From 686c7d9ee6f44b2be4128d7860b6b37adaeba733 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 15 May 2014 14:37:03 +1000 Subject: [PATCH] - djm@cvs.openbsd.org 2014/05/02 03:27:54 [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c] [misc.h poly1305.h ssh-pkcs11.c defines.h] revert __bounded change; it causes way more problems for portable than it solves; pointed out by dtucker@ --- ChangeLog | 5 +++++ chacha.h | 12 ++++++------ cipher-chachapoly.h | 6 +++--- defines.h | 20 +------------------- digest.h | 12 ++++++------ hmac.h | 8 ++++---- kex.h | 10 +++++----- kexc25519.c | 8 ++++---- misc.h | 18 +++++++++--------- poly1305.h | 8 ++++---- ssh-pkcs11.c | 4 ++-- 11 files changed, 49 insertions(+), 62 deletions(-) diff --git a/ChangeLog b/ChangeLog index eb4fac66de04..486ed9c5c5f2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -71,6 +71,11 @@ UMAC can use our local fallback implementation of AES when OpenSSL isn't available. Glue code straight from Ted Krovetz's original umac.c. ok markus@ + - djm@cvs.openbsd.org 2014/05/02 03:27:54 + [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c] + [misc.h poly1305.h ssh-pkcs11.c defines.h] + revert __bounded change; it causes way more problems for portable than + it solves; pointed out by dtucker@ 20140430 - (dtucker) [defines.h] Define __GNUC_PREREQ__ macro if we don't already diff --git a/chacha.h b/chacha.h index ea57fe179467..40eaf2d90093 100644 --- a/chacha.h +++ b/chacha.h @@ -1,4 +1,4 @@ -/* $OpenBSD: chacha.h,v 1.2 2014/03/26 04:55:35 djm Exp $ */ +/* $OpenBSD: chacha.h,v 1.3 2014/05/02 03:27:54 djm Exp $ */ /* chacha-merged.c version 20080118 @@ -22,14 +22,14 @@ struct chacha_ctx { #define CHACHA_BLOCKLEN 64 void chacha_keysetup(struct chacha_ctx *x, const u_char *k, u_int kbits) - __bounded((__minbytes__, 2, CHACHA_MINKEYLEN)); + __attribute__((__bounded__(__minbytes__, 2, CHACHA_MINKEYLEN))); void chacha_ivsetup(struct chacha_ctx *x, const u_char *iv, const u_char *ctr) - __bounded((__minbytes__, 2, CHACHA_NONCELEN)) - __bounded((__minbytes__, 3, CHACHA_CTRLEN)); + __attribute__((__bounded__(__minbytes__, 2, CHACHA_NONCELEN))) + __attribute__((__bounded__(__minbytes__, 3, CHACHA_CTRLEN))); void chacha_encrypt_bytes(struct chacha_ctx *x, const u_char *m, u_char *c, u_int bytes) - __bounded((__buffer__, 2, 4)) - __bounded((__buffer__, 3, 4)); + __attribute__((__bounded__(__buffer__, 2, 4))) + __attribute__((__bounded__(__buffer__, 3, 4))); #endif /* CHACHA_H */ diff --git a/cipher-chachapoly.h b/cipher-chachapoly.h index 35326b9a3233..7948dcdcde05 100644 --- a/cipher-chachapoly.h +++ b/cipher-chachapoly.h @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher-chachapoly.h,v 1.2 2014/03/26 04:55:35 djm Exp $ */ +/* $OpenBSD: cipher-chachapoly.h,v 1.3 2014/05/02 03:27:54 djm Exp $ */ /* * Copyright (c) Damien Miller 2013 @@ -30,12 +30,12 @@ struct chachapoly_ctx { void chachapoly_init(struct chachapoly_ctx *cpctx, const u_char *key, u_int keylen) - __bounded((__buffer__, 2, 3)); + __attribute__((__bounded__(__buffer__, 2, 3))); int chachapoly_crypt(struct chachapoly_ctx *cpctx, u_int seqnr, u_char *dest, const u_char *src, u_int len, u_int aadlen, u_int authlen, int do_encrypt); int chachapoly_get_length(struct chachapoly_ctx *cpctx, u_int *plenp, u_int seqnr, const u_char *cp, u_int len) - __bounded((__buffer__, 4, 5)); + __attribute__((__bounded__(__buffer__, 4, 5))); #endif /* CHACHA_POLY_AEAD_H */ diff --git a/defines.h b/defines.h index 928bd9b01c08..9e383020b2d9 100644 --- a/defines.h +++ b/defines.h @@ -25,7 +25,7 @@ #ifndef _DEFINES_H #define _DEFINES_H -/* $Id: defines.h,v 1.178 2014/04/30 16:24:35 dtucker Exp $ */ +/* $Id: defines.h,v 1.179 2014/05/15 04:37:04 djm Exp $ */ /* Constants */ @@ -826,22 +826,4 @@ struct winsize { # define arc4random_stir() #endif -/* Macro to test if we're using a specific version of gcc or later. */ -#if defined(__GNUC__) && !defined(__GNUC_PREREQ__) -#define __GNUC_PREREQ__(ma, mi) \ - ((__GNUC__ > (ma)) || (__GNUC__ == (ma) && __GNUC_MINOR__ >= (mi))) -#else -#define __GNUC_PREREQ__(ma, mi) 0 -#endif - -/* __bounded macro */ -#ifndef __bounded -# if defined(__GNUC__) && __GNUC_PREREQ__(3,3) && !defined(__clang__) -# define __bounded(args) __attribute__ ((__bounded__ args )) -# else -# define __bounded(args) /* delete */ -# endif /* __GNUC_PREREQ__(3,3) && !defined(__clang__) */ -#endif - - #endif /* _DEFINES_H */ diff --git a/digest.h b/digest.h index 0edd0a785bef..04295e277543 100644 --- a/digest.h +++ b/digest.h @@ -1,4 +1,4 @@ -/* $OpenBSD: digest.h,v 1.3 2014/03/26 04:55:35 djm Exp $ */ +/* $OpenBSD: digest.h,v 1.4 2014/05/02 03:27:54 djm Exp $ */ /* * Copyright (c) 2013 Damien Miller * @@ -45,18 +45,18 @@ int ssh_digest_copy_state(struct ssh_digest_ctx *from, /* One-shot API */ int ssh_digest_memory(int alg, const void *m, size_t mlen, u_char *d, size_t dlen) - __bounded((__buffer__, 2, 3)) - __bounded((__buffer__, 4, 5)); + __attribute__((__bounded__(__buffer__, 2, 3))) + __attribute__((__bounded__(__buffer__, 4, 5))); int ssh_digest_buffer(int alg, const Buffer *b, u_char *d, size_t dlen) - __bounded((__buffer__, 3, 4)); + __attribute__((__bounded__(__buffer__, 3, 4))); /* Update API */ struct ssh_digest_ctx *ssh_digest_start(int alg); int ssh_digest_update(struct ssh_digest_ctx *ctx, const void *m, size_t mlen) - __bounded((__buffer__, 2, 3)); + __attribute__((__bounded__(__buffer__, 2, 3))); int ssh_digest_update_buffer(struct ssh_digest_ctx *ctx, const Buffer *b); int ssh_digest_final(struct ssh_digest_ctx *ctx, u_char *d, size_t dlen) - __bounded((__buffer__, 2, 3)); + __attribute__((__bounded__(__buffer__, 2, 3))); void ssh_digest_free(struct ssh_digest_ctx *ctx); #endif /* _DIGEST_H */ diff --git a/hmac.h b/hmac.h index 9eddbe243212..05813906e7e0 100644 --- a/hmac.h +++ b/hmac.h @@ -1,4 +1,4 @@ -/* $OpenBSD: hmac.h,v 1.7 2014/03/26 04:55:35 djm Exp $ */ +/* $OpenBSD: hmac.h,v 1.8 2014/05/02 03:27:54 djm Exp $ */ /* * Copyright (c) 2014 Markus Friedl. All rights reserved. * @@ -26,12 +26,12 @@ struct ssh_hmac_ctx *ssh_hmac_start(int alg); /* Sets the state of the HMAC or resets the state if key == NULL */ int ssh_hmac_init(struct ssh_hmac_ctx *ctx, const void *key, size_t klen) - __bounded((__buffer__, 2, 3)); + __attribute__((__bounded__(__buffer__, 2, 3))); int ssh_hmac_update(struct ssh_hmac_ctx *ctx, const void *m, size_t mlen) - __bounded((__buffer__, 2, 3)); + __attribute__((__bounded__(__buffer__, 2, 3))); int ssh_hmac_update_buffer(struct ssh_hmac_ctx *ctx, const Buffer *b); int ssh_hmac_final(struct ssh_hmac_ctx *ctx, u_char *d, size_t dlen) - __bounded((__buffer__, 2, 3)); + __attribute__((__bounded__(__buffer__, 2, 3))); void ssh_hmac_free(struct ssh_hmac_ctx *ctx); #endif /* _HMAC_H */ diff --git a/kex.h b/kex.h index 2229ae3d5f49..4c40ec851859 100644 --- a/kex.h +++ b/kex.h @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.63 2014/03/26 04:55:35 djm Exp $ */ +/* $OpenBSD: kex.h,v 1.64 2014/05/02 03:27:54 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -187,12 +187,12 @@ kex_c25519_hash(int, char *, char *, char *, int, #define CURVE25519_SIZE 32 void kexc25519_keygen(u_char[CURVE25519_SIZE], u_char[CURVE25519_SIZE]) - __bounded((__minbytes__, 1, CURVE25519_SIZE)) - __bounded((__minbytes__, 2, CURVE25519_SIZE)); + __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) + __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); void kexc25519_shared_key(const u_char key[CURVE25519_SIZE], const u_char pub[CURVE25519_SIZE], Buffer *out) - __bounded((__minbytes__, 1, CURVE25519_SIZE)) - __bounded((__minbytes__, 2, CURVE25519_SIZE)); + __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) + __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))); void derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]); diff --git a/kexc25519.c b/kexc25519.c index 4dc842c4445f..e3afa005512a 100644 --- a/kexc25519.c +++ b/kexc25519.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexc25519.c,v 1.6 2014/03/26 04:55:35 djm Exp $ */ +/* $OpenBSD: kexc25519.c,v 1.7 2014/05/02 03:27:54 djm Exp $ */ /* * Copyright (c) 2001, 2013 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -45,9 +45,9 @@ extern int crypto_scalarmult_curve25519(u_char a[CURVE25519_SIZE], const u_char b[CURVE25519_SIZE], const u_char c[CURVE25519_SIZE]) - __bounded((__minbytes__, 1, CURVE25519_SIZE)) - __bounded((__minbytes__, 2, CURVE25519_SIZE)) - __bounded((__minbytes__, 3, CURVE25519_SIZE)); + __attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE))) + __attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE))) + __attribute__((__bounded__(__minbytes__, 3, CURVE25519_SIZE))); void kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE]) diff --git a/misc.h b/misc.h index 309d4ec176a2..7b0c503a3cd0 100644 --- a/misc.h +++ b/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.52 2014/04/20 02:30:25 djm Exp $ */ +/* $OpenBSD: misc.h,v 1.53 2014/05/02 03:27:54 djm Exp $ */ /* * Author: Tatu Ylonen @@ -70,23 +70,23 @@ int tun_open(int, int); /* Functions to extract or store big-endian words of various sizes */ u_int64_t get_u64(const void *) - __bounded(( __minbytes__, 1, 8)); + __attribute__((__bounded__( __minbytes__, 1, 8))); u_int32_t get_u32(const void *) - __bounded(( __minbytes__, 1, 4)); + __attribute__((__bounded__( __minbytes__, 1, 4))); u_int16_t get_u16(const void *) - __bounded(( __minbytes__, 1, 2)); + __attribute__((__bounded__( __minbytes__, 1, 2))); void put_u64(void *, u_int64_t) - __bounded(( __minbytes__, 1, 8)); + __attribute__((__bounded__( __minbytes__, 1, 8))); void put_u32(void *, u_int32_t) - __bounded(( __minbytes__, 1, 4)); + __attribute__((__bounded__( __minbytes__, 1, 4))); void put_u16(void *, u_int16_t) - __bounded(( __minbytes__, 1, 2)); + __attribute__((__bounded__( __minbytes__, 1, 2))); /* Little-endian store/load, used by umac.c */ u_int32_t get_u32_le(const void *) - __bounded(( __minbytes__, 1, 4)); + __attribute__((__bounded__(__minbytes__, 1, 4))); void put_u32_le(void *, u_int32_t) - __bounded(( __minbytes__, 1, 4)); + __attribute__((__bounded__(__minbytes__, 1, 4))); struct bwlimit { size_t buflen; diff --git a/poly1305.h b/poly1305.h index 82373e6af925..f7db5f8d7c98 100644 --- a/poly1305.h +++ b/poly1305.h @@ -1,4 +1,4 @@ -/* $OpenBSD: poly1305.h,v 1.3 2014/03/26 04:55:35 djm Exp $ */ +/* $OpenBSD: poly1305.h,v 1.4 2014/05/02 03:27:54 djm Exp $ */ /* * Public Domain poly1305 from Andrew Moon @@ -15,8 +15,8 @@ void poly1305_auth(u_char out[POLY1305_TAGLEN], const u_char *m, size_t inlen, const u_char key[POLY1305_KEYLEN]) - __bounded((__minbytes__, 1, POLY1305_TAGLEN)) - __bounded((__buffer__, 2, 3)) - __bounded((__minbytes__, 4, POLY1305_KEYLEN)); + __attribute__((__bounded__(__minbytes__, 1, POLY1305_TAGLEN))) + __attribute__((__bounded__(__buffer__, 2, 3))) + __attribute__((__bounded__(__minbytes__, 4, POLY1305_KEYLEN))); #endif /* POLY1305_H */ diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index ed5268c1223b..d3e877291a09 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.c,v 1.12 2014/03/26 04:55:35 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11.c,v 1.13 2014/05/02 03:27:54 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * @@ -386,7 +386,7 @@ pkcs11_open_session(struct pkcs11_provider *p, CK_ULONG slotidx, char *pin) */ static int pkcs11_fetch_keys_filter(struct pkcs11_provider *, CK_ULONG, CK_ATTRIBUTE [], CK_ATTRIBUTE [3], Key ***, int *) - __bounded((__minbytes__,4, 3 * sizeof(CK_ATTRIBUTE))); + __attribute__((__bounded__(__minbytes__,4, 3 * sizeof(CK_ATTRIBUTE)))); static int pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx,