Module Name: src
Committed By: martin
Date: Fri Aug 23 16:40:48 UTC 2024
Modified Files:
src/lib/libcrypt [netbsd-10]: crypt-argon2.c crypt-sha1.c crypt.c
hmac.c md5crypt.c pw_gensalt.c
Log Message:
Pull up following revision(s) (requested by riastradh in ticket #794):
lib/libcrypt/crypt-argon2.c: revision 1.20
lib/libcrypt/crypt-argon2.c: revision 1.21
lib/libcrypt/crypt-argon2.c: revision 1.22
lib/libcrypt/md5crypt.c: revision 1.16
lib/libcrypt/hmac.c: revision 1.5
lib/libcrypt/crypt-sha1.c: revision 1.11
lib/libcrypt/pw_gensalt.c: revision 1.14
lib/libcrypt/crypt.c: revision 1.41
Don't use uninitialized variable.
Fixes PR 57895.
libcrypt/crypt-argon2.c: Add RCS id.
Noted in PR lib/57895.
libcrypt: Nix trailing whitespace.
No functional change intended.
Prompted by tying up loose ends around PR lib/57895.
To generate a diff of this commit:
cvs rdiff -u -r1.19 -r1.19.2.1 src/lib/libcrypt/crypt-argon2.c
cvs rdiff -u -r1.10 -r1.10.2.1 src/lib/libcrypt/crypt-sha1.c
cvs rdiff -u -r1.38 -r1.38.8.1 src/lib/libcrypt/crypt.c
cvs rdiff -u -r1.4 -r1.4.2.1 src/lib/libcrypt/hmac.c
cvs rdiff -u -r1.15 -r1.15.2.1 src/lib/libcrypt/md5crypt.c
cvs rdiff -u -r1.13 -r1.13.2.1 src/lib/libcrypt/pw_gensalt.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/lib/libcrypt/crypt-argon2.c
diff -u src/lib/libcrypt/crypt-argon2.c:1.19 src/lib/libcrypt/crypt-argon2.c:1.19.2.1
--- src/lib/libcrypt/crypt-argon2.c:1.19 Sun May 29 12:15:00 2022
+++ src/lib/libcrypt/crypt-argon2.c Fri Aug 23 16:40:48 2024
@@ -1,3 +1,5 @@
+/* $NetBSD: crypt-argon2.c,v 1.19.2.1 2024/08/23 16:40:48 martin Exp $ */
+
/*
* Copyright (c) 2009 The NetBSD Foundation, Inc.
* All rights reserved.
@@ -24,13 +26,16 @@
* POSSIBILITY OF SUCH DAMAGE.
*/
+#include <sys/cdefs.h>
+__RCSID("$NetBSD: crypt-argon2.c,v 1.19.2.1 2024/08/23 16:40:48 martin Exp $");
+
#include <sys/resource.h>
#include <sys/param.h>
#include <sys/sysctl.h>
#include <sys/syslimits.h>
#include <stdlib.h>
-#include <stdio.h>
+#include <stdio.h>
#include <unistd.h>
#include <stdio.h>
#include <string.h>
@@ -48,7 +53,7 @@ estimate_argon2_params(argon2_type, uint
/* defaults pulled from run.c */
#define HASHLEN 32
-#define T_COST_DEF 3
+#define T_COST_DEF 3
#define LOG_M_COST_DEF 12 /* 2^12 = 4 MiB */
#define LANES_DEF 1
#define THREADS_DEF 1
@@ -207,12 +212,12 @@ estimate_argon2_params(argon2_type atype
if (clock_gettime(CLOCK_MONOTONIC, &tp1) == -1)
goto error;
- for (; delta.tv_sec < 1 && time < ARGON2_MAX_TIME; ++time) {
+ for (; time < ARGON2_MAX_TIME; ++time) {
if (argon2_hash(time, memory, threads,
- tmp_pwd, sizeof(tmp_pwd),
- tmp_salt, sizeof(tmp_salt),
- tmp_hash, sizeof(tmp_hash),
- tmp_encoded, sizeof(tmp_encoded),
+ tmp_pwd, sizeof(tmp_pwd),
+ tmp_salt, sizeof(tmp_salt),
+ tmp_hash, sizeof(tmp_hash),
+ tmp_encoded, sizeof(tmp_encoded),
atype, ARGON2_VERSION_NUMBER) != ARGON2_OK) {
goto reset;
}
@@ -221,6 +226,8 @@ estimate_argon2_params(argon2_type atype
if (timespeccmp(&tp1, &tp2, >))
break; /* broken system... */
timespecsub(&tp2, &tp1, &delta);
+ if (delta.tv_sec >= 1)
+ break;
}
} else {
time = *etime;
@@ -243,7 +250,7 @@ reset:
/* we don't force param order as input, */
/* but we do provide the expected order to argon2 api */
static int
-decode_option(argon2_context *ctx, argon2_type *atype, const char *option)
+decode_option(argon2_context *ctx, argon2_type *atype, const char *option)
{
size_t tmp = 0;
char *in = 0, *inp;
@@ -261,14 +268,14 @@ decode_option(argon2_context *ctx, argon
sl = strlen(a);
- if (sl == strlen(ARGON2_ARGON2I_STR) &&
+ if (sl == strlen(ARGON2_ARGON2I_STR) &&
!(strcmp(ARGON2_ARGON2I_STR, a))) {
*atype=Argon2_i;
- } else if (sl == strlen(ARGON2_ARGON2D_STR) &&
+ } else if (sl == strlen(ARGON2_ARGON2D_STR) &&
!(strcmp(ARGON2_ARGON2D_STR, a))) {
*atype=Argon2_d;
}
- else if (sl == strlen(ARGON2_ARGON2ID_STR) &&
+ else if (sl == strlen(ARGON2_ARGON2ID_STR) &&
!(strcmp(ARGON2_ARGON2ID_STR, a))) {
*atype=Argon2_id;
} else { /* default to id, we assume simple mistake */
@@ -356,7 +363,7 @@ decode_option(argon2_context *ctx, argon
} else {
/* don't care if passwd hash is missing */
/* if missing, most likely coming from */
- /* pwhash or similar */
+ /* pwhash or similar */
}
/* free our token buffer */
@@ -366,7 +373,7 @@ decode_option(argon2_context *ctx, argon
return error;
}
-crypt_private char *
+crypt_private char *
__crypt_argon2(const char *pw, const char * salt)
{
/* we use the libargon2 api to generate */
Index: src/lib/libcrypt/crypt-sha1.c
diff -u src/lib/libcrypt/crypt-sha1.c:1.10 src/lib/libcrypt/crypt-sha1.c:1.10.2.1
--- src/lib/libcrypt/crypt-sha1.c:1.10 Fri Oct 29 13:22:08 2021
+++ src/lib/libcrypt/crypt-sha1.c Fri Aug 23 16:40:48 2024
@@ -1,21 +1,21 @@
-/* $NetBSD: crypt-sha1.c,v 1.10 2021/10/29 13:22:08 nia Exp $ */
+/* $NetBSD: crypt-sha1.c,v 1.10.2.1 2024/08/23 16:40:48 martin Exp $ */
/*
* Copyright (c) 2004, Juniper Networks, Inc.
* All rights reserved.
- *
+ *
* Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
+ * modification, are permitted provided that the following conditions
+ * are met:
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
+ * documentation and/or other materials provided with the distribution.
* 3. Neither the name of the copyright holders nor the names of its
* contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
+ * from this software without specific prior written permission.
+ *
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
@@ -26,12 +26,12 @@
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <sys/cdefs.h>
#if !defined(lint)
-__RCSID("$NetBSD: crypt-sha1.c,v 1.10 2021/10/29 13:22:08 nia Exp $");
+__RCSID("$NetBSD: crypt-sha1.c,v 1.10.2.1 2024/08/23 16:40:48 martin Exp $");
#endif /* not lint */
#include <stdlib.h>
@@ -103,7 +103,7 @@ __crypt_sha1_iterations (unsigned int hi
* NOTE:
* To be FIPS 140 compliant, the password which is used as a hmac key,
* should be between 10 and 20 characters to provide at least 80bits
- * strength, and avoid the need to hash it before using as the
+ * strength, and avoid the need to hash it before using as the
* hmac key.
*/
crypt_private char *
@@ -154,7 +154,7 @@ __crypt_sha1 (const char *pw, const char
* Now get to work...
* Prime the pump with <salt><magic><iterations>
*/
- dl = snprintf(passwd, sizeof (passwd), "%.*s%s%u",
+ dl = snprintf(passwd, sizeof (passwd), "%.*s%s%u",
sl, salt, magic, iterations);
/*
* Then hmac using <pw> as key, and repeat...
@@ -186,4 +186,4 @@ __crypt_sha1 (const char *pw, const char
explicit_memset(hmac_buf, 0, sizeof hmac_buf);
return passwd;
-}
+}
Index: src/lib/libcrypt/crypt.c
diff -u src/lib/libcrypt/crypt.c:1.38 src/lib/libcrypt/crypt.c:1.38.8.1
--- src/lib/libcrypt/crypt.c:1.38 Sat Feb 22 10:29:17 2020
+++ src/lib/libcrypt/crypt.c Fri Aug 23 16:40:48 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: crypt.c,v 1.38 2020/02/22 10:29:17 kamil Exp $ */
+/* $NetBSD: crypt.c,v 1.38.8.1 2024/08/23 16:40:48 martin Exp $ */
/*
* Copyright (c) 1989, 1993
@@ -37,7 +37,7 @@
#if 0
static char sccsid[] = "@(#)crypt.c 8.1.1.1 (Berkeley) 8/18/93";
#else
-__RCSID("$NetBSD: crypt.c,v 1.38 2020/02/22 10:29:17 kamil Exp $");
+__RCSID("$NetBSD: crypt.c,v 1.38.8.1 2024/08/23 16:40:48 martin Exp $");
#endif
#endif /* not lint */
@@ -480,7 +480,7 @@ ascii_to_bin(char ch)
if (sch >= 'a')
retval = sch - ('a' - 38);
- else if (sch >= 'A')
+ else if (sch >= 'A')
retval = sch - ('A' - 12);
else
retval = sch - '.';
@@ -499,13 +499,13 @@ ascii_is_unsafe(char ch)
}
/*
- * We extract the scheme from setting str to allow for
+ * We extract the scheme from setting str to allow for
* full scheme name comparison
- * Updated to reflect alc suggestion(s)
+ * Updated to reflect alc suggestion(s)
*
* retuns boolean 0 on failure, 1 on success,
*/
-static int
+static int
nondes_scheme_substr(const char * setting,char * scheme, unsigned int len)
{
const char * start;
@@ -548,7 +548,7 @@ static char *
__crypt(const char *key, const char *setting)
{
char *encp;
- char scheme[12];
+ char scheme[12];
int32_t i;
int t;
int r;
Index: src/lib/libcrypt/hmac.c
diff -u src/lib/libcrypt/hmac.c:1.4 src/lib/libcrypt/hmac.c:1.4.2.1
--- src/lib/libcrypt/hmac.c:1.4 Sat Oct 16 10:53:33 2021
+++ src/lib/libcrypt/hmac.c Fri Aug 23 16:40:48 2024
@@ -1,21 +1,21 @@
-/* $NetBSD: hmac.c,v 1.4 2021/10/16 10:53:33 nia Exp $ */
+/* $NetBSD: hmac.c,v 1.4.2.1 2024/08/23 16:40:48 martin Exp $ */
/*
* Copyright (c) 2004, Juniper Networks, Inc.
* All rights reserved.
- *
+ *
* Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
+ * modification, are permitted provided that the following conditions
+ * are met:
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
+ * documentation and/or other materials provided with the distribution.
* 3. Neither the name of the copyright holders nor the names of its
* contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
+ * from this software without specific prior written permission.
+ *
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
@@ -26,7 +26,7 @@
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
/*
* Implement HMAC as described in RFC 2104
@@ -42,7 +42,7 @@
*/
#include <sys/cdefs.h>
#if !defined(lint)
-__RCSID("$NetBSD: hmac.c,v 1.4 2021/10/16 10:53:33 nia Exp $");
+__RCSID("$NetBSD: hmac.c,v 1.4.2.1 2024/08/23 16:40:48 martin Exp $");
#endif /* not lint */
#include <stdlib.h>
@@ -74,7 +74,7 @@ HMAC_FUNC (const unsigned char *text, si
/* Outer padding key XOR'd with opad */
unsigned char k_opad[HMAC_BLOCKSZ];
/* HASH(key) if needed */
- unsigned char tk[HASH_LENGTH];
+ unsigned char tk[HASH_LENGTH];
size_t i;
/*
@@ -253,7 +253,7 @@ HMAC_KAT (FILE *fp)
unsigned char *data;
char *result;
int n = 0;
-
+
for (test = tests; test->key; test++) {
key = test->key;
X2B(key, kbuf);
@@ -262,7 +262,7 @@ HMAC_KAT (FILE *fp)
HMAC_FUNC(data, strlen(data), key, strlen(key), digest);
strcpy(dbuf, "0x");
b2x(&dbuf[2], (sizeof dbuf) - 2, digest, HASH_LENGTH);
-
+
if (strcmp(dbuf, test->expect) == 0)
result = "Ok";
else {
@@ -293,7 +293,7 @@ main (int argc, char *argv[])
if (argc == 1)
exit(HMAC_KAT(stdout));
#endif
-
+
if (argc < 3) {
fprintf(stderr, "Usage:\n\t%s key data\n", argv[0]);
exit(1);
@@ -307,5 +307,3 @@ main (int argc, char *argv[])
exit(0);
}
#endif
-
-
Index: src/lib/libcrypt/md5crypt.c
diff -u src/lib/libcrypt/md5crypt.c:1.15 src/lib/libcrypt/md5crypt.c:1.15.2.1
--- src/lib/libcrypt/md5crypt.c:1.15 Sat Oct 16 10:53:33 2021
+++ src/lib/libcrypt/md5crypt.c Fri Aug 23 16:40:48 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: md5crypt.c,v 1.15 2021/10/16 10:53:33 nia Exp $ */
+/* $NetBSD: md5crypt.c,v 1.15.2.1 2024/08/23 16:40:48 martin Exp $ */
/*
* ----------------------------------------------------------------------------
@@ -15,7 +15,7 @@
#include <sys/cdefs.h>
#if !defined(lint)
-__RCSID("$NetBSD: md5crypt.c,v 1.15 2021/10/16 10:53:33 nia Exp $");
+__RCSID("$NetBSD: md5crypt.c,v 1.15.2.1 2024/08/23 16:40:48 martin Exp $");
#endif /* not lint */
#include <unistd.h>
@@ -46,9 +46,9 @@ __md5crypt(const char *pw, const char *s
MD5_CTX ctx, ctx1;
u_int32_t l;
int pl;
-
+
pwl = strlen(pw);
-
+
/* Refine the salt first */
sp = salt;
Index: src/lib/libcrypt/pw_gensalt.c
diff -u src/lib/libcrypt/pw_gensalt.c:1.13 src/lib/libcrypt/pw_gensalt.c:1.13.2.1
--- src/lib/libcrypt/pw_gensalt.c:1.13 Wed Oct 20 13:03:29 2021
+++ src/lib/libcrypt/pw_gensalt.c Fri Aug 23 16:40:48 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: pw_gensalt.c,v 1.13 2021/10/20 13:03:29 nia Exp $ */
+/* $NetBSD: pw_gensalt.c,v 1.13.2.1 2024/08/23 16:40:48 martin Exp $ */
/*
* Copyright 1997 Niels Provos <pro...@physnet.uni-hamburg.de>
@@ -34,7 +34,7 @@
#include <sys/cdefs.h>
#ifndef lint
-__RCSID("$NetBSD: pw_gensalt.c,v 1.13 2021/10/20 13:03:29 nia Exp $");
+__RCSID("$NetBSD: pw_gensalt.c,v 1.13.2.1 2024/08/23 16:40:48 martin Exp $");
#endif /* not lint */
#include <sys/syslimits.h>
@@ -249,7 +249,7 @@ __gensalt_argon2(char *salt, size_t salt
return 0;
}
- n = snprintf(salt, saltsiz, "$%s$v=%d$%s$",
+ n = snprintf(salt, saltsiz, "$%s$v=%d$%s$",
argon2_type2string(atype,0), ARGON2_VERSION_NUMBER, buf);
if ((size_t)n + 16 >= saltsiz) {
