mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2025-01-11 17:04:19 +01:00
= Fix a bug in UI_UTIL_read_pw's error handling that caused
des_read_pw_string to break (and thus rather mysteriously breaking utilities such as kinit). = Enable the BSD /dev/crypto interface. (These changes are being imported on the vendor branch, as they have already been accepted and committed to the OpenSSL CVS repository.)
This commit is contained in:
parent
5c87c606cd
commit
6e955c8f09
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/vendor-crypto/openssl/dist/; revision=110018
@ -95,19 +95,19 @@ void ENGINE_load_builtin_engines(void)
|
|||||||
#ifndef OPENSSL_NO_HW_4758_CCA
|
#ifndef OPENSSL_NO_HW_4758_CCA
|
||||||
ENGINE_load_4758cca();
|
ENGINE_load_4758cca();
|
||||||
#endif
|
#endif
|
||||||
#ifdef __OpenBSD__
|
#if defined(__OpenBSD__) || defined(__FreeBSD__)
|
||||||
ENGINE_load_cryptodev();
|
ENGINE_load_cryptodev();
|
||||||
#endif
|
#endif
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef __OpenBSD__
|
#if defined(__OpenBSD__) || defined(__FreeBSD__)
|
||||||
void ENGINE_setup_openbsd(void) {
|
void ENGINE_setup_bsd_cryptodev(void) {
|
||||||
static int openbsd_default_loaded = 0;
|
static int bsd_cryptodev_default_loaded = 0;
|
||||||
if (!openbsd_default_loaded) {
|
if (!bsd_cryptodev_default_loaded) {
|
||||||
ENGINE_load_cryptodev();
|
ENGINE_load_cryptodev();
|
||||||
ENGINE_register_all_complete();
|
ENGINE_register_all_complete();
|
||||||
}
|
}
|
||||||
openbsd_default_loaded=1;
|
bsd_cryptodev_default_loaded=1;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
@ -33,31 +33,28 @@
|
|||||||
#include <openssl/engine.h>
|
#include <openssl/engine.h>
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
|
|
||||||
#ifndef __OpenBSD__
|
#if (defined(__unix__) || defined(unix)) && !defined(USG)
|
||||||
|
#include <sys/param.h>
|
||||||
|
# if (OpenBSD >= 200112) || ((__FreeBSD_version >= 470101 && __FreeBSD_version < 500000) || __FreeBSD_version >= 500041)
|
||||||
|
# define HAVE_CRYPTODEV
|
||||||
|
# endif
|
||||||
|
# if (OpenBSD >= 200110)
|
||||||
|
# define HAVE_SYSLOG_R
|
||||||
|
# endif
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef HAVE_CRYPTODEV
|
||||||
|
|
||||||
void
|
void
|
||||||
ENGINE_load_cryptodev(void)
|
ENGINE_load_cryptodev(void)
|
||||||
{
|
{
|
||||||
/* This is a NOP unless __OpenBSD__ is defined */
|
/* This is a NOP on platforms without /dev/crypto */
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
#else /* __OpenBSD__ */
|
#else
|
||||||
|
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#include <sys/param.h>
|
|
||||||
|
|
||||||
#if OpenBSD < 200112
|
|
||||||
|
|
||||||
void
|
|
||||||
ENGINE_load_cryptodev(void)
|
|
||||||
{
|
|
||||||
/* This is a NOP unless we have release 3.0 (released december 2001) */
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
#else /* OpenBSD 3.0 or above */
|
|
||||||
|
|
||||||
#include <crypto/cryptodev.h>
|
#include <crypto/cryptodev.h>
|
||||||
#include <sys/ioctl.h>
|
#include <sys/ioctl.h>
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
@ -1032,12 +1029,18 @@ static DH_METHOD cryptodev_dh = {
|
|||||||
static int
|
static int
|
||||||
cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
|
cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)())
|
||||||
{
|
{
|
||||||
|
#ifdef HAVE_SYSLOG_R
|
||||||
struct syslog_data sd = SYSLOG_DATA_INIT;
|
struct syslog_data sd = SYSLOG_DATA_INIT;
|
||||||
|
#endif
|
||||||
|
|
||||||
switch (cmd) {
|
switch (cmd) {
|
||||||
default:
|
default:
|
||||||
|
#ifdef HAVE_SYSLOG_R
|
||||||
syslog_r(LOG_ERR, &sd,
|
syslog_r(LOG_ERR, &sd,
|
||||||
"cryptodev_ctrl: unknown command %d", cmd);
|
"cryptodev_ctrl: unknown command %d", cmd);
|
||||||
|
#else
|
||||||
|
syslog(LOG_ERR, "cryptodev_ctrl: unknown command %d", cmd);
|
||||||
|
#endif
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
return (1);
|
return (1);
|
||||||
@ -1064,7 +1067,7 @@ ENGINE_load_cryptodev(void)
|
|||||||
close(fd);
|
close(fd);
|
||||||
|
|
||||||
if (!ENGINE_set_id(engine, "cryptodev") ||
|
if (!ENGINE_set_id(engine, "cryptodev") ||
|
||||||
!ENGINE_set_name(engine, "OpenBSD cryptodev engine") ||
|
!ENGINE_set_name(engine, "BSD cryptodev engine") ||
|
||||||
!ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) ||
|
!ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) ||
|
||||||
!ENGINE_set_digests(engine, cryptodev_engine_digests) ||
|
!ENGINE_set_digests(engine, cryptodev_engine_digests) ||
|
||||||
!ENGINE_set_ctrl_function(engine, cryptodev_ctrl) ||
|
!ENGINE_set_ctrl_function(engine, cryptodev_ctrl) ||
|
||||||
@ -1126,5 +1129,4 @@ ENGINE_load_cryptodev(void)
|
|||||||
ERR_clear_error();
|
ERR_clear_error();
|
||||||
}
|
}
|
||||||
|
|
||||||
#endif /* OpenBSD 3.0 or above */
|
#endif /* HAVE_CRYPTODEV */
|
||||||
#endif /* __OpenBSD__ */
|
|
||||||
|
@ -73,7 +73,7 @@ void OPENSSL_add_all_algorithms_noconf(void)
|
|||||||
{
|
{
|
||||||
OpenSSL_add_all_ciphers();
|
OpenSSL_add_all_ciphers();
|
||||||
OpenSSL_add_all_digests();
|
OpenSSL_add_all_digests();
|
||||||
#ifdef __OpenBSD__
|
#if defined(__OpenBSD__) || defined(__FreeBSD__)
|
||||||
ENGINE_setup_openbsd();
|
ENGINE_setup_bsd_cryptodev();
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
@ -237,7 +237,7 @@ static int general_allocate_boolean(UI *ui,
|
|||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Returns the index to the place in the stack or 0 for error. Uses a
|
/* Returns the index to the place in the stack or -1 for error. Uses a
|
||||||
direct reference to the prompt. */
|
direct reference to the prompt. */
|
||||||
int UI_add_input_string(UI *ui, const char *prompt, int flags,
|
int UI_add_input_string(UI *ui, const char *prompt, int flags,
|
||||||
char *result_buf, int minsize, int maxsize)
|
char *result_buf, int minsize, int maxsize)
|
||||||
|
@ -78,12 +78,14 @@ int UI_UTIL_read_pw(char *buf,char *buff,int size,const char *prompt,int verify)
|
|||||||
if (ui)
|
if (ui)
|
||||||
{
|
{
|
||||||
ok = UI_add_input_string(ui,prompt,0,buf,0,size-1);
|
ok = UI_add_input_string(ui,prompt,0,buf,0,size-1);
|
||||||
if (ok == 0 && verify)
|
if (ok >= 0 && verify)
|
||||||
ok = UI_add_verify_string(ui,prompt,0,buff,0,size-1,
|
ok = UI_add_verify_string(ui,prompt,0,buff,0,size-1,
|
||||||
buf);
|
buf);
|
||||||
if (ok == 0)
|
if (ok >= 0)
|
||||||
ok=UI_process(ui);
|
ok=UI_process(ui);
|
||||||
UI_free(ui);
|
UI_free(ui);
|
||||||
}
|
}
|
||||||
|
if (ok > 0)
|
||||||
|
ok = 0;
|
||||||
return(ok);
|
return(ok);
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user