC3D2E1F0L -#include "rmdconst.h" +#define KL0 0x00000000L +#define KL1 0x5A827999L +#define KL2 0x6ED9EBA1L +#define KL3 0x8F1BBCDCL +#define KL4 0xA953FD4EL + +#define KR0 0x50A28BE6L +#define KR1 0x5C4DD124L +#define KR2 0x6D703EF3L +#define KR3 0x7A6D76E9L +#define KR4 0x00000000L #define RIP1(a,b,c,d,e,w,s) { \ - a+=F1(b,c,d)+X(w); \ + a+=F1(b,c,d)+w; \ a=ROTATE(a,s)+e; \ c=ROTATE(c,10); } #define RIP2(a,b,c,d,e,w,s,K) { \ - a+=F2(b,c,d)+X(w)+K; \ + a+=F2(b,c,d)+w+K; \ a=ROTATE(a,s)+e; \ c=ROTATE(c,10); } #define RIP3(a,b,c,d,e,w,s,K) { \ - a+=F3(b,c,d)+X(w)+K; \ + a+=F3(b,c,d)+w+K; \ a=ROTATE(a,s)+e; \ c=ROTATE(c,10); } #define RIP4(a,b,c,d,e,w,s,K) { \ - a+=F4(b,c,d)+X(w)+K; \ + a+=F4(b,c,d)+w+K; \ a=ROTATE(a,s)+e; \ c=ROTATE(c,10); } #define RIP5(a,b,c,d,e,w,s,K) { \ - a+=F5(b,c,d)+X(w)+K; \ + a+=F5(b,c,d)+w+K; \ a=ROTATE(a,s)+e; \ c=ROTATE(c,10); } @@ -172,24 +182,14 @@ RIPEMD160_Init(RIPEMD160_CTX *c) } #ifndef ripemd160_block_data_order -#ifdef X -#undef X -#endif void ripemd160_block_data_order(RIPEMD160_CTX *ctx, const void *p, size_t num) { const unsigned char *data = p; - unsigned MD32_REG_T A, B,C, D, E; - unsigned MD32_REG_T a, b,c, d,e, l; -#ifndef MD32_XARRAY - /* See comment in crypto/sha/sha_locl.h for details. */ - unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, - XX8, XX9, XX10, XX11, XX12, XX13, XX14, XX15; -# define X(i) XX##i -#else - RIPEMD160_LONG XX[16]; -# define X(i) XX[i] -#endif + unsigned int A, B, C, D, E; + unsigned int a, b, c, d, e, l; + unsigned int X0, X1, X2, X3, X4, X5, X6, X7, + X8, X9, X10, X11, X12, X13, X14, X15; for (; num--; ) { @@ -200,120 +200,121 @@ ripemd160_block_data_order(RIPEMD160_CTX *ctx, const void *p, size_t num) E = ctx->E; HOST_c2l(data, l); - X( 0) = l;HOST_c2l(data, l); - X( 1) = l; - RIP1(A, B,C, D,E, WL00, SL00); + X0 = l; HOST_c2l(data, l); - X( 2) = l; - RIP1(E, A,B, C,D, WL01, SL01); + X1 = l; + RIP1(A, B, C, D, E, X0, 11); HOST_c2l(data, l); - X( 3) = l; - RIP1(D, E,A, B,C, WL02, SL02); + X2 = l; + RIP1(E, A, B, C, D, X1, 14); HOST_c2l(data, l); - X( 4) = l; - RIP1(C, D,E, A,B, WL03, SL03); + X3 = l; + RIP1(D, E, A, B, C, X2, 15); HOST_c2l(data, l); - X( 5) = l; - RIP1(B, C,D, E,A, WL04, SL04); + X4 = l; + RIP1(C, D, E, A, B, X3, 12); HOST_c2l(data, l); - X( 6) = l; - RIP1(A, B,C, D,E, WL05, SL05); + X5 = l; + RIP1(B, C, D, E, A, X4, 5); HOST_c2l(data, l); - X( 7) = l; - RIP1(E, A,B, C,D, WL06, SL06); + X6 = l; + RIP1(A, B, C, D, E, X5, 8); HOST_c2l(data, l); - X( 8) = l; - RIP1(D, E,A, B,C, WL07, SL07); + X7 = l; + RIP1(E, A, B, C, D, X6, 7); HOST_c2l(data, l); - X( 9) = l; - RIP1(C, D,E, A,B, WL08, SL08); + X8 = l; + RIP1(D, E, A, B, C, X7, 9); HOST_c2l(data, l); - X(10) = l; - RIP1(B, C,D, E,A, WL09, SL09); + X9 = l; + RIP1(C, D, E, A, B, X8, 11); HOST_c2l(data, l); - X(11) = l; - RIP1(A, B,C, D,E, WL10, SL10); + X10 = l; + RIP1(B, C, D, E, A, X9, 13); HOST_c2l(data, l); - X(12) = l; - RIP1(E, A,B, C,D, WL11, SL11); + X11 = l; + RIP1(A, B, C, D, E, X10, 14); HOST_c2l(data, l); - X(13) = l; - RIP1(D, E,A, B,C, WL12, SL12); + X12 = l; + RIP1(E, A, B, C, D, X11, 15); HOST_c2l(data, l); - X(14) = l; - RIP1(C, D,E, A,B, WL13, SL13); + X13 = l; + RIP1(D, E, A, B, C, X12, 6); HOST_c2l(data, l); - X(15) = l; - RIP1(B, C,D, E,A, WL14, SL14); - RIP1(A, B,C, D,E, WL15, SL15); + X14 = l; + RIP1(C, D, E, A, B, X13, 7); + HOST_c2l(data, l); + X15 = l; + RIP1(B, C, D, E, A, X14, 9); + RIP1(A, B, C, D, E, X15, 8); - RIP2(E, A,B, C,D, WL16, SL16, KL1); - RIP2(D, E,A, B,C, WL17, SL17, KL1); - RIP2(C, D,E, A,B, WL18, SL18, KL1); - RIP2(B, C,D, E,A, WL19, SL19, KL1); - RIP2(A, B,C, D,E, WL20, SL20, KL1); - RIP2(E, A,B, C,D, WL21, SL21, KL1); - RIP2(D, E,A, B,C, WL22, SL22, KL1); - RIP2(C, D,E, A,B, WL23, SL23, KL1); - RIP2(B, C,D, E,A, WL24, SL24, KL1); - RIP2(A, B,C, D,E, WL25, SL25, KL1); - RIP2(E, A,B, C,D, WL26, SL26, KL1); - RIP2(D, E,A, B,C, WL27, SL27, KL1); - RIP2(C, D,E, A,B, WL28, SL28, KL1); - RIP2(B, C,D, E,A, WL29, SL29, KL1); - RIP2(A, B,C, D,E, WL30, SL30, KL1); - RIP2(E, A,B, C,D, WL31, SL31, KL1); + RIP2(E, A, B, C, D, X7, 7, KL1); + RIP2(D, E, A, B, C, X4, 6, KL1); + RIP2(C, D, E, A, B, X13, 8, KL1); + RIP2(B, C, D, E, A, X1, 13, KL1); + RIP2(A, B, C, D, E, X10, 11, KL1); + RIP2(E, A, B, C, D, X6, 9, KL1); + RIP2(D, E, A, B, C, X15, 7, KL1); + RIP2(C, D, E, A, B, X3, 15, KL1); + RIP2(B, C, D, E, A, X12, 7, KL1); + RIP2(A, B, C, D, E, X0, 12, KL1); + RIP2(E, A, B, C, D, X9, 15, KL1); + RIP2(D, E, A, B, C, X5, 9, KL1); + RIP2(C, D, E, A, B, X2, 11, KL1); + RIP2(B, C, D, E, A, X14, 7, KL1); + RIP2(A, B, C, D, E, X11, 13, KL1); + RIP2(E, A, B, C, D, X8, 12, KL1); - RIP3(D, E,A, B,C, WL32, SL32, KL2); - RIP3(C, D,E, A,B, WL33, SL33, KL2); - RIP3(B, C,D, E,A, WL34, SL34, KL2); - RIP3(A, B,C, D,E, WL35, SL35, KL2); - RIP3(E, A,B, C,D, WL36, SL36, KL2); - RIP3(D, E,A, B,C, WL37, SL37, KL2); - RIP3(C, D,E, A,B, WL38, SL38, KL2); - RIP3(B, C,D, E,A, WL39, SL39, KL2); - RIP3(A, B,C, D,E, WL40, SL40, KL2); - RIP3(E, A,B, C,D, WL41, SL41, KL2); - RIP3(D, E,A, B,C, WL42, SL42, KL2); - RIP3(C, D,E, A,B, WL43, SL43, KL2); - RIP3(B, C,D, E,A, WL44, SL44, KL2); - RIP3(A, B,C, D,E, WL45, SL45, KL2); - RIP3(E, A,B, C,D, WL46, SL46, KL2); - RIP3(D, E,A, B,C, WL47, SL47, KL2); + RIP3(D, E, A, B, C, X3, 11, KL2); + RIP3(C, D, E, A, B, X10, 13, KL2); + RIP3(B, C, D, E, A, X14, 6, KL2); + RIP3(A, B, C, D, E, X4, 7, KL2); + RIP3(E, A, B, C, D, X9, 14, KL2); + RIP3(D, E, A, B, C, X15, 9, KL2); + RIP3(C, D, E, A, B, X8, 13, KL2); + RIP3(B, C, D, E, A, X1, 15, KL2); + RIP3(A, B, C, D, E, X2, 14, KL2); + RIP3(E, A, B, C, D, X7, 8, KL2); + RIP3(D, E, A, B, C, X0, 13, KL2); + RIP3(C, D, E, A, B, X6, 6, KL2); + RIP3(B, C, D, E, A, X13, 5, KL2); + RIP3(A, B, C, D, E, X11, 12, KL2); + RIP3(E, A, B, C, D, X5, 7, KL2); + RIP3(D, E, A, B, C, X12, 5, KL2); - RIP4(C, D,E, A,B, WL48, SL48, KL3); - RIP4(B, C,D, E,A, WL49, SL49, KL3); - RIP4(A, B,C, D,E, WL50, SL50, KL3); - RIP4(E, A,B, C,D, WL51, SL51, KL3); - RIP4(D, E,A, B,C, WL52, SL52, KL3); - RIP4(C, D,E, A,B, WL53, SL53, KL3); - RIP4(B, C,D, E,A, WL54, SL54, KL3); - RIP4(A, B,C, D,E, WL55, SL55, KL3); - RIP4(E, A,B, C,D, WL56, SL56, KL3); - RIP4(D, E,A, B,C, WL57, SL57, KL3); - RIP4(C, D,E, A,B, WL58, SL58, KL3); - RIP4(B, C,D, E,A, WL59, SL59, KL3); - RIP4(A, B,C, D,E, WL60, SL60, KL3); - RIP4(E, A,B, C,D, WL61, SL61, KL3); - RIP4(D, E,A, B,C, WL62, SL62, KL3); - RIP4(C, D,E, A,B, WL63, SL63, KL3); + RIP4(C, D, E, A, B, X1, 11, KL3); + RIP4(B, C, D, E, A, X9, 12, KL3); + RIP4(A, B, C, D, E, X11, 14, KL3); + RIP4(E, A, B, C, D, X10, 15, KL3); + RIP4(D, E, A, B, C, X0, 14, KL3); + RIP4(C, D, E, A, B, X8, 15, KL3); + RIP4(B, C, D, E, A, X12, 9, KL3); + RIP4(A, B, C, D, E, X4, 8, KL3); + RIP4(E, A, B, C, D, X13, 9, KL3); + RIP4(D, E, A, B, C, X3, 14, KL3); + RIP4(C, D, E, A, B, X7, 5, KL3); + RIP4(B, C, D, E, A, X15, 6, KL3); + RIP4(A, B, C, D, E, X14, 8, KL3); + RIP4(E, A, B, C, D, X5, 6, KL3); + RIP4(D, E, A, B, C, X6, 5, KL3); + RIP4(C, D, E, A, B, X2, 12, KL3); - RIP5(B, C,D, E,A, WL64, SL64, KL4); - RIP5(A, B,C, D,E, WL65, SL65, KL4); - RIP5(E, A,B, C,D, WL66, SL66, KL4); - RIP5(D, E,A, B,C, WL67, SL67, KL4); - RIP5(C, D,E, A,B, WL68, SL68, KL4); - RIP5(B, C,D, E,A, WL69, SL69, KL4); - RIP5(A, B,C, D,E, WL70, SL70, KL4); - RIP5(E, A,B, C,D, WL71, SL71, KL4); - RIP5(D, E,A, B,C, WL72, SL72, KL4); - RIP5(C, D,E, A,B, WL73, SL73, KL4); - RIP5(B, C,D, E,A, WL74, SL74, KL4); - RIP5(A, B,C, D,E, WL75, SL75, KL4); - RIP5(E, A,B, C,D, WL76, SL76, KL4); - RIP5(D, E,A, B,C, WL77, SL77, KL4); - RIP5(C, D,E, A,B, WL78, SL78, KL4); - RIP5(B, C,D, E,A, WL79, SL79, KL4); + RIP5(B, C, D, E, A, X4, 9, KL4); + RIP5(A, B, C, D, E, X0, 15, KL4); + RIP5(E, A, B, C, D, X5, 5, KL4); + RIP5(D, E, A, B, C, X9, 11, KL4); + RIP5(C, D, E, A, B, X7, 6, KL4); + RIP5(B, C, D, E, A, X12, 8, KL4); + RIP5(A, B, C, D, E, X2, 13, KL4); + RIP5(E, A, B, C, D, X10, 12, KL4); + RIP5(D, E, A, B, C, X14, 5, KL4); + RIP5(C, D, E, A, B, X1, 12, KL4); + RIP5(B, C, D, E, A, X3, 13, KL4); + RIP5(A, B, C, D, E, X8, 14, KL4); + RIP5(E, A, B, C, D, X11, 11, KL4); + RIP5(D, E, A, B, C, X6, 8, KL4); + RIP5(C, D, E, A, B, X15, 5, KL4); + RIP5(B, C, D, E, A, X13, 6, KL4); a = A; b = B; @@ -327,90 +328,90 @@ ripemd160_block_data_order(RIPEMD160_CTX *ctx, const void *p, size_t num) D = ctx->D; E = ctx->E; - RIP5(A, B,C, D,E, WR00, SR00, KR0); - RIP5(E, A,B, C,D, WR01, SR01, KR0); - RIP5(D, E,A, B,C, WR02, SR02, KR0); - RIP5(C, D,E, A,B, WR03, SR03, KR0); - RIP5(B, C,D, E,A, WR04, SR04, KR0); - RIP5(A, B,C, D,E, WR05, SR05, KR0); - RIP5(E, A,B, C,D, WR06, SR06, KR0); - RIP5(D, E,A, B,C, WR07, SR07, KR0); - RIP5(C, D,E, A,B, WR08, SR08, KR0); - RIP5(B, C,D, E,A, WR09, SR09, KR0); - RIP5(A, B,C, D,E, WR10, SR10, KR0); - RIP5(E, A,B, C,D, WR11, SR11, KR0); - RIP5(D, E,A, B,C, WR12, SR12, KR0); - RIP5(C, D,E, A,B, WR13, SR13, KR0); - RIP5(B, C,D, E,A, WR14, SR14, KR0); - RIP5(A, B,C, D,E, WR15, SR15, KR0); + RIP5(A, B, C, D, E, X5, 8, KR0); + RIP5(E, A, B, C, D, X14, 9, KR0); + RIP5(D, E, A, B, C, X7, 9, KR0); + RIP5(C, D, E, A, B, X0, 11, KR0); + RIP5(B, C, D, E, A, X9, 13, KR0); + RIP5(A, B, C, D, E, X2, 15, KR0); + RIP5(E, A, B, C, D, X11, 15, KR0); + RIP5(D, E, A, B, C, X4, 5, KR0); + RIP5(C, D, E, A, B, X13, 7, KR0); + RIP5(B, C, D, E, A, X6, 7, KR0); + RIP5(A, B, C, D, E, X15, 8, KR0); + RIP5(E, A, B, C, D, X8, 11, KR0); + RIP5(D, E, A, B, C, X1, 14, KR0); + RIP5(C, D, E, A, B, X10, 14, KR0); + RIP5(B, C, D, E, A, X3, 12, KR0); + RIP5(A, B, C, D, E, X12, 6, KR0); - RIP4(E, A,B, C,D, WR16, SR16, KR1); - RIP4(D, E,A, B,C, WR17, SR17, KR1); - RIP4(C, D,E, A,B, WR18, SR18, KR1); - RIP4(B, C,D, E,A, WR19, SR19, KR1); - RIP4(A, B,C, D,E, WR20, SR20, KR1); - RIP4(E, A,B, C,D, WR21, SR21, KR1); - RIP4(D, E,A, B,C, WR22, SR22, KR1); - RIP4(C, D,E, A,B, WR23, SR23, KR1); - RIP4(B, C,D, E,A, WR24, SR24, KR1); - RIP4(A, B,C, D,E, WR25, SR25, KR1); - RIP4(E, A,B, C,D, WR26, SR26, KR1); - RIP4(D, E,A, B,C, WR27, SR27, KR1); - RIP4(C, D,E, A,B, WR28, SR28, KR1); - RIP4(B, C,D, E,A, WR29, SR29, KR1); - RIP4(A, B,C, D,E, WR30, SR30, KR1); - RIP4(E, A,B, C,D, WR31, SR31, KR1); + RIP4(E, A, B, C, D, X6, 9, KR1); + RIP4(D, E, A, B, C, X11, 13, KR1); + RIP4(C, D, E, A, B, X3, 15, KR1); + RIP4(B, C, D, E, A, X7, 7, KR1); + RIP4(A, B, C, D, E, X0, 12, KR1); + RIP4(E, A, B, C, D, X13, 8, KR1); + RIP4(D, E, A, B, C, X5, 9, KR1); + RIP4(C, D, E, A, B, X10, 11, KR1); + RIP4(B, C, D, E, A, X14, 7, KR1); + RIP4(A, B, C, D, E, X15, 7, KR1); + RIP4(E, A, B, C, D, X8, 12, KR1); + RIP4(D, E, A, B, C, X12, 7, KR1); + RIP4(C, D, E, A, B, X4, 6, KR1); + RIP4(B, C, D, E, A, X9, 15, KR1); + RIP4(A, B, C, D, E, X1, 13, KR1); + RIP4(E, A, B, C, D, X2, 11, KR1); - RIP3(D, E,A, B,C, WR32, SR32, KR2); - RIP3(C, D,E, A,B, WR33, SR33, KR2); - RIP3(B, C,D, E,A, WR34, SR34, KR2); - RIP3(A, B,C, D,E, WR35, SR35, KR2); - RIP3(E, A,B, C,D, WR36, SR36, KR2); - RIP3(D, E,A, B,C, WR37, SR37, KR2); - RIP3(C, D,E, A,B, WR38, SR38, KR2); - RIP3(B, C,D, E,A, WR39, SR39, KR2); - RIP3(A, B,C, D,E, WR40, SR40, KR2); - RIP3(E, A,B, C,D, WR41, SR41, KR2); - RIP3(D, E,A, B,C, WR42, SR42, KR2); - RIP3(C, D,E, A,B, WR43, SR43, KR2); - RIP3(B, C,D, E,A, WR44, SR44, KR2); - RIP3(A, B,C, D,E, WR45, SR45, KR2); - RIP3(E, A,B, C,D, WR46, SR46, KR2); - RIP3(D, E,A, B,C, WR47, SR47, KR2); + RIP3(D, E, A, B, C, X15, 9, KR2); + RIP3(C, D, E, A, B, X5, 7, KR2); + RIP3(B, C, D, E, A, X1, 15, KR2); + RIP3(A, B, C, D, E, X3, 11, KR2); + RIP3(E, A, B, C, D, X7, 8, KR2); + RIP3(D, E, A, B, C, X14, 6, KR2); + RIP3(C, D, E, A, B, X6, 6, KR2); + RIP3(B, C, D, E, A, X9, 14, KR2); + RIP3(A, B, C, D, E, X11, 12, KR2); + RIP3(E, A, B, C, D, X8, 13, KR2); + RIP3(D, E, A, B, C, X12, 5, KR2); + RIP3(C, D, E, A, B, X2, 14, KR2); + RIP3(B, C, D, E, A, X10, 13, KR2); + RIP3(A, B, C, D, E, X0, 13, KR2); + RIP3(E, A, B, C, D, X4, 7, KR2); + RIP3(D, E, A, B, C, X13, 5, KR2); - RIP2(C, D,E, A,B, WR48, SR48, KR3); - RIP2(B, C,D, E,A, WR49, SR49, KR3); - RIP2(A, B,C, D,E, WR50, SR50, KR3); - RIP2(E, A,B, C,D, WR51, SR51, KR3); - RIP2(D, E,A, B,C, WR52, SR52, KR3); - RIP2(C, D,E, A,B, WR53, SR53, KR3); - RIP2(B, C,D, E,A, WR54, SR54, KR3); - RIP2(A, B,C, D,E, WR55, SR55, KR3); - RIP2(E, A,B, C,D, WR56, SR56, KR3); - RIP2(D, E,A, B,C, WR57, SR57, KR3); - RIP2(C, D,E, A,B, WR58, SR58, KR3); - RIP2(B, C,D, E,A, WR59, SR59, KR3); - RIP2(A, B,C, D,E, WR60, SR60, KR3); - RIP2(E, A,B, C,D, WR61, SR61, KR3); - RIP2(D, E,A, B,C, WR62, SR62, KR3); - RIP2(C, D,E, A,B, WR63, SR63, KR3); + RIP2(C, D, E, A, B, X8, 15, KR3); + RIP2(B, C, D, E, A, X6, 5, KR3); + RIP2(A, B, C, D, E, X4, 8, KR3); + RIP2(E, A, B, C, D, X1, 11, KR3); + RIP2(D, E, A, B, C, X3, 14, KR3); + RIP2(C, D, E, A, B, X11, 14, KR3); + RIP2(B, C, D, E, A, X15, 6, KR3); + RIP2(A, B, C, D, E, X0, 14, KR3); + RIP2(E, A, B, C, D, X5, 6, KR3); + RIP2(D, E, A, B, C, X12, 9, KR3); + RIP2(C, D, E, A, B, X2, 12, KR3); + RIP2(B, C, D, E, A, X13, 9, KR3); + RIP2(A, B, C, D, E, X9, 12, KR3); + RIP2(E, A, B, C, D, X7, 5, KR3); + RIP2(D, E, A, B, C, X10, 15, KR3); + RIP2(C, D, E, A, B, X14, 8, KR3); - RIP1(B, C,D, E,A, WR64, SR64); - RIP1(A, B,C, D,E, WR65, SR65); - RIP1(E, A,B, C,D, WR66, SR66); - RIP1(D, E,A, B,C, WR67, SR67); - RIP1(C, D,E, A,B, WR68, SR68); - RIP1(B, C,D, E,A, WR69, SR69); - RIP1(A, B,C, D,E, WR70, SR70); - RIP1(E, A,B, C,D, WR71, SR71); - RIP1(D, E,A, B,C, WR72, SR72); - RIP1(C, D,E, A,B, WR73, SR73); - RIP1(B, C,D, E,A, WR74, SR74); - RIP1(A, B,C, D,E, WR75, SR75); - RIP1(E, A,B, C,D, WR76, SR76); - RIP1(D, E,A, B,C, WR77, SR77); - RIP1(C, D,E, A,B, WR78, SR78); - RIP1(B, C,D, E,A, WR79, SR79); + RIP1(B, C, D, E, A, X12, 8); + RIP1(A, B, C, D, E, X15, 5); + RIP1(E, A, B, C, D, X10, 12); + RIP1(D, E, A, B, C, X4, 9); + RIP1(C, D, E, A, B, X1, 12); + RIP1(B, C, D, E, A, X5, 5); + RIP1(A, B, C, D, E, X8, 14); + RIP1(E, A, B, C, D, X7, 6); + RIP1(D, E, A, B, C, X6, 8); + RIP1(C, D, E, A, B, X2, 13); + RIP1(B, C, D, E, A, X13, 6); + RIP1(A, B, C, D, E, X14, 5); + RIP1(E, A, B, C, D, X0, 15); + RIP1(D, E, A, B, C, X3, 13); + RIP1(C, D, E, A, B, X9, 11); + RIP1(B, C, D, E, A, X11, 11); D = ctx->B + c + D; ctx->B = ctx->C + d + E; diff --git a/lib/libcrypto/ripemd/rmdconst.h b/lib/libcrypto/ripemd/rmdconst.h deleted file mode 100644 index 7d703da77..000000000 --- a/lib/libcrypto/ripemd/rmdconst.h +++ /dev/null @@ -1,403 +0,0 @@ -/* $OpenBSD: rmdconst.h,v 1.4 2023/07/08 06:52:56 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -__BEGIN_HIDDEN_DECLS - -#define KL0 0x00000000L -#define KL1 0x5A827999L -#define KL2 0x6ED9EBA1L -#define KL3 0x8F1BBCDCL -#define KL4 0xA953FD4EL - -#define KR0 0x50A28BE6L -#define KR1 0x5C4DD124L -#define KR2 0x6D703EF3L -#define KR3 0x7A6D76E9L -#define KR4 0x00000000L - -#define WL00 0 -#define SL00 11 -#define WL01 1 -#define SL01 14 -#define WL02 2 -#define SL02 15 -#define WL03 3 -#define SL03 12 -#define WL04 4 -#define SL04 5 -#define WL05 5 -#define SL05 8 -#define WL06 6 -#define SL06 7 -#define WL07 7 -#define SL07 9 -#define WL08 8 -#define SL08 11 -#define WL09 9 -#define SL09 13 -#define WL10 10 -#define SL10 14 -#define WL11 11 -#define SL11 15 -#define WL12 12 -#define SL12 6 -#define WL13 13 -#define SL13 7 -#define WL14 14 -#define SL14 9 -#define WL15 15 -#define SL15 8 - -#define WL16 7 -#define SL16 7 -#define WL17 4 -#define SL17 6 -#define WL18 13 -#define SL18 8 -#define WL19 1 -#define SL19 13 -#define WL20 10 -#define SL20 11 -#define WL21 6 -#define SL21 9 -#define WL22 15 -#define SL22 7 -#define WL23 3 -#define SL23 15 -#define WL24 12 -#define SL24 7 -#define WL25 0 -#define SL25 12 -#define WL26 9 -#define SL26 15 -#define WL27 5 -#define SL27 9 -#define WL28 2 -#define SL28 11 -#define WL29 14 -#define SL29 7 -#define WL30 11 -#define SL30 13 -#define WL31 8 -#define SL31 12 - -#define WL32 3 -#define SL32 11 -#define WL33 10 -#define SL33 13 -#define WL34 14 -#define SL34 6 -#define WL35 4 -#define SL35 7 -#define WL36 9 -#define SL36 14 -#define WL37 15 -#define SL37 9 -#define WL38 8 -#define SL38 13 -#define WL39 1 -#define SL39 15 -#define WL40 2 -#define SL40 14 -#define WL41 7 -#define SL41 8 -#define WL42 0 -#define SL42 13 -#define WL43 6 -#define SL43 6 -#define WL44 13 -#define SL44 5 -#define WL45 11 -#define SL45 12 -#define WL46 5 -#define SL46 7 -#define WL47 12 -#define SL47 5 - -#define WL48 1 -#define SL48 11 -#define WL49 9 -#define SL49 12 -#define WL50 11 -#define SL50 14 -#define WL51 10 -#define SL51 15 -#define WL52 0 -#define SL52 14 -#define WL53 8 -#define SL53 15 -#define WL54 12 -#define SL54 9 -#define WL55 4 -#define SL55 8 -#define WL56 13 -#define SL56 9 -#define WL57 3 -#define SL57 14 -#define WL58 7 -#define SL58 5 -#define WL59 15 -#define SL59 6 -#define WL60 14 -#define SL60 8 -#define WL61 5 -#define SL61 6 -#define WL62 6 -#define SL62 5 -#define WL63 2 -#define SL63 12 - -#define WL64 4 -#define SL64 9 -#define WL65 0 -#define SL65 15 -#define WL66 5 -#define SL66 5 -#define WL67 9 -#define SL67 11 -#define WL68 7 -#define SL68 6 -#define WL69 12 -#define SL69 8 -#define WL70 2 -#define SL70 13 -#define WL71 10 -#define SL71 12 -#define WL72 14 -#define SL72 5 -#define WL73 1 -#define SL73 12 -#define WL74 3 -#define SL74 13 -#define WL75 8 -#define SL75 14 -#define WL76 11 -#define SL76 11 -#define WL77 6 -#define SL77 8 -#define WL78 15 -#define SL78 5 -#define WL79 13 -#define SL79 6 - -#define WR00 5 -#define SR00 8 -#define WR01 14 -#define SR01 9 -#define WR02 7 -#define SR02 9 -#define WR03 0 -#define SR03 11 -#define WR04 9 -#define SR04 13 -#define WR05 2 -#define SR05 15 -#define WR06 11 -#define SR06 15 -#define WR07 4 -#define SR07 5 -#define WR08 13 -#define SR08 7 -#define WR09 6 -#define SR09 7 -#define WR10 15 -#define SR10 8 -#define WR11 8 -#define SR11 11 -#define WR12 1 -#define SR12 14 -#define WR13 10 -#define SR13 14 -#define WR14 3 -#define SR14 12 -#define WR15 12 -#define SR15 6 - -#define WR16 6 -#define SR16 9 -#define WR17 11 -#define SR17 13 -#define WR18 3 -#define SR18 15 -#define WR19 7 -#define SR19 7 -#define WR20 0 -#define SR20 12 -#define WR21 13 -#define SR21 8 -#define WR22 5 -#define SR22 9 -#define WR23 10 -#define SR23 11 -#define WR24 14 -#define SR24 7 -#define WR25 15 -#define SR25 7 -#define WR26 8 -#define SR26 12 -#define WR27 12 -#define SR27 7 -#define WR28 4 -#define SR28 6 -#define WR29 9 -#define SR29 15 -#define WR30 1 -#define SR30 13 -#define WR31 2 -#define SR31 11 - -#define WR32 15 -#define SR32 9 -#define WR33 5 -#define SR33 7 -#define WR34 1 -#define SR34 15 -#define WR35 3 -#define SR35 11 -#define WR36 7 -#define SR36 8 -#define WR37 14 -#define SR37 6 -#define WR38 6 -#define SR38 6 -#define WR39 9 -#define SR39 14 -#define WR40 11 -#define SR40 12 -#define WR41 8 -#define SR41 13 -#define WR42 12 -#define SR42 5 -#define WR43 2 -#define SR43 14 -#define WR44 10 -#define SR44 13 -#define WR45 0 -#define SR45 13 -#define WR46 4 -#define SR46 7 -#define WR47 13 -#define SR47 5 - -#define WR48 8 -#define SR48 15 -#define WR49 6 -#define SR49 5 -#define WR50 4 -#define SR50 8 -#define WR51 1 -#define SR51 11 -#define WR52 3 -#define SR52 14 -#define WR53 11 -#define SR53 14 -#define WR54 15 -#define SR54 6 -#define WR55 0 -#define SR55 14 -#define WR56 5 -#define SR56 6 -#define WR57 12 -#define SR57 9 -#define WR58 2 -#define SR58 12 -#define WR59 13 -#define SR59 9 -#define WR60 9 -#define SR60 12 -#define WR61 7 -#define SR61 5 -#define WR62 10 -#define SR62 15 -#define WR63 14 -#define SR63 8 - -#define WR64 12 -#define SR64 8 -#define WR65 15 -#define SR65 5 -#define WR66 10 -#define SR66 12 -#define WR67 4 -#define SR67 9 -#define WR68 1 -#define SR68 12 -#define WR69 5 -#define SR69 5 -#define WR70 8 -#define SR70 14 -#define WR71 7 -#define SR71 6 -#define WR72 6 -#define SR72 8 -#define WR73 2 -#define SR73 13 -#define WR74 13 -#define SR74 6 -#define WR75 14 -#define SR75 5 -#define WR76 0 -#define SR76 15 -#define WR77 3 -#define SR77 13 -#define WR78 9 -#define SR78 11 -#define WR79 11 -#define SR79 11 - -__END_HIDDEN_DECLS diff --git a/lib/libcrypto/rsa/rsa_ameth.c b/lib/libcrypto/rsa/rsa_ameth.c index 825a9f444..46837881e 100644 --- a/lib/libcrypto/rsa/rsa_ameth.c +++ b/lib/libcrypto/rsa/rsa_ameth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_ameth.c,v 1.30 2023/07/07 06:59:18 tb Exp $ */ +/* $OpenBSD: rsa_ameth.c,v 1.32 2023/08/10 15:05:28 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -136,21 +136,28 @@ rsa_param_decode(RSA *rsa, const X509_ALGOR *alg) static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) { - unsigned char *penc = NULL; - int penclen; - ASN1_STRING *str; + ASN1_STRING *str = NULL; int strtype; + unsigned char *penc = NULL; + int penclen = 0; + ASN1_OBJECT *aobj; if (!rsa_param_encode(pkey, &str, &strtype)) - return 0; - penclen = i2d_RSAPublicKey(pkey->pkey.rsa, &penc); - if (penclen <= 0) - return 0; - if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(pkey->ameth->pkey_id), - strtype, str, penc, penclen)) - return 1; + goto err; + if ((penclen = i2d_RSAPublicKey(pkey->pkey.rsa, &penc)) <= 0) { + penclen = 0; + goto err; + } + if ((aobj = OBJ_nid2obj(pkey->ameth->pkey_id)) == NULL) + goto err; + if (!X509_PUBKEY_set0_param(pk, aobj, strtype, str, penc, penclen)) + goto err; - free(penc); + return 1; + + err: + ASN1_STRING_free(str); + freezero(penc, penclen); return 0; } @@ -212,29 +219,33 @@ old_rsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder) static int rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { - unsigned char *rk = NULL; - int rklen; - ASN1_STRING *str; + ASN1_STRING *str = NULL; + ASN1_OBJECT *aobj; int strtype; + unsigned char *rk = NULL; + int rklen = 0; if (!rsa_param_encode(pkey, &str, &strtype)) - return 0; - - rklen = i2d_RSAPrivateKey(pkey->pkey.rsa, &rk); - if (rklen <= 0) { + goto err; + if ((rklen = i2d_RSAPrivateKey(pkey->pkey.rsa, &rk)) <= 0) { RSAerror(ERR_R_MALLOC_FAILURE); - ASN1_STRING_free(str); - return 0; + rklen = 0; + goto err; } - - if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(pkey->ameth->pkey_id), 0, - strtype, str, rk, rklen)) { + if ((aobj = OBJ_nid2obj(pkey->ameth->pkey_id)) == NULL) + goto err; + if (!PKCS8_pkey_set0(p8, aobj, 0, strtype, str, rk, rklen)) { RSAerror(ERR_R_MALLOC_FAILURE); - ASN1_STRING_free(str); - return 0; + goto err; } return 1; + + err: + ASN1_STRING_free(str); + freezero(rk, rklen); + + return 0; } static int diff --git a/lib/libcrypto/bn/bn_blind.c b/lib/libcrypto/rsa/rsa_blinding.c similarity index 70% rename from lib/libcrypto/bn/bn_blind.c rename to lib/libcrypto/rsa/rsa_blinding.c index cd2f7c8eb..cac5bd91d 100644 --- a/lib/libcrypto/bn/bn_blind.c +++ b/lib/libcrypto/rsa/rsa_blinding.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_blind.c,v 1.32 2023/08/02 09:25:36 tb Exp $ */ +/* $OpenBSD: rsa_blinding.c,v 1.3 2023/08/09 12:09:06 tb Exp $ */ /* ==================================================================== * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * @@ -109,13 +109,16 @@ * [including the GNU Public Licence.] */ +#include #include #include #include +#include #include "bn_local.h" +#include "rsa_local.h" #define BN_BLINDING_COUNTER 32 @@ -124,47 +127,48 @@ struct bn_blinding_st { BIGNUM *Ai; BIGNUM *e; BIGNUM *mod; - CRYPTO_THREADID tid; + pthread_t tid; int counter; BN_MONT_CTX *m_ctx; int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); }; -static BN_BLINDING * -BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod) +BN_BLINDING * +BN_BLINDING_new(const BIGNUM *e, const BIGNUM *mod, BN_CTX *ctx, + int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), BN_MONT_CTX *m_ctx) { BN_BLINDING *ret = NULL; if ((ret = calloc(1, sizeof(BN_BLINDING))) == NULL) { BNerror(ERR_R_MALLOC_FAILURE); - return NULL; + goto err; } - if (A != NULL) { - if ((ret->A = BN_dup(A)) == NULL) - goto err; - } - if (Ai != NULL) { - if ((ret->Ai = BN_dup(Ai)) == NULL) - goto err; - } - - /* save a copy of mod in the BN_BLINDING structure */ + if ((ret->A = BN_new()) == NULL) + goto err; + if ((ret->Ai = BN_new()) == NULL) + goto err; + if ((ret->e = BN_dup(e)) == NULL) + goto err; if ((ret->mod = BN_dup(mod)) == NULL) goto err; if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0) BN_set_flags(ret->mod, BN_FLG_CONSTTIME); - /* Set the counter to the special value -1 - * to indicate that this is never-used fresh blinding - * that does not need updating before first use. */ - ret->counter = -1; - CRYPTO_THREADID_current(&ret->tid); - return (ret); + /* Update on first use. */ + ret->counter = BN_BLINDING_COUNTER - 1; + ret->tid = pthread_self(); + + if (bn_mod_exp != NULL) + ret->bn_mod_exp = bn_mod_exp; + if (m_ctx != NULL) + ret->m_ctx = m_ctx; + + return ret; err: - if (ret != NULL) - BN_BLINDING_free(ret); + BN_BLINDING_free(ret); return NULL; } @@ -182,157 +186,176 @@ BN_BLINDING_free(BN_BLINDING *r) free(r); } +static int +BN_BLINDING_setup(BN_BLINDING *b, BN_CTX *ctx) +{ + if (!bn_rand_interval(b->A, 1, b->mod)) + return 0; + if (BN_mod_inverse_ct(b->Ai, b->A, b->mod, ctx) == NULL) + return 0; + + if (b->bn_mod_exp != NULL && b->m_ctx != NULL) { + if (!b->bn_mod_exp(b->A, b->A, b->e, b->mod, ctx, b->m_ctx)) + return 0; + } else { + if (!BN_mod_exp_ct(b->A, b->A, b->e, b->mod, ctx)) + return 0; + } + + return 1; +} + static int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx) { int ret = 0; - if (b->A == NULL || b->Ai == NULL) { - BNerror(BN_R_NOT_INITIALIZED); - goto err; - } - - if (b->counter == -1) + if (++b->counter >= BN_BLINDING_COUNTER) { + if (!BN_BLINDING_setup(b, ctx)) + goto err; b->counter = 0; - - if (++b->counter == BN_BLINDING_COUNTER && b->e != NULL) { - /* re-create blinding parameters */ - if (!BN_BLINDING_create_param(b, NULL, NULL, ctx, NULL, NULL)) - goto err; } else { - if (!BN_mod_mul(b->A, b->A, b->A, b->mod, ctx)) + if (!BN_mod_sqr(b->A, b->A, b->mod, ctx)) goto err; - if (!BN_mod_mul(b->Ai, b->Ai, b->Ai, b->mod, ctx)) + if (!BN_mod_sqr(b->Ai, b->Ai, b->mod, ctx)) goto err; } ret = 1; err: - if (b->counter == BN_BLINDING_COUNTER) - b->counter = 0; - return ret; } int -BN_BLINDING_convert(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) +BN_BLINDING_convert(BIGNUM *n, BIGNUM *inv, BN_BLINDING *b, BN_CTX *ctx) { - int ret = 1; + int ret = 0; - if (b->A == NULL || b->Ai == NULL) { - BNerror(BN_R_NOT_INITIALIZED); - return 0; + if (!BN_BLINDING_update(b, ctx)) + goto err; + + if (inv != NULL) { + if (!bn_copy(inv, b->Ai)) + goto err; } - if (b->counter == -1) - /* Fresh blinding, doesn't need updating. */ - b->counter = 0; - else if (!BN_BLINDING_update(b, ctx)) - return 0; - - if (r != NULL) { - if (!bn_copy(r, b->Ai)) - ret = 0; - } - - if (!BN_mod_mul(n, n, b->A, b->mod, ctx)) - ret = 0; + ret = BN_mod_mul(n, n, b->A, b->mod, ctx); + err: return ret; } int -BN_BLINDING_invert(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) +BN_BLINDING_invert(BIGNUM *n, const BIGNUM *inv, BN_BLINDING *b, BN_CTX *ctx) { - int ret; + if (inv == NULL) + inv = b->Ai; - if (r != NULL) - ret = BN_mod_mul(n, n, r, b->mod, ctx); - else { - if (b->Ai == NULL) { - BNerror(BN_R_NOT_INITIALIZED); - return (0); - } - ret = BN_mod_mul(n, n, b->Ai, b->mod, ctx); - } - - return ret; + return BN_mod_mul(n, n, inv, b->mod, ctx); } -CRYPTO_THREADID * -BN_BLINDING_thread_id(BN_BLINDING *b) +int +BN_BLINDING_is_local(BN_BLINDING *b) { - return &b->tid; + return pthread_equal(pthread_self(), b->tid) != 0; +} + +static BIGNUM * +rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p, const BIGNUM *q, + BN_CTX *ctx) +{ + BIGNUM *ret = NULL, *r0, *r1, *r2; + + if (d == NULL || p == NULL || q == NULL) + return NULL; + + BN_CTX_start(ctx); + if ((r0 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r1 = BN_CTX_get(ctx)) == NULL) + goto err; + if ((r2 = BN_CTX_get(ctx)) == NULL) + goto err; + + if (!BN_sub(r1, p, BN_value_one())) + goto err; + if (!BN_sub(r2, q, BN_value_one())) + goto err; + if (!BN_mul(r0, r1, r2, ctx)) + goto err; + + ret = BN_mod_inverse_ct(NULL, d, r0, ctx); +err: + BN_CTX_end(ctx); + return ret; } BN_BLINDING * -BN_BLINDING_create_param(BN_BLINDING *b, const BIGNUM *e, BIGNUM *m, BN_CTX *ctx, - int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), BN_MONT_CTX *m_ctx) +RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx) { + BIGNUM *e = NULL; + BIGNUM n; + BN_CTX *ctx = NULL; BN_BLINDING *ret = NULL; - int retry_counter = 32; - if (b == NULL) - ret = BN_BLINDING_new(NULL, NULL, m); - else - ret = b; - - if (ret == NULL) + if ((ctx = in_ctx) == NULL) + ctx = BN_CTX_new(); + if (ctx == NULL) goto err; - if (ret->A == NULL && (ret->A = BN_new()) == NULL) + BN_CTX_start(ctx); + + if ((e = rsa->e) == NULL) + e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx); + if (e == NULL) { + RSAerror(RSA_R_NO_PUBLIC_EXPONENT); goto err; - if (ret->Ai == NULL && (ret->Ai = BN_new()) == NULL) - goto err; - - if (e != NULL) { - BN_free(ret->e); - ret->e = BN_dup(e); - } - if (ret->e == NULL) - goto err; - - if (bn_mod_exp != NULL) - ret->bn_mod_exp = bn_mod_exp; - if (m_ctx != NULL) - ret->m_ctx = m_ctx; - - do { - if (!BN_rand_range(ret->A, ret->mod)) - goto err; - if (BN_mod_inverse_ct(ret->Ai, ret->A, ret->mod, ctx) == NULL) { - /* this should almost never happen for good RSA keys */ - unsigned long error = ERR_peek_last_error(); - if (ERR_GET_REASON(error) == BN_R_NO_INVERSE) { - if (retry_counter-- == 0) { - BNerror(BN_R_TOO_MANY_ITERATIONS); - goto err; - } - ERR_clear_error(); - } else - goto err; - } else - break; - } while (1); - - if (ret->bn_mod_exp != NULL && ret->m_ctx != NULL) { - if (!ret->bn_mod_exp(ret->A, ret->A, ret->e, ret->mod, - ctx, ret->m_ctx)) - goto err; - } else { - if (!BN_mod_exp_ct(ret->A, ret->A, ret->e, ret->mod, ctx)) - goto err; } - return ret; + BN_init(&n); + BN_with_flags(&n, rsa->n, BN_FLG_CONSTTIME); + + if ((ret = BN_BLINDING_new(e, &n, ctx, rsa->meth->bn_mod_exp, + rsa->_method_mod_n)) == NULL) { + RSAerror(ERR_R_BN_LIB); + goto err; + } err: - if (b == NULL && ret != NULL) { - BN_BLINDING_free(ret); - ret = NULL; - } + BN_CTX_end(ctx); + if (ctx != in_ctx) + BN_CTX_free(ctx); + if (e != rsa->e) + BN_free(e); return ret; } + +void +RSA_blinding_off(RSA *rsa) +{ + BN_BLINDING_free(rsa->blinding); + rsa->blinding = NULL; + rsa->flags |= RSA_FLAG_NO_BLINDING; +} +LCRYPTO_ALIAS(RSA_blinding_off); + +int +RSA_blinding_on(RSA *rsa, BN_CTX *ctx) +{ + int ret = 0; + + if (rsa->blinding != NULL) + RSA_blinding_off(rsa); + + rsa->blinding = RSA_setup_blinding(rsa, ctx); + if (rsa->blinding == NULL) + goto err; + + rsa->flags &= ~RSA_FLAG_NO_BLINDING; + ret = 1; +err: + return (ret); +} +LCRYPTO_ALIAS(RSA_blinding_on); diff --git a/lib/libcrypto/rsa/rsa_crpt.c b/lib/libcrypto/rsa/rsa_crpt.c deleted file mode 100644 index 15108e24f..000000000 --- a/lib/libcrypto/rsa/rsa_crpt.c +++ /dev/null @@ -1,231 +0,0 @@ -/* $OpenBSD: rsa_crpt.c,v 1.23 2023/07/28 10:05:16 tb Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include - -#include -#include -#include -#include -#include - -#include "bn_local.h" -#include "rsa_local.h" - -#ifndef OPENSSL_NO_ENGINE -#include -#endif - -int -RSA_bits(const RSA *r) -{ - return BN_num_bits(r->n); -} -LCRYPTO_ALIAS(RSA_bits); - -int -RSA_size(const RSA *r) -{ - return BN_num_bytes(r->n); -} -LCRYPTO_ALIAS(RSA_size); - -int -RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, - RSA *rsa, int padding) -{ - return rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding); -} -LCRYPTO_ALIAS(RSA_public_encrypt); - -int -RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to, - RSA *rsa, int padding) -{ - return rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding); -} -LCRYPTO_ALIAS(RSA_private_encrypt); - -int -RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to, - RSA *rsa, int padding) -{ - return rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding); -} -LCRYPTO_ALIAS(RSA_private_decrypt); - -int -RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to, - RSA *rsa, int padding) -{ - return rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding); -} -LCRYPTO_ALIAS(RSA_public_decrypt); - -int -RSA_flags(const RSA *r) -{ - return r == NULL ? 0 : r->meth->flags; -} -LCRYPTO_ALIAS(RSA_flags); - -void -RSA_blinding_off(RSA *rsa) -{ - BN_BLINDING_free(rsa->blinding); - rsa->blinding = NULL; - rsa->flags |= RSA_FLAG_NO_BLINDING; -} -LCRYPTO_ALIAS(RSA_blinding_off); - -int -RSA_blinding_on(RSA *rsa, BN_CTX *ctx) -{ - int ret = 0; - - if (rsa->blinding != NULL) - RSA_blinding_off(rsa); - - rsa->blinding = RSA_setup_blinding(rsa, ctx); - if (rsa->blinding == NULL) - goto err; - - rsa->flags &= ~RSA_FLAG_NO_BLINDING; - ret = 1; -err: - return (ret); -} -LCRYPTO_ALIAS(RSA_blinding_on); - -static BIGNUM * -rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p, const BIGNUM *q, - BN_CTX *ctx) -{ - BIGNUM *ret = NULL, *r0, *r1, *r2; - - if (d == NULL || p == NULL || q == NULL) - return NULL; - - BN_CTX_start(ctx); - if ((r0 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((r1 = BN_CTX_get(ctx)) == NULL) - goto err; - if ((r2 = BN_CTX_get(ctx)) == NULL) - goto err; - - if (!BN_sub(r1, p, BN_value_one())) - goto err; - if (!BN_sub(r2, q, BN_value_one())) - goto err; - if (!BN_mul(r0, r1, r2, ctx)) - goto err; - - ret = BN_mod_inverse_ct(NULL, d, r0, ctx); -err: - BN_CTX_end(ctx); - return ret; -} - -BN_BLINDING * -RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx) -{ - BIGNUM *e; - BIGNUM n; - BN_CTX *ctx; - BN_BLINDING *ret = NULL; - - if (in_ctx == NULL) { - if ((ctx = BN_CTX_new()) == NULL) - return 0; - } else - ctx = in_ctx; - - BN_CTX_start(ctx); - - if (rsa->e == NULL) { - e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx); - if (e == NULL) { - RSAerror(RSA_R_NO_PUBLIC_EXPONENT); - goto err; - } - } else - e = rsa->e; - - BN_init(&n); - BN_with_flags(&n, rsa->n, BN_FLG_CONSTTIME); - - ret = BN_BLINDING_create_param(NULL, e, &n, ctx, rsa->meth->bn_mod_exp, - rsa->_method_mod_n); - - if (ret == NULL) { - RSAerror(ERR_R_BN_LIB); - goto err; - } - CRYPTO_THREADID_current(BN_BLINDING_thread_id(ret)); -err: - BN_CTX_end(ctx); - if (in_ctx == NULL) - BN_CTX_free(ctx); - if (rsa->e == NULL) - BN_free(e); - - return ret; -} diff --git a/lib/libcrypto/rsa/rsa_eay.c b/lib/libcrypto/rsa/rsa_eay.c index cd0ff9730..c2e1e22f9 100644 --- a/lib/libcrypto/rsa/rsa_eay.c +++ b/lib/libcrypto/rsa/rsa_eay.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_eay.c,v 1.63 2023/08/02 08:44:38 tb Exp $ */ +/* $OpenBSD: rsa_eay.c,v 1.65 2023/08/09 12:09:06 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -222,7 +222,6 @@ rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx) { BN_BLINDING *ret; int got_write_lock = 0; - CRYPTO_THREADID cur; CRYPTO_r_lock(CRYPTO_LOCK_RSA); @@ -235,24 +234,14 @@ rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx) rsa->blinding = RSA_setup_blinding(rsa, ctx); } - ret = rsa->blinding; - if (ret == NULL) + if ((ret = rsa->blinding) == NULL) goto err; - CRYPTO_THREADID_current(&cur); - if (!CRYPTO_THREADID_cmp(&cur, BN_BLINDING_thread_id(ret))) { - /* rsa->blinding is ours! */ - *local = 1; - } else { - /* resort to rsa->mt_blinding instead */ - /* - * Instruct rsa_blinding_convert(), rsa_blinding_invert() - * that the BN_BLINDING is shared, meaning that accesses - * require locks, and that the blinding factor must be - * stored outside the BN_BLINDING - */ - *local = 0; - + /* + * We need a shared blinding. Accesses require locks and a copy of the + * blinding factor needs to be retained on use. + */ + if ((*local = BN_BLINDING_is_local(ret)) == 0) { if (rsa->mt_blinding == NULL) { if (!got_write_lock) { CRYPTO_r_unlock(CRYPTO_LOCK_RSA); @@ -266,11 +255,12 @@ rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx) ret = rsa->mt_blinding; } -err: + err: if (got_write_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RSA); else CRYPTO_r_unlock(CRYPTO_LOCK_RSA); + return ret; } @@ -857,3 +847,56 @@ RSA_PKCS1_SSLeay(void) return RSA_PKCS1_OpenSSL(); } LCRYPTO_ALIAS(RSA_PKCS1_SSLeay); + +int +RSA_bits(const RSA *r) +{ + return BN_num_bits(r->n); +} +LCRYPTO_ALIAS(RSA_bits); + +int +RSA_size(const RSA *r) +{ + return BN_num_bytes(r->n); +} +LCRYPTO_ALIAS(RSA_size); + +int +RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to, + RSA *rsa, int padding) +{ + return rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding); +} +LCRYPTO_ALIAS(RSA_public_encrypt); + +int +RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to, + RSA *rsa, int padding) +{ + return rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding); +} +LCRYPTO_ALIAS(RSA_private_encrypt); + +int +RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to, + RSA *rsa, int padding) +{ + return rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding); +} +LCRYPTO_ALIAS(RSA_private_decrypt); + +int +RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to, + RSA *rsa, int padding) +{ + return rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding); +} +LCRYPTO_ALIAS(RSA_public_decrypt); + +int +RSA_flags(const RSA *r) +{ + return r == NULL ? 0 : r->meth->flags; +} +LCRYPTO_ALIAS(RSA_flags); diff --git a/lib/libcrypto/rsa/rsa_local.h b/lib/libcrypto/rsa/rsa_local.h index e4c3040b6..51ed92590 100644 --- a/lib/libcrypto/rsa/rsa_local.h +++ b/lib/libcrypto/rsa/rsa_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_local.h,v 1.4 2023/07/28 10:05:16 tb Exp $ */ +/* $OpenBSD: rsa_local.h,v 1.6 2023/08/09 12:09:06 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -153,6 +153,13 @@ int RSA_padding_check_X931(unsigned char *to, int tlen, const unsigned char *f, int fl, int rsa_len); int RSA_X931_hash_id(int nid); +BN_BLINDING *BN_BLINDING_new(const BIGNUM *e, const BIGNUM *mod, BN_CTX *ctx, + int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), BN_MONT_CTX *m_ctx); +void BN_BLINDING_free(BN_BLINDING *b); +int BN_BLINDING_convert(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *); +int BN_BLINDING_invert(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *); +int BN_BLINDING_is_local(BN_BLINDING *b); BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx); __END_HIDDEN_DECLS diff --git a/lib/libcrypto/sha/sha1.c b/lib/libcrypto/sha/sha1.c index 6e35d797b..4b48653bd 100644 --- a/lib/libcrypto/sha/sha1.c +++ b/lib/libcrypto/sha/sha1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sha1.c,v 1.11 2023/07/08 12:24:10 beck Exp $ */ +/* $OpenBSD: sha1.c,v 1.12 2023/08/10 07:15:23 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -141,8 +141,8 @@ static void sha1_block_data_order(SHA_CTX *c, const void *p, size_t num) { const unsigned char *data = p; - unsigned MD32_REG_T A, B, C, D, E, T, l; - unsigned MD32_REG_T X0, X1, X2, X3, X4, X5, X6, X7, + unsigned int A, B, C, D, E, T, l; + unsigned int X0, X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X12, X13, X14, X15; A = c->h0; diff --git a/lib/libcrypto/sha/sha256.c b/lib/libcrypto/sha/sha256.c index 0d0c4231e..231a5a058 100644 --- a/lib/libcrypto/sha/sha256.c +++ b/lib/libcrypto/sha/sha256.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sha256.c,v 1.27 2023/07/08 12:24:10 beck Exp $ */ +/* $OpenBSD: sha256.c,v 1.28 2023/08/10 07:15:23 jsing Exp $ */ /* ==================================================================== * Copyright (c) 1998-2011 The OpenSSL Project. All rights reserved. * @@ -135,7 +135,7 @@ sha256_block_data_order(SHA256_CTX *ctx, const void *_in, size_t num) { const uint8_t *in = _in; const SHA_LONG *in32; - unsigned MD32_REG_T a, b, c, d, e, f, g, h, s0, s1, T1; + unsigned int a, b, c, d, e, f, g, h, s0, s1, T1; SHA_LONG X[16]; int i; diff --git a/lib/libpcap/savefile.c b/lib/libpcap/savefile.c index fdbd0bbb8..3209e663e 100644 --- a/lib/libpcap/savefile.c +++ b/lib/libpcap/savefile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: savefile.c,v 1.17 2020/05/27 04:24:01 dlg Exp $ */ +/* $OpenBSD: savefile.c,v 1.18 2023/08/10 15:47:05 sashan Exp $ */ /* * Copyright (c) 1993, 1994, 1995, 1996, 1997 @@ -160,7 +160,65 @@ pcap_fopen_offline(FILE *fp, char *errbuf) } p->tzoff = hdr.thiszone; p->snapshot = hdr.snaplen; - p->linktype = hdr.linktype; + /* + * Handle some LINKTYPE_ values in pcap headers that aren't + * the same as the corresponding OpenBSD DLT_ values. + * + * Those LINKTYPE_ values were assigned for DLT_s whose + * numerical values differ between platforms, so that + * the link-layer type value in pcap file headers can + * be platform-independent. This means that code reading + * a pcap file doesn't have to know on which platform a + * file was written in order to read it correctly. + * + * See + * + * https://www.tcpdump.org/linktypes.html + * + * for the current list of LINKTYPE_ values and the corresponding + * DLT_ values. + */ + switch (hdr.linktype) { + + case 100: + /* LINKTYPE_ATM_RFC1483 */ + p->linktype = DLT_ATM_RFC1483; + break; + + case 101: + /* LINKTYPE_RAW */ + p->linktype = DLT_RAW; + break; + + case 102: + /* LINKTYPE_SLIP_BSDOS */ + p->linktype = DLT_SLIP_BSDOS; + break; + + case 103: + /* LINKTYPE_PPP_BSDOS */ + p->linktype = DLT_PPP_BSDOS; + break; + + case 108: + /* LINKTYPE_LOOP */ + p->linktype = DLT_LOOP; + break; + + case 109: + /* LINKTYPE_ENC */ + p->linktype = DLT_ENC; + break; + + case 256: + /* LINKTYPE_PFSYNC */ + p->linktype = DLT_PFSYNC; + break; + + default: + p->linktype = hdr.linktype; + break; + } p->sf.rfile = fp; p->bufsize = hdr.snaplen; diff --git a/regress/lib/libcrypto/man/check_complete.pl b/regress/lib/libcrypto/man/check_complete.pl index 2fdf6a672..4f5d6d125 100755 --- a/regress/lib/libcrypto/man/check_complete.pl +++ b/regress/lib/libcrypto/man/check_complete.pl @@ -31,8 +31,7 @@ my %internal = ( BN_TBIT BN_ULLONG )], objects => [qw( - OBJ_bsearch OBJ_bsearch_ OBJ_bsearch_ex OBJ_bsearch_ex_ - USE_OBJ_MAC + OBJ_bsearch_ OBJ_bsearch_ex_ )], x509_vfy => [qw( X509_VERIFY_PARAM_ID @@ -62,11 +61,6 @@ my %obsolete = ( bn => [qw( BN_HEX_FMT1 BN_HEX_FMT2 BN_MASK )], - objects => [qw( - _DECLARE_OBJ_BSEARCH_CMP_FN - DECLARE_OBJ_BSEARCH_CMP_FN DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN - IMPLEMENT_OBJ_BSEARCH_CMP_FN IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN - )], ); my %postponed = ( @@ -447,6 +441,15 @@ try_again: $_ .= <$in_fh>; goto try_again; } + # The name of the function return type is so long + # that it requires a line break afterwards. + if (/^\w{30,}$/) { + my $next_line = <$in_fh>; + if ($next_line =~ /^ {4}\w/) { + $_ .= $next_line; + goto try_again; + } + } die "parse error: $_"; } close $in_fh; diff --git a/regress/sys/net/pf_table/Makefile b/regress/sys/net/pf_table/Makefile index a71f0190c..7b4de2862 100644 --- a/regress/sys/net/pf_table/Makefile +++ b/regress/sys/net/pf_table/Makefile @@ -1,15 +1,27 @@ -# $OpenBSD: Makefile,v 1.3 2017/07/07 23:15:27 bluhm Exp $ +# $OpenBSD: Makefile,v 1.4 2023/08/10 16:44:04 sashan Exp $ + +REGRESS_TARGETS= hit miss cleanup flags +CLEANFILES= stamp-* \ + pf-instab.conf \ + pf-instance.conf \ + pf-reftab.conf \ + table-ref.conf \ + table-pgone.out \ + table-persist.out \ + table-ref.out \ + table-refgone.out -REGRESS_TARGETS= hit miss cleanup -CLEANFILES= stamp-* stamp-setup: + ${SUDO} pfctl -a regress/ttest -Fa ${SUDO} pfctl -qt __regress_tbl -T add -f ${.CURDIR}/table.in date >$@ cleanup: rm -f stamp-setup ${SUDO} pfctl -qt __regress_tbl -T kill + ${SUDO} pfctl -q -a regress/ttest -Fr + ${SUDO} pfctl -q -a regress/ttest -qt instance -T kill hit: stamp-setup for i in `cat ${.CURDIR}/table.hit`; do \ @@ -27,6 +39,77 @@ miss: stamp-setup done; \ exit 0 -.PHONY: hit miss +# +# tables and are both referenced by rule only +# +pf-instab.conf: + @echo 'table { 192.168.1.0/24 }' > $@ + @echo 'pass in from to ' >> $@ + +# +# table is active and referred by rule, table +# is referenced only. +pf-reftab.conf: + @echo 'pass in from to ' > $@ + +# +# check persistent flag (p) is gone from table after +# we load pf-instab.conf. Deals with case when persistent table +# exists before pf-instab.conf gets loaded. +# +table-pgone.out: + @echo '--a-r-- instance regress/ttest' > $@ + @echo '----r-- reference regress/ttest' >> $@ + +# +# verify table got persistent flag after we +# run 'pfctl -t instance -T add ...' +# +table-persist.out: + @echo '-pa-r-- instance regress/ttest' > $@ + @echo '----r-- reference regress/ttest' >> $@ + +# +# verify tables and are created on behalf of +# reference by rule after pf-reftab.conf got loaded. +# +table-ref.out: + @echo '----r-- instance regress/ttest' > $@ + @echo '----r-- reference regress/ttest' >> $@ + +# +# verify reference to table (persistent) is gone +# after rules got flushed +# +table-refgone.out: + @echo '-pa---- instance regress/ttest' > $@ + +flags: pf-instab.conf pf-reftab.conf table-pgone.out table-persist.out \ + table-ref.out table-refgone.out + @echo 'loading pf-reftab,conf (tables referenced by rules only)' + @cat pf-reftab.conf + ${SUDO} pfctl -a regress/ttest -f pf-reftab.conf + @echo 'tables and should both have ----r--' + ${SUDO} pfctl -a regress/ttest -sT -vg | diff table-ref.out - + @echo 'creating table on command line, flags should be:' + @cat table-persist.out + ${SUDO} pfctl -a regress/ttest -t instance -T add 192.168.1.0/24 + ${SUDO} pfctl -a regress/ttest -sT -vg | diff table-persist.out - + @echo 'flushing rules' + ${SUDO} pfctl -a regress/ttest -Fr + @echo 'table should be gone, table should stay' + ${SUDO} pfctl -a regress/ttest -sT -vg | diff table-refgone.out - + @echo 'loading pf-instab.conf' + @cat pf-instab.conf + ${SUDO} pfctl -a regress/ttest -f pf-instab.conf + @echo 'table loses -p- flag:' + @cat table-pgone.out + ${SUDO} pfctl -a regress/ttest -sT -vg | diff table-pgone.out - + @echo 'flusing rules, both tables should be gone' + ${SUDO} pfctl -a regress/ttest -Fr + @echo 'anchor regress/ttest must be gone' + ${SUDO} pfctl -a regress/ttest -sr 2>&1 | grep 'pfctl: Anchor does not exist' + +.PHONY: hit miss flags .include diff --git a/sbin/isakmpd/isakmpd.conf.5 b/sbin/isakmpd/isakmpd.conf.5 index fc59c2003..a8cd91384 100644 --- a/sbin/isakmpd/isakmpd.conf.5 +++ b/sbin/isakmpd/isakmpd.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: isakmpd.conf.5,v 1.138 2022/03/31 17:27:20 naddy Exp $ +.\" $OpenBSD: isakmpd.conf.5,v 1.139 2023/08/08 10:31:03 dlg Exp $ .\" $EOM: isakmpd.conf.5,v 1.57 2000/12/21 14:43:17 ho Exp $ .\" .\" Copyright (c) 1998, 1999, 2000 Niklas Hallqvist. All rights reserved. @@ -28,7 +28,7 @@ .\" .\" Manual page, using -mandoc macros .\" -.Dd $Mdocdate: March 31 2022 $ +.Dd $Mdocdate: August 8 2023 $ .Dt ISAKMPD.CONF 5 .Os .Sh NAME @@ -670,6 +670,16 @@ expands to The variable expansion for the .Ar PF-Tag directive occurs only at runtime, not during configuration file parse time. +.It Em Interface +Specify a +.Xr sec 4 +interface minor number that the SAs will be used with. +Configuring +.Ar Interface +also disables the insertion of flows, and instead relies on the +routing of packets over the associated +.Xr sec 4 +interface. .El .It Aq Sy IPsec-configuration Parameters for IPsec configuration diff --git a/share/man/man5/bsd.port.mk.5 b/share/man/man5/bsd.port.mk.5 index 5e89e7664..4e88c6e6b 100644 --- a/share/man/man5/bsd.port.mk.5 +++ b/share/man/man5/bsd.port.mk.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: bsd.port.mk.5,v 1.578 2023/07/04 07:04:11 espie Exp $ +.\" $OpenBSD: bsd.port.mk.5,v 1.579 2023/08/08 12:46:56 espie Exp $ .\" .\" Copyright (c) 2000-2008 Marc Espie .\" @@ -24,7 +24,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: July 4 2023 $ +.Dd $Mdocdate: August 8 2023 $ .Dt BSD.PORT.MK 5 .Os .Sh NAME @@ -4245,6 +4245,8 @@ resulting in a double inclusion. This would lead to weird results, such as .Ev PKG_ARGS being defined twice. +.It "Fatal: MASTER_SITESn is not defined but referenced by in " +Pretty much self-explanatory. .It "Fatal: SUBPACKAGES should always begin with -: " That is the only way to differentiate between .Ev FLAVOR diff --git a/sys/arch/amd64/amd64/identcpu.c b/sys/arch/amd64/amd64/identcpu.c index ed8701172..557e40586 100644 --- a/sys/arch/amd64/amd64/identcpu.c +++ b/sys/arch/amd64/amd64/identcpu.c @@ -1,4 +1,4 @@ -/* $OpenBSD: identcpu.c,v 1.135 2023/07/27 01:51:35 guenther Exp $ */ +/* $OpenBSD: identcpu.c,v 1.136 2023/08/09 00:01:44 jsg Exp $ */ /* $NetBSD: identcpu.c,v 1.1 2003/04/26 18:39:28 fvdl Exp $ */ /* @@ -650,6 +650,21 @@ identifycpu(struct cpu_info *ci) printf(", %02x-%02x-%02x", ci->ci_family, ci->ci_model, ci->ci_signature & 0x0f); + if ((cpu_ecxfeature & CPUIDECX_HV) == 0) { + uint64_t level = 0; + uint32_t dummy; + + if (strcmp(cpu_vendor, "AuthenticAMD") == 0) { + level = rdmsr(MSR_PATCH_LEVEL); + } else if (strcmp(cpu_vendor, "GenuineIntel") == 0) { + wrmsr(MSR_BIOS_SIGN, 0); + CPUID(1, dummy, dummy, dummy, dummy); + level = rdmsr(MSR_BIOS_SIGN) >> 32; + } + if (level != 0) + printf(", patch %08llx", level); + } + printf("\n%s: ", ci->ci_dev->dv_xname); for (i = 0; i < nitems(cpu_cpuid_features); i++) diff --git a/sys/arch/amd64/amd64/ucode.c b/sys/arch/amd64/amd64/ucode.c index 1cb21e9c8..c2badbcfd 100644 --- a/sys/arch/amd64/amd64/ucode.c +++ b/sys/arch/amd64/amd64/ucode.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ucode.c,v 1.6 2023/07/23 01:46:37 jsg Exp $ */ +/* $OpenBSD: ucode.c,v 1.7 2023/08/09 02:59:41 jsg Exp $ */ /* * Copyright (c) 2018 Stefan Fritsch * Copyright (c) 2018 Patrick Wildt @@ -261,7 +261,7 @@ out: struct intel_ucode_header * cpu_ucode_intel_find(char *data, size_t left, uint32_t current) { - uint64_t platform_id = (rdmsr(MSR_PLATFORM_ID) >> 50) & 0xff; + uint64_t platform_id = (rdmsr(MSR_PLATFORM_ID) >> 50) & 7; uint32_t sig, dummy1, dummy2, dummy3; uint32_t mask = 1UL << platform_id; struct intel_ucode_header *hdr; diff --git a/sys/arch/arm64/arm64/cpu.c b/sys/arch/arm64/arm64/cpu.c index ae78cd2a2..759136b3d 100644 --- a/sys/arch/arm64/arm64/cpu.c +++ b/sys/arch/arm64/arm64/cpu.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cpu.c,v 1.97 2023/07/16 16:13:46 kettenis Exp $ */ +/* $OpenBSD: cpu.c,v 1.98 2023/08/10 19:29:32 kettenis Exp $ */ /* * Copyright (c) 2016 Dale Rahn @@ -919,6 +919,16 @@ cpu_attach(struct device *parent, struct device *dev, void *aux) cpu_id_aa64pfr0 &= ~ID_AA64PFR0_EL2_MASK; cpu_id_aa64pfr0 &= ~ID_AA64PFR0_EL3_MASK; + /* + * Lenovo X13s ships with broken EL2 firmware that + * hangs the machine if we enable PAuth. + */ + if (hw_vendor && strcmp(hw_vendor, "LENOVO") == 0 && + hw_prod && strncmp(hw_prod, "21BX", 4) == 0) { + cpu_id_aa64isar1 &= ~ID_AA64ISAR1_APA_MASK; + cpu_id_aa64isar1 &= ~ID_AA64ISAR1_GPA_MASK; + } + cpu_identify(ci); if (OF_getproplen(ci->ci_node, "clocks") > 0) { @@ -945,7 +955,6 @@ cpu_init(void) { uint64_t id_aa64mmfr1, sctlr; uint64_t id_aa64pfr0; - uint64_t id_aa64isar1; uint64_t tcr; WRITE_SPECIALREG(ttbr0_el1, pmap_kernel()->pm_pt0pa); @@ -971,8 +980,8 @@ cpu_init(void) __asm volatile (".arch armv8.4-a; msr dit, #1"); /* Enable PAuth. */ - id_aa64isar1 = READ_SPECIALREG(id_aa64isar1_el1); - if (ID_AA64ISAR1_API(id_aa64isar1) >= ID_AA64ISAR1_API_BASE) { + if (ID_AA64ISAR1_APA(cpu_id_aa64isar1) >= ID_AA64ISAR1_APA_BASE || + ID_AA64ISAR1_API(cpu_id_aa64isar1) >= ID_AA64ISAR1_API_BASE) { sctlr = READ_SPECIALREG(sctlr_el1); sctlr |= SCTLR_EnIA | SCTLR_EnDA; sctlr |= SCTLR_EnIB | SCTLR_EnDB; diff --git a/sys/arch/arm64/arm64/machdep.c b/sys/arch/arm64/arm64/machdep.c index 6b2dcba9c..d0c160113 100644 --- a/sys/arch/arm64/arm64/machdep.c +++ b/sys/arch/arm64/arm64/machdep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: machdep.c,v 1.83 2023/07/13 08:33:36 kettenis Exp $ */ +/* $OpenBSD: machdep.c,v 1.84 2023/08/10 21:01:50 kettenis Exp $ */ /* * Copyright (c) 2014 Patrick Wildt * Copyright (c) 2021 Mark Kettenis @@ -209,6 +209,7 @@ consinit(void) void cpu_idle_enter(void) { + disable_irq_daif(); } void (*cpu_idle_cycle_fcn)(void) = cpu_wfi; @@ -216,13 +217,15 @@ void (*cpu_idle_cycle_fcn)(void) = cpu_wfi; void cpu_idle_cycle(void) { - enable_irq_daif(); cpu_idle_cycle_fcn(); + enable_irq_daif(); + disable_irq_daif(); } void cpu_idle_leave(void) { + enable_irq_daif(); } /* Dummy trapframe for proc0. */ diff --git a/sys/arch/arm64/arm64/pmap.c b/sys/arch/arm64/arm64/pmap.c index ca745c75b..e40c0e874 100644 --- a/sys/arch/arm64/arm64/pmap.c +++ b/sys/arch/arm64/arm64/pmap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pmap.c,v 1.98 2023/06/11 21:42:01 kettenis Exp $ */ +/* $OpenBSD: pmap.c,v 1.99 2023/08/10 19:29:32 kettenis Exp $ */ /* * Copyright (c) 2008-2009,2014-2016 Dale Rahn * @@ -2231,7 +2231,8 @@ pmap_show_mapping(uint64_t va) void pmap_setpauthkeys(struct pmap *pm) { - if (ID_AA64ISAR1_API(cpu_id_aa64isar1) >= ID_AA64ISAR1_API_BASE) { + if (ID_AA64ISAR1_APA(cpu_id_aa64isar1) >= ID_AA64ISAR1_APA_BASE || + ID_AA64ISAR1_API(cpu_id_aa64isar1) >= ID_AA64ISAR1_API_BASE) { __asm volatile (".arch armv8.3-a; msr apiakeylo_el1, %0" :: "r"(pm->pm_apiakey[0])); __asm volatile (".arch armv8.3-a; msr apiakeyhi_el1, %0" @@ -2250,7 +2251,8 @@ pmap_setpauthkeys(struct pmap *pm) :: "r"(pm->pm_apdbkey[1])); } - if (ID_AA64ISAR1_GPI(cpu_id_aa64isar1) >= ID_AA64ISAR1_GPI_IMPL) { + if (ID_AA64ISAR1_GPA(cpu_id_aa64isar1) >= ID_AA64ISAR1_GPA_IMPL || + ID_AA64ISAR1_GPI(cpu_id_aa64isar1) >= ID_AA64ISAR1_GPI_IMPL) { __asm volatile (".arch armv8.3-a; msr apgakeylo_el1, %0" :: "r"(pm->pm_apgakey[0])); __asm volatile (".arch armv8.3-a; msr apgakeyhi_el1, %0" diff --git a/sys/arch/arm64/dev/agtimer.c b/sys/arch/arm64/dev/agtimer.c index 08e93b4b0..32f068814 100644 --- a/sys/arch/arm64/dev/agtimer.c +++ b/sys/arch/arm64/dev/agtimer.c @@ -1,4 +1,4 @@ -/* $OpenBSD: agtimer.c,v 1.23 2023/07/25 18:16:19 cheloha Exp $ */ +/* $OpenBSD: agtimer.c,v 1.25 2023/08/11 01:28:19 cheloha Exp $ */ /* * Copyright (c) 2011 Dale Rahn * Copyright (c) 2013 Patrick Wildt @@ -323,32 +323,12 @@ agtimer_cpu_initclocks(void) void agtimer_delay(u_int usecs) { - uint64_t clock, oclock, delta, delaycnt; - uint64_t csec, usec; - volatile int j; + uint64_t cycles, start; - if (usecs > (0x80000000 / agtimer_frequency)) { - csec = usecs / 10000; - usec = usecs % 10000; - - delaycnt = (agtimer_frequency / 100) * csec + - (agtimer_frequency / 100) * usec / 10000; - } else { - delaycnt = agtimer_frequency * usecs / 1000000; - } - if (delaycnt <= 1) - for (j = 100; j > 0; j--) - ; - - oclock = agtimer_readcnt64(); - while (1) { - for (j = 100; j > 0; j--) - ; - clock = agtimer_readcnt64(); - delta = clock - oclock; - if (delta > delaycnt) - break; - } + start = agtimer_readcnt64(); + cycles = (uint64_t)usecs * agtimer_frequency / 1000000; + while (agtimer_readcnt64() - start < cycles) + CPU_BUSY_CYCLE(); } void diff --git a/sys/arch/arm64/dev/mainbus.c b/sys/arch/arm64/dev/mainbus.c index 192e45c2f..495a4ca28 100644 --- a/sys/arch/arm64/dev/mainbus.c +++ b/sys/arch/arm64/dev/mainbus.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mainbus.c,v 1.27 2023/07/19 21:52:55 kettenis Exp $ */ +/* $OpenBSD: mainbus.c,v 1.28 2023/08/10 19:29:32 kettenis Exp $ */ /* * Copyright (c) 2016 Patrick Wildt * Copyright (c) 2017 Mark Kettenis @@ -133,6 +133,7 @@ mainbus_attach(struct device *parent, struct device *self, void *aux) } mainbus_attach_psci(self); + mainbus_attach_efi(self); /* Attach primary CPU first. */ mainbus_attach_cpus(self, mainbus_match_primary); @@ -140,7 +141,6 @@ mainbus_attach(struct device *parent, struct device *self, void *aux) /* Attach secondary CPUs. */ mainbus_attach_cpus(self, mainbus_match_secondary); - mainbus_attach_efi(self); mainbus_attach_firmware(self); mainbus_attach_resvmem(self); diff --git a/sys/arch/i386/i386/machdep.c b/sys/arch/i386/i386/machdep.c index 164ee8bd1..fe922d372 100644 --- a/sys/arch/i386/i386/machdep.c +++ b/sys/arch/i386/i386/machdep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: machdep.c,v 1.665 2023/07/25 04:42:02 deraadt Exp $ */ +/* $OpenBSD: machdep.c,v 1.666 2023/08/09 00:01:44 jsg Exp $ */ /* $NetBSD: machdep.c,v 1.214 1996/11/10 03:16:17 thorpej Exp $ */ /*- @@ -1859,6 +1859,21 @@ identifycpu(struct cpu_info *ci) printf(", %02x-%02x-%02x", ci->ci_family, ci->ci_model, step); + if ((cpu_ecxfeature & CPUIDECX_HV) == 0) { + uint64_t level = 0; + uint32_t dummy; + + if (strcmp(cpu_vendor, "AuthenticAMD") == 0) { + level = rdmsr(MSR_PATCH_LEVEL); + } else if (strcmp(cpu_vendor, "GenuineIntel") == 0) { + wrmsr(MSR_BIOS_SIGN, 0); + CPUID(1, dummy, dummy, dummy, dummy); + level = rdmsr(MSR_BIOS_SIGN) >> 32; + } + if (level != 0) + printf(", patch %08llx", level); + } + printf("\n"); if (ci->ci_feature_flags) { diff --git a/sys/arch/i386/i386/ucode.c b/sys/arch/i386/i386/ucode.c index 53f76211e..ec73218f1 100644 --- a/sys/arch/i386/i386/ucode.c +++ b/sys/arch/i386/i386/ucode.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ucode.c,v 1.4 2023/07/23 02:59:53 jsg Exp $ */ +/* $OpenBSD: ucode.c,v 1.5 2023/08/09 02:59:41 jsg Exp $ */ /* * Copyright (c) 2018 Stefan Fritsch * Copyright (c) 2018 Patrick Wildt @@ -284,7 +284,7 @@ out: struct intel_ucode_header * cpu_ucode_intel_find(char *data, size_t left, uint32_t current) { - uint64_t platform_id = (rdmsr(MSR_PLATFORM_ID) >> 50) & 0xff; + uint64_t platform_id = (rdmsr(MSR_PLATFORM_ID) >> 50) & 7; uint32_t sig, dummy1, dummy2, dummy3; uint32_t mask = 1UL << platform_id; struct intel_ucode_header *hdr; diff --git a/sys/conf/GENERIC b/sys/conf/GENERIC index c9eebf816..171f45f43 100644 --- a/sys/conf/GENERIC +++ b/sys/conf/GENERIC @@ -1,4 +1,4 @@ -# $OpenBSD: GENERIC,v 1.288 2023/03/27 09:39:21 naddy Exp $ +# $OpenBSD: GENERIC,v 1.289 2023/08/11 02:35:38 dlg Exp $ # # Machine-independent option; used by all architectures for their # GENERIC kernel @@ -90,6 +90,7 @@ pseudo-device veb # virtual Ethernet bridge pseudo-device carp # CARP protocol support pseudo-device etherip # EtherIP (RFC 3378) pseudo-device gif # IPv[46] over IPv[46] tunnel (RFC1933) +pseudo-device sec # route based IPsec VPN interface pseudo-device gre # GRE encapsulation interface pseudo-device loop # network loopback pseudo-device mpe # MPLS PE interface diff --git a/sys/dev/pci/drm/i915/gem/i915_gem_phys.c b/sys/dev/pci/drm/i915/gem/i915_gem_phys.c index 5f73a07e4..cc496f702 100644 --- a/sys/dev/pci/drm/i915/gem/i915_gem_phys.c +++ b/sys/dev/pci/drm/i915/gem/i915_gem_phys.c @@ -205,7 +205,12 @@ i915_gem_object_put_pages_phys(struct drm_i915_gem_object *obj, int i915_gem_object_pwrite_phys(struct drm_i915_gem_object *obj, const struct drm_i915_gem_pwrite *args) { +#ifdef __linux__ void *vaddr = sg_page(obj->mm.pages->sgl) + args->offset; +#else + struct drm_dmamem *dmah = (void *)sg_page(obj->mm.pages->sgl); + void *vaddr = dmah->kva + args->offset; +#endif char __user *user_data = u64_to_user_ptr(args->data_ptr); struct drm_i915_private *i915 = to_i915(obj->base.dev); int err; @@ -236,7 +241,12 @@ int i915_gem_object_pwrite_phys(struct drm_i915_gem_object *obj, int i915_gem_object_pread_phys(struct drm_i915_gem_object *obj, const struct drm_i915_gem_pread *args) { +#ifdef __linux__ void *vaddr = sg_page(obj->mm.pages->sgl) + args->offset; +#else + struct drm_dmamem *dmah = (void *)sg_page(obj->mm.pages->sgl); + void *vaddr = dmah->kva + args->offset; +#endif char __user *user_data = u64_to_user_ptr(args->data_ptr); int err; diff --git a/sys/dev/pci/pcidevs b/sys/dev/pci/pcidevs index 48f86f28a..ff967a604 100644 --- a/sys/dev/pci/pcidevs +++ b/sys/dev/pci/pcidevs @@ -1,4 +1,4 @@ -$OpenBSD: pcidevs,v 1.2044 2023/08/06 14:40:25 jsg Exp $ +$OpenBSD: pcidevs,v 1.2045 2023/08/09 21:27:47 kmos Exp $ /* $NetBSD: pcidevs,v 1.30 1997/06/24 06:20:24 thorpej Exp $ */ /* @@ -386,6 +386,7 @@ vendor ATRONICS 0x907f Atronics vendor NETMOS 0x9710 NetMos vendor 3COM2 0xa727 3Com vendor PARALLELS 0xaaaa Parallels +vendor CRUCIAL 0xc0a9 Crucial vendor TIGERJET 0xe159 TigerJet Network vendor ENDACE 0xeace Endace vendor BELKIN 0xec80 Belkin Components @@ -2875,6 +2876,9 @@ product CREATIVELABS SBJOY3 0x7005 PCI Gameport Joystick product CREATIVELABS PPB 0x7006 PCIE-PCI product CREATIVELABS EV1938 0x8938 Ectiva 1938 +/* Crucial products */ +product CRUCIAL P5PLUS 0x5407 P5 Plus + /* Cyclades products */ product CYCLADES CYCLOMY_1 0x0100 Cyclom-Y below 1M product CYCLADES CYCLOMY_2 0x0101 Cyclom-Y diff --git a/sys/dev/pci/pcidevs.h b/sys/dev/pci/pcidevs.h index 5520f6a56..d4d4a9100 100644 --- a/sys/dev/pci/pcidevs.h +++ b/sys/dev/pci/pcidevs.h @@ -2,7 +2,7 @@ * THIS FILE AUTOMATICALLY GENERATED. DO NOT EDIT. * * generated from: - * OpenBSD: pcidevs,v 1.2044 2023/08/06 14:40:25 jsg Exp + * OpenBSD: pcidevs,v 1.2045 2023/08/09 21:27:47 kmos Exp */ /* $NetBSD: pcidevs,v 1.30 1997/06/24 06:20:24 thorpej Exp $ */ @@ -391,6 +391,7 @@ #define PCI_VENDOR_NETMOS 0x9710 /* NetMos */ #define PCI_VENDOR_3COM2 0xa727 /* 3Com */ #define PCI_VENDOR_PARALLELS 0xaaaa /* Parallels */ +#define PCI_VENDOR_CRUCIAL 0xc0a9 /* Crucial */ #define PCI_VENDOR_TIGERJET 0xe159 /* TigerJet Network */ #define PCI_VENDOR_ENDACE 0xeace /* Endace */ #define PCI_VENDOR_BELKIN 0xec80 /* Belkin Components */ @@ -2880,6 +2881,9 @@ #define PCI_PRODUCT_CREATIVELABS_PPB 0x7006 /* PCIE-PCI */ #define PCI_PRODUCT_CREATIVELABS_EV1938 0x8938 /* Ectiva 1938 */ +/* Crucial products */ +#define PCI_PRODUCT_CRUCIAL_P5PLUS 0x5407 /* P5 Plus */ + /* Cyclades products */ #define PCI_PRODUCT_CYCLADES_CYCLOMY_1 0x0100 /* Cyclom-Y below 1M */ #define PCI_PRODUCT_CYCLADES_CYCLOMY_2 0x0101 /* Cyclom-Y */ diff --git a/sys/dev/pci/pcidevs_data.h b/sys/dev/pci/pcidevs_data.h index 9c9738d96..78436f7ef 100644 --- a/sys/dev/pci/pcidevs_data.h +++ b/sys/dev/pci/pcidevs_data.h @@ -2,7 +2,7 @@ * THIS FILE AUTOMATICALLY GENERATED. DO NOT EDIT. * * generated from: - * OpenBSD: pcidevs,v 1.2044 2023/08/06 14:40:25 jsg Exp + * OpenBSD: pcidevs,v 1.2045 2023/08/09 21:27:47 kmos Exp */ /* $NetBSD: pcidevs,v 1.30 1997/06/24 06:20:24 thorpej Exp $ */ @@ -9327,6 +9327,10 @@ static const struct pci_known_product pci_known_products[] = { PCI_VENDOR_CREATIVELABS, PCI_PRODUCT_CREATIVELABS_EV1938, "Ectiva 1938", }, + { + PCI_VENDOR_CRUCIAL, PCI_PRODUCT_CRUCIAL_P5PLUS, + "P5 Plus", + }, { PCI_VENDOR_CYCLADES, PCI_PRODUCT_CYCLADES_CYCLOMY_1, "Cyclom-Y below 1M", @@ -36335,6 +36339,10 @@ static const struct pci_known_vendor pci_known_vendors[] = { PCI_VENDOR_PARALLELS, "Parallels", }, + { + PCI_VENDOR_CRUCIAL, + "Crucial", + }, { PCI_VENDOR_TIGERJET, "TigerJet Network", diff --git a/sys/kern/kern_synch.c b/sys/kern/kern_synch.c index d4087b5fc..cd1f4eafc 100644 --- a/sys/kern/kern_synch.c +++ b/sys/kern/kern_synch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_synch.c,v 1.195 2023/07/14 07:07:08 claudio Exp $ */ +/* $OpenBSD: kern_synch.c,v 1.196 2023/08/10 20:44:52 claudio Exp $ */ /* $NetBSD: kern_synch.c,v 1.37 1996/04/22 01:38:37 christos Exp $ */ /* @@ -397,12 +397,15 @@ sleep_finish(int timo, int do_sleep) */ if (p->p_wchan == NULL) do_sleep = 0; - atomic_clearbits_int(&p->p_flag, P_WSLEEP); + if (do_sleep) { + KASSERT(p->p_stat == SSLEEP || p->p_stat == SSTOP); p->p_ru.ru_nvcsw++; mi_switch(); } else { + KASSERT(p->p_stat == SONPROC || p->p_stat == SSLEEP || + p->p_stat == SSTOP); unsleep(p); p->p_stat = SONPROC; } diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c index af0f62164..6c2f93cda 100644 --- a/sys/kern/uipc_socket.c +++ b/sys/kern/uipc_socket.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uipc_socket.c,v 1.307 2023/08/03 09:49:08 mvs Exp $ */ +/* $OpenBSD: uipc_socket.c,v 1.309 2023/08/08 22:07:25 mvs Exp $ */ /* $NetBSD: uipc_socket.c,v 1.21 1996/02/04 02:17:52 christos Exp $ */ /* @@ -1799,13 +1799,6 @@ sosetopt(struct socket *so, int level, int optname, struct mbuf *m) } error = ENOPROTOOPT; } else { - switch (optname) { - case SO_BINDANY: - if ((error = suser(curproc)) != 0) /* XXX */ - return (error); - break; - } - switch (optname) { case SO_LINGER: @@ -1824,6 +1817,10 @@ sosetopt(struct socket *so, int level, int optname, struct mbuf *m) break; case SO_BINDANY: + if ((error = suser(curproc)) != 0) /* XXX */ + return (error); + /* FALLTHROUGH */ + case SO_DEBUG: case SO_KEEPALIVE: case SO_USELOOPBACK: @@ -1856,6 +1853,9 @@ sosetopt(struct socket *so, int level, int optname, struct mbuf *m) case SO_SNDLOWAT: case SO_RCVLOWAT: { + struct sockbuf *sb = (optname == SO_SNDBUF || + optname == SO_SNDLOWAT ? + &so->so_snd : &so->so_rcv); u_long cnt; if (m == NULL || m->m_len < sizeof (int)) @@ -1867,40 +1867,23 @@ sosetopt(struct socket *so, int level, int optname, struct mbuf *m) solock(so); switch (optname) { case SO_SNDBUF: - if (so->so_snd.sb_state & SS_CANTSENDMORE) { - error = EINVAL; - break; - } - if (sbcheckreserve(cnt, so->so_snd.sb_wat) || - sbreserve(so, &so->so_snd, cnt)) { - error = ENOBUFS; - break; - } - so->so_snd.sb_wat = cnt; - break; - case SO_RCVBUF: - if (so->so_rcv.sb_state & SS_CANTRCVMORE) { + if (sb->sb_state & + (SS_CANTSENDMORE | SS_CANTRCVMORE)) { error = EINVAL; break; } - if (sbcheckreserve(cnt, so->so_rcv.sb_wat) || - sbreserve(so, &so->so_rcv, cnt)) { + if (sbcheckreserve(cnt, sb->sb_wat) || + sbreserve(so, sb, cnt)) { error = ENOBUFS; break; } - so->so_rcv.sb_wat = cnt; + sb->sb_wat = cnt; break; - case SO_SNDLOWAT: - so->so_snd.sb_lowat = - (cnt > so->so_snd.sb_hiwat) ? - so->so_snd.sb_hiwat : cnt; - break; case SO_RCVLOWAT: - so->so_rcv.sb_lowat = - (cnt > so->so_rcv.sb_hiwat) ? - so->so_rcv.sb_hiwat : cnt; + sb->sb_lowat = (cnt > sb->sb_hiwat) ? + sb->sb_hiwat : cnt; break; } sounlock(so); @@ -1910,6 +1893,8 @@ sosetopt(struct socket *so, int level, int optname, struct mbuf *m) case SO_SNDTIMEO: case SO_RCVTIMEO: { + struct sockbuf *sb = (optname == SO_SNDTIMEO ? + &so->so_snd : &so->so_rcv); struct timeval tv; uint64_t nsecs; @@ -1925,14 +1910,7 @@ sosetopt(struct socket *so, int level, int optname, struct mbuf *m) nsecs = INFSLP; solock(so); - switch (optname) { - case SO_SNDTIMEO: - so->so_snd.sb_timeo_nsecs = nsecs; - break; - case SO_RCVTIMEO: - so->so_rcv.sb_timeo_nsecs = nsecs; - break; - } + sb->sb_timeo_nsecs = nsecs; sounlock(so); break; } diff --git a/sys/net/if_sec.c b/sys/net/if_sec.c index d41f2c3d3..d7be990a7 100644 --- a/sys/net/if_sec.c +++ b/sys/net/if_sec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_sec.c,v 1.1 2023/08/07 01:57:33 dlg Exp $ */ +/* $OpenBSD: if_sec.c,v 1.5 2023/08/11 02:34:56 dlg Exp $ */ /* * Copyright (c) 2022 The University of Queensland @@ -34,41 +34,26 @@ #include #include #include -#include #include #include -#include -#include -#include -#include #include #include +#include +#include #include #include #include -#include -#include #include #include -#include -#include #include -#include -#include #include #ifdef INET6 #include -#include -#include #endif -#ifdef MPLS -#include -#endif /* MPLS */ - #if NBPFILTER > 0 #include #endif @@ -83,6 +68,8 @@ struct sec_softc { struct ifnet sc_if; + unsigned int sc_dead; + unsigned int sc_up; struct task sc_send; @@ -97,7 +84,7 @@ static int sec_output(struct ifnet *, struct mbuf *, struct sockaddr *, struct rtentry *); static int sec_enqueue(struct ifnet *, struct mbuf *); static void sec_send(void *); -static void sec_start(struct ifnet *); +static void sec_start(struct ifqueue *); static int sec_ioctl(struct ifnet *, u_long, caddr_t); static int sec_up(struct sec_softc *); @@ -148,12 +135,12 @@ sec_clone_create(struct if_clone *ifc, int unit) ifp->if_type = IFT_TUNNEL; ifp->if_mtu = SEC_MTU; ifp->if_flags = IFF_POINTOPOINT|IFF_MULTICAST; - ifp->if_xflags = IFXF_CLONED; + ifp->if_xflags = IFXF_CLONED | IFXF_MPSAFE; ifp->if_bpf_mtap = p2p_bpf_mtap; ifp->if_input = p2p_input; ifp->if_output = sec_output; ifp->if_enqueue = sec_enqueue; - ifp->if_start = sec_start; + ifp->if_qstart = sec_start; ifp->if_ioctl = sec_ioctl; ifp->if_rtrequest = p2p_rtrequest; @@ -174,6 +161,7 @@ sec_clone_destroy(struct ifnet *ifp) struct sec_softc *sc = ifp->if_softc; NET_LOCK(); + sc->sc_dead = 1; if (ISSET(ifp->if_flags, IFF_RUNNING)) sec_down(sc); NET_UNLOCK(); @@ -237,10 +225,22 @@ sec_up(struct sec_softc *sc) unsigned int idx = stoeplitz_h32(sc->sc_unit) % nitems(sec_map); NET_ASSERT_LOCKED(); + KASSERT(!ISSET(ifp->if_flags, IFF_RUNNING)); + + if (sc->sc_dead) + return (ENXIO); + + /* + * coordinate with sec_down(). if sc_up is still up and + * we're here then something else is running sec_down. + */ + if (sc->sc_up) + return (EBUSY); + + sc->sc_up = 1; - SET(ifp->if_flags, IFF_RUNNING); refcnt_init(&sc->sc_refs); - + SET(ifp->if_flags, IFF_RUNNING); SMR_SLIST_INSERT_HEAD_LOCKED(&sec_map[idx], sc, sc_entry); return (0); @@ -253,16 +253,28 @@ sec_down(struct sec_softc *sc) unsigned int idx = stoeplitz_h32(sc->sc_unit) % nitems(sec_map); NET_ASSERT_LOCKED(); + KASSERT(ISSET(ifp->if_flags, IFF_RUNNING)); + + /* + * taking sec down involves waiting for it to stop running + * in various contexts. this thread cannot hold netlock + * while waiting for a barrier for a task that could be trying + * to take netlock itself. so give up netlock, but don't clear + * sc_up to prevent sec_up from running. + */ CLR(ifp->if_flags, IFF_RUNNING); - - SMR_SLIST_REMOVE_LOCKED(&sec_map[idx], sc, sec_softc, sc_entry); + NET_UNLOCK(); smr_barrier(); taskq_del_barrier(systq, &sc->sc_send); refcnt_finalize(&sc->sc_refs, "secdown"); + NET_LOCK(); + SMR_SLIST_REMOVE_LOCKED(&sec_map[idx], sc, sec_softc, sc_entry); + sc->sc_up = 0; + return (0); } @@ -369,9 +381,13 @@ purge: } static void -sec_start(struct ifnet *ifp) +sec_start(struct ifqueue *ifq) { - counters_add(ifp->if_counters, ifc_oerrors, ifq_purge(&ifp->if_snd)); + struct ifnet *ifp = ifq->ifq_if; + struct sec_softc *sc = ifp->if_softc; + + /* move this back to systq for KERNEL_LOCK */ + task_add(systq, &sc->sc_send); } /* diff --git a/sys/net/pf_table.c b/sys/net/pf_table.c index 6f23a6f79..5e8fff8c5 100644 --- a/sys/net/pf_table.c +++ b/sys/net/pf_table.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_table.c,v 1.144 2023/01/05 10:06:58 sashan Exp $ */ +/* $OpenBSD: pf_table.c,v 1.145 2023/08/10 16:44:04 sashan Exp $ */ /* * Copyright (c) 2002 Cedric Berger @@ -1565,8 +1565,10 @@ pfr_add_tables(struct pfr_table *tbl, int size, int *nadd, int flags) xadd++; } else if (!(flags & PFR_FLAG_DUMMY) && !(p->pfrkt_flags & PFR_TFLAG_ACTIVE)) { - p->pfrkt_nflags = (p->pfrkt_flags & - ~PFR_TFLAG_USRMASK) | PFR_TFLAG_ACTIVE; + p->pfrkt_nflags = + (p->pfrkt_flags & ~PFR_TFLAG_USRMASK) | + (n->pfrkt_flags & PFR_TFLAG_USRMASK) | + PFR_TFLAG_ACTIVE; SLIST_INSERT_HEAD(&changeq, p, pfrkt_workq); } } diff --git a/usr.bin/chpass/edit.c b/usr.bin/chpass/edit.c index b75a47efa..c019f5608 100644 --- a/usr.bin/chpass/edit.c +++ b/usr.bin/chpass/edit.c @@ -1,4 +1,4 @@ -/* $OpenBSD: edit.c,v 1.35 2015/01/16 06:40:06 deraadt Exp $ */ +/* $OpenBSD: edit.c,v 1.36 2023/08/11 04:45:05 guenther Exp $ */ /* $NetBSD: edit.c,v 1.6 1996/05/15 21:50:45 jtc Exp $ */ /*- @@ -58,7 +58,7 @@ edit(char *tempname, struct passwd *pw) pw_edit(1, tempname); if (lstat(tempname, &end) == -1 || S_ISLNK(end.st_mode)) return (EDIT_ERROR); - if (!timespeccmp(&begin.st_mtimespec, &end.st_mtimespec, -) && + if (!timespeccmp(&begin.st_mtim, &end.st_mtim, -) && begin.st_size == end.st_size) { warnx("no changes made"); return (EDIT_NOCHANGE); diff --git a/usr.bin/compress/main.c b/usr.bin/compress/main.c index ec975698e..834f3bd90 100644 --- a/usr.bin/compress/main.c +++ b/usr.bin/compress/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.104 2022/10/26 00:40:40 millert Exp $ */ +/* $OpenBSD: main.c,v 1.105 2023/08/11 04:45:05 guenther Exp $ */ /* * Copyright (c) 1992, 1993 @@ -756,10 +756,8 @@ dodecompress(const char *in, char *out, struct stat *sb) } if (storename && !cat) { if (info.mtime != 0) { - sb->st_mtimespec.tv_sec = - sb->st_atimespec.tv_sec = info.mtime; - sb->st_mtimespec.tv_nsec = - sb->st_atimespec.tv_nsec = 0; + sb->st_mtim.tv_sec = sb->st_atim.tv_sec = info.mtime; + sb->st_mtim.tv_nsec = sb->st_atim.tv_nsec = 0; } } if (error != FAILURE) diff --git a/usr.bin/cvs/file.c b/usr.bin/cvs/file.c index 58971c60a..1ab57a8bd 100644 --- a/usr.bin/cvs/file.c +++ b/usr.bin/cvs/file.c @@ -1,4 +1,4 @@ -/* $OpenBSD: file.c,v 1.275 2021/10/24 21:24:16 deraadt Exp $ */ +/* $OpenBSD: file.c,v 1.276 2023/08/11 04:48:14 guenther Exp $ */ /* * Copyright (c) 2006 Joris Vink * Copyright (c) 2004 Jean-Francois Brousseau @@ -1068,8 +1068,7 @@ int cvs_file_copy(const char *from, const char *to) { struct stat st; - struct timeval tv[2]; - time_t atime, mtime; + struct timespec ts[2]; int src, dst, ret; ret = 0; @@ -1085,9 +1084,6 @@ cvs_file_copy(const char *from, const char *to) if (fstat(src, &st) == -1) fatal("cvs_file_copy: `%s': %s", from, strerror(errno)); - atime = st.st_atimespec.tv_sec; - mtime = st.st_mtimespec.tv_sec; - if (S_ISREG(st.st_mode)) { char *p; int saved_errno; @@ -1120,10 +1116,10 @@ cvs_file_copy(const char *from, const char *to) (void)munmap(p, st.st_size); - tv[0].tv_sec = atime; - tv[1].tv_sec = mtime; + ts[0] = st.st_atim; + ts[1] = st.st_mtim; - if (futimes(dst, tv) == -1) { + if (futimens(dst, ts) == -1) { saved_errno = errno; (void)unlink(to); fatal("cvs_file_copy: futimes: %s", diff --git a/usr.bin/find/function.c b/usr.bin/find/function.c index 625698939..344b25931 100644 --- a/usr.bin/find/function.c +++ b/usr.bin/find/function.c @@ -1,4 +1,4 @@ -/* $OpenBSD: function.c,v 1.54 2023/04/01 05:27:44 tb Exp $ */ +/* $OpenBSD: function.c,v 1.55 2023/08/11 04:45:05 guenther Exp $ */ /*- * Copyright (c) 1990, 1993 @@ -1205,9 +1205,9 @@ int f_newer(PLAN *plan, FTSENT *entry) { - return (entry->fts_statp->st_mtimespec.tv_sec > plan->t_data.tv_sec || - (entry->fts_statp->st_mtimespec.tv_sec == plan->t_data.tv_sec && - entry->fts_statp->st_mtimespec.tv_nsec > plan->t_data.tv_nsec)); + return (entry->fts_statp->st_mtim.tv_sec > plan->t_data.tv_sec || + (entry->fts_statp->st_mtim.tv_sec == plan->t_data.tv_sec && + entry->fts_statp->st_mtim.tv_nsec > plan->t_data.tv_nsec)); } PLAN * @@ -1221,7 +1221,7 @@ c_newer(char *filename, char ***ignored, int unused) if (stat(filename, &sb)) err(1, "%s", filename); new = palloc(N_NEWER, f_newer); - memcpy(&new->t_data, &sb.st_mtimespec, sizeof(struct timespec)); + memcpy(&new->t_data, &sb.st_mtim, sizeof(struct timespec)); return (new); } @@ -1236,9 +1236,9 @@ int f_anewer(PLAN *plan, FTSENT *entry) { - return (entry->fts_statp->st_atimespec.tv_sec > plan->t_data.tv_sec || - (entry->fts_statp->st_atimespec.tv_sec == plan->t_data.tv_sec && - entry->fts_statp->st_atimespec.tv_nsec > plan->t_data.tv_nsec)); + return (entry->fts_statp->st_atim.tv_sec > plan->t_data.tv_sec || + (entry->fts_statp->st_atim.tv_sec == plan->t_data.tv_sec && + entry->fts_statp->st_atim.tv_nsec > plan->t_data.tv_nsec)); } PLAN * @@ -1252,7 +1252,7 @@ c_anewer(char *filename, char ***ignored, int unused) if (stat(filename, &sb)) err(1, "%s", filename); new = palloc(N_NEWER, f_anewer); - memcpy(&new->t_data, &sb.st_atimespec, sizeof(struct timespec)); + memcpy(&new->t_data, &sb.st_atim, sizeof(struct timespec)); return (new); } @@ -1267,9 +1267,9 @@ int f_cnewer(PLAN *plan, FTSENT *entry) { - return (entry->fts_statp->st_ctimespec.tv_sec > plan->t_data.tv_sec || - (entry->fts_statp->st_ctimespec.tv_sec == plan->t_data.tv_sec && - entry->fts_statp->st_ctimespec.tv_nsec > plan->t_data.tv_nsec)); + return (entry->fts_statp->st_ctim.tv_sec > plan->t_data.tv_sec || + (entry->fts_statp->st_ctim.tv_sec == plan->t_data.tv_sec && + entry->fts_statp->st_ctim.tv_nsec > plan->t_data.tv_nsec)); } PLAN * @@ -1283,7 +1283,7 @@ c_cnewer(char *filename, char ***ignored, int unused) if (stat(filename, &sb)) err(1, "%s", filename); new = palloc(N_NEWER, f_cnewer); - memcpy(&new->t_data, &sb.st_ctimespec, sizeof(struct timespec)); + memcpy(&new->t_data, &sb.st_ctim, sizeof(struct timespec)); return (new); } diff --git a/usr.bin/make/make.1 b/usr.bin/make/make.1 index 9ed033b32..f09ebb04c 100644 --- a/usr.bin/make/make.1 +++ b/usr.bin/make/make.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: make.1,v 1.140 2023/07/08 18:02:00 espie Exp $ +.\" $OpenBSD: make.1,v 1.141 2023/08/10 10:56:34 espie Exp $ .\" $NetBSD: make.1,v 1.18 1997/03/10 21:19:53 christos Exp $ .\" .\" Copyright (c) 1990, 1993 @@ -30,7 +30,7 @@ .\" .\" from: @(#)make.1 8.4 (Berkeley) 3/19/94 .\" -.Dd $Mdocdate: July 8 2023 $ +.Dd $Mdocdate: August 10 2023 $ .Dt MAKE 1 .Os .Sh NAME @@ -830,6 +830,8 @@ Possibly the file name of the last makefile that has been read. It should not be used; see the .Sx BUGS section below. +.It Va .VARIABLES +List of all the names of global variables that have been set. .El .Pp Variable expansion may be modified to select or modify each word of the diff --git a/usr.bin/make/var.c b/usr.bin/make/var.c index ddb9eb657..1e0cbfe4f 100644 --- a/usr.bin/make/var.c +++ b/usr.bin/make/var.c @@ -1,4 +1,4 @@ -/* $OpenBSD: var.c,v 1.104 2022/06/09 13:13:14 espie Exp $ */ +/* $OpenBSD: var.c,v 1.105 2023/08/10 10:52:43 espie Exp $ */ /* $NetBSD: var.c,v 1.18 1997/03/18 19:24:46 christos Exp $ */ /* @@ -104,6 +104,8 @@ static char varNoError[] = ""; bool errorIsOkay; static bool checkEnvFirst; /* true if environment should be searched for * variables before the global context */ + /* do we need to recompute varname_list */ +static bool varname_list_changed = true; void Var_setCheckEnvFirst(bool yes) @@ -222,6 +224,7 @@ typedef struct Var_ { #define VAR_FROM_ENV 8 /* Special source: environment */ #define VAR_SEEN_ENV 16 /* No need to go look up environment again */ #define VAR_IS_SHELL 32 /* Magic behavior */ +#define VAR_IS_NAMES 1024 /* Very expensive, only defined when needed */ /* XXX there are also some flag values which are part of the visible API * and thus defined inside var.h, don't forget to look there if you want * to define some new flags ! @@ -231,6 +234,8 @@ typedef struct Var_ { char name[1]; /* the variable's name */ } Var; +/* for GNU make compatibility */ +#define VARNAME_LIST ".VARIABLES" static struct ohash_info var_info = { offsetof(Var, name), @@ -245,10 +250,11 @@ static void fill_from_env(Var *); static Var *create_var(const char *, const char *); static void var_set_initial_value(Var *, const char *); static void var_set_value(Var *, const char *); -#define var_get_value(v) ((v)->flags & VAR_EXEC_LATER ? \ - var_exec_cmd(v) : \ - Buf_Retrieve(&((v)->val))) -static char *var_exec_cmd(Var *); +static char *var_get_value(Var *); +static void var_exec_cmd(Var *); +static void varname_list_retrieve(Var *); + + static void var_append_value(Var *, const char *); static void poison_check(Var *); static void var_set_append(const char *, const char *, const char *, int, bool); @@ -423,6 +429,7 @@ var_set_initial_value(Var *v, const char *val) len = strlen(val); Buf_Init(&(v->val), len+1); Buf_AddChars(&(v->val), len, val); + varname_list_changed = true; } /* Normal version of var_set_value(), to be called after variable is fully @@ -440,6 +447,16 @@ var_set_value(Var *v, const char *val) } } +static char * +var_get_value(Var *v) +{ + if (v->flags & VAR_IS_NAMES) + varname_list_retrieve(v); + else if (v->flags & VAR_EXEC_LATER) + var_exec_cmd(v); + return Buf_Retrieve(&(v->val)); +} + /* Add to a variable, insert a separating space if the variable was already * defined. */ @@ -628,6 +645,7 @@ Var_Deletei(const char *name, const char *ename) ohash_remove(&global_variables, slot); delete_var(v); + varname_list_changed = true; } /* Set or add a global variable, either to VAR_CMD or VAR_GLOBAL. @@ -687,7 +705,7 @@ Var_Appendi_with_ctxt(const char *name, const char *ename, const char *val, var_set_append(name, ename, val, ctxt, true); } -static char * +static void var_exec_cmd(Var *v) { char *arg = Buf_Retrieve(&(v->val)); @@ -699,7 +717,30 @@ var_exec_cmd(Var *v) var_set_value(v, res1); free(res1); v->flags &= ~VAR_EXEC_LATER; - return Buf_Retrieve(&(v->val)); +} + +static void +varname_list_retrieve(Var *v) +{ + unsigned int i; + void *e; + bool first = true; + + if (!varname_list_changed) + return; + for (e = ohash_first(&global_variables, &i); e != NULL; + e = ohash_next(&global_variables, &i)) { + Var *v2 = e; + if (v2->flags & VAR_DUMMY) + continue; + + if (first) + var_set_value(v, v2->name); + else + var_append_value(v, v2->name); + first = false; + } + varname_list_changed = false; } /* XXX different semantics for Var_Valuei() and Var_Definedi(): @@ -1339,6 +1380,22 @@ set_magic_shell_variable() v->flags = VAR_IS_SHELL | VAR_SEEN_ENV; } +static void +set_magic_name_list_variable() +{ + const char *name = VARNAME_LIST; + const char *ename = NULL; + uint32_t k; + Var *v; + + k = ohash_interval(name, &ename); + v = find_global_var_without_env(name, ename, k); + /* XXX We need to set a "dummy" value because that variable can't be + * VAR_DUMMY, since we wouldn't hit var_get_value otherwise. + */ + var_set_initial_value(v, ""); + v->flags = VAR_IS_NAMES; +} /* * Var_Init * Initialize the module @@ -1348,11 +1405,10 @@ Var_Init(void) { ohash_init(&global_variables, 10, &var_info); set_magic_shell_variable(); - + set_magic_name_list_variable(); errorIsOkay = true; Var_setCheckEnvFirst(false); - VarModifiers_Init(); Buf_Init(&subst_buffer, MAKE_BSIZE); } diff --git a/usr.bin/mg/fileio.c b/usr.bin/mg/fileio.c index 7b5bbc574..fd44a8bcf 100644 --- a/usr.bin/mg/fileio.c +++ b/usr.bin/mg/fileio.c @@ -1,4 +1,4 @@ -/* $OpenBSD: fileio.c,v 1.111 2023/03/30 19:00:02 op Exp $ */ +/* $OpenBSD: fileio.c,v 1.112 2023/08/11 04:45:05 guenther Exp $ */ /* This file is in the public domain. */ @@ -67,7 +67,7 @@ ffstat(FILE *ffp, struct buffer *bp) bp->b_fi.fi_mode = sb.st_mode | 0x8000; bp->b_fi.fi_uid = sb.st_uid; bp->b_fi.fi_gid = sb.st_gid; - bp->b_fi.fi_mtime = sb.st_mtimespec; + bp->b_fi.fi_mtime = sb.st_mtim; /* Clear the ignore flag */ bp->b_flag &= ~(BFIGNDIRTY | BFDIRTY); } @@ -587,8 +587,8 @@ fchecktime(struct buffer *bp) if (stat(bp->b_fname, &sb) == -1) return (TRUE); - if (bp->b_fi.fi_mtime.tv_sec != sb.st_mtimespec.tv_sec || - bp->b_fi.fi_mtime.tv_nsec != sb.st_mtimespec.tv_nsec) + if (bp->b_fi.fi_mtime.tv_sec != sb.st_mtim.tv_sec || + bp->b_fi.fi_mtime.tv_nsec != sb.st_mtim.tv_nsec) return (FALSE); return (TRUE); diff --git a/usr.bin/rcs/ci.c b/usr.bin/rcs/ci.c index 765b03a93..d77e12cb0 100644 --- a/usr.bin/rcs/ci.c +++ b/usr.bin/rcs/ci.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ci.c,v 1.224 2016/07/04 01:39:12 millert Exp $ */ +/* $OpenBSD: ci.c,v 1.225 2023/08/11 04:44:28 guenther Exp $ */ /* * Copyright (c) 2005, 2006 Niall O'Higgins * All rights reserved. @@ -823,7 +823,7 @@ checkin_mtimedate(struct checkin_params *pb) if (fstat(workfile_fd, &sb) == -1) err(1, "%s", pb->filename); - pb->date = sb.st_mtimespec.tv_sec; + pb->date = sb.st_mtime; } /* diff --git a/usr.bin/rcs/co.c b/usr.bin/rcs/co.c index 97baae78c..c13b30aa2 100644 --- a/usr.bin/rcs/co.c +++ b/usr.bin/rcs/co.c @@ -1,4 +1,4 @@ -/* $OpenBSD: co.c,v 1.126 2019/06/28 13:35:03 deraadt Exp $ */ +/* $OpenBSD: co.c,v 1.127 2023/08/11 05:02:21 guenther Exp $ */ /* * Copyright (c) 2005 Joris Vink * All rights reserved. @@ -52,7 +52,7 @@ checkout_main(int argc, char **argv) const char *author, *date, *state; char fpath[PATH_MAX]; char *rev_str, *username; - time_t rcs_mtime = -1; + struct timespec rcs_mtime = { .tv_sec = 0, .tv_nsec = UTIME_OMIT }; flags = ret = 0; kflag = RCS_KWEXP_ERR; diff --git a/usr.bin/rcs/rcsclean.c b/usr.bin/rcs/rcsclean.c index 2b48bc06f..8c4d71a1d 100644 --- a/usr.bin/rcs/rcsclean.c +++ b/usr.bin/rcs/rcsclean.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rcsclean.c,v 1.56 2016/08/26 09:02:54 guenther Exp $ */ +/* $OpenBSD: rcsclean.c,v 1.57 2023/08/11 05:02:21 guenther Exp $ */ /* * Copyright (c) 2005 Joris Vink * All rights reserved. @@ -25,6 +25,7 @@ */ #include +#include #include #include @@ -137,7 +138,7 @@ rcsclean_file(char *fname, const char *rev_str) char fpath[PATH_MAX], numb[RCS_REV_BUFSZ]; RCSNUM *rev; BUF *b1, *b2; - time_t rcs_mtime = -1; + struct timespec rcs_mtime = { .tv_sec = 0, .tv_nsec = UTIME_OMIT }; b1 = b2 = NULL; file = NULL; diff --git a/usr.bin/rcs/rcsprog.c b/usr.bin/rcs/rcsprog.c index f68b3f1b6..669259253 100644 --- a/usr.bin/rcs/rcsprog.c +++ b/usr.bin/rcs/rcsprog.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rcsprog.c,v 1.164 2023/03/08 04:43:12 guenther Exp $ */ +/* $OpenBSD: rcsprog.c,v 1.165 2023/08/11 05:02:21 guenther Exp $ */ /* * Copyright (c) 2005 Jean-Francois Brousseau * All rights reserved. @@ -191,7 +191,7 @@ rcs_main(int argc, char **argv) RCSFILE *file; RCSNUM *logrev; struct rcs_access *acp; - time_t rcs_mtime = -1; + struct timespec rcs_mtime = { .tv_sec = 0, .tv_nsec = UTIME_OMIT }; kflag = RCS_KWEXP_ERR; lkmode = RCS_LOCK_INVAL; diff --git a/usr.bin/rcs/rcsutil.c b/usr.bin/rcs/rcsutil.c index c423b220b..875434e2c 100644 --- a/usr.bin/rcs/rcsutil.c +++ b/usr.bin/rcs/rcsutil.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rcsutil.c,v 1.47 2020/10/14 20:07:19 naddy Exp $ */ +/* $OpenBSD: rcsutil.c,v 1.48 2023/08/11 05:02:21 guenther Exp $ */ /* * Copyright (c) 2005, 2006 Joris Vink * Copyright (c) 2006 Xavier Santolaria @@ -44,44 +44,42 @@ * rcs_get_mtime() * * Get last modified time. - * Returns last modified time on success, or -1 on failure. + * Returns last modified time on success, or a timespec with tv_nsec + * set to UTIME_OMIT on failure. */ -time_t +struct timespec rcs_get_mtime(RCSFILE *file) { struct stat st; - time_t mtime; + struct timespec mtime = { .tv_sec = 0, .tv_nsec = UTIME_OMIT }; if (file->rf_file == NULL) - return (-1); + return mtime; if (fstat(fileno(file->rf_file), &st) == -1) { warn("%s", file->rf_path); - return (-1); + return mtime; } - mtime = st.st_mtimespec.tv_sec; - - return (mtime); + return st.st_mtim; } /* * rcs_set_mtime() * - * Set last modified time to if it's not set to -1. + * Set last modified time to if its tv_nsec isn't UTIME_OMIT */ void -rcs_set_mtime(RCSFILE *file, time_t mtime) +rcs_set_mtime(RCSFILE *file, struct timespec mtime) { - static struct timeval tv[2]; + struct timespec ts[2]; - if (file->rf_file == NULL || mtime == -1) + if (file->rf_file == NULL || mtime.tv_nsec == UTIME_OMIT) return; - tv[0].tv_sec = mtime; - tv[1].tv_sec = tv[0].tv_sec; + ts[0] = ts[1] = mtime; - if (futimes(fileno(file->rf_file), tv) == -1) + if (futimens(fileno(file->rf_file), ts) == -1) err(1, "utimes"); } diff --git a/usr.bin/rcs/rcsutil.h b/usr.bin/rcs/rcsutil.h index cb046efcf..a919da4e7 100644 --- a/usr.bin/rcs/rcsutil.h +++ b/usr.bin/rcs/rcsutil.h @@ -1,4 +1,4 @@ -/* $OpenBSD: rcsutil.h,v 1.15 2016/07/04 01:39:12 millert Exp $ */ +/* $OpenBSD: rcsutil.h,v 1.16 2023/08/11 05:02:21 guenther Exp $ */ /* * Copyright (c) 2006 Xavier Santolaria * All rights reserved. @@ -50,9 +50,9 @@ struct rcs_argvector { /* rcsutil.c */ int rcs_getopt(int, char **, const char *); -void rcs_set_mtime(RCSFILE *, time_t); +void rcs_set_mtime(RCSFILE *, struct timespec); int rcs_choosefile(const char *, char *, size_t); -time_t rcs_get_mtime(RCSFILE *); +struct timespec rcs_get_mtime(RCSFILE *); RCSNUM *rcs_getrevnum(const char *, RCSFILE *); char *rcs_prompt(const char *, int); u_int rcs_rev_select(RCSFILE *, const char *); diff --git a/usr.bin/ssh/session.c b/usr.bin/ssh/session.c index d0da3f2e7..a15c26679 100644 --- a/usr.bin/ssh/session.c +++ b/usr.bin/ssh/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.335 2023/03/07 06:09:14 dtucker Exp $ */ +/* $OpenBSD: session.c,v 1.336 2023/08/10 23:05:48 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -2060,17 +2060,17 @@ session_exit_message(struct ssh *ssh, Session *s, int status) { Channel *c; int r; + char *note = NULL; if ((c = channel_lookup(ssh, s->chanid)) == NULL) fatal_f("session %d: no channel %d", s->self, s->chanid); - debug_f("session %d channel %d pid %ld", - s->self, s->chanid, (long)s->pid); if (WIFEXITED(status)) { channel_request_start(ssh, s->chanid, "exit-status", 0); if ((r = sshpkt_put_u32(ssh, WEXITSTATUS(status))) != 0 || (r = sshpkt_send(ssh)) != 0) sshpkt_fatal(ssh, r, "%s: exit reply", __func__); + xasprintf(¬e, "exit %d", WEXITSTATUS(status)); } else if (WIFSIGNALED(status)) { channel_request_start(ssh, s->chanid, "exit-signal", 0); if ((r = sshpkt_put_cstring(ssh, sig2name(WTERMSIG(status)))) != 0 || @@ -2079,11 +2079,18 @@ session_exit_message(struct ssh *ssh, Session *s, int status) (r = sshpkt_put_cstring(ssh, "")) != 0 || (r = sshpkt_send(ssh)) != 0) sshpkt_fatal(ssh, r, "%s: exit reply", __func__); + xasprintf(¬e, "signal %d%s", WTERMSIG(status), + WCOREDUMP(status) ? " core dumped" : ""); } else { /* Some weird exit cause. Just exit. */ - ssh_packet_disconnect(ssh, "wait returned status %04x.", status); + ssh_packet_disconnect(ssh, "wait returned status %04x.", + status); } + debug_f("session %d channel %d pid %ld %s", s->self, s->chanid, + (long)s->pid, note == NULL ? "UNKNOWN" : note); + free(note); + /* disconnect channel */ debug_f("release channel %d", s->chanid); diff --git a/usr.bin/ssh/ssh-agent.1 b/usr.bin/ssh/ssh-agent.1 index 327f0e196..6815eb834 100644 --- a/usr.bin/ssh/ssh-agent.1 +++ b/usr.bin/ssh/ssh-agent.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-agent.1,v 1.78 2023/07/23 20:04:45 naddy Exp $ +.\" $OpenBSD: ssh-agent.1,v 1.79 2023/08/10 14:37:32 naddy Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: July 23 2023 $ +.Dd $Mdocdate: August 10 2023 $ .Dt SSH-AGENT 1 .Os .Sh NAME @@ -122,7 +122,7 @@ Note that signalling that an .Nm client is remote is performed by .Xr ssh 1 , -and use of other tools to forward access to the agent socket, may circumvent +and use of other tools to forward access to the agent socket may circumvent this restriction. .Pp The diff --git a/usr.bin/ssh/version.h b/usr.bin/ssh/version.h index 46f1ee3a0..5b70084ec 100644 --- a/usr.bin/ssh/version.h +++ b/usr.bin/ssh/version.h @@ -1,3 +1,3 @@ -/* $OpenBSD: version.h,v 1.97 2023/03/15 21:19:57 djm Exp $ */ +/* $OpenBSD: version.h,v 1.98 2023/08/10 01:01:07 djm Exp $ */ -#define SSH_VERSION "OpenSSH_9.3" +#define SSH_VERSION "OpenSSH_9.4" diff --git a/usr.bin/tmux/cmd-display-menu.c b/usr.bin/tmux/cmd-display-menu.c index 712524c9a..d616d0c43 100644 --- a/usr.bin/tmux/cmd-display-menu.c +++ b/usr.bin/tmux/cmd-display-menu.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cmd-display-menu.c,v 1.40 2023/08/07 10:52:00 nicm Exp $ */ +/* $OpenBSD: cmd-display-menu.c,v 1.41 2023/08/08 08:08:47 nicm Exp $ */ /* * Copyright (c) 2019 Nicholas Marriott @@ -39,10 +39,11 @@ const struct cmd_entry cmd_display_menu_entry = { .name = "display-menu", .alias = "menu", - .args = { "c:t:S:OT:x:y:", 1, -1, cmd_display_menu_args_parse }, - .usage = "[-O] [-c target-client] [-S starting-choice] " - CMD_TARGET_PANE_USAGE " [-T title] [-x position] " - "[-y position] name key command ...", + .args = { "b:c:C:t:s:S:OT:x:y:", 1, -1, cmd_display_menu_args_parse }, + .usage = "[-O] [-b border-lines] [-c target-client] " + "[-C starting-choice] [-s style] [-S border-style] " + CMD_TARGET_PANE_USAGE "[-T title] [-x position] [-y position] " + "name key command ...", .target = { 't', CMD_FIND_PANE, 0 }, @@ -289,19 +290,25 @@ cmd_display_menu_exec(struct cmd *self, struct cmdq_item *item) struct client *tc = cmdq_get_target_client(item); struct menu *menu = NULL; struct menu_item menu_item; - const char *key, *name; + const char *key, *name, *value; + const char *style = args_get(args, 's'); + const char *border_style = args_get(args, 'S'); + enum box_lines lines = BOX_LINES_DEFAULT; char *title, *cause; int flags = 0, starting_choice = 0; u_int px, py, i, count = args_count(args); + struct options *o = target->s->curw->window->options; + struct options_entry *oe; + if (tc->overlay_draw != NULL) return (CMD_RETURN_NORMAL); - if (args_has(args, 'S')) { - if (strcmp(args_get(args, 'S'), "-") == 0) + if (args_has(args, 'C')) { + if (strcmp(args_get(args, 'C'), "-") == 0) starting_choice = -1; else { - starting_choice = args_strtonum(args, 'S', 0, UINT_MAX, + starting_choice = args_strtonum(args, 'C', 0, UINT_MAX, &cause); if (cause != NULL) { cmdq_error(item, "starting choice %s", cause); @@ -352,12 +359,24 @@ cmd_display_menu_exec(struct cmd *self, struct cmdq_item *item) return (CMD_RETURN_NORMAL); } + value = args_get(args, 'b'); + if (value != NULL) { + oe = options_get(o, "menu-border-lines"); + lines = options_find_choice(options_table_entry(oe), value, + &cause); + if (lines == -1) { + cmdq_error(item, "menu-border-lines %s", cause); + free(cause); + return (CMD_RETURN_ERROR); + } + } + if (args_has(args, 'O')) flags |= MENU_STAYOPEN; if (!event->m.valid) flags |= MENU_NOMOUSE; - if (menu_display(menu, flags, starting_choice, item, px, py, tc, target, - NULL, NULL) != 0) + if (menu_display(menu, flags, starting_choice, item, px, py, tc, lines, + style, border_style, target, NULL, NULL) != 0) return (CMD_RETURN_NORMAL); return (CMD_RETURN_WAIT); } diff --git a/usr.bin/tmux/input.c b/usr.bin/tmux/input.c index 2157dac28..a00a340f4 100644 --- a/usr.bin/tmux/input.c +++ b/usr.bin/tmux/input.c @@ -1,4 +1,4 @@ -/* $OpenBSD: input.c,v 1.218 2023/07/13 06:03:48 nicm Exp $ */ +/* $OpenBSD: input.c,v 1.219 2023/08/08 08:21:29 nicm Exp $ */ /* * Copyright (c) 2007 Nicholas Marriott @@ -2756,6 +2756,9 @@ input_osc_133(struct input_ctx *ictx, const char *p) case 'A': gl->flags |= GRID_LINE_START_PROMPT; break; + case 'C': + gl->flags |= GRID_LINE_START_OUTPUT; + break; } } diff --git a/usr.bin/tmux/menu.c b/usr.bin/tmux/menu.c index e1efa60e7..4b0622020 100644 --- a/usr.bin/tmux/menu.c +++ b/usr.bin/tmux/menu.c @@ -1,4 +1,4 @@ -/* $OpenBSD: menu.c,v 1.49 2023/02/05 21:26:48 nicm Exp $ */ +/* $OpenBSD: menu.c,v 1.51 2023/08/08 08:08:47 nicm Exp $ */ /* * Copyright (c) 2019 Nicholas Marriott @@ -27,6 +27,10 @@ struct menu_data { struct cmdq_item *item; int flags; + struct grid_cell style; + struct grid_cell border_style; + enum box_lines border_lines; + struct cmd_find_state fs; struct screen s; @@ -199,11 +203,17 @@ menu_draw_cb(struct client *c, void *data, u_int i, px = md->px, py = md->py; struct grid_cell gc; - style_apply(&gc, c->session->curw->window->options, "mode-style", NULL); - screen_write_start(&ctx, s); screen_write_clearscreen(&ctx, 8); - screen_write_menu(&ctx, menu, md->choice, &gc); + + if (md->border_lines != BOX_LINES_NONE) { + screen_write_box(&ctx, menu->width + 4, menu->count + 2, + md->border_lines, &md->border_style, menu->title); + } + style_apply(&gc, c->session->curw->window->options, "mode-style", NULL); + + screen_write_menu(&ctx, menu, md->choice, md->border_lines, + &md->style, &md->border_style, &gc); screen_write_stop(&ctx); for (i = 0; i < screen_size_y(&md->s); i++) { @@ -431,11 +441,14 @@ chosen: struct menu_data * menu_prepare(struct menu *menu, int flags, int starting_choice, struct cmdq_item *item, u_int px, u_int py, struct client *c, + enum box_lines lines, const char *style, const char *border_style, struct cmd_find_state *fs, menu_choice_cb cb, void *data) { struct menu_data *md; int choice; const char *name; + struct style sytmp; + struct options *o = c->session->curw->window->options; if (c->tty.sx < menu->width + 4 || c->tty.sy < menu->count + 2) return (NULL); @@ -444,9 +457,35 @@ menu_prepare(struct menu *menu, int flags, int starting_choice, if (py + menu->count + 2 > c->tty.sy) py = c->tty.sy - menu->count - 2; + if (lines == BOX_LINES_DEFAULT) + lines = options_get_number(o, "menu-border-lines"); + md = xcalloc(1, sizeof *md); md->item = item; md->flags = flags; + md->border_lines = lines; + + memcpy(&md->style, &grid_default_cell, sizeof md->style); + style_apply(&md->style, o, "menu-style", NULL); + if (style != NULL) { + style_set(&sytmp, &grid_default_cell); + if (style_parse(&sytmp, &md->style, style) == 0) { + md->style.fg = sytmp.gc.fg; + md->style.bg = sytmp.gc.bg; + } + } + md->style.attr = 0; + + memcpy(&md->border_style, &grid_default_cell, sizeof md->border_style); + style_apply(&md->border_style, o, "menu-border-style", NULL); + if (border_style != NULL) { + style_set(&sytmp, &grid_default_cell); + if (style_parse(&sytmp, &md->border_style, border_style) == 0) { + md->border_style.fg = sytmp.gc.fg; + md->border_style.bg = sytmp.gc.bg; + } + } + md->border_style.attr = 0; if (fs != NULL) cmd_find_copy_state(&md->fs, fs); @@ -500,12 +539,13 @@ menu_prepare(struct menu *menu, int flags, int starting_choice, int menu_display(struct menu *menu, int flags, int starting_choice, struct cmdq_item *item, u_int px, u_int py, struct client *c, + enum box_lines lines, const char *style, const char *border_style, struct cmd_find_state *fs, menu_choice_cb cb, void *data) { struct menu_data *md; - md = menu_prepare(menu, flags, starting_choice, item, px, py, c, fs, cb, - data); + md = menu_prepare(menu, flags, starting_choice, item, px, py, c, lines, + style, border_style, fs, cb, data); if (md == NULL) return (-1); server_client_set_overlay(c, 0, NULL, menu_mode_cb, menu_draw_cb, diff --git a/usr.bin/tmux/mode-tree.c b/usr.bin/tmux/mode-tree.c index b90980f9f..08a5c294f 100644 --- a/usr.bin/tmux/mode-tree.c +++ b/usr.bin/tmux/mode-tree.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mode-tree.c,v 1.63 2023/01/20 21:36:00 nicm Exp $ */ +/* $OpenBSD: mode-tree.c,v 1.64 2023/08/08 08:08:47 nicm Exp $ */ /* * Copyright (c) 2017 Nicholas Marriott @@ -962,8 +962,8 @@ mode_tree_display_menu(struct mode_tree_data *mtd, struct client *c, u_int x, x -= (menu->width + 4) / 2; else x = 0; - if (menu_display(menu, 0, 0, NULL, x, y, c, NULL, - mode_tree_menu_callback, mtm) != 0) + if (menu_display(menu, 0, 0, NULL, x, y, c, BOX_LINES_DEFAULT, NULL, + NULL, NULL, mode_tree_menu_callback, mtm) != 0) menu_free(menu); } diff --git a/usr.bin/tmux/options-table.c b/usr.bin/tmux/options-table.c index d7757f7f6..211257f21 100644 --- a/usr.bin/tmux/options-table.c +++ b/usr.bin/tmux/options-table.c @@ -1,4 +1,4 @@ -/* $OpenBSD: options-table.c,v 1.165 2022/09/09 11:02:23 nicm Exp $ */ +/* $OpenBSD: options-table.c,v 1.166 2023/08/08 08:08:47 nicm Exp $ */ /* * Copyright (c) 2011 Nicholas Marriott @@ -327,6 +327,33 @@ const struct options_table_entry options_table[] = { "Empty does not write a history file." }, + { .name = "menu-style", + .type = OPTIONS_TABLE_STRING, + .scope = OPTIONS_TABLE_WINDOW, + .flags = OPTIONS_TABLE_IS_STYLE, + .default_str = "default", + .separator = ",", + .text = "Default style of menu." + }, + + { .name = "menu-border-style", + .type = OPTIONS_TABLE_STRING, + .scope = OPTIONS_TABLE_WINDOW, + .default_str = "default", + .flags = OPTIONS_TABLE_IS_STYLE, + .separator = ",", + .text = "Default style of menu borders." + }, + + { .name = "menu-border-lines", + .type = OPTIONS_TABLE_CHOICE, + .scope = OPTIONS_TABLE_WINDOW, + .choices = options_table_popup_border_lines_list, + .default_num = BOX_LINES_SINGLE, + .text = "Type of characters used to draw menu border lines. Some of " + "these are only supported on terminals with UTF-8 support." + }, + { .name = "message-limit", .type = OPTIONS_TABLE_NUMBER, .scope = OPTIONS_TABLE_SERVER, diff --git a/usr.bin/tmux/popup.c b/usr.bin/tmux/popup.c index b172f4026..35adb1b3c 100644 --- a/usr.bin/tmux/popup.c +++ b/usr.bin/tmux/popup.c @@ -1,4 +1,4 @@ -/* $OpenBSD: popup.c,v 1.50 2023/06/21 06:28:18 nicm Exp $ */ +/* $OpenBSD: popup.c,v 1.51 2023/08/08 08:08:47 nicm Exp $ */ /* * Copyright (c) 2020 Nicholas Marriott @@ -575,8 +575,8 @@ menu: x = m->x - (pd->menu->width + 4) / 2; else x = 0; - pd->md = menu_prepare(pd->menu, 0, 0, NULL, x, m->y, c, NULL, - popup_menu_done, pd); + pd->md = menu_prepare(pd->menu, 0, 0, NULL, x, m->y, c, + BOX_LINES_DEFAULT, NULL, NULL, NULL, popup_menu_done, pd); c->flags |= CLIENT_REDRAWOVERLAY; out: diff --git a/usr.bin/tmux/screen-write.c b/usr.bin/tmux/screen-write.c index 43c923e68..8d98e0e99 100644 --- a/usr.bin/tmux/screen-write.c +++ b/usr.bin/tmux/screen-write.c @@ -1,4 +1,4 @@ -/* $OpenBSD: screen-write.c,v 1.215 2023/07/14 19:32:59 nicm Exp $ */ +/* $OpenBSD: screen-write.c,v 1.217 2023/08/08 08:08:47 nicm Exp $ */ /* * Copyright (c) 2007 Nicholas Marriott @@ -30,7 +30,6 @@ static void screen_write_collect_clear(struct screen_write_ctx *, u_int, static void screen_write_collect_scroll(struct screen_write_ctx *, u_int); static void screen_write_collect_flush(struct screen_write_ctx *, int, const char *); - static int screen_write_overwrite(struct screen_write_ctx *, struct grid_cell *, u_int); static const struct grid_cell *screen_write_combine(struct screen_write_ctx *, @@ -592,9 +591,46 @@ screen_write_fast_copy(struct screen_write_ctx *ctx, struct screen *src, } } +/* Select character set for drawing border lines. */ +static void +screen_write_box_border_set(enum box_lines lines, int cell_type, + struct grid_cell *gc) +{ + switch (lines) { + case BOX_LINES_NONE: + break; + case BOX_LINES_DOUBLE: + gc->attr &= ~GRID_ATTR_CHARSET; + utf8_copy(&gc->data, tty_acs_double_borders(cell_type)); + break; + case BOX_LINES_HEAVY: + gc->attr &= ~GRID_ATTR_CHARSET; + utf8_copy(&gc->data, tty_acs_heavy_borders(cell_type)); + break; + case BOX_LINES_ROUNDED: + gc->attr &= ~GRID_ATTR_CHARSET; + utf8_copy(&gc->data, tty_acs_rounded_borders(cell_type)); + break; + case BOX_LINES_SIMPLE: + gc->attr &= ~GRID_ATTR_CHARSET; + utf8_set(&gc->data, SIMPLE_BORDERS[cell_type]); + break; + case BOX_LINES_PADDED: + gc->attr &= ~GRID_ATTR_CHARSET; + utf8_set(&gc->data, PADDED_BORDERS[cell_type]); + break; + case BOX_LINES_SINGLE: + case BOX_LINES_DEFAULT: + gc->attr |= GRID_ATTR_CHARSET; + utf8_set(&gc->data, CELL_BORDERS[cell_type]); + break; + } +} + /* Draw a horizontal line on screen. */ void -screen_write_hline(struct screen_write_ctx *ctx, u_int nx, int left, int right) +screen_write_hline(struct screen_write_ctx *ctx, u_int nx, int left, int right, + enum box_lines lines, const struct grid_cell *border_gc) { struct screen *s = ctx->s; struct grid_cell gc; @@ -603,13 +639,27 @@ screen_write_hline(struct screen_write_ctx *ctx, u_int nx, int left, int right) cx = s->cx; cy = s->cy; - memcpy(&gc, &grid_default_cell, sizeof gc); + if (border_gc != NULL) + memcpy(&gc, border_gc, sizeof gc); + else + memcpy(&gc, &grid_default_cell, sizeof gc); gc.attr |= GRID_ATTR_CHARSET; - screen_write_putc(ctx, &gc, left ? 't' : 'q'); + if (left) + screen_write_box_border_set(lines, CELL_LEFTJOIN, &gc); + else + screen_write_box_border_set(lines, CELL_LEFTRIGHT, &gc); + screen_write_cell(ctx, &gc); + + screen_write_box_border_set(lines, CELL_LEFTRIGHT, &gc); for (i = 1; i < nx - 1; i++) - screen_write_putc(ctx, &gc, 'q'); - screen_write_putc(ctx, &gc, right ? 'u' : 'q'); + screen_write_cell(ctx, &gc); + + if (right) + screen_write_box_border_set(lines, CELL_RIGHTJOIN, &gc); + else + screen_write_box_border_set(lines, CELL_LEFTRIGHT, &gc); + screen_write_cell(ctx, &gc); screen_write_set_cursor(ctx, cx, cy); } @@ -641,86 +691,55 @@ screen_write_vline(struct screen_write_ctx *ctx, u_int ny, int top, int bottom) /* Draw a menu on screen. */ void -screen_write_menu(struct screen_write_ctx *ctx, struct menu *menu, - int choice, const struct grid_cell *choice_gc) +screen_write_menu(struct screen_write_ctx *ctx, struct menu *menu, int choice, + enum box_lines lines, const struct grid_cell *menu_gc, + const struct grid_cell *border_gc, const struct grid_cell *choice_gc) { struct screen *s = ctx->s; struct grid_cell default_gc; const struct grid_cell *gc = &default_gc; - u_int cx, cy, i, j; + u_int cx, cy, i, j, width = menu->width; const char *name; cx = s->cx; cy = s->cy; - memcpy(&default_gc, &grid_default_cell, sizeof default_gc); + memcpy(&default_gc, menu_gc, sizeof default_gc); - screen_write_box(ctx, menu->width + 4, menu->count + 2, - BOX_LINES_DEFAULT, &default_gc, menu->title); + screen_write_box(ctx, menu->width + 4, menu->count + 2, lines, + border_gc, menu->title); for (i = 0; i < menu->count; i++) { name = menu->items[i].name; if (name == NULL) { screen_write_cursormove(ctx, cx, cy + 1 + i, 0); - screen_write_hline(ctx, menu->width + 4, 1, 1); - } else { - if (choice >= 0 && i == (u_int)choice && *name != '-') - gc = choice_gc; - screen_write_cursormove(ctx, cx + 2, cy + 1 + i, 0); - for (j = 0; j < menu->width; j++) - screen_write_putc(ctx, gc, ' '); - screen_write_cursormove(ctx, cx + 2, cy + 1 + i, 0); - if (*name == '-') { - name++; - default_gc.attr |= GRID_ATTR_DIM; - format_draw(ctx, gc, menu->width, name, NULL, - 0); - default_gc.attr &= ~GRID_ATTR_DIM; - } else - format_draw(ctx, gc, menu->width, name, NULL, - gc == choice_gc); - gc = &default_gc; + screen_write_hline(ctx, width + 4, 1, 1, lines, + border_gc); + continue; } + + if (choice >= 0 && i == (u_int)choice && *name != '-') + gc = choice_gc; + + screen_write_cursormove(ctx, cx + 1, cy + 1 + i, 0); + for (j = 0; j < width + 2; j++) + screen_write_putc(ctx, gc, ' '); + + screen_write_cursormove(ctx, cx + 2, cy + 1 + i, 0); + if (*name == '-') { + default_gc.attr |= GRID_ATTR_DIM; + format_draw(ctx, gc, width, name + 1, NULL, 0); + default_gc.attr &= ~GRID_ATTR_DIM; + continue; + } + + format_draw(ctx, gc, width, name, NULL, gc == choice_gc); + gc = &default_gc; } screen_write_set_cursor(ctx, cx, cy); } -static void -screen_write_box_border_set(enum box_lines box_lines, int cell_type, - struct grid_cell *gc) -{ - switch (box_lines) { - case BOX_LINES_NONE: - break; - case BOX_LINES_DOUBLE: - gc->attr &= ~GRID_ATTR_CHARSET; - utf8_copy(&gc->data, tty_acs_double_borders(cell_type)); - break; - case BOX_LINES_HEAVY: - gc->attr &= ~GRID_ATTR_CHARSET; - utf8_copy(&gc->data, tty_acs_heavy_borders(cell_type)); - break; - case BOX_LINES_ROUNDED: - gc->attr &= ~GRID_ATTR_CHARSET; - utf8_copy(&gc->data, tty_acs_rounded_borders(cell_type)); - break; - case BOX_LINES_SIMPLE: - gc->attr &= ~GRID_ATTR_CHARSET; - utf8_set(&gc->data, SIMPLE_BORDERS[cell_type]); - break; - case BOX_LINES_PADDED: - gc->attr &= ~GRID_ATTR_CHARSET; - utf8_set(&gc->data, PADDED_BORDERS[cell_type]); - break; - case BOX_LINES_SINGLE: - case BOX_LINES_DEFAULT: - gc->attr |= GRID_ATTR_CHARSET; - utf8_set(&gc->data, CELL_BORDERS[cell_type]); - break; - } -} - /* Draw a box on screen. */ void screen_write_box(struct screen_write_ctx *ctx, u_int nx, u_int ny, diff --git a/usr.bin/tmux/status.c b/usr.bin/tmux/status.c index d562ea4dd..ce8c9f705 100644 --- a/usr.bin/tmux/status.c +++ b/usr.bin/tmux/status.c @@ -1,4 +1,4 @@ -/* $OpenBSD: status.c,v 1.238 2023/04/17 18:22:24 nicm Exp $ */ +/* $OpenBSD: status.c,v 1.239 2023/08/08 08:08:47 nicm Exp $ */ /* * Copyright (c) 2007 Nicholas Marriott @@ -1764,8 +1764,9 @@ status_prompt_complete_list_menu(struct client *c, char **list, u_int size, else offset = 0; - if (menu_display(menu, MENU_NOMOUSE|MENU_TAB, 0, NULL, offset, - py, c, NULL, status_prompt_menu_callback, spm) != 0) { + if (menu_display(menu, MENU_NOMOUSE|MENU_TAB, 0, NULL, offset, py, c, + BOX_LINES_DEFAULT, NULL, NULL, NULL, status_prompt_menu_callback, + spm) != 0) { menu_free(menu); free(spm); return (0); @@ -1857,8 +1858,9 @@ status_prompt_complete_window_menu(struct client *c, struct session *s, else offset = 0; - if (menu_display(menu, MENU_NOMOUSE|MENU_TAB, 0, NULL, offset, - py, c, NULL, status_prompt_menu_callback, spm) != 0) { + if (menu_display(menu, MENU_NOMOUSE|MENU_TAB, 0, NULL, offset, py, c, + BOX_LINES_DEFAULT, NULL, NULL, NULL, status_prompt_menu_callback, + spm) != 0) { menu_free(menu); free(spm); return (NULL); diff --git a/usr.bin/tmux/tmux.1 b/usr.bin/tmux/tmux.1 index cf0f9fdb1..6a2277917 100644 --- a/usr.bin/tmux/tmux.1 +++ b/usr.bin/tmux/tmux.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: tmux.1,v 1.924 2023/07/11 16:09:09 nicm Exp $ +.\" $OpenBSD: tmux.1,v 1.926 2023/08/08 08:21:30 nicm Exp $ .\" .\" Copyright (c) 2007 Nicholas Marriott .\" @@ -14,7 +14,7 @@ .\" IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: July 11 2023 $ +.Dd $Mdocdate: August 8 2023 $ .Dt TMUX 1 .Os .Sh NAME @@ -1782,29 +1782,35 @@ Exit copy mode. .Xc Clear the current selection. .It Xo -.Ic copy-end-of-line [] +.Ic copy-end-of-line +.Op Ar prefix .Xc Copy from the cursor position to the end of the line. .Ar prefix is used to name the new paste buffer. .It Xo -.Ic copy-end-of-line-and-cancel [] +.Ic copy-end-of-line-and-cancel +.Op Ar prefix .Xc Copy from the cursor position and exit copy mode. .It Xo -.Ic copy-line [] +.Ic copy-line +.Op Ar prefix .Xc Copy the entire line. .It Xo -.Ic copy-line-and-cancel [] +.Ic copy-line-and-cancel +.Op Ar prefix .Xc Copy the entire line and exit copy mode. .It Xo -.Ic copy-selection [] +.Ic copy-selection +.Op Ar prefix .Xc Copies the current selection. .It Xo -.Ic copy-selection-and-cancel [] +.Ic copy-selection-and-cancel +.Op Ar prefix (vi: Enter) (emacs: M-w) .Xc @@ -1840,7 +1846,8 @@ Move the cursor up. .Xc Move the cursor to the end of the line. .It Xo -.Ic goto-line +.Ic goto-line +.Ar line (vi: :) (emacs: g) .Xc @@ -1864,13 +1871,15 @@ Scroll to the top of the history. .Xc Repeat the last jump. .It Xo -.Ic jump-backward +.Ic jump-backward +.Ar to (vi: F) (emacs: F) .Xc Jump backwards to the specified text. .It Xo -.Ic jump-forward +.Ic jump-forward +.Ar to (vi: f) (emacs: f) .Xc @@ -1901,6 +1910,7 @@ Move to the next matching bracket. Move to the next paragraph. .It Xo .Ic next-prompt +.Op Fl o .Xc Move to the next prompt. .It Xo @@ -1933,6 +1943,7 @@ Move to the previous matching bracket. Move to the previous paragraph. .It Xo .Ic previous-prompt +.Op Fl o .Xc Move to the previous prompt. .It Xo @@ -1960,12 +1971,14 @@ Refresh the content from the pane. .Xc Repeat the last search. .It Xo -.Ic search-backward +.Ic search-backward +.Ar text (vi: ?) .Xc Search backwards for the specified text. .It Xo -.Ic search-forward +.Ic search-forward +.Ar text (vi: /) .Xc Search forward for the specified text. @@ -2033,6 +2046,9 @@ move between shell prompts, but require the shell to emit an escape sequence .Nm where the prompts are located; if the shell does not do this, these commands will do nothing. +The +.Fl o +flag jumps to the beginning of the command output instead of the shell prompt. .Pp Copy commands may take an optional buffer prefix argument which is used to generate the buffer name (the default is @@ -4073,6 +4089,26 @@ The default is to run .Xr lock 1 with .Fl np . +.It Ic menu-style Ar style +Set the menu style. +See the +.Sx STYLES +section on how to specify +.Ar style . +Attributes are ignored. +.It Ic menu-border-style Ar style +Set the menu border style. +See the +.Sx STYLES +section on how to specify +.Ar style . +Attributes are ignored. +.It Ic menu-border-lines Ar type +Set the type of characters used for drawing menu borders. +See +.Ic popup-border-lines +for possible values for +.Ar type . .It Ic message-command-style Ar style Set status line message command style. This is used for the command prompt with @@ -4540,20 +4576,18 @@ Attributes are ignored. .Pp .It Ic popup-style Ar style Set the popup style. -For how to specify -.Ar style , -see the +See the .Sx STYLES -section. +section on how to specify +.Ar style . Attributes are ignored. .Pp .It Ic popup-border-style Ar style Set the popup border style. -For how to specify -.Ar style , -see the +See the .Sx STYLES -section. +section on how to specify +.Ar style . Attributes are ignored. .Pp .It Ic popup-border-lines Ar type @@ -6028,9 +6062,12 @@ the default is .Tg menu .It Xo Ic display-menu .Op Fl O +.Op Fl b Ar border-lines .Op Fl c Ar target-client +.Op Fl s Ar style +.Op Fl S Ar border-style .Op Fl t Ar target-pane -.Op Fl S Ar starting-choice +.Op Fl C Ar starting-choice .Op Fl T Ar title .Op Fl x Ar position .Op Fl y Ar position @@ -6057,10 +6094,24 @@ may not be chosen. The name may be empty for a separator line, in which case both the key and command should be omitted. .Pp +.Fl b +sets the type of characters used for drawing menu borders. +See +.Ic popup-border-lines +for possible values for +.Ar border-lines . +.Pp +.Fl s +sets the style for the menu and +.Fl S +sets the style for the menu border (see +.Sx STYLES ) . +.Pp .Fl T is a format for the menu title (see .Sx FORMATS ) . -.Fl S +.Pp +.Fl C sets the menu item selected by default, if the menu is not bound to a mouse key binding. .Pp @@ -6175,8 +6226,8 @@ forwards any input read from stdin to the empty pane given by .Op Fl d Ar start-directory .Op Fl e Ar environment .Op Fl h Ar height -.Op Fl s Ar style -.Op Fl S Ar border-style +.Op Fl s Ar border-style +.Op Fl S Ar style .Op Fl t Ar target-pane .Op Fl T Ar title .Op Fl w Ar width @@ -6219,7 +6270,7 @@ If omitted, half of the terminal size is used. does not surround the popup by a border. .Pp .Fl b -sets the type of border line for the popup. +sets the type of characters used for drawing popup borders. When .Fl B is specified, the @@ -6233,12 +6284,8 @@ for possible values for .Fl s sets the style for the popup and .Fl S -sets the style for the popup border. -For how to specify -.Ar style , -see the -.Sx STYLES -section. +sets the style for the popup border (see +.Sx STYLES ) . .Pp .Fl e takes the form diff --git a/usr.bin/tmux/tmux.h b/usr.bin/tmux/tmux.h index fae976b8c..78df276b2 100644 --- a/usr.bin/tmux/tmux.h +++ b/usr.bin/tmux/tmux.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tmux.h,v 1.1201 2023/07/10 09:24:53 nicm Exp $ */ +/* $OpenBSD: tmux.h,v 1.1204 2023/08/08 08:21:30 nicm Exp $ */ /* * Copyright (c) 2007 Nicholas Marriott @@ -672,6 +672,7 @@ struct colour_palette { #define GRID_LINE_EXTENDED 0x2 #define GRID_LINE_DEAD 0x4 #define GRID_LINE_START_PROMPT 0x8 +#define GRID_LINE_START_OUTPUT 0x10 /* Grid string flags. */ #define GRID_STRING_WITH_SEQUENCES 0x1 @@ -2889,9 +2890,11 @@ void screen_write_putc(struct screen_write_ctx *, const struct grid_cell *, u_char); void screen_write_fast_copy(struct screen_write_ctx *, struct screen *, u_int, u_int, u_int, u_int); -void screen_write_hline(struct screen_write_ctx *, u_int, int, int); +void screen_write_hline(struct screen_write_ctx *, u_int, int, int, + enum box_lines, const struct grid_cell *); void screen_write_vline(struct screen_write_ctx *, u_int, int, int); void screen_write_menu(struct screen_write_ctx *, struct menu *, int, + enum box_lines, const struct grid_cell *, const struct grid_cell *, const struct grid_cell *); void screen_write_box(struct screen_write_ctx *, u_int, u_int, enum box_lines, const struct grid_cell *, const char *); @@ -3304,11 +3307,13 @@ void menu_add_item(struct menu *, const struct menu_item *, struct cmd_find_state *); void menu_free(struct menu *); struct menu_data *menu_prepare(struct menu *, int, int, struct cmdq_item *, - u_int, u_int, struct client *, struct cmd_find_state *, - menu_choice_cb, void *); + u_int, u_int, struct client *, enum box_lines, const char *, + const char *, struct cmd_find_state *, menu_choice_cb, + void *); int menu_display(struct menu *, int, int, struct cmdq_item *, - u_int, u_int, struct client *, struct cmd_find_state *, - menu_choice_cb, void *); + u_int, u_int, struct client *, enum box_lines, const char *, + const char *, struct cmd_find_state *, menu_choice_cb, + void *); struct screen *menu_mode_cb(struct client *, void *, u_int *, u_int *); void menu_check_cb(struct client *, void *, u_int, u_int, u_int, struct overlay_ranges *); diff --git a/usr.bin/tmux/tty-acs.c b/usr.bin/tmux/tty-acs.c index 996c8762b..eedb79c2f 100644 --- a/usr.bin/tmux/tty-acs.c +++ b/usr.bin/tmux/tty-acs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tty-acs.c,v 1.12 2021/10/18 09:15:56 nicm Exp $ */ +/* $OpenBSD: tty-acs.c,v 1.13 2023/08/08 07:19:48 nicm Exp $ */ /* * Copyright (c) 2010 Nicholas Marriott @@ -155,8 +155,8 @@ static const struct utf8_data tty_acs_rounded_borders_list[] = { { "\342\225\257", 0, 3, 1 }, /* U+256F */ { "\342\224\263", 0, 3, 1 }, /* U+2533 */ { "\342\224\273", 0, 3, 1 }, /* U+253B */ - { "\342\224\243", 0, 3, 1 }, /* U+2523 */ - { "\342\224\253", 0, 3, 1 }, /* U+252B */ + { "\342\224\234", 0, 3, 1 }, /* U+2524 */ + { "\342\224\244", 0, 3, 1 }, /* U+251C */ { "\342\225\213", 0, 3, 1 }, /* U+254B */ { "\302\267", 0, 2, 1 } /* U+00B7 */ }; diff --git a/usr.bin/tmux/window-client.c b/usr.bin/tmux/window-client.c index c6b79f859..26161035a 100644 --- a/usr.bin/tmux/window-client.c +++ b/usr.bin/tmux/window-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: window-client.c,v 1.33 2022/05/30 12:55:25 nicm Exp $ */ +/* $OpenBSD: window-client.c,v 1.34 2023/08/08 07:41:04 nicm Exp $ */ /* * Copyright (c) 2017 Nicholas Marriott @@ -242,7 +242,7 @@ window_client_draw(__unused void *modedata, void *itemdata, screen_write_cursormove(ctx, cx, cy + 2, 0); else screen_write_cursormove(ctx, cx, cy + sy - 1 - lines, 0); - screen_write_hline(ctx, sx, 0, 0); + screen_write_hline(ctx, sx, 0, 0, BOX_LINES_DEFAULT, NULL); if (at != 0) screen_write_cursormove(ctx, cx, cy, 0); diff --git a/usr.bin/tmux/window-copy.c b/usr.bin/tmux/window-copy.c index fba3c05b9..bae0e083a 100644 --- a/usr.bin/tmux/window-copy.c +++ b/usr.bin/tmux/window-copy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: window-copy.c,v 1.341 2023/07/03 16:47:43 nicm Exp $ */ +/* $OpenBSD: window-copy.c,v 1.342 2023/08/08 08:21:30 nicm Exp $ */ /* * Copyright (c) 2007 Nicholas Marriott @@ -131,7 +131,8 @@ static void window_copy_cursor_previous_word_pos(struct window_mode_entry *, const char *, u_int *, u_int *); static void window_copy_cursor_previous_word(struct window_mode_entry *, const char *, int); -static void window_copy_cursor_prompt(struct window_mode_entry *, int); +static void window_copy_cursor_prompt(struct window_mode_entry *, int, + const char *); static void window_copy_scroll_up(struct window_mode_entry *, u_int); static void window_copy_scroll_down(struct window_mode_entry *, u_int); static void window_copy_rectangle_set(struct window_mode_entry *, int); @@ -2245,8 +2246,9 @@ static enum window_copy_cmd_action window_copy_cmd_next_prompt(struct window_copy_cmd_state *cs) { struct window_mode_entry *wme = cs->wme; + const char *arg1 = args_string(cs->args, 1); - window_copy_cursor_prompt(wme, 1); + window_copy_cursor_prompt(wme, 1, arg1); return (WINDOW_COPY_CMD_NOTHING); } @@ -2254,8 +2256,9 @@ static enum window_copy_cmd_action window_copy_cmd_previous_prompt(struct window_copy_cmd_state *cs) { struct window_mode_entry *wme = cs->wme; + const char *arg1 = args_string(cs->args, 1); - window_copy_cursor_prompt(wme, 0); + window_copy_cursor_prompt(wme, 0, arg1); return (WINDOW_COPY_CMD_NOTHING); } @@ -2721,7 +2724,7 @@ static const struct { }, { .command = "previous-prompt", .minargs = 0, - .maxargs = 0, + .maxargs = 1, .clear = WINDOW_COPY_CMD_CLEAR_ALWAYS, .f = window_copy_cmd_previous_prompt }, @@ -5389,14 +5392,20 @@ window_copy_cursor_previous_word(struct window_mode_entry *wme, } static void -window_copy_cursor_prompt(struct window_mode_entry *wme, int direction) +window_copy_cursor_prompt(struct window_mode_entry *wme, int direction, + const char *args) { struct window_copy_mode_data *data = wme->data; struct screen *s = data->backing; struct grid *gd = s->grid; u_int end_line; u_int line = gd->hsize - data->oy + data->cy; - int add; + int add, line_flag; + + if (args != NULL && strcmp(args, "-o") == 0) + line_flag = GRID_LINE_START_OUTPUT; + else + line_flag = GRID_LINE_START_PROMPT; if (direction == 0) { /* up */ add = -1; @@ -5413,7 +5422,7 @@ window_copy_cursor_prompt(struct window_mode_entry *wme, int direction) return; line += add; - if (grid_get_line(gd, line)->flags & GRID_LINE_START_PROMPT) + if (grid_get_line(gd, line)->flags & line_flag) break; } diff --git a/usr.sbin/ldomctl/ldomctl.c b/usr.sbin/ldomctl/ldomctl.c index e48a560f7..78dfdb320 100644 --- a/usr.sbin/ldomctl/ldomctl.c +++ b/usr.sbin/ldomctl/ldomctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ldomctl.c,v 1.40 2021/10/24 21:24:18 deraadt Exp $ */ +/* $OpenBSD: ldomctl.c,v 1.41 2023/08/10 07:50:45 kn Exp $ */ /* * Copyright (c) 2012 Mark Kettenis @@ -592,6 +592,8 @@ guest_status(int argc, char **argv) if (nbytes != sizeof(msg)) err(1, "read"); + utilisation = 0.0; + memcpy(&state, msg.msg.resstat.data, sizeof(state)); switch (state.state) { case GUEST_STATE_STOPPED: @@ -644,8 +646,6 @@ guest_status(int argc, char **argv) if (yielded_cycles <= total_cycles) utilisation = (100.0 * (total_cycles - yielded_cycles)) / total_cycles; - else - utilisation = 0.0; break; case GUEST_STATE_SUSPENDED: diff --git a/usr.sbin/makefs/ffs.c b/usr.sbin/makefs/ffs.c index 71845bc4c..fe203a40f 100644 --- a/usr.sbin/makefs/ffs.c +++ b/usr.sbin/makefs/ffs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ffs.c,v 1.37 2023/04/25 08:57:11 krw Exp $ */ +/* $OpenBSD: ffs.c,v 1.38 2023/08/08 04:45:44 guenther Exp $ */ /* $NetBSD: ffs.c,v 1.66 2015/12/21 00:58:08 christos Exp $ */ /* @@ -611,9 +611,9 @@ ffs_build_dinode1(struct ufs1_dinode *dinp, dirbuf_t *dbufp, fsnode *cur, dinp->di_atime = cur->inode->st.st_atime; dinp->di_mtime = cur->inode->st.st_mtime; dinp->di_ctime = cur->inode->st.st_ctime; - dinp->di_atimensec = cur->inode->st.st_atimensec; - dinp->di_mtimensec = cur->inode->st.st_mtimensec; - dinp->di_ctimensec = cur->inode->st.st_ctimensec; + dinp->di_atimensec = cur->inode->st.st_atim.tv_nsec; + dinp->di_mtimensec = cur->inode->st.st_mtim.tv_nsec; + dinp->di_ctimensec = cur->inode->st.st_ctim.tv_nsec; /* not set: di_db, di_ib, di_blocks, di_spare */ membuf = NULL; @@ -653,9 +653,9 @@ ffs_build_dinode2(struct ufs2_dinode *dinp, dirbuf_t *dbufp, fsnode *cur, dinp->di_atime = cur->inode->st.st_atime; dinp->di_mtime = cur->inode->st.st_mtime; dinp->di_ctime = cur->inode->st.st_ctime; - dinp->di_atimensec = cur->inode->st.st_atimensec; - dinp->di_mtimensec = cur->inode->st.st_mtimensec; - dinp->di_ctimensec = cur->inode->st.st_ctimensec; + dinp->di_atimensec = cur->inode->st.st_atim.tv_nsec; + dinp->di_mtimensec = cur->inode->st.st_mtim.tv_nsec; + dinp->di_ctimensec = cur->inode->st.st_ctim.tv_nsec; /* not set: di_db, di_ib, di_blocks, di_spare */ membuf = NULL; diff --git a/usr.sbin/makefs/msdos/direntry.h b/usr.sbin/makefs/msdos/direntry.h index 36e097f2a..77f8d7dd6 100644 --- a/usr.sbin/makefs/msdos/direntry.h +++ b/usr.sbin/makefs/msdos/direntry.h @@ -1,4 +1,4 @@ -/* $OpenBSD: direntry.h,v 1.2 2021/12/23 04:37:12 jsg Exp $ */ +/* $OpenBSD: direntry.h,v 1.3 2023/08/11 04:51:36 guenther Exp $ */ /* $NetBSD: direntry.h,v 1.13 1997/10/17 11:23:45 ws Exp $ */ /*- @@ -121,8 +121,8 @@ struct winentry { #define DD_YEAR_MASK 0xFE00 /* year - 1980 */ #define DD_YEAR_SHIFT 9 -void unix2dostime(struct timespec *tsp, int minuteswest, u_int16_t *ddp, - u_int16_t *dtp, u_int8_t *dhp); +void unix2dostime(const struct timespec *tsp, int minuteswest, + u_int16_t *ddp, u_int16_t *dtp, u_int8_t *dhp); int unix2dosfn(u_char *un, u_char dn[11], int unlen, u_int gen); int unix2winfn(u_char *un, int unlen, struct winentry *wep, int cnt, int chksum); diff --git a/usr.sbin/makefs/msdos/msdosfs_conv.c b/usr.sbin/makefs/msdos/msdosfs_conv.c index a07f1486d..7b73c19bd 100644 --- a/usr.sbin/makefs/msdos/msdosfs_conv.c +++ b/usr.sbin/makefs/msdos/msdosfs_conv.c @@ -1,4 +1,4 @@ -/* $OpenBSD: msdosfs_conv.c,v 1.2 2021/10/06 00:40:41 deraadt Exp $ */ +/* $OpenBSD: msdosfs_conv.c,v 1.3 2023/08/11 04:51:36 guenther Exp $ */ /* $NetBSD: msdosfs_conv.c,v 1.24 1997/10/17 11:23:54 ws Exp $ */ /*- @@ -91,7 +91,7 @@ u_short lastdtime; * file timestamps. The passed in unix time is assumed to be in GMT. */ void -unix2dostime(struct timespec *tsp, int minuteswest, u_int16_t *ddp, +unix2dostime(const struct timespec *tsp, int minuteswest, u_int16_t *ddp, u_int16_t *dtp, u_int8_t *dhp) { time_t t; diff --git a/usr.sbin/makefs/msdos/msdosfs_vnops.c b/usr.sbin/makefs/msdos/msdosfs_vnops.c index 901c9855e..51c00f6cf 100644 --- a/usr.sbin/makefs/msdos/msdosfs_vnops.c +++ b/usr.sbin/makefs/msdos/msdosfs_vnops.c @@ -1,4 +1,4 @@ -/* $OpenBSD: msdosfs_vnops.c,v 1.9 2021/10/06 00:40:41 deraadt Exp $ */ +/* $OpenBSD: msdosfs_vnops.c,v 1.10 2023/08/11 04:51:36 guenther Exp $ */ /* $NetBSD: msdosfs_vnops.c,v 1.17 2016/01/30 09:59:27 mlelstv Exp $ */ /*- @@ -93,10 +93,10 @@ static void msdosfs_times(struct msdosfsmount *pmp, struct denode *dep, const struct stat *st) { - struct timespec at = st->st_atimespec; - struct timespec mt = st->st_mtimespec; - unix2dostime(&at, pmp->pm_minuteswest, &dep->de_ADate, NULL, NULL); - unix2dostime(&mt, pmp->pm_minuteswest, &dep->de_MDate, &dep->de_MTime, NULL); + unix2dostime(&st->st_atim, pmp->pm_minuteswest, &dep->de_ADate, + NULL, NULL); + unix2dostime(&st->st_mtim, pmp->pm_minuteswest, &dep->de_MDate, + &dep->de_MTime, NULL); } /* diff --git a/usr.sbin/mtree/compare.c b/usr.sbin/mtree/compare.c index 8ba1cd505..6ac3ff765 100644 --- a/usr.sbin/mtree/compare.c +++ b/usr.sbin/mtree/compare.c @@ -1,5 +1,5 @@ /* $NetBSD: compare.c,v 1.11 1996/09/05 09:56:48 mycroft Exp $ */ -/* $OpenBSD: compare.c,v 1.29 2021/10/24 21:24:19 deraadt Exp $ */ +/* $OpenBSD: compare.c,v 1.30 2023/08/11 05:07:28 guenther Exp $ */ /*- * Copyright (c) 1989, 1993 @@ -196,20 +196,19 @@ typeerr: LABEL; * Doesn't display microsecond differences. */ if (s->flags & F_TIME) { - struct timeval tv[2]; + struct timespec ts[2]; - TIMESPEC_TO_TIMEVAL(&tv[0], &s->st_mtimespec); - TIMESPEC_TO_TIMEVAL(&tv[1], &p->fts_statp->st_mtimespec); - if (tv[0].tv_sec != tv[1].tv_sec || - tv[0].tv_usec != tv[1].tv_usec) { + ts[0] = s->st_mtim; + ts[1] = p->fts_statp->st_mtim; + if (ts[0].tv_sec != ts[1].tv_sec || + ts[0].tv_nsec != ts[1].tv_nsec) { LABEL; (void)printf("%smodification time (%.24s, ", - tab, ctime(&s->st_mtimespec.tv_sec)); - (void)printf("%.24s", - ctime(&p->fts_statp->st_mtimespec.tv_sec)); + tab, ctime(&s->st_mtime)); + (void)printf("%.24s", ctime(&p->fts_statp->st_mtime)); if (tflag) { - tv[1] = tv[0]; - if (utimes(p->fts_accpath, tv)) + ts[1] = ts[0]; + if (utimensat(AT_FDCWD, p->fts_accpath, ts, 0)) (void)printf(", not modified: %s)\n", strerror(errno)); else diff --git a/usr.sbin/mtree/create.c b/usr.sbin/mtree/create.c index d5cbd6b0a..dc051e65d 100644 --- a/usr.sbin/mtree/create.c +++ b/usr.sbin/mtree/create.c @@ -1,5 +1,5 @@ /* $NetBSD: create.c,v 1.11 1996/09/05 09:24:19 mycroft Exp $ */ -/* $OpenBSD: create.c,v 1.35 2021/10/24 21:24:19 deraadt Exp $ */ +/* $OpenBSD: create.c,v 1.36 2023/08/11 05:07:28 guenther Exp $ */ /*- * Copyright (c) 1989, 1993 @@ -189,8 +189,8 @@ statf(int indent, FTSENT *p) (long long)p->fts_statp->st_size); if (keys & F_TIME) output(indent, &offset, "time=%lld.%ld", - (long long)p->fts_statp->st_mtimespec.tv_sec, - p->fts_statp->st_mtimespec.tv_nsec); + (long long)p->fts_statp->st_mtim.tv_sec, + p->fts_statp->st_mtim.tv_nsec); if (keys & F_CKSUM && S_ISREG(p->fts_statp->st_mode)) { if ((fd = open(p->fts_accpath, MTREE_O_FLAGS)) == -1 || crc(fd, &val, &len)) diff --git a/usr.sbin/mtree/mtree.h b/usr.sbin/mtree/mtree.h index 55e1702af..2957d3087 100644 --- a/usr.sbin/mtree/mtree.h +++ b/usr.sbin/mtree/mtree.h @@ -1,4 +1,4 @@ -/* $OpenBSD: mtree.h,v 1.13 2012/07/08 21:19:42 naddy Exp $ */ +/* $OpenBSD: mtree.h,v 1.14 2023/08/11 05:07:28 guenther Exp $ */ /* $NetBSD: mtree.h,v 1.7 1995/03/07 21:26:27 cgd Exp $ */ /*- @@ -48,7 +48,7 @@ typedef struct _node { struct _node *parent, *child; /* up, down */ struct _node *prev, *next; /* left, right */ off_t st_size; /* size */ - struct timespec st_mtimespec; /* last modification time */ + struct timespec st_mtim; /* last modification time */ u_int32_t cksum; /* check sum */ char *md5digest; /* MD5 digest */ char *rmd160digest; /* RIPEMD-160 digest */ diff --git a/usr.sbin/mtree/spec.c b/usr.sbin/mtree/spec.c index 34864b0a5..88af6a050 100644 --- a/usr.sbin/mtree/spec.c +++ b/usr.sbin/mtree/spec.c @@ -1,5 +1,5 @@ /* $NetBSD: spec.c,v 1.6 1995/03/07 21:12:12 cgd Exp $ */ -/* $OpenBSD: spec.c,v 1.29 2018/09/16 02:41:16 millert Exp $ */ +/* $OpenBSD: spec.c,v 1.30 2023/08/11 05:07:28 guenther Exp $ */ /*- * Copyright (c) 1989, 1993 @@ -253,11 +253,11 @@ set(char *t, NODE *ip) } break; case F_TIME: - ip->st_mtimespec.tv_sec = strtoul(val, &ep, 10); + ip->st_mtim.tv_sec = strtoull(val, &ep, 10); if (*ep != '.') error("invalid time %s", val); val = ep + 1; - ip->st_mtimespec.tv_nsec = strtoul(val, &ep, 10); + ip->st_mtim.tv_nsec = strtoul(val, &ep, 10); if (*ep) error("invalid time %s", val); break; diff --git a/usr.sbin/syslogd/privsep.c b/usr.sbin/syslogd/privsep.c index db3131bdc..2edbbbca9 100644 --- a/usr.sbin/syslogd/privsep.c +++ b/usr.sbin/syslogd/privsep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: privsep.c,v 1.75 2023/03/08 04:43:15 guenther Exp $ */ +/* $OpenBSD: privsep.c,v 1.76 2023/08/11 04:45:06 guenther Exp $ */ /* * Copyright (c) 2003 Anil Madhavapeddy @@ -319,8 +319,8 @@ priv_exec(char *conf, int numeric, int child, int argc, char *argv[]) case PRIV_CONFIG_MODIFIED: log_debug("[priv]: msg PRIV_CONFIG_MODIFIED received"); if (stat(conf, &cf_stat) == -1 || - timespeccmp(&cf_info.st_mtimespec, - &cf_stat.st_mtimespec, <) || + timespeccmp(&cf_info.st_mtim, + &cf_stat.st_mtim, <) || cf_info.st_size != cf_stat.st_size) { log_debug("config file modified: restarting"); restart = result = 1; diff --git a/usr.sbin/vipw/vipw.c b/usr.sbin/vipw/vipw.c index 9a944f59d..88d0112c0 100644 --- a/usr.sbin/vipw/vipw.c +++ b/usr.sbin/vipw/vipw.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vipw.c,v 1.26 2021/10/24 21:24:19 deraadt Exp $ */ +/* $OpenBSD: vipw.c,v 1.27 2023/08/11 04:45:05 guenther Exp $ */ /* * Copyright (c) 1987, 1993, 1994 @@ -88,7 +88,7 @@ main(int argc, char *argv[]) pw_edit(0, NULL); if (stat(_PATH_MASTERPASSWD_LOCK, &end)) pw_error(_PATH_MASTERPASSWD_LOCK, 1, 1); - if (timespeccmp(&begin.st_mtimespec, &end.st_mtimespec, ==) && + if (timespeccmp(&begin.st_mtim, &end.st_mtim, ==) && begin.st_size == end.st_size) { warnx("no changes made"); pw_error((char *)NULL, 0, 0);