sync
This commit is contained in:
parent
123b6c5611
commit
6871d7cb85
@ -1,5 +1,5 @@
|
||||
#!/bin/ksh
|
||||
# $OpenBSD: install.sub,v 1.1249 2023/06/06 09:35:44 kn Exp $
|
||||
# $OpenBSD: install.sub,v 1.1250 2023/06/18 15:17:38 deraadt Exp $
|
||||
#
|
||||
# Copyright (c) 1997-2015 Todd Miller, Theo de Raadt, Ken Westerback
|
||||
# Copyright (c) 2015, Robert Peichaer <rpe@openbsd.org>
|
||||
@ -1103,7 +1103,7 @@ v4_config() {
|
||||
case $resp in
|
||||
none) return
|
||||
;;
|
||||
autoconf|dhcp)
|
||||
a|autoconf|dhcp)
|
||||
dhcp_request $_if
|
||||
echo "inet autoconf" >>$_hn
|
||||
return
|
||||
@ -1220,7 +1220,7 @@ v6_config() {
|
||||
case $resp in
|
||||
none) return
|
||||
;;
|
||||
autoconf)
|
||||
a|autoconf)
|
||||
ifconfig $_if inet6 autoconf up
|
||||
echo "inet6 autoconf" >>$_hn
|
||||
return
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: bn_arch.h,v 1.10 2023/06/12 16:42:11 jsing Exp $ */
|
||||
/* $OpenBSD: bn_arch.h,v 1.11 2023/06/17 15:40:46 jsing Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2023 Joel Sing <jsing@openbsd.org>
|
||||
*
|
||||
@ -177,6 +177,33 @@ bn_mulw_addtw(BN_ULONG a, BN_ULONG b, BN_ULONG c2, BN_ULONG c1, BN_ULONG c0,
|
||||
*out_r0 = r0;
|
||||
}
|
||||
|
||||
#define HAVE_BN_MUL2_MULW_ADDTW
|
||||
|
||||
static inline void
|
||||
bn_mul2_mulw_addtw(BN_ULONG a, BN_ULONG b, BN_ULONG c2, BN_ULONG c1, BN_ULONG c0,
|
||||
BN_ULONG *out_r2, BN_ULONG *out_r1, BN_ULONG *out_r0)
|
||||
{
|
||||
BN_ULONG r2, r1, r0, x1, x0;
|
||||
|
||||
__asm__ (
|
||||
"umulh %[x1], %[a], %[b] \n"
|
||||
"mul %[x0], %[a], %[b] \n"
|
||||
"adds %[r0], %[c0], %[x0] \n"
|
||||
"adcs %[r1], %[c1], %[x1] \n"
|
||||
"adc %[r2], xzr, %[c2] \n"
|
||||
"adds %[r0], %[r0], %[x0] \n"
|
||||
"adcs %[r1], %[r1], %[x1] \n"
|
||||
"adc %[r2], xzr, %[r2] \n"
|
||||
: [r2]"=&r"(r2), [r1]"=&r"(r1), [r0]"=&r"(r0), [x1]"=&r"(x1),
|
||||
[x0]"=&r"(x0)
|
||||
: [a]"r"(a), [b]"r"(b), [c2]"r"(c2), [c1]"r"(c1), [c0]"r"(c0)
|
||||
: "cc");
|
||||
|
||||
*out_r2 = r2;
|
||||
*out_r1 = r1;
|
||||
*out_r0 = r0;
|
||||
}
|
||||
|
||||
#define HAVE_BN_QWMULW_ADDW
|
||||
|
||||
static inline void
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: bn_mont.c,v 1.59 2023/04/30 05:21:20 tb Exp $ */
|
||||
/* $OpenBSD: bn_mont.c,v 1.60 2023/06/17 14:43:50 jsing Exp $ */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
@ -327,6 +327,36 @@ bn_mod_mul_montgomery_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
|
||||
return ret;
|
||||
}
|
||||
|
||||
static void
|
||||
bn_montgomery_multiply_word(const BN_ULONG *ap, BN_ULONG b, const BN_ULONG *np,
|
||||
BN_ULONG *tp, BN_ULONG w, BN_ULONG *carry_a, BN_ULONG *carry_n, int n_len)
|
||||
{
|
||||
BN_ULONG x3, x2, x1, x0;
|
||||
|
||||
*carry_a = *carry_n = 0;
|
||||
|
||||
while (n_len & ~3) {
|
||||
bn_qwmulw_addqw_addw(ap[3], ap[2], ap[1], ap[0], b,
|
||||
tp[3], tp[2], tp[1], tp[0], *carry_a, carry_a,
|
||||
&x3, &x2, &x1, &x0);
|
||||
bn_qwmulw_addqw_addw(np[3], np[2], np[1], np[0], w,
|
||||
x3, x2, x1, x0, *carry_n, carry_n,
|
||||
&tp[3], &tp[2], &tp[1], &tp[0]);
|
||||
ap += 4;
|
||||
np += 4;
|
||||
tp += 4;
|
||||
n_len -= 4;
|
||||
}
|
||||
while (n_len > 0) {
|
||||
bn_mulw_addw_addw(ap[0], b, tp[0], *carry_a, carry_a, &x0);
|
||||
bn_mulw_addw_addw(np[0], w, x0, *carry_n, carry_n, &tp[0]);
|
||||
ap++;
|
||||
np++;
|
||||
tp++;
|
||||
n_len--;
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* bn_montgomery_multiply_words() computes r = aR * bR * R^-1 = abR for the
|
||||
* given word arrays. The caller must ensure that rp, ap, bp and np are all
|
||||
@ -336,10 +366,10 @@ void
|
||||
bn_montgomery_multiply_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
|
||||
const BN_ULONG *np, BN_ULONG *tp, BN_ULONG n0, int n_len)
|
||||
{
|
||||
BN_ULONG a0, b, carry_a, carry_n, carry, mask, w, x;
|
||||
int i, j;
|
||||
BN_ULONG a0, b, carry_a, carry_n, carry, mask, w;
|
||||
int i;
|
||||
|
||||
carry_a = carry_n = carry = 0;
|
||||
carry = 0;
|
||||
|
||||
for (i = 0; i < n_len; i++)
|
||||
tp[i] = 0;
|
||||
@ -349,15 +379,12 @@ bn_montgomery_multiply_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *b
|
||||
for (i = 0; i < n_len; i++) {
|
||||
b = bp[i];
|
||||
|
||||
/* Compute new t[0] * n0, as we need it inside the loop. */
|
||||
/* Compute new t[0] * n0, as we need it for this iteration. */
|
||||
w = (a0 * b + tp[0]) * n0;
|
||||
|
||||
for (j = 0; j < n_len; j++) {
|
||||
bn_mulw_addw_addw(ap[j], b, tp[j], carry_a, &carry_a, &x);
|
||||
bn_mulw_addw_addw(np[j], w, x, carry_n, &carry_n, &tp[j]);
|
||||
}
|
||||
bn_montgomery_multiply_word(ap, b, np, tp, w, &carry_a,
|
||||
&carry_n, n_len);
|
||||
bn_addw_addw(carry_a, carry_n, carry, &carry, &tp[n_len]);
|
||||
carry_a = carry_n = 0;
|
||||
|
||||
tp++;
|
||||
}
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: tls.c,v 1.96 2023/05/25 07:46:21 op Exp $ */
|
||||
/* $OpenBSD: tls.c,v 1.97 2023/06/18 11:43:03 op Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
|
||||
*
|
||||
@ -389,7 +389,7 @@ static int
|
||||
tls_keypair_setup_pkey(struct tls *ctx, struct tls_keypair *keypair, EVP_PKEY *pkey)
|
||||
{
|
||||
RSA_METHOD *rsa_method;
|
||||
ECDSA_METHOD *ecdsa_method;
|
||||
EC_KEY_METHOD *ecdsa_method;
|
||||
RSA *rsa = NULL;
|
||||
EC_KEY *eckey = NULL;
|
||||
int ret = -1;
|
||||
@ -427,15 +427,15 @@ tls_keypair_setup_pkey(struct tls *ctx, struct tls_keypair *keypair, EVP_PKEY *p
|
||||
break;
|
||||
case EVP_PKEY_EC:
|
||||
if ((eckey = EVP_PKEY_get1_EC_KEY(pkey)) == NULL ||
|
||||
ECDSA_set_ex_data(eckey, 0, keypair->pubkey_hash) == 0) {
|
||||
EC_KEY_set_ex_data(eckey, 0, keypair->pubkey_hash) == 0) {
|
||||
tls_set_errorx(ctx, "EC key setup failure");
|
||||
goto err;
|
||||
}
|
||||
if (ctx->config->sign_cb != NULL) {
|
||||
ecdsa_method = tls_signer_ecdsa_method();
|
||||
if (ecdsa_method == NULL ||
|
||||
ECDSA_set_ex_data(eckey, 1, ctx->config) == 0 ||
|
||||
ECDSA_set_method(eckey, ecdsa_method) == 0) {
|
||||
EC_KEY_set_ex_data(eckey, 1, ctx->config) == 0 ||
|
||||
EC_KEY_set_method(eckey, ecdsa_method) == 0) {
|
||||
tls_set_errorx(ctx, "failed to setup EC key");
|
||||
goto err;
|
||||
}
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: tls_internal.h,v 1.81 2023/04/09 18:26:26 tb Exp $ */
|
||||
/* $OpenBSD: tls_internal.h,v 1.82 2023/06/18 11:43:03 op Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org>
|
||||
* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
|
||||
@ -298,7 +298,7 @@ int tls_cert_pubkey_hash(X509 *_cert, char **_hash);
|
||||
int tls_password_cb(char *_buf, int _size, int _rwflag, void *_u);
|
||||
|
||||
RSA_METHOD *tls_signer_rsa_method(void);
|
||||
ECDSA_METHOD *tls_signer_ecdsa_method(void);
|
||||
EC_KEY_METHOD *tls_signer_ecdsa_method(void);
|
||||
|
||||
#define TLS_PADDING_NONE 0
|
||||
#define TLS_PADDING_RSA_PKCS1 1
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: tls_signer.c,v 1.5 2023/04/09 18:26:26 tb Exp $ */
|
||||
/* $OpenBSD: tls_signer.c,v 1.6 2023/06/18 11:43:03 op Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2021 Eric Faurot <eric@openbsd.org>
|
||||
*
|
||||
@ -419,26 +419,21 @@ tls_ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv,
|
||||
return (NULL);
|
||||
}
|
||||
|
||||
ECDSA_METHOD *
|
||||
EC_KEY_METHOD *
|
||||
tls_signer_ecdsa_method(void)
|
||||
{
|
||||
static ECDSA_METHOD *ecdsa_method = NULL;
|
||||
static EC_KEY_METHOD *ecdsa_method = NULL;
|
||||
|
||||
pthread_mutex_lock(&signer_method_lock);
|
||||
|
||||
if (ecdsa_method != NULL)
|
||||
goto out;
|
||||
|
||||
ecdsa_method = calloc(1, sizeof(*ecdsa_method));
|
||||
ecdsa_method = EC_KEY_METHOD_new(NULL);
|
||||
if (ecdsa_method == NULL)
|
||||
goto out;
|
||||
|
||||
ecdsa_method->ecdsa_do_sign = tls_ecdsa_do_sign;
|
||||
ecdsa_method->name = strdup("libtls ECDSA method");
|
||||
if (ecdsa_method->name == NULL) {
|
||||
free(ecdsa_method);
|
||||
ecdsa_method = NULL;
|
||||
}
|
||||
EC_KEY_METHOD_set_sign(ecdsa_method, NULL, NULL, tls_ecdsa_do_sign);
|
||||
|
||||
out:
|
||||
pthread_mutex_unlock(&signer_method_lock);
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: ca.c,v 1.92 2023/05/23 13:12:19 claudio Exp $ */
|
||||
/* $OpenBSD: ca.c,v 1.93 2023/06/17 22:33:34 tobhe Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org>
|
||||
@ -560,9 +560,9 @@ ca_getcert(struct iked *env, struct imsg *imsg)
|
||||
iov[2].iov_base = ptr;
|
||||
iov[2].iov_len = len;
|
||||
|
||||
if (proc_composev(&env->sc_ps, PROC_IKEV2, cmd, iov, iovcnt) == -1)
|
||||
return (-1);
|
||||
return (0);
|
||||
ret = proc_composev(&env->sc_ps, PROC_IKEV2, cmd, iov, iovcnt);
|
||||
ibuf_free(key.id_buf);
|
||||
return (ret);
|
||||
}
|
||||
|
||||
static unsigned int
|
||||
|
@ -1,4 +1,4 @@
|
||||
.\" $OpenBSD: dpb.1,v 1.33 2023/05/29 21:13:24 aisha Exp $
|
||||
.\" $OpenBSD: dpb.1,v 1.34 2023/06/17 19:35:54 espie Exp $
|
||||
.\"
|
||||
.\" Copyright (c) 2010-2013 Marc Espie <espie@openbsd.org>
|
||||
.\"
|
||||
@ -14,7 +14,7 @@
|
||||
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
.\"
|
||||
.Dd $Mdocdate: May 29 2023 $
|
||||
.Dd $Mdocdate: June 17 2023 $
|
||||
.Dt DPB 1
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -124,6 +124,18 @@ be shared on the cluster.
|
||||
Some log files ("rolling logs") are kept from one run to the run and
|
||||
stored under
|
||||
.Pa ${DISTDIR}/build-stats .
|
||||
On each run, the most recent entries for each pkgpath
|
||||
.Po
|
||||
see
|
||||
.Ar STATS_USED
|
||||
.Pc
|
||||
are used to figure out in which order things should be built.
|
||||
Meanwhile, some more entries are kept around
|
||||
.Po
|
||||
see
|
||||
.Ar STATS_BACKLOG
|
||||
.Pc
|
||||
for potential data analysis over longer periods.
|
||||
.Pp
|
||||
Option
|
||||
.Fl h Ar file
|
||||
@ -184,7 +196,7 @@ for preparing such an environment.
|
||||
.It Fl b Ar logfile
|
||||
Explicitly prime the heuristics module with a previous build log,
|
||||
so that packages that take a long time to build will happen earlier.
|
||||
The rolling log under
|
||||
The rolling log file under
|
||||
.Pa %f/build-stats/%a
|
||||
is automatically used.
|
||||
.It Fl C Ar pathlist
|
||||
@ -347,6 +359,17 @@ Defaults to
|
||||
can be set to nothing to disable.
|
||||
.It Ar STARTUP
|
||||
Define a start-up script on the command-line, override any host file contents.
|
||||
.It Ar STATS_BACKLOG
|
||||
Max number of stats (per individual pkgpath) to save in the rolling log file
|
||||
.Po
|
||||
defaults to 25
|
||||
.Pc .
|
||||
.It Ar STATS_USED
|
||||
Clamp number of stats (per individual pkgpath) used for computing build
|
||||
order
|
||||
.Po
|
||||
defaults to 10
|
||||
.Pc .
|
||||
.It Ar STUCK_TIMEOUT
|
||||
Timeout (in seconds * speed factor) after which tasks that don't show
|
||||
any progress will be killed.
|
||||
@ -686,7 +709,7 @@ as an initial workdir size log.
|
||||
.It Fl s
|
||||
Compute workdir sizes before cleaning up, and stash them in log file
|
||||
.Pa %L/size.log .
|
||||
Also maintain a rolling log of build sizes under
|
||||
This will also maintain a rolling log of build sizes under
|
||||
.Pa %f/build-stats/%a-size .
|
||||
In order to save time,
|
||||
.Nm
|
||||
@ -1265,7 +1288,14 @@ They should be readable for the
|
||||
.Nm
|
||||
also records rolling build statistics under
|
||||
.Pa ${DISTDIR}/build-stats/${ARCH} ,
|
||||
and uses them automatically in the absence of
|
||||
and uses them automatically
|
||||
.Po
|
||||
see
|
||||
.Ar STATS_BACKLOG
|
||||
and
|
||||
.Ar STATS_USED
|
||||
.Pc
|
||||
in the absence of
|
||||
.Fl b Ar logfile .
|
||||
That file belongs to the
|
||||
.Ar LOG_USER
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: agintc.c,v 1.48 2023/04/25 10:35:48 patrick Exp $ */
|
||||
/* $OpenBSD: agintc.c,v 1.49 2023/06/17 22:10:19 kettenis Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2007, 2009, 2011, 2017 Dale Rahn <drahn@dalerahn.com>
|
||||
* Copyright (c) 2018 Mark Kettenis <kettenis@openbsd.org>
|
||||
@ -1962,6 +1962,9 @@ agintc_intr_disestablish_msi(void *cookie)
|
||||
{
|
||||
agintc_intr_disestablish(*(void **)cookie);
|
||||
*(void **)cookie = NULL;
|
||||
|
||||
/* Invalidate cache. */
|
||||
agintc_msi_invall();
|
||||
}
|
||||
|
||||
void
|
||||
|
@ -1,4 +1,4 @@
|
||||
.\" $OpenBSD: lpd.8,v 1.32 2022/10/10 09:13:43 jsg Exp $
|
||||
.\" $OpenBSD: lpd.8,v 1.33 2023/06/17 15:35:08 jmc Exp $
|
||||
.\" $NetBSD: lpd.8,v 1.23 2002/02/08 01:38:50 ross Exp $
|
||||
.\"
|
||||
.\" Copyright (c) 1983, 1991, 1993
|
||||
@ -30,7 +30,7 @@
|
||||
.\"
|
||||
.\" @(#)lpd.8 8.3 (Berkeley) 4/19/94
|
||||
.\"
|
||||
.Dd $Mdocdate: October 10 2022 $
|
||||
.Dd $Mdocdate: June 17 2023 $
|
||||
.Dt LPD 8
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -242,7 +242,7 @@ The file contains troff output (cat phototypesetter commands).
|
||||
.It n
|
||||
Ditroff File.
|
||||
The file contains device independent troff output.
|
||||
.It r
|
||||
.It d
|
||||
DVI File.
|
||||
The file contains
|
||||
.Tn Tex l
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: ca.c,v 1.43 2023/03/26 18:11:48 tb Exp $ */
|
||||
/* $OpenBSD: ca.c,v 1.44 2023/06/18 11:43:49 op Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2014 Reyk Floeter <reyk@openbsd.org>
|
||||
@ -47,10 +47,17 @@ static int rsae_bn_mod_exp(BIGNUM *, const BIGNUM *, const BIGNUM *,
|
||||
static int rsae_init(RSA *);
|
||||
static int rsae_finish(RSA *);
|
||||
static int rsae_keygen(RSA *, int, BIGNUM *, BN_GENCB *);
|
||||
static int ecdsae_keygen(EC_KEY *);
|
||||
static int ecdsae_compute_key(void *, size_t, const EC_POINT *, EC_KEY *,
|
||||
void *(*)(const void *, size_t, void *, size_t *));
|
||||
static int ecdsae_sign(int, const unsigned char *, int, unsigned char *,
|
||||
unsigned int *, const BIGNUM *, const BIGNUM *, EC_KEY *);
|
||||
|
||||
static ECDSA_SIG *ecdsae_do_sign(const unsigned char *, int, const BIGNUM *,
|
||||
const BIGNUM *, EC_KEY *);
|
||||
static int ecdsae_sign_setup(EC_KEY *, BN_CTX *, BIGNUM **, BIGNUM **);
|
||||
static int ecdsae_verify(int, const unsigned char *, int, const unsigned char *,
|
||||
int, EC_KEY *);
|
||||
static int ecdsae_do_verify(const unsigned char *, int, const ECDSA_SIG *,
|
||||
EC_KEY *);
|
||||
|
||||
@ -492,29 +499,9 @@ rsae_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb)
|
||||
* ECDSA privsep engine (called from unprivileged processes)
|
||||
*/
|
||||
|
||||
const ECDSA_METHOD *ecdsa_default = NULL;
|
||||
const EC_KEY_METHOD *ecdsa_default = NULL;
|
||||
|
||||
static ECDSA_METHOD *ecdsae_method = NULL;
|
||||
|
||||
ECDSA_METHOD *
|
||||
ECDSA_METHOD_new_temporary(const char *name, int);
|
||||
|
||||
ECDSA_METHOD *
|
||||
ECDSA_METHOD_new_temporary(const char *name, int flags)
|
||||
{
|
||||
ECDSA_METHOD *ecdsa;
|
||||
|
||||
if ((ecdsa = calloc(1, sizeof (*ecdsa))) == NULL)
|
||||
return NULL;
|
||||
|
||||
if ((ecdsa->name = strdup(name)) == NULL) {
|
||||
free(ecdsa);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
ecdsa->flags = flags;
|
||||
return ecdsa;
|
||||
}
|
||||
static EC_KEY_METHOD *ecdsae_method = NULL;
|
||||
|
||||
static ECDSA_SIG *
|
||||
ecdsae_send_enc_imsg(const unsigned char *dgst, int dgst_len,
|
||||
@ -531,7 +518,7 @@ ecdsae_send_enc_imsg(const unsigned char *dgst, int dgst_len,
|
||||
uint64_t id;
|
||||
ECDSA_SIG *sig = NULL;
|
||||
|
||||
if ((hash = ECDSA_get_ex_data(eckey, 0)) == NULL)
|
||||
if ((hash = EC_KEY_get_ex_data(eckey, 0)) == NULL)
|
||||
return (0);
|
||||
|
||||
/*
|
||||
@ -590,30 +577,86 @@ ecdsae_send_enc_imsg(const unsigned char *dgst, int dgst_len,
|
||||
return (sig);
|
||||
}
|
||||
|
||||
ECDSA_SIG *
|
||||
ecdsae_do_sign(const unsigned char *dgst, int dgst_len,
|
||||
const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey)
|
||||
static int
|
||||
ecdsae_keygen(EC_KEY *eckey)
|
||||
{
|
||||
int (*keygen)(EC_KEY *);
|
||||
|
||||
log_debug("debug: %s: %s", proc_name(smtpd_process), __func__);
|
||||
if (ECDSA_get_ex_data(eckey, 0) != NULL)
|
||||
EC_KEY_METHOD_get_keygen(ecdsa_default, &keygen);
|
||||
return (keygen(eckey));
|
||||
}
|
||||
|
||||
static int
|
||||
ecdsae_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
|
||||
EC_KEY *ecdh, void *(*kdf)(const void *, size_t, void *, size_t *))
|
||||
{
|
||||
int (*ckey)(void *, size_t, const EC_POINT *, EC_KEY *,
|
||||
void *(*)(const void *, size_t, void *, size_t *));
|
||||
|
||||
log_debug("debug: %s: %s", proc_name(smtpd_process), __func__);
|
||||
EC_KEY_METHOD_get_compute_key(ecdsa_default, &ckey);
|
||||
return (ckey(out, outlen, pub_key, ecdh, kdf));
|
||||
}
|
||||
|
||||
static int
|
||||
ecdsae_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
|
||||
unsigned int *siglen, const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey)
|
||||
{
|
||||
int (*sign)(int, const unsigned char *, int, unsigned char *,
|
||||
unsigned int *, const BIGNUM *, const BIGNUM *, EC_KEY *);
|
||||
|
||||
log_debug("debug: %s: %s", proc_name(smtpd_process), __func__);
|
||||
EC_KEY_METHOD_get_sign(ecdsa_default, &sign, NULL, NULL);
|
||||
return (sign(type, dgst, dlen, sig, siglen, kinv, r, eckey));
|
||||
}
|
||||
|
||||
static ECDSA_SIG *
|
||||
ecdsae_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM *inv,
|
||||
const BIGNUM *rp, EC_KEY *eckey)
|
||||
{
|
||||
ECDSA_SIG *(*psign_sig)(const unsigned char *, int, const BIGNUM *,
|
||||
const BIGNUM *, EC_KEY *);
|
||||
|
||||
log_debug("debug: %s: %s", proc_name(smtpd_process), __func__);
|
||||
if (EC_KEY_get_ex_data(eckey, 0) != NULL)
|
||||
return (ecdsae_send_enc_imsg(dgst, dgst_len, inv, rp, eckey));
|
||||
return (ecdsa_default->ecdsa_do_sign(dgst, dgst_len, inv, rp, eckey));
|
||||
EC_KEY_METHOD_get_sign(ecdsa_default, NULL, NULL, &psign_sig);
|
||||
return (psign_sig(dgst, dgst_len, inv, rp, eckey));
|
||||
}
|
||||
|
||||
int
|
||||
ecdsae_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
|
||||
BIGNUM **r)
|
||||
static int
|
||||
ecdsae_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **r)
|
||||
{
|
||||
int (*psign_setup)(EC_KEY *, BN_CTX *, BIGNUM **, BIGNUM **);
|
||||
|
||||
log_debug("debug: %s: %s", proc_name(smtpd_process), __func__);
|
||||
return (ecdsa_default->ecdsa_sign_setup(eckey, ctx, kinv, r));
|
||||
EC_KEY_METHOD_get_sign(ecdsa_default, NULL, &psign_setup, NULL);
|
||||
return (psign_setup(eckey, ctx, kinv, r));
|
||||
}
|
||||
|
||||
int
|
||||
static int
|
||||
ecdsae_verify(int type, const unsigned char *dgst, int dgst_len,
|
||||
const unsigned char *sigbuf, int sig_len, EC_KEY *eckey)
|
||||
{
|
||||
int (*verify)(int, const unsigned char *, int, const unsigned char *,
|
||||
int, EC_KEY *);
|
||||
|
||||
log_debug("debug: %s: %s", proc_name(smtpd_process), __func__);
|
||||
EC_KEY_METHOD_get_verify(ecdsa_default, &verify, NULL);
|
||||
return (verify(type, dgst, dgst_len, sigbuf, sig_len, eckey));
|
||||
}
|
||||
|
||||
static int
|
||||
ecdsae_do_verify(const unsigned char *dgst, int dgst_len,
|
||||
const ECDSA_SIG *sig, EC_KEY *eckey)
|
||||
{
|
||||
int (*pverify_sig)(const unsigned char *, int, const ECDSA_SIG *,
|
||||
EC_KEY *);
|
||||
|
||||
log_debug("debug: %s: %s", proc_name(smtpd_process), __func__);
|
||||
return (ecdsa_default->ecdsa_do_verify(dgst, dgst_len, sig, eckey));
|
||||
EC_KEY_METHOD_get_verify(ecdsa_default, NULL, &pverify_sig);
|
||||
return (pverify_sig(dgst, dgst_len, sig, eckey));
|
||||
}
|
||||
|
||||
|
||||
@ -694,30 +737,33 @@ ecdsa_engine_init(void)
|
||||
ENGINE *e;
|
||||
const char *errstr, *name;
|
||||
|
||||
if ((ecdsae_method = ECDSA_METHOD_new_temporary("ECDSA privsep engine", 0)) == NULL) {
|
||||
errstr = "ECDSA_METHOD_new_temporary";
|
||||
if ((ecdsae_method = EC_KEY_METHOD_new(NULL)) == NULL) {
|
||||
errstr = "EC_KEY_METHOD_new";
|
||||
goto fail;
|
||||
}
|
||||
|
||||
ecdsae_method->ecdsa_do_sign = ecdsae_do_sign;
|
||||
ecdsae_method->ecdsa_sign_setup = ecdsae_sign_setup;
|
||||
ecdsae_method->ecdsa_do_verify = ecdsae_do_verify;
|
||||
EC_KEY_METHOD_set_keygen(ecdsae_method, ecdsae_keygen);
|
||||
EC_KEY_METHOD_set_compute_key(ecdsae_method, ecdsae_compute_key);
|
||||
EC_KEY_METHOD_set_sign(ecdsae_method, ecdsae_sign, ecdsae_sign_setup,
|
||||
ecdsae_do_sign);
|
||||
EC_KEY_METHOD_set_verify(ecdsae_method, ecdsae_verify,
|
||||
ecdsae_do_verify);
|
||||
|
||||
if ((e = ENGINE_get_default_ECDSA()) == NULL) {
|
||||
if ((e = ENGINE_get_default_EC()) == NULL) {
|
||||
if ((e = ENGINE_new()) == NULL) {
|
||||
errstr = "ENGINE_new";
|
||||
goto fail;
|
||||
}
|
||||
if (!ENGINE_set_name(e, ecdsae_method->name)) {
|
||||
if (!ENGINE_set_name(e, "ECDSA privsep engine")) {
|
||||
errstr = "ENGINE_set_name";
|
||||
goto fail;
|
||||
}
|
||||
if ((ecdsa_default = ECDSA_get_default_method()) == NULL) {
|
||||
errstr = "ECDSA_get_default_method";
|
||||
if ((ecdsa_default = EC_KEY_get_default_method()) == NULL) {
|
||||
errstr = "EC_KEY_get_default_method";
|
||||
goto fail;
|
||||
}
|
||||
} else if ((ecdsa_default = ENGINE_get_ECDSA(e)) == NULL) {
|
||||
errstr = "ENGINE_get_ECDSA";
|
||||
} else if ((ecdsa_default = ENGINE_get_EC(e)) == NULL) {
|
||||
errstr = "ENGINE_get_EC";
|
||||
goto fail;
|
||||
}
|
||||
|
||||
@ -726,12 +772,12 @@ ecdsa_engine_init(void)
|
||||
|
||||
log_debug("debug: %s: using %s", __func__, name);
|
||||
|
||||
if (!ENGINE_set_ECDSA(e, ecdsae_method)) {
|
||||
errstr = "ENGINE_set_ECDSA";
|
||||
if (!ENGINE_set_EC(e, ecdsae_method)) {
|
||||
errstr = "ENGINE_set_EC";
|
||||
goto fail;
|
||||
}
|
||||
if (!ENGINE_set_default_ECDSA(e)) {
|
||||
errstr = "ENGINE_set_default_ECDSA";
|
||||
if (!ENGINE_set_default_EC(e)) {
|
||||
errstr = "ENGINE_set_default_EC";
|
||||
goto fail;
|
||||
}
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: vmd.c,v 1.149 2023/05/13 23:15:28 dv Exp $ */
|
||||
/* $OpenBSD: vmd.c,v 1.150 2023/06/18 11:45:11 op Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2015 Reyk Floeter <reyk@openbsd.org>
|
||||
@ -874,7 +874,7 @@ main(int argc, char **argv)
|
||||
log_setverbose(env->vmd_verbose);
|
||||
|
||||
/* Re-exec from the vmm child process requires an absolute path. */
|
||||
if (proc_id == PROC_PARENT && *argv[0] != '/')
|
||||
if (proc_id == PROC_PARENT && *argv[0] != '/' && !env->vmd_noaction)
|
||||
fatalx("re-exec requires execution with an absolute path");
|
||||
env->argv0 = argv[0];
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user