diff --git a/distrib/sets/lists/base/mi b/distrib/sets/lists/base/mi index 037fcd652..01c25e4f9 100644 --- a/distrib/sets/lists/base/mi +++ b/distrib/sets/lists/base/mi @@ -736,7 +736,7 @@ ./usr/lib/libagentx.so.1.1 ./usr/lib/libc.so.97.0 ./usr/lib/libcbor.so.2.0 -./usr/lib/libcrypto.so.51.0 +./usr/lib/libcrypto.so.52.0 ./usr/lib/libcurses.so.14.0 ./usr/lib/libedit.so.5.2 ./usr/lib/libelf.so.3.0 @@ -765,10 +765,10 @@ ./usr/lib/librpcsvc.so.3.0 ./usr/lib/libskey.so.6.0 ./usr/lib/libsndio.so.7.2 -./usr/lib/libssl.so.54.0 +./usr/lib/libssl.so.55.0 ./usr/lib/libtermcap.so.14.0 ./usr/lib/libtermlib.so.14.0 -./usr/lib/libtls.so.27.0 +./usr/lib/libtls.so.28.0 ./usr/lib/libusbhid.so.7.1 ./usr/lib/libutil.so.17.0 ./usr/lib/libz.so.7.0 @@ -3000,7 +3000,7 @@ ./usr/share/relink/usr ./usr/share/relink/usr/lib ./usr/share/relink/usr/lib/libc.so.97.0.a -./usr/share/relink/usr/lib/libcrypto.so.51.0.a +./usr/share/relink/usr/lib/libcrypto.so.52.0.a ./usr/share/relink/usr/libexec ./usr/share/relink/usr/libexec/ld.so.a ./usr/share/relink/usr/sbin diff --git a/distrib/sets/lists/comp/mi b/distrib/sets/lists/comp/mi index 3f02e8d38..60bdb81a8 100644 --- a/distrib/sets/lists/comp/mi +++ b/distrib/sets/lists/comp/mi @@ -1120,7 +1120,6 @@ ./usr/include/openssl/des.h ./usr/include/openssl/dh.h ./usr/include/openssl/dsa.h -./usr/include/openssl/dso.h ./usr/include/openssl/dtls1.h ./usr/include/openssl/ec.h ./usr/include/openssl/ecdh.h @@ -1754,7 +1753,6 @@ ./usr/share/man/man2/ypconnect.2 ./usr/share/man/man3/ACCESS_DESCRIPTION_new.3 ./usr/share/man/man3/AES_encrypt.3 -./usr/share/man/man3/ASN1_BIT_STRING_num_asc.3 ./usr/share/man/man3/ASN1_BIT_STRING_set.3 ./usr/share/man/man3/ASN1_INTEGER_get.3 ./usr/share/man/man3/ASN1_NULL_new.3 diff --git a/lib/csu/crt0.c b/lib/csu/crt0.c index e3615dfc1..007c55a5a 100644 --- a/lib/csu/crt0.c +++ b/lib/csu/crt0.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crt0.c,v 1.17 2022/01/12 21:41:06 guenther Exp $ */ +/* $OpenBSD: crt0.c,v 1.18 2023/07/27 18:17:14 kettenis Exp $ */ /* * Copyright (c) 1995 Christopher G. Demetriou @@ -60,7 +60,7 @@ char ***_csu_finish(char **_argv, char **_envp, void (*_cleanup)(void)); #ifdef MCRT0 #include -extern unsigned char _etext, _eprol; +extern __dso_hidden unsigned char _etext, _eprol; #endif /* MCRT0 */ #ifdef RCRT0 diff --git a/lib/libcrypto/Makefile b/lib/libcrypto/Makefile index b9cb2eddc..c882c1a9d 100644 --- a/lib/libcrypto/Makefile +++ b/lib/libcrypto/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.139 2023/07/21 09:04:23 tb Exp $ +# $OpenBSD: Makefile,v 1.153 2023/07/29 06:46:20 tb Exp $ LIB= crypto LIBREBUILD=y @@ -22,14 +22,7 @@ CFLAGS+= -DLIBRESSL_INTERNAL .ifdef NAMESPACE CFLAGS+= -DLIBRESSL_NAMESPACE -DLIBRESSL_CRYPTO_NAMESPACE .endif - - -.if !defined(NOPIC) -CFLAGS+= -DDSO_DLFCN -DHAVE_DLFCN_H -DHAVE_FUNOPEN -.endif - -# Hardware engines -CFLAGS+= -DOPENSSL_NO_HW_PADLOCK # XXX enable this? +CFLAGS+= -DHAVE_FUNOPEN CFLAGS+= -I${LCRYPTO_SRC} CFLAGS+= -I${LCRYPTO_SRC}/arch/${MACHINE_CPU} @@ -78,7 +71,6 @@ SRCS+= aes_cfb.c SRCS+= aes_ctr.c SRCS+= aes_ecb.c SRCS+= aes_ige.c -SRCS+= aes_misc.c SRCS+= aes_ofb.c SRCS+= aes_wrap.c @@ -117,7 +109,6 @@ SRCS+= p5_pbe.c SRCS+= p5_pbev2.c SRCS+= p8_pkey.c SRCS+= t_crl.c -SRCS+= t_pkey.c SRCS+= t_req.c SRCS+= t_spki.c SRCS+= t_x509.c @@ -205,7 +196,6 @@ SRCS+= bn_word.c # buffer/ SRCS+= buf_err.c -SRCS+= buf_str.c SRCS+= buffer.c # bytestring/ @@ -249,12 +239,6 @@ SRCS+= cms_pwri.c SRCS+= cms_sd.c SRCS+= cms_smime.c -# comp/ -SRCS+= c_rle.c -SRCS+= c_zlib.c -SRCS+= comp_err.c -SRCS+= comp_lib.c - # conf/ SRCS+= conf_api.c SRCS+= conf_def.c @@ -324,13 +308,6 @@ SRCS+= dsa_ossl.c SRCS+= dsa_pmeth.c SRCS+= dsa_prn.c -# dso/ -SRCS+= dso_dlfcn.c -SRCS+= dso_err.c -SRCS+= dso_lib.c -SRCS+= dso_null.c -SRCS+= dso_openssl.c - # ec/ SRCS+= ec_ameth.c SRCS+= ec_asn1.c @@ -353,40 +330,12 @@ SRCS+= ecx_methods.c # ecdh/ SRCS+= ecdh.c -SRCS+= ech_err.c -SRCS+= ech_lib.c # ecdsa/ -SRCS+= ecs_err.c -SRCS+= ecs_lib.c SRCS+= ecdsa.c # engine/ SRCS+= engine_stubs.c -SRCS+= eng_all.c -SRCS+= eng_cnf.c -SRCS+= eng_ctrl.c -SRCS+= eng_dyn.c -SRCS+= eng_err.c -SRCS+= eng_fat.c -SRCS+= eng_init.c -SRCS+= eng_lib.c -SRCS+= eng_list.c -SRCS+= eng_openssl.c -SRCS+= eng_pkey.c -SRCS+= eng_table.c -SRCS+= tb_asnmth.c -SRCS+= tb_cipher.c -SRCS+= tb_dh.c -SRCS+= tb_digest.c -SRCS+= tb_dsa.c -SRCS+= tb_ecdh.c -SRCS+= tb_ecdsa.c -SRCS+= tb_eckey.c -SRCS+= tb_pkmeth.c -SRCS+= tb_rand.c -SRCS+= tb_rsa.c -SRCS+= tb_store.c # err/ SRCS+= err.c @@ -492,12 +441,10 @@ SRCS+= lh_stats.c SRCS+= lhash.c # md4/ -SRCS+= md4_dgst.c -SRCS+= md4_one.c +SRCS+= md4.c # md5/ -SRCS+= md5_dgst.c -SRCS+= md5_one.c +SRCS+= md5.c # modes/ SRCS+= cbc128.c @@ -582,8 +529,7 @@ SRCS+= rc2cfb64.c SRCS+= rc2ofb64.c # ripemd/ -SRCS+= rmd_dgst.c -SRCS+= rmd_one.c +SRCS+= ripemd.c # rsa/ SRCS+= rsa_ameth.c @@ -725,7 +671,6 @@ SRCS+= x_all.c ${LCRYPTO_SRC}/des \ ${LCRYPTO_SRC}/dh \ ${LCRYPTO_SRC}/dsa \ - ${LCRYPTO_SRC}/dso \ ${LCRYPTO_SRC}/ec \ ${LCRYPTO_SRC}/ecdh \ ${LCRYPTO_SRC}/ecdsa \ @@ -786,7 +731,6 @@ HDRS=\ ${LCRYPTO_SRC}/des/des.h \ ${LCRYPTO_SRC}/dh/dh.h \ ${LCRYPTO_SRC}/dsa/dsa.h \ - ${LCRYPTO_SRC}/dso/dso.h \ ${LCRYPTO_SRC}/ec/ec.h \ ${LCRYPTO_SRC}/ecdh/ecdh.h \ ${LCRYPTO_SRC}/ecdsa/ecdsa.h \ diff --git a/lib/libcrypto/Symbols.list b/lib/libcrypto/Symbols.list index 626cd78b3..da0c9c50f 100644 --- a/lib/libcrypto/Symbols.list +++ b/lib/libcrypto/Symbols.list @@ -11,7 +11,6 @@ AES_ecb_encrypt AES_encrypt AES_ige_encrypt AES_ofb128_encrypt -AES_options AES_set_decrypt_key AES_set_encrypt_key AES_unwrap_key @@ -26,15 +25,11 @@ ASIdentifiers_free ASIdentifiers_it ASIdentifiers_new ASN1_ANY_it -ASN1_BIT_STRING_check ASN1_BIT_STRING_free ASN1_BIT_STRING_get_bit ASN1_BIT_STRING_it -ASN1_BIT_STRING_name_print ASN1_BIT_STRING_new -ASN1_BIT_STRING_num_asc ASN1_BIT_STRING_set -ASN1_BIT_STRING_set_asc ASN1_BIT_STRING_set_bit ASN1_BMPSTRING_free ASN1_BMPSTRING_it @@ -181,8 +176,6 @@ ASN1_VISIBLESTRING_free ASN1_VISIBLESTRING_it ASN1_VISIBLESTRING_new ASN1_add_oid_module -ASN1_bn_print -ASN1_buf_print ASN1_d2i_bio ASN1_d2i_fp ASN1_dup @@ -216,16 +209,10 @@ ASN1_mbstring_ncopy ASN1_object_size ASN1_parse ASN1_parse_dump -ASN1_primitive_free -ASN1_primitive_new ASN1_put_eoc ASN1_put_object ASN1_tag2bit ASN1_tag2str -ASN1_template_d2i -ASN1_template_free -ASN1_template_i2d -ASN1_template_new ASN1_time_parse ASN1_time_tm_clamp_notafter ASN1_time_tm_cmp @@ -247,16 +234,11 @@ BF_decrypt BF_ecb_encrypt BF_encrypt BF_ofb64_encrypt -BF_options BF_set_key BIGNUM_it BIO_CONNECT_free BIO_CONNECT_new BIO_accept -BIO_asn1_get_prefix -BIO_asn1_get_suffix -BIO_asn1_set_prefix -BIO_asn1_set_suffix BIO_callback_ctrl BIO_clear_flags BIO_copy_next_retry @@ -275,7 +257,6 @@ BIO_dump_indent BIO_dump_indent_cb BIO_dump_indent_fp BIO_dup_chain -BIO_f_asn1 BIO_f_base64 BIO_f_buffer BIO_f_cipher @@ -338,12 +319,8 @@ BIO_new_fp BIO_new_mem_buf BIO_new_socket BIO_next -BIO_nread -BIO_nread0 BIO_number_read BIO_number_written -BIO_nwrite -BIO_nwrite0 BIO_pop BIO_printf BIO_ptr_ctrl @@ -387,17 +364,6 @@ BIO_vfree BIO_vprintf BIO_vsnprintf BIO_write -BN_BLINDING_convert -BN_BLINDING_convert_ex -BN_BLINDING_create_param -BN_BLINDING_free -BN_BLINDING_get_flags -BN_BLINDING_invert -BN_BLINDING_invert_ex -BN_BLINDING_new -BN_BLINDING_set_flags -BN_BLINDING_thread_id -BN_BLINDING_update BN_CTX_end BN_CTX_free BN_CTX_get @@ -492,7 +458,6 @@ BN_nnmod BN_num_bits BN_num_bits_word BN_one -BN_options BN_print BN_print_fp BN_pseudo_rand @@ -523,12 +488,6 @@ BUF_MEM_free BUF_MEM_grow BUF_MEM_grow_clean BUF_MEM_new -BUF_memdup -BUF_reverse -BUF_strdup -BUF_strlcat -BUF_strlcpy -BUF_strndup CAST_cbc_encrypt CAST_cfb64_encrypt CAST_decrypt @@ -591,6 +550,7 @@ CMS_SignerInfo_get0_md_ctx CMS_SignerInfo_get0_pkey_ctx CMS_SignerInfo_get0_signature CMS_SignerInfo_get0_signer_id +CMS_SignerInfo_get_version CMS_SignerInfo_set1_signer_cert CMS_SignerInfo_sign CMS_SignerInfo_verify @@ -631,6 +591,7 @@ CMS_get0_type CMS_get1_ReceiptRequest CMS_get1_certs CMS_get1_crls +CMS_get_version CMS_is_detached CMS_set1_eContentType CMS_set1_signers_certs @@ -661,13 +622,6 @@ CMS_unsigned_get_attr_by_OBJ CMS_unsigned_get_attr_count CMS_verify CMS_verify_receipt -COMP_CTX_free -COMP_CTX_new -COMP_compress_block -COMP_expand_block -COMP_rle -COMP_zlib -COMP_zlib_cleanup CONF_dump_bio CONF_dump_fp CONF_free @@ -732,7 +686,6 @@ CRYPTO_dbg_realloc CRYPTO_dbg_set_options CRYPTO_destroy_dynlockid CRYPTO_dup_ex_data -CRYPTO_ex_data_new_class CRYPTO_free CRYPTO_free_ex_data CRYPTO_free_locked @@ -753,7 +706,6 @@ CRYPTO_get_dynlock_destroy_callback CRYPTO_get_dynlock_lock_callback CRYPTO_get_dynlock_value CRYPTO_get_ex_data -CRYPTO_get_ex_data_implementation CRYPTO_get_ex_new_index CRYPTO_get_id_callback CRYPTO_get_lock_name @@ -793,7 +745,6 @@ CRYPTO_set_dynlock_create_callback CRYPTO_set_dynlock_destroy_callback CRYPTO_set_dynlock_lock_callback CRYPTO_set_ex_data -CRYPTO_set_ex_data_implementation CRYPTO_set_id_callback CRYPTO_set_locked_mem_ex_functions CRYPTO_set_locked_mem_functions @@ -866,7 +817,6 @@ DES_key_sched DES_ncbc_encrypt DES_ofb64_encrypt DES_ofb_encrypt -DES_options DES_pcbc_encrypt DES_quad_cksum DES_random_key @@ -986,40 +936,8 @@ DSAparams_dup DSAparams_it DSAparams_print DSAparams_print_fp -DSO_METHOD_dlfcn -DSO_METHOD_null -DSO_METHOD_openssl -DSO_bind_func -DSO_bind_var -DSO_convert_filename -DSO_ctrl -DSO_flags -DSO_free -DSO_get_default_method -DSO_get_filename -DSO_get_loaded_filename -DSO_get_method -DSO_global_lookup -DSO_load -DSO_merge -DSO_new -DSO_new_method -DSO_pathbyaddr -DSO_set_default_method -DSO_set_filename -DSO_set_method -DSO_set_name_converter -DSO_up_ref -ECDH_OpenSSL ECDH_compute_key -ECDH_get_default_method -ECDH_get_ex_data -ECDH_get_ex_new_index -ECDH_set_default_method -ECDH_set_ex_data -ECDH_set_method ECDH_size -ECDSA_OpenSSL ECDSA_SIG_free ECDSA_SIG_get0 ECDSA_SIG_get0_r @@ -1028,17 +946,8 @@ ECDSA_SIG_it ECDSA_SIG_new ECDSA_SIG_set0 ECDSA_do_sign -ECDSA_do_sign_ex ECDSA_do_verify -ECDSA_get_default_method -ECDSA_get_ex_data -ECDSA_get_ex_new_index -ECDSA_set_default_method -ECDSA_set_ex_data -ECDSA_set_method ECDSA_sign -ECDSA_sign_ex -ECDSA_sign_setup ECDSA_size ECDSA_verify ECPARAMETERS_free @@ -1177,150 +1086,25 @@ ED25519_verify EDIPARTYNAME_free EDIPARTYNAME_it EDIPARTYNAME_new -ENGINE_add -ENGINE_add_conf_module ENGINE_by_id ENGINE_cleanup -ENGINE_cmd_is_executable -ENGINE_ctrl ENGINE_ctrl_cmd ENGINE_ctrl_cmd_string ENGINE_finish ENGINE_free -ENGINE_get_DH -ENGINE_get_DSA -ENGINE_get_EC -ENGINE_get_ECDH -ENGINE_get_ECDSA -ENGINE_get_RAND -ENGINE_get_RSA -ENGINE_get_STORE -ENGINE_get_cipher -ENGINE_get_cipher_engine -ENGINE_get_ciphers -ENGINE_get_cmd_defns -ENGINE_get_ctrl_function -ENGINE_get_default_DH -ENGINE_get_default_DSA -ENGINE_get_default_EC -ENGINE_get_default_ECDH -ENGINE_get_default_ECDSA -ENGINE_get_default_RAND ENGINE_get_default_RSA -ENGINE_get_destroy_function -ENGINE_get_digest -ENGINE_get_digest_engine -ENGINE_get_digests -ENGINE_get_ex_data -ENGINE_get_ex_new_index -ENGINE_get_finish_function -ENGINE_get_first -ENGINE_get_flags ENGINE_get_id -ENGINE_get_init_function -ENGINE_get_last -ENGINE_get_load_privkey_function -ENGINE_get_load_pubkey_function ENGINE_get_name -ENGINE_get_next -ENGINE_get_pkey_asn1_meth -ENGINE_get_pkey_asn1_meth_engine -ENGINE_get_pkey_asn1_meth_str -ENGINE_get_pkey_asn1_meths -ENGINE_get_pkey_meth -ENGINE_get_pkey_meth_engine -ENGINE_get_pkey_meths -ENGINE_get_prev -ENGINE_get_ssl_client_cert_function -ENGINE_get_static_state -ENGINE_get_table_flags ENGINE_init ENGINE_load_builtin_engines ENGINE_load_dynamic ENGINE_load_openssl ENGINE_load_private_key ENGINE_load_public_key -ENGINE_load_ssl_client_cert ENGINE_new -ENGINE_pkey_asn1_find_str -ENGINE_register_DH -ENGINE_register_DSA -ENGINE_register_EC -ENGINE_register_ECDH -ENGINE_register_ECDSA -ENGINE_register_RAND -ENGINE_register_RSA -ENGINE_register_STORE -ENGINE_register_all_DH -ENGINE_register_all_DSA -ENGINE_register_all_EC -ENGINE_register_all_ECDH -ENGINE_register_all_ECDSA -ENGINE_register_all_RAND -ENGINE_register_all_RSA -ENGINE_register_all_STORE -ENGINE_register_all_ciphers ENGINE_register_all_complete -ENGINE_register_all_digests -ENGINE_register_all_pkey_asn1_meths -ENGINE_register_all_pkey_meths -ENGINE_register_ciphers -ENGINE_register_complete -ENGINE_register_digests -ENGINE_register_pkey_asn1_meths -ENGINE_register_pkey_meths -ENGINE_remove -ENGINE_set_DH -ENGINE_set_DSA -ENGINE_set_EC -ENGINE_set_ECDH -ENGINE_set_ECDSA -ENGINE_set_RAND -ENGINE_set_RSA -ENGINE_set_STORE -ENGINE_set_ciphers -ENGINE_set_cmd_defns -ENGINE_set_ctrl_function ENGINE_set_default -ENGINE_set_default_DH -ENGINE_set_default_DSA -ENGINE_set_default_EC -ENGINE_set_default_ECDH -ENGINE_set_default_ECDSA -ENGINE_set_default_RAND ENGINE_set_default_RSA -ENGINE_set_default_ciphers -ENGINE_set_default_digests -ENGINE_set_default_pkey_asn1_meths -ENGINE_set_default_pkey_meths -ENGINE_set_default_string -ENGINE_set_destroy_function -ENGINE_set_digests -ENGINE_set_ex_data -ENGINE_set_finish_function -ENGINE_set_flags -ENGINE_set_id -ENGINE_set_init_function -ENGINE_set_load_privkey_function -ENGINE_set_load_pubkey_function -ENGINE_set_load_ssl_client_cert_function -ENGINE_set_name -ENGINE_set_pkey_asn1_meths -ENGINE_set_pkey_meths -ENGINE_set_table_flags -ENGINE_unregister_DH -ENGINE_unregister_DSA -ENGINE_unregister_EC -ENGINE_unregister_ECDH -ENGINE_unregister_ECDSA -ENGINE_unregister_RAND -ENGINE_unregister_RSA -ENGINE_unregister_STORE -ENGINE_unregister_ciphers -ENGINE_unregister_digests -ENGINE_unregister_pkey_asn1_meths -ENGINE_unregister_pkey_meths -ENGINE_up_ref ERR_add_error_data ERR_add_error_vdata ERR_asprintf_error_data @@ -1329,30 +1113,22 @@ ERR_error_string ERR_error_string_n ERR_free_strings ERR_func_error_string -ERR_get_err_state_table ERR_get_error ERR_get_error_line ERR_get_error_line_data -ERR_get_implementation ERR_get_next_error_library ERR_get_state -ERR_get_string_table ERR_lib_error_string ERR_load_ASN1_strings ERR_load_BIO_strings ERR_load_BN_strings ERR_load_BUF_strings ERR_load_CMS_strings -ERR_load_COMP_strings ERR_load_CONF_strings ERR_load_CRYPTO_strings ERR_load_DH_strings ERR_load_DSA_strings -ERR_load_DSO_strings -ERR_load_ECDH_strings -ERR_load_ECDSA_strings ERR_load_EC_strings -ERR_load_ENGINE_strings ERR_load_ERR_strings ERR_load_EVP_strings ERR_load_GOST_strings @@ -1381,11 +1157,9 @@ ERR_print_errors_cb ERR_print_errors_fp ERR_put_error ERR_reason_error_string -ERR_release_err_state_table ERR_remove_state ERR_remove_thread_state ERR_set_error_data -ERR_set_implementation ERR_set_mark ERR_unload_strings ESS_CERT_ID_dup @@ -1954,7 +1728,6 @@ OBJ_NAME_init OBJ_NAME_new_index OBJ_NAME_remove OBJ_add_object -OBJ_add_sigid OBJ_bsearch_ OBJ_cleanup OBJ_cmp @@ -1972,7 +1745,6 @@ OBJ_nid2obj OBJ_nid2sn OBJ_obj2nid OBJ_obj2txt -OBJ_sigid_free OBJ_sn2nid OBJ_txt2nid OBJ_txt2obj @@ -2453,7 +2225,6 @@ RAND_load_file RAND_poll RAND_pseudo_bytes RAND_seed -RAND_set_rand_engine RAND_set_rand_method RAND_status RAND_write_file @@ -2465,7 +2236,6 @@ RC2_encrypt RC2_ofb64_encrypt RC2_set_key RC4 -RC4_options RC4_set_key RIPEMD160 RIPEMD160_Final @@ -2569,7 +2339,6 @@ RSA_set_default_method RSA_set_ex_data RSA_set_flags RSA_set_method -RSA_setup_blinding RSA_sign RSA_sign_ASN1_OCTET_STRING RSA_size @@ -2672,9 +2441,7 @@ TS_CONF_load_key TS_CONF_set_accuracy TS_CONF_set_certs TS_CONF_set_clock_precision_digits -TS_CONF_set_crypto_device TS_CONF_set_def_policy -TS_CONF_set_default_engine TS_CONF_set_digests TS_CONF_set_ess_cert_id_chain TS_CONF_set_ordering @@ -3641,14 +3408,6 @@ d2i_X509_SIG d2i_X509_VAL d2i_X509_bio d2i_X509_fp -get_rfc2409_prime_1024 -get_rfc2409_prime_768 -get_rfc3526_prime_1536 -get_rfc3526_prime_2048 -get_rfc3526_prime_3072 -get_rfc3526_prime_4096 -get_rfc3526_prime_6144 -get_rfc3526_prime_8192 hex_to_string i2a_ACCESS_DESCRIPTION i2a_ASN1_ENUMERATED @@ -3870,7 +3629,6 @@ idea_cfb64_encrypt idea_ecb_encrypt idea_encrypt idea_ofb64_encrypt -idea_options idea_set_decrypt_key idea_set_encrypt_key lh_delete diff --git a/lib/libcrypto/Symbols.namespace b/lib/libcrypto/Symbols.namespace index 60d6195fa..08f070e79 100644 --- a/lib/libcrypto/Symbols.namespace +++ b/lib/libcrypto/Symbols.namespace @@ -931,10 +931,6 @@ _libre_i2d_ASN1_BIT_STRING _libre_ASN1_BIT_STRING_set _libre_ASN1_BIT_STRING_set_bit _libre_ASN1_BIT_STRING_get_bit -_libre_ASN1_BIT_STRING_check -_libre_ASN1_BIT_STRING_name_print -_libre_ASN1_BIT_STRING_num_asc -_libre_ASN1_BIT_STRING_set_asc _libre_ASN1_INTEGER_new _libre_ASN1_INTEGER_free _libre_d2i_ASN1_INTEGER @@ -1078,8 +1074,6 @@ _libre_ASN1_GENERALIZEDTIME_print _libre_ASN1_TIME_print _libre_ASN1_STRING_print _libre_ASN1_STRING_print_ex -_libre_ASN1_bn_print -_libre_ASN1_buf_print _libre_ASN1_parse _libre_ASN1_parse_dump _libre_ASN1_tag2bit @@ -1120,7 +1114,6 @@ _libre_ASN1_PCTX_get_oid_flags _libre_ASN1_PCTX_set_oid_flags _libre_ASN1_PCTX_get_str_flags _libre_ASN1_PCTX_set_str_flags -_libre_BIO_f_asn1 _libre_SMIME_crlf_copy _libre_SMIME_text _libre_ERR_load_ASN1_strings @@ -1164,10 +1157,6 @@ _libre_BIO_set_ex_data _libre_BIO_get_ex_data _libre_BIO_number_read _libre_BIO_number_written -_libre_BIO_asn1_set_prefix -_libre_BIO_asn1_get_prefix -_libre_BIO_asn1_set_suffix -_libre_BIO_asn1_get_suffix _libre_BIO_get_new_index _libre_BIO_s_file _libre_BIO_new_file @@ -1202,10 +1191,6 @@ _libre_BIO_get_retry_BIO _libre_BIO_get_retry_reason _libre_BIO_set_retry_reason _libre_BIO_dup_chain -_libre_BIO_nread0 -_libre_BIO_nread -_libre_BIO_nwrite0 -_libre_BIO_nwrite _libre_BIO_debug_callback _libre_BIO_s_mem _libre_BIO_new_mem_buf @@ -1253,14 +1238,8 @@ _libre_BIO_vsnprintf _libre_ERR_load_BIO_strings _libre_ASN1_item_ex_new _libre_ASN1_item_ex_free -_libre_ASN1_template_new -_libre_ASN1_primitive_new -_libre_ASN1_template_free -_libre_ASN1_template_d2i _libre_ASN1_item_ex_d2i _libre_ASN1_item_ex_i2d -_libre_ASN1_template_i2d -_libre_ASN1_primitive_free _libre_EC_GFp_simple_method _libre_EC_GFp_mont_method _libre_EC_GROUP_new @@ -1407,17 +1386,11 @@ _libre_ERR_free_strings _libre_ERR_remove_thread_state _libre_ERR_remove_state _libre_ERR_get_state -_libre_ERR_get_string_table -_libre_ERR_get_err_state_table -_libre_ERR_release_err_state_table _libre_ERR_get_next_error_library _libre_ERR_set_mark _libre_ERR_pop_to_mark -_libre_ERR_get_implementation -_libre_ERR_set_implementation _libre_RAND_set_rand_method _libre_RAND_get_rand_method -_libre_RAND_set_rand_engine _libre_RAND_SSLeay _libre_ERR_load_RAND_strings _libre_ECDSA_SIG_new @@ -1429,25 +1402,14 @@ _libre_ECDSA_SIG_get0_r _libre_ECDSA_SIG_get0_s _libre_ECDSA_SIG_set0 _libre_ECDSA_do_sign -_libre_ECDSA_do_sign_ex _libre_ECDSA_do_verify -_libre_ECDSA_OpenSSL -_libre_ECDSA_set_default_method -_libre_ECDSA_get_default_method -_libre_ECDSA_set_method _libre_ECDSA_size -_libre_ECDSA_sign_setup _libre_ECDSA_sign -_libre_ECDSA_sign_ex _libre_ECDSA_verify -_libre_ECDSA_get_ex_new_index -_libre_ECDSA_set_ex_data -_libre_ECDSA_get_ex_data _libre_EC_KEY_METHOD_set_sign _libre_EC_KEY_METHOD_set_verify _libre_EC_KEY_METHOD_get_sign _libre_EC_KEY_METHOD_get_verify -_libre_ERR_load_ECDSA_strings _libre_HKDF _libre_HKDF_extract _libre_HKDF_expand @@ -1627,8 +1589,6 @@ _libre_TS_CONF_load_certs _libre_TS_CONF_load_key _libre_TS_CONF_get_tsa_section _libre_TS_CONF_set_serial -_libre_TS_CONF_set_crypto_device -_libre_TS_CONF_set_default_engine _libre_TS_CONF_set_signer_cert _libre_TS_CONF_set_certs _libre_TS_CONF_set_signer_key @@ -1647,16 +1607,8 @@ _libre_SM4_encrypt _libre_CRYPTO_poly1305_init _libre_CRYPTO_poly1305_update _libre_CRYPTO_poly1305_finish -_libre_ECDH_OpenSSL -_libre_ECDH_set_default_method -_libre_ECDH_get_default_method -_libre_ECDH_set_method _libre_ECDH_size _libre_ECDH_compute_key -_libre_ECDH_get_ex_new_index -_libre_ECDH_set_ex_data -_libre_ECDH_get_ex_data -_libre_ERR_load_ECDH_strings _libre_PEM_get_EVP_CIPHER_INFO _libre_PEM_do_header _libre_PEM_read_bio @@ -1795,31 +1747,6 @@ _libre_lh_node_usage_stats_bio _libre_SM3_Init _libre_SM3_Update _libre_SM3_Final -_libre_DSO_new -_libre_DSO_new_method -_libre_DSO_free -_libre_DSO_flags -_libre_DSO_up_ref -_libre_DSO_ctrl -_libre_DSO_set_name_converter -_libre_DSO_get_filename -_libre_DSO_set_filename -_libre_DSO_convert_filename -_libre_DSO_merge -_libre_DSO_get_loaded_filename -_libre_DSO_set_default_method -_libre_DSO_get_default_method -_libre_DSO_get_method -_libre_DSO_set_method -_libre_DSO_load -_libre_DSO_bind_var -_libre_DSO_bind_func -_libre_DSO_METHOD_openssl -_libre_DSO_METHOD_null -_libre_DSO_METHOD_dlfcn -_libre_DSO_pathbyaddr -_libre_DSO_global_lookup -_libre_ERR_load_DSO_strings _libre_CT_POLICY_EVAL_CTX_new _libre_CT_POLICY_EVAL_CTX_free _libre_CT_POLICY_EVAL_CTX_get0_cert @@ -1883,14 +1810,6 @@ _libre__CONF_add_string _libre__CONF_get_string _libre__CONF_new_data _libre__CONF_free_data -_libre_COMP_CTX_new -_libre_COMP_CTX_free -_libre_COMP_compress_block -_libre_COMP_expand_block -_libre_COMP_rle -_libre_COMP_zlib -_libre_COMP_zlib_cleanup -_libre_ERR_load_COMP_strings _libre_CMS_ContentInfo_new _libre_CMS_ContentInfo_free _libre_d2i_CMS_ContentInfo @@ -1901,6 +1820,8 @@ _libre_d2i_CMS_ReceiptRequest _libre_i2d_CMS_ReceiptRequest _libre_CMS_ContentInfo_print_ctx _libre_CMS_get0_type +_libre_CMS_get_version +_libre_CMS_SignerInfo_get_version _libre_CMS_dataInit _libre_CMS_dataFinal _libre_CMS_is_detached @@ -2017,9 +1938,6 @@ _libre_OpenSSL_version _libre_OpenSSL_version_num _libre_SSLeay_version _libre_SSLeay -_libre_CRYPTO_get_ex_data_implementation -_libre_CRYPTO_set_ex_data_implementation -_libre_CRYPTO_ex_data_new_class _libre_CRYPTO_get_ex_new_index _libre_CRYPTO_new_ex_data _libre_CRYPTO_dup_ex_data @@ -2070,7 +1988,6 @@ _libre_CAST_decrypt _libre_CAST_cbc_encrypt _libre_CAST_cfb64_encrypt _libre_CAST_ofb64_encrypt -_libre_idea_options _libre_idea_ecb_encrypt _libre_idea_set_encrypt_key _libre_idea_set_decrypt_key @@ -2272,7 +2189,6 @@ _libre_BN_is_odd _libre_BN_zero _libre_BN_one _libre_BN_value_one -_libre_BN_options _libre_BN_CTX_new _libre_BN_CTX_free _libre_BN_CTX_start @@ -2361,27 +2277,8 @@ _libre_BN_MONT_CTX_free _libre_BN_MONT_CTX_set _libre_BN_MONT_CTX_copy _libre_BN_MONT_CTX_set_locked -_libre_BN_BLINDING_new -_libre_BN_BLINDING_free -_libre_BN_BLINDING_update -_libre_BN_BLINDING_convert -_libre_BN_BLINDING_invert -_libre_BN_BLINDING_convert_ex -_libre_BN_BLINDING_invert_ex -_libre_BN_BLINDING_thread_id -_libre_BN_BLINDING_get_flags -_libre_BN_BLINDING_set_flags -_libre_BN_BLINDING_create_param -_libre_get_rfc2409_prime_768 -_libre_get_rfc2409_prime_1024 _libre_BN_get_rfc2409_prime_768 _libre_BN_get_rfc2409_prime_1024 -_libre_get_rfc3526_prime_1536 -_libre_get_rfc3526_prime_2048 -_libre_get_rfc3526_prime_3072 -_libre_get_rfc3526_prime_4096 -_libre_get_rfc3526_prime_6144 -_libre_get_rfc3526_prime_8192 _libre_BN_get_rfc3526_prime_1536 _libre_BN_get_rfc3526_prime_2048 _libre_BN_get_rfc3526_prime_3072 @@ -2453,7 +2350,6 @@ _libre_RSA_sign_ASN1_OCTET_STRING _libre_RSA_verify_ASN1_OCTET_STRING _libre_RSA_blinding_on _libre_RSA_blinding_off -_libre_RSA_setup_blinding _libre_RSA_padding_add_PKCS1_type_1 _libre_RSA_padding_check_PKCS1_type_1 _libre_RSA_padding_add_PKCS1_type_2 @@ -2554,8 +2450,6 @@ _libre_OBJ_length _libre_OBJ_get0_data _libre_OBJ_find_sigid_algs _libre_OBJ_find_sigid_by_algs -_libre_OBJ_add_sigid -_libre_OBJ_sigid_free _libre_ERR_load_OBJ_strings _libre_CMAC_CTX_new _libre_CMAC_CTX_cleanup diff --git a/lib/libcrypto/aes/aes_misc.c b/lib/libcrypto/aes/aes_misc.c deleted file mode 100644 index 67c2c948c..000000000 --- a/lib/libcrypto/aes/aes_misc.c +++ /dev/null @@ -1,65 +0,0 @@ -/* $OpenBSD: aes_misc.c,v 1.11 2022/11/26 16:08:50 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - */ - -#include -#include -#include -#include "aes_local.h" - -const char * -AES_options(void) -{ -#ifdef FULL_UNROLL - return "aes(full)"; -#else - return "aes(partial)"; -#endif -} diff --git a/lib/libcrypto/asn1/a_bitstr.c b/lib/libcrypto/asn1/a_bitstr.c index 8076723de..7ea3e12b9 100644 --- a/lib/libcrypto/asn1/a_bitstr.c +++ b/lib/libcrypto/asn1/a_bitstr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: a_bitstr.c,v 1.39 2023/07/05 21:23:36 beck Exp $ */ +/* $OpenBSD: a_bitstr.c,v 1.41 2023/07/28 10:33:13 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -162,85 +162,6 @@ ASN1_BIT_STRING_get_bit(const ASN1_BIT_STRING *a, int n) } LCRYPTO_ALIAS(ASN1_BIT_STRING_get_bit); -/* - * Checks if the given bit string contains only bits specified by - * the flags vector. Returns 0 if there is at least one bit set in 'a' - * which is not specified in 'flags', 1 otherwise. - * 'len' is the length of 'flags'. - */ -int -ASN1_BIT_STRING_check(const ASN1_BIT_STRING *a, const unsigned char *flags, - int flags_len) -{ - int i, ok; - - /* Check if there is one bit set at all. */ - if (!a || !a->data) - return 1; - - /* Check each byte of the internal representation of the bit string. */ - ok = 1; - for (i = 0; i < a->length && ok; ++i) { - unsigned char mask = i < flags_len ? ~flags[i] : 0xff; - /* We are done if there is an unneeded bit set. */ - ok = (a->data[i] & mask) == 0; - } - return ok; -} -LCRYPTO_ALIAS(ASN1_BIT_STRING_check); - -int -ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs, - BIT_STRING_BITNAME *tbl, int indent) -{ - BIT_STRING_BITNAME *bnam; - char first = 1; - - BIO_printf(out, "%*s", indent, ""); - for (bnam = tbl; bnam->lname; bnam++) { - if (ASN1_BIT_STRING_get_bit(bs, bnam->bitnum)) { - if (!first) - BIO_puts(out, ", "); - BIO_puts(out, bnam->lname); - first = 0; - } - } - BIO_puts(out, "\n"); - return 1; -} -LCRYPTO_ALIAS(ASN1_BIT_STRING_name_print); - -int -ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, const char *name, int value, - BIT_STRING_BITNAME *tbl) -{ - int bitnum; - - bitnum = ASN1_BIT_STRING_num_asc(name, tbl); - if (bitnum < 0) - return 0; - if (bs) { - if (!ASN1_BIT_STRING_set_bit(bs, bitnum, value)) - return 0; - } - return 1; -} -LCRYPTO_ALIAS(ASN1_BIT_STRING_set_asc); - -int -ASN1_BIT_STRING_num_asc(const char *name, BIT_STRING_BITNAME *tbl) -{ - BIT_STRING_BITNAME *bnam; - - for (bnam = tbl; bnam->lname; bnam++) { - if (!strcmp(bnam->sname, name) || - !strcmp(bnam->lname, name)) - return bnam->bitnum; - } - return -1; -} -LCRYPTO_ALIAS(ASN1_BIT_STRING_num_asc); - int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp) { diff --git a/lib/libcrypto/asn1/a_type.c b/lib/libcrypto/asn1/a_type.c index e1506cdcb..ef0a76e81 100644 --- a/lib/libcrypto/asn1/a_type.c +++ b/lib/libcrypto/asn1/a_type.c @@ -1,4 +1,4 @@ -/* $OpenBSD: a_type.c,v 1.26 2023/07/05 21:23:36 beck Exp $ */ +/* $OpenBSD: a_type.c,v 1.27 2023/07/28 10:00:10 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -62,6 +62,8 @@ #include #include +#include "asn1_local.h" + typedef struct { ASN1_INTEGER *num; ASN1_OCTET_STRING *value; diff --git a/lib/libcrypto/asn1/asn1.h b/lib/libcrypto/asn1/asn1.h index 5be4668be..5eeee3317 100644 --- a/lib/libcrypto/asn1/asn1.h +++ b/lib/libcrypto/asn1/asn1.h @@ -1,4 +1,4 @@ -/* $OpenBSD: asn1.h,v 1.76 2023/04/25 19:08:30 tb Exp $ */ +/* $OpenBSD: asn1.h,v 1.80 2023/07/28 10:33:13 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -576,16 +576,6 @@ extern const ASN1_ITEM ASN1_BIT_STRING_it; int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, int length); int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value); int ASN1_BIT_STRING_get_bit(const ASN1_BIT_STRING *a, int n); -int ASN1_BIT_STRING_check(const ASN1_BIT_STRING *a, - const unsigned char *flags, int flags_len); - -#ifndef OPENSSL_NO_BIO -int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs, - BIT_STRING_BITNAME *tbl, int indent); -#endif -int ASN1_BIT_STRING_num_asc(const char *name, BIT_STRING_BITNAME *tbl); -int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, const char *name, int value, - BIT_STRING_BITNAME *tbl); ASN1_INTEGER *ASN1_INTEGER_new(void); void ASN1_INTEGER_free(ASN1_INTEGER *a); @@ -834,9 +824,6 @@ int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a); int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a); int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v); int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str, unsigned long flags); -int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num, - unsigned char *buf, int off); -int ASN1_buf_print(BIO *bp, const unsigned char *buf, size_t buflen, int indent); int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent); int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent, int dump); #endif @@ -922,8 +909,6 @@ void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags); unsigned long ASN1_PCTX_get_str_flags(const ASN1_PCTX *p); void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags); -const BIO_METHOD *BIO_f_asn1(void); - int SMIME_crlf_copy(BIO *in, BIO *out, int flags); int SMIME_text(BIO *in, BIO *out); diff --git a/lib/libcrypto/asn1/asn1_local.h b/lib/libcrypto/asn1/asn1_local.h index 52b8a46ae..566ace798 100644 --- a/lib/libcrypto/asn1/asn1_local.h +++ b/lib/libcrypto/asn1/asn1_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: asn1_local.h,v 1.2 2023/04/25 19:08:30 tb Exp $ */ +/* $OpenBSD: asn1_local.h,v 1.4 2023/07/28 10:00:10 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -250,6 +250,8 @@ int asn1_time_tm_to_time_t(const struct tm *tm, time_t *out); int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); +const BIO_METHOD *BIO_f_asn1(void); + BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it); int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags, @@ -261,4 +263,10 @@ int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, const ASN1_ITEM *it); ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it); +int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it); +void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it); + +int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); +void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); + __END_HIDDEN_DECLS diff --git a/lib/libcrypto/asn1/asn1t.h b/lib/libcrypto/asn1/asn1t.h index bb49be286..4d79f82ec 100644 --- a/lib/libcrypto/asn1/asn1t.h +++ b/lib/libcrypto/asn1/asn1t.h @@ -1,4 +1,4 @@ -/* $OpenBSD: asn1t.h,v 1.22 2022/09/03 16:01:23 jsing Exp $ */ +/* $OpenBSD: asn1t.h,v 1.23 2023/07/28 10:00:10 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -896,17 +896,10 @@ DECLARE_STACK_OF(ASN1_VALUE) int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it); void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it); -int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); -int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it); - -void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); -int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_TEMPLATE *tt); int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); -int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt); -void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it); #ifdef __cplusplus } diff --git a/lib/libcrypto/asn1/bio_asn1.c b/lib/libcrypto/asn1/bio_asn1.c index e544bf9c9..b9f54cd4e 100644 --- a/lib/libcrypto/asn1/bio_asn1.c +++ b/lib/libcrypto/asn1/bio_asn1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bio_asn1.c,v 1.22 2023/07/05 21:23:36 beck Exp $ */ +/* $OpenBSD: bio_asn1.c,v 1.23 2023/07/28 09:58:30 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -69,6 +69,9 @@ #include "bio_local.h" +#define BIO_C_SET_PREFIX 149 +#define BIO_C_SET_SUFFIX 151 + /* Must be large enough for biggest tag+length */ #define DEFAULT_ASN1_BUF_SIZE 20 @@ -144,7 +147,6 @@ BIO_f_asn1(void) { return (&methods_asn1); } -LCRYPTO_ALIAS(BIO_f_asn1); static int asn1_bio_new(BIO *b) @@ -376,24 +378,12 @@ asn1_bio_ctrl(BIO *b, int cmd, long arg1, void *arg2) ctx->prefix_free = ex_func->ex_free_func; break; - case BIO_C_GET_PREFIX: - ex_func = arg2; - ex_func->ex_func = ctx->prefix; - ex_func->ex_free_func = ctx->prefix_free; - break; - case BIO_C_SET_SUFFIX: ex_func = arg2; ctx->suffix = ex_func->ex_func; ctx->suffix_free = ex_func->ex_free_func; break; - case BIO_C_GET_SUFFIX: - ex_func = arg2; - ex_func->ex_func = ctx->suffix; - ex_func->ex_free_func = ctx->suffix_free; - break; - case BIO_C_SET_EX_ARG: ctx->ex_arg = arg2; break; @@ -450,46 +440,14 @@ asn1_bio_set_ex(BIO *b, int cmd, asn1_ps_func *ex_func, asn1_ps_func return BIO_ctrl(b, cmd, 0, &extmp); } -static int -asn1_bio_get_ex(BIO *b, int cmd, asn1_ps_func **ex_func, - asn1_ps_func **ex_free_func) -{ - BIO_ASN1_EX_FUNCS extmp; - int ret; - - if ((ret = BIO_ctrl(b, cmd, 0, &extmp)) <= 0) - return ret; - - *ex_func = extmp.ex_func; - *ex_free_func = extmp.ex_free_func; - - return ret; -} - int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix, asn1_ps_func *prefix_free) { return asn1_bio_set_ex(b, BIO_C_SET_PREFIX, prefix, prefix_free); } -LCRYPTO_ALIAS(BIO_asn1_set_prefix); - -int -BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix, asn1_ps_func **pprefix_free) -{ - return asn1_bio_get_ex(b, BIO_C_GET_PREFIX, pprefix, pprefix_free); -} -LCRYPTO_ALIAS(BIO_asn1_get_prefix); int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix, asn1_ps_func *suffix_free) { return asn1_bio_set_ex(b, BIO_C_SET_SUFFIX, suffix, suffix_free); } -LCRYPTO_ALIAS(BIO_asn1_set_suffix); - -int -BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix, asn1_ps_func **psuffix_free) -{ - return asn1_bio_get_ex(b, BIO_C_GET_SUFFIX, psuffix, psuffix_free); -} -LCRYPTO_ALIAS(BIO_asn1_get_suffix); diff --git a/lib/libcrypto/asn1/bio_ndef.c b/lib/libcrypto/asn1/bio_ndef.c index 11e51edad..98bb1cd19 100644 --- a/lib/libcrypto/asn1/bio_ndef.c +++ b/lib/libcrypto/asn1/bio_ndef.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bio_ndef.c,v 1.23 2023/07/09 19:22:43 tb Exp $ */ +/* $OpenBSD: bio_ndef.c,v 1.24 2023/07/28 09:58:30 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -61,6 +61,9 @@ #include "asn1_local.h" +int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix, asn1_ps_func *prefix_free); +int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix, asn1_ps_func *suffix_free); + /* Experimental NDEF ASN1 BIO support routines */ /* The usage is quite simple, initialize an ASN1 structure, diff --git a/lib/libcrypto/asn1/t_pkey.c b/lib/libcrypto/asn1/t_pkey.c deleted file mode 100644 index 3257cd08c..000000000 --- a/lib/libcrypto/asn1/t_pkey.c +++ /dev/null @@ -1,147 +0,0 @@ -/* $OpenBSD: t_pkey.c,v 1.20 2023/07/05 21:23:36 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -#include -#include -#include - -#include "bn_local.h" - -int -ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num, - unsigned char *buf, int off) -{ - int n, i; - const char *neg; - - if (num == NULL) - return (1); - neg = (BN_is_negative(num)) ? "-" : ""; - if (!BIO_indent(bp, off, 128)) - return 0; - if (BN_is_zero(num)) { - if (BIO_printf(bp, "%s 0\n", number) <= 0) - return 0; - return 1; - } - - if (BN_num_bytes(num) <= BN_BYTES) { - if (BIO_printf(bp, "%s %s%lu (%s0x%lx)\n", number, neg, - (unsigned long)num->d[0], neg, - (unsigned long)num->d[0]) <= 0) - return (0); - } else { - buf[0] = 0; - if (BIO_printf(bp, "%s%s", number, - (neg[0] == '-') ? " (Negative)" : "") <= 0) - return (0); - n = BN_bn2bin(num, &buf[1]); - - if (buf[1] & 0x80) - n++; - else - buf++; - - for (i = 0; i < n; i++) { - if ((i % 15) == 0) { - if (BIO_puts(bp, "\n") <= 0 || - !BIO_indent(bp, off + 4, 128)) - return 0; - } - if (BIO_printf(bp, "%02x%s", buf[i], - ((i + 1) == n) ? "" : ":") <= 0) - return (0); - } - if (BIO_write(bp, "\n", 1) <= 0) - return (0); - } - return (1); -} -LCRYPTO_ALIAS(ASN1_bn_print); - -#define ASN1_BUF_PRINT_WIDTH 15 -#define ASN1_BUF_PRINT_MAX_INDENT 64 - -int -ASN1_buf_print(BIO *bp, const unsigned char *buf, size_t buflen, int indent) -{ - size_t i; - - for (i = 0; i < buflen; i++) { - if ((i % ASN1_BUF_PRINT_WIDTH) == 0) { - if (i > 0 && BIO_puts(bp, "\n") <= 0) - return 0; - if (!BIO_indent(bp, indent, ASN1_BUF_PRINT_MAX_INDENT)) - return 0; - } - /* - * Use colon separators for each octet for compatibility as - * this function is used to print out key components. - */ - if (BIO_printf(bp, "%02x%s", buf[i], - (i == buflen - 1) ? "" : ":") <= 0) - return 0; - } - if (BIO_write(bp, "\n", 1) <= 0) - return 0; - - return 1; -} -LCRYPTO_ALIAS(ASN1_buf_print); diff --git a/lib/libcrypto/asn1/tasn_dec.c b/lib/libcrypto/asn1/tasn_dec.c index 553cab249..31b9efee5 100644 --- a/lib/libcrypto/asn1/tasn_dec.c +++ b/lib/libcrypto/asn1/tasn_dec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tasn_dec.c,v 1.87 2023/07/05 21:23:36 beck Exp $ */ +/* $OpenBSD: tasn_dec.c,v 1.88 2023/07/28 10:00:10 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -1258,21 +1258,3 @@ ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long inlen, return ret; } LCRYPTO_ALIAS(ASN1_item_ex_d2i); - -int -ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, - const ASN1_TEMPLATE *at) -{ - CBS cbs; - int ret; - - if (len < 0) - return 0; - - CBS_init(&cbs, *in, len); - if ((ret = asn1_template_d2i(pval, &cbs, at, 0, 0)) == 1) - *in = CBS_data(&cbs); - - return ret; -} -LCRYPTO_ALIAS(ASN1_template_d2i); diff --git a/lib/libcrypto/asn1/tasn_enc.c b/lib/libcrypto/asn1/tasn_enc.c index be0579f84..b71993a13 100644 --- a/lib/libcrypto/asn1/tasn_enc.c +++ b/lib/libcrypto/asn1/tasn_enc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tasn_enc.c,v 1.32 2023/07/05 21:23:36 beck Exp $ */ +/* $OpenBSD: tasn_enc.c,v 1.33 2023/07/28 10:00:10 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -271,14 +271,6 @@ ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, } LCRYPTO_ALIAS(ASN1_item_ex_i2d); -int -ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, - const ASN1_TEMPLATE *tt) -{ - return asn1_template_ex_i2d(pval, out, tt, -1, 0); -} -LCRYPTO_ALIAS(ASN1_template_i2d); - static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt, int tag, int iclass) diff --git a/lib/libcrypto/asn1/tasn_fre.c b/lib/libcrypto/asn1/tasn_fre.c index eb205dd6a..83c073b55 100644 --- a/lib/libcrypto/asn1/tasn_fre.c +++ b/lib/libcrypto/asn1/tasn_fre.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tasn_fre.c,v 1.22 2023/07/05 21:23:36 beck Exp $ */ +/* $OpenBSD: tasn_fre.c,v 1.23 2023/07/28 10:00:10 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -185,7 +185,6 @@ ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) } else asn1_item_free(pval, tt->item); } -LCRYPTO_ALIAS(ASN1_template_free); void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it) @@ -242,4 +241,3 @@ ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it) } *pval = NULL; } -LCRYPTO_ALIAS(ASN1_primitive_free); diff --git a/lib/libcrypto/asn1/tasn_new.c b/lib/libcrypto/asn1/tasn_new.c index 555267c48..10c1137db 100644 --- a/lib/libcrypto/asn1/tasn_new.c +++ b/lib/libcrypto/asn1/tasn_new.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tasn_new.c,v 1.24 2023/07/05 21:23:36 beck Exp $ */ +/* $OpenBSD: tasn_new.c,v 1.25 2023/07/28 10:00:10 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -248,7 +248,6 @@ ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) done: return ret; } -LCRYPTO_ALIAS(ASN1_template_new); static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) @@ -318,7 +317,6 @@ ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it) return 1; return 0; } -LCRYPTO_ALIAS(ASN1_primitive_new); static void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) diff --git a/lib/libcrypto/asn1/x_attrib.c b/lib/libcrypto/asn1/x_attrib.c index eb72d046c..08206172f 100644 --- a/lib/libcrypto/asn1/x_attrib.c +++ b/lib/libcrypto/asn1/x_attrib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x_attrib.c,v 1.20 2023/07/07 19:37:52 beck Exp $ */ +/* $OpenBSD: x_attrib.c,v 1.21 2023/07/28 13:30:07 jsg Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -64,19 +64,6 @@ #include "x509_local.h" -/* - * XXX - remove X509_ATTRIBUTE_SET_it with next major bump. - */ -const ASN1_ITEM X509_ATTRIBUTE_SET_it = { - .itype = ASN1_ITYPE_CHOICE, - .utype = 0, - .templates = NULL, - .tcount = 0, - .funcs = NULL, - .size = sizeof(X509_ATTRIBUTE), - .sname = "X509_ATTRIBUTE", -}; - static const ASN1_TEMPLATE X509_ATTRIBUTE_seq_tt[] = { { .flags = 0, diff --git a/lib/libcrypto/bf/bf_ecb.c b/lib/libcrypto/bf/bf_ecb.c index 99e50b0ff..eda6f193b 100644 --- a/lib/libcrypto/bf/bf_ecb.c +++ b/lib/libcrypto/bf/bf_ecb.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bf_ecb.c,v 1.9 2022/11/26 16:08:51 tb Exp $ */ +/* $OpenBSD: bf_ecb.c,v 1.10 2023/07/28 10:35:14 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -67,18 +67,6 @@ * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993) */ -const char * -BF_options(void) -{ -#ifdef BF_PTR - return("blowfish(ptr)"); -#elif defined(BF_PTR2) - return("blowfish(ptr2)"); -#else - return("blowfish(idx)"); -#endif -} - void BF_ecb_encrypt(const unsigned char *in, unsigned char *out, const BF_KEY *key, int encrypt) diff --git a/lib/libcrypto/bio/b_dump.c b/lib/libcrypto/bio/b_dump.c index 6a87ebd3a..e46424e69 100644 --- a/lib/libcrypto/bio/b_dump.c +++ b/lib/libcrypto/bio/b_dump.c @@ -1,10 +1,10 @@ -/* $OpenBSD: b_dump.c,v 1.25 2023/07/07 19:37:53 beck Exp $ */ +/* $OpenBSD: b_dump.c,v 1.26 2023/07/29 02:32:00 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). -* The implementation was written so as to conform with Netscapes SSL. + * The implementation was written so as to conform with Netscapes SSL. * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions diff --git a/lib/libcrypto/bio/bio.h b/lib/libcrypto/bio/bio.h index 8e5a19921..eeb7fecda 100644 --- a/lib/libcrypto/bio/bio.h +++ b/lib/libcrypto/bio/bio.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bio.h,v 1.58 2023/07/05 19:25:01 tb Exp $ */ +/* $OpenBSD: bio.h,v 1.59 2023/07/28 09:58:30 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -371,11 +371,6 @@ int BIO_meth_set_callback_ctrl(BIO_METHOD *biom, #define BIO_C_RESET_READ_REQUEST 147 #define BIO_C_SET_MD_CTX 148 -#define BIO_C_SET_PREFIX 149 -#define BIO_C_GET_PREFIX 150 -#define BIO_C_SET_SUFFIX 151 -#define BIO_C_GET_SUFFIX 152 - #define BIO_C_SET_EX_ARG 153 #define BIO_C_GET_EX_ARG 154 @@ -535,16 +530,6 @@ CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); unsigned long BIO_number_read(BIO *bio); unsigned long BIO_number_written(BIO *bio); -/* For BIO_f_asn1() */ -int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix, -asn1_ps_func *prefix_free); -int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix, -asn1_ps_func **pprefix_free); -int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix, -asn1_ps_func *suffix_free); -int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix, -asn1_ps_func **psuffix_free); - int BIO_get_new_index(void); const BIO_METHOD *BIO_s_file(void); BIO *BIO_new_file(const char *filename, const char *mode); diff --git a/lib/libcrypto/bio/bss_bio.c b/lib/libcrypto/bio/bss_bio.c index b56d50317..fa3d4c051 100644 --- a/lib/libcrypto/bio/bss_bio.c +++ b/lib/libcrypto/bio/bss_bio.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bss_bio.c,v 1.27 2023/07/07 19:37:53 beck Exp $ */ +/* $OpenBSD: bss_bio.c,v 1.28 2023/07/28 10:13:50 tb Exp $ */ /* ==================================================================== * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. * @@ -251,85 +251,6 @@ bio_read(BIO *bio, char *buf, int size_) return size; } -/* non-copying interface: provide pointer to available data in buffer - * bio_nread0: return number of available bytes - * bio_nread: also advance index - * (example usage: bio_nread0(), read from buffer, bio_nread() - * or just bio_nread(), read from buffer) - */ -/* WARNING: The non-copying interface is largely untested as of yet - * and may contain bugs. */ -static ssize_t -bio_nread0(BIO *bio, char **buf) -{ - struct bio_bio_st *b, *peer_b; - ssize_t num; - - BIO_clear_retry_flags(bio); - - if (!bio->init) - return 0; - - b = bio->ptr; - assert(b != NULL); - assert(b->peer != NULL); - peer_b = b->peer->ptr; - assert(peer_b != NULL); - assert(peer_b->buf != NULL); - - peer_b->request = 0; - - if (peer_b->len == 0) { - char dummy; - - /* avoid code duplication -- nothing available for reading */ - return bio_read(bio, &dummy, 1); /* returns 0 or -1 */ - } - - num = peer_b->len; - if (peer_b->size < peer_b->offset + num) - /* no ring buffer wrap-around for non-copying interface */ - num = peer_b->size - peer_b->offset; - assert(num > 0); - - if (buf != NULL) - *buf = peer_b->buf + peer_b->offset; - return num; -} - -static ssize_t -bio_nread(BIO *bio, char **buf, size_t num_) -{ - struct bio_bio_st *b, *peer_b; - ssize_t num, available; - - if (num_ > SSIZE_MAX) - num = SSIZE_MAX; - else - num = (ssize_t)num_; - - available = bio_nread0(bio, buf); - if (num > available) - num = available; - if (num <= 0) - return num; - - b = bio->ptr; - peer_b = b->peer->ptr; - - peer_b->len -= num; - if (peer_b->len) { - peer_b->offset += num; - assert(peer_b->offset <= peer_b->size); - if (peer_b->offset == peer_b->size) - peer_b->offset = 0; - } else - peer_b->offset = 0; - - return num; -} - - static int bio_write(BIO *bio, const char *buf, int num_) { @@ -402,85 +323,6 @@ bio_write(BIO *bio, const char *buf, int num_) return num; } -/* non-copying interface: provide pointer to region to write to - * bio_nwrite0: check how much space is available - * bio_nwrite: also increase length - * (example usage: bio_nwrite0(), write to buffer, bio_nwrite() - * or just bio_nwrite(), write to buffer) - */ -static ssize_t -bio_nwrite0(BIO *bio, char **buf) -{ - struct bio_bio_st *b; - size_t num; - size_t write_offset; - - BIO_clear_retry_flags(bio); - - if (!bio->init) - return 0; - - b = bio->ptr; - - assert(b != NULL); - assert(b->peer != NULL); - assert(b->buf != NULL); - - b->request = 0; - if (b->closed) { - BIOerror(BIO_R_BROKEN_PIPE); - return -1; - } - - assert(b->len <= b->size); - - if (b->len == b->size) { - BIO_set_retry_write(bio); - return -1; - } - - num = b->size - b->len; - write_offset = b->offset + b->len; - if (write_offset >= b->size) - write_offset -= b->size; - if (write_offset + num > b->size) - /* no ring buffer wrap-around for non-copying interface - * (to fulfil the promise by BIO_ctrl_get_write_guarantee, - * BIO_nwrite may have to be called twice) */ - num = b->size - write_offset; - - if (buf != NULL) - *buf = b->buf + write_offset; - assert(write_offset + num <= b->size); - - return num; -} - -static ssize_t -bio_nwrite(BIO *bio, char **buf, size_t num_) -{ - struct bio_bio_st *b; - ssize_t num, space; - - if (num_ > SSIZE_MAX) - num = SSIZE_MAX; - else - num = (ssize_t)num_; - - space = bio_nwrite0(bio, buf); - if (num > space) - num = space; - if (num <= 0) - return num; - b = bio->ptr; - assert(b != NULL); - b->len += num; - assert(b->len <= b->size); - - return num; -} - - static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr) { @@ -564,28 +406,7 @@ bio_ctrl(BIO *bio, int cmd, long num, void *ptr) ret = 1; break; - case BIO_C_NREAD0: - /* prepare for non-copying read */ - ret = (long) bio_nread0(bio, ptr); - break; - - case BIO_C_NREAD: - /* non-copying read */ - ret = (long) bio_nread(bio, ptr, (size_t) num); - break; - - case BIO_C_NWRITE0: - /* prepare for non-copying write */ - ret = (long) bio_nwrite0(bio, ptr); - break; - - case BIO_C_NWRITE: - /* non-copying write */ - ret = (long) bio_nwrite(bio, ptr, (size_t) num); - break; - - - /* standard CTRL codes follow */ + /* standard CTRL codes follow */ case BIO_CTRL_RESET: if (b->buf != NULL) { @@ -817,77 +638,3 @@ BIO_ctrl_reset_read_request(BIO *bio) return (BIO_ctrl(bio, BIO_C_RESET_READ_REQUEST, 0, NULL) != 0); } LCRYPTO_ALIAS(BIO_ctrl_reset_read_request); - - -/* BIO_nread0/nread/nwrite0/nwrite are available only for BIO pairs for now - * (conceivably some other BIOs could allow non-copying reads and writes too.) - */ -int -BIO_nread0(BIO *bio, char **buf) -{ - long ret; - - if (!bio->init) { - BIOerror(BIO_R_UNINITIALIZED); - return -2; - } - - ret = BIO_ctrl(bio, BIO_C_NREAD0, 0, buf); - if (ret > INT_MAX) - return INT_MAX; - else - return (int) ret; -} -LCRYPTO_ALIAS(BIO_nread0); - -int -BIO_nread(BIO *bio, char **buf, int num) -{ - int ret; - - if (!bio->init) { - BIOerror(BIO_R_UNINITIALIZED); - return -2; - } - - ret = (int) BIO_ctrl(bio, BIO_C_NREAD, num, buf); - if (ret > 0) - bio->num_read += ret; - return ret; -} -LCRYPTO_ALIAS(BIO_nread); - -int -BIO_nwrite0(BIO *bio, char **buf) -{ - long ret; - - if (!bio->init) { - BIOerror(BIO_R_UNINITIALIZED); - return -2; - } - - ret = BIO_ctrl(bio, BIO_C_NWRITE0, 0, buf); - if (ret > INT_MAX) - return INT_MAX; - else - return (int) ret; -} -LCRYPTO_ALIAS(BIO_nwrite0); - -int -BIO_nwrite(BIO *bio, char **buf, int num) -{ - int ret; - - if (!bio->init) { - BIOerror(BIO_R_UNINITIALIZED); - return -2; - } - - ret = BIO_ctrl(bio, BIO_C_NWRITE, num, buf); - if (ret > 0) - bio->num_write += ret; - return ret; -} -LCRYPTO_ALIAS(BIO_nwrite); diff --git a/lib/libcrypto/bn/bn.h b/lib/libcrypto/bn/bn.h index 7dc138d17..62c85d185 100644 --- a/lib/libcrypto/bn/bn.h +++ b/lib/libcrypto/bn/bn.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bn.h,v 1.72 2023/06/13 09:12:22 tb Exp $ */ +/* $OpenBSD: bn.h,v 1.74 2023/07/28 10:07:30 tb Exp $ */ /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -449,40 +449,11 @@ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from); BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock, const BIGNUM *mod, BN_CTX *ctx); -/* BN_BLINDING flags */ -#define BN_BLINDING_NO_UPDATE 0x00000001 -#define BN_BLINDING_NO_RECREATE 0x00000002 - -BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod); -void BN_BLINDING_free(BN_BLINDING *b); -int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx); -int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); -int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); -int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *); -int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *); - -CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *); -unsigned long BN_BLINDING_get_flags(const BN_BLINDING *); -void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long); -BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b, - const BIGNUM *e, BIGNUM *m, BN_CTX *ctx, - int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), - BN_MONT_CTX *m_ctx); - /* Primes from RFC 2409 */ -BIGNUM *get_rfc2409_prime_768(BIGNUM *bn); -BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn); BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn); BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn); /* Primes from RFC 3526 */ -BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn); -BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn); -BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn); -BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn); -BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn); -BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn); BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn); BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn); BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn); diff --git a/lib/libcrypto/bn/bn_blind.c b/lib/libcrypto/bn/bn_blind.c index 07cd359e7..7332df2b5 100644 --- a/lib/libcrypto/bn/bn_blind.c +++ b/lib/libcrypto/bn/bn_blind.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_blind.c,v 1.23 2023/07/08 12:21:58 beck Exp $ */ +/* $OpenBSD: bn_blind.c,v 1.24 2023/07/28 10:05:16 tb Exp $ */ /* ==================================================================== * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * @@ -169,7 +169,6 @@ err: BN_BLINDING_free(ret); return (NULL); } -LCRYPTO_ALIAS(BN_BLINDING_new); void BN_BLINDING_free(BN_BLINDING *r) @@ -183,7 +182,6 @@ BN_BLINDING_free(BN_BLINDING *r) BN_free(r->mod); free(r); } -LCRYPTO_ALIAS(BN_BLINDING_free); int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx) @@ -217,14 +215,12 @@ err: b->counter = 0; return (ret); } -LCRYPTO_ALIAS(BN_BLINDING_update); int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx) { return BN_BLINDING_convert_ex(n, NULL, b, ctx); } -LCRYPTO_ALIAS(BN_BLINDING_convert); int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) @@ -253,14 +249,12 @@ BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) return ret; } -LCRYPTO_ALIAS(BN_BLINDING_convert_ex); int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx) { return BN_BLINDING_invert_ex(n, NULL, b, ctx); } -LCRYPTO_ALIAS(BN_BLINDING_invert); int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) @@ -280,28 +274,24 @@ BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) return (ret); } -LCRYPTO_ALIAS(BN_BLINDING_invert_ex); CRYPTO_THREADID * BN_BLINDING_thread_id(BN_BLINDING *b) { return &b->tid; } -LCRYPTO_ALIAS(BN_BLINDING_thread_id); unsigned long BN_BLINDING_get_flags(const BN_BLINDING *b) { return b->flags; } -LCRYPTO_ALIAS(BN_BLINDING_get_flags); void BN_BLINDING_set_flags(BN_BLINDING *b, unsigned long flags) { b->flags = flags; } -LCRYPTO_ALIAS(BN_BLINDING_set_flags); BN_BLINDING * BN_BLINDING_create_param(BN_BLINDING *b, const BIGNUM *e, BIGNUM *m, @@ -373,4 +363,3 @@ err: return ret; } -LCRYPTO_ALIAS(BN_BLINDING_create_param); diff --git a/lib/libcrypto/bn/bn_const.c b/lib/libcrypto/bn/bn_const.c index b204eb0bc..bf684c8a4 100644 --- a/lib/libcrypto/bn/bn_const.c +++ b/lib/libcrypto/bn/bn_const.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_const.c,v 1.7 2023/07/10 03:26:30 tb Exp $ */ +/* $OpenBSD: bn_const.c,v 1.8 2023/07/28 10:07:30 tb Exp $ */ /* Insert boilerplate */ #include @@ -23,13 +23,6 @@ static const unsigned char RFC2409_PRIME_768[] = { 0xA6, 0x3A, 0x36, 0x20, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, }; -BIGNUM * -get_rfc2409_prime_768(BIGNUM *bn) -{ - return BN_bin2bn(RFC2409_PRIME_768, sizeof(RFC2409_PRIME_768), bn); -} -LCRYPTO_ALIAS(get_rfc2409_prime_768); - BIGNUM * BN_get_rfc2409_prime_768(BIGNUM *bn) { @@ -60,13 +53,6 @@ static const unsigned char RFC2409_PRIME_1024[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, }; -BIGNUM * -get_rfc2409_prime_1024(BIGNUM *bn) -{ - return BN_bin2bn(RFC2409_PRIME_1024, sizeof(RFC2409_PRIME_1024), bn); -} -LCRYPTO_ALIAS(get_rfc2409_prime_1024); - BIGNUM * BN_get_rfc2409_prime_1024(BIGNUM *bn) { @@ -102,13 +88,6 @@ static const unsigned char RFC3526_PRIME_1536[] = { 0xCA, 0x23, 0x73, 0x27, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, }; -BIGNUM * -get_rfc3526_prime_1536(BIGNUM *bn) -{ - return BN_bin2bn(RFC3526_PRIME_1536, sizeof(RFC3526_PRIME_1536), bn); -} -LCRYPTO_ALIAS(get_rfc3526_prime_1536); - BIGNUM * BN_get_rfc3526_prime_1536(BIGNUM *bn) { @@ -149,13 +128,6 @@ static const unsigned char RFC3526_PRIME_2048[] = { 0xFF, 0xFF, 0xFF, 0xFF, }; -BIGNUM * -get_rfc3526_prime_2048(BIGNUM *bn) -{ - return BN_bin2bn(RFC3526_PRIME_2048, sizeof(RFC3526_PRIME_2048), bn); -} -LCRYPTO_ALIAS(get_rfc3526_prime_2048); - BIGNUM * BN_get_rfc3526_prime_2048(BIGNUM *bn) { @@ -206,13 +178,6 @@ static const unsigned char RFC3526_PRIME_3072[] = { 0xA9, 0x3A, 0xD2, 0xCA, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, }; -BIGNUM * -get_rfc3526_prime_3072(BIGNUM *bn) -{ - return BN_bin2bn(RFC3526_PRIME_3072, sizeof(RFC3526_PRIME_3072), bn); -} -LCRYPTO_ALIAS(get_rfc3526_prime_3072); - BIGNUM * BN_get_rfc3526_prime_3072(BIGNUM *bn) { @@ -274,13 +239,6 @@ static const unsigned char RFC3526_PRIME_4096[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, }; -BIGNUM * -get_rfc3526_prime_4096(BIGNUM *bn) -{ - return BN_bin2bn(RFC3526_PRIME_4096, sizeof(RFC3526_PRIME_4096), bn); -} -LCRYPTO_ALIAS(get_rfc3526_prime_4096); - BIGNUM * BN_get_rfc3526_prime_4096(BIGNUM *bn) { @@ -363,13 +321,6 @@ static const unsigned char RFC3526_PRIME_6144[] = { 0x6D, 0xCC, 0x40, 0x24, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, }; -BIGNUM * -get_rfc3526_prime_6144(BIGNUM *bn) -{ - return BN_bin2bn(RFC3526_PRIME_6144, sizeof(RFC3526_PRIME_6144), bn); -} -LCRYPTO_ALIAS(get_rfc3526_prime_6144); - BIGNUM * BN_get_rfc3526_prime_6144(BIGNUM *bn) { @@ -474,13 +425,6 @@ static const unsigned char RFC3526_PRIME_8192[] = { 0xFF, 0xFF, 0xFF, 0xFF, }; -BIGNUM * -get_rfc3526_prime_8192(BIGNUM *bn) -{ - return BN_bin2bn(RFC3526_PRIME_8192, sizeof(RFC3526_PRIME_8192), bn); -} -LCRYPTO_ALIAS(get_rfc3526_prime_8192); - BIGNUM * BN_get_rfc3526_prime_8192(BIGNUM *bn) { diff --git a/lib/libcrypto/bn/bn_lib.c b/lib/libcrypto/bn/bn_lib.c index 74359dab3..c0c0ac876 100644 --- a/lib/libcrypto/bn/bn_lib.c +++ b/lib/libcrypto/bn/bn_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_lib.c,v 1.89 2023/07/08 12:21:58 beck Exp $ */ +/* $OpenBSD: bn_lib.c,v 1.90 2023/07/28 10:35:14 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -655,26 +655,6 @@ BN_is_negative(const BIGNUM *a) } LCRYPTO_ALIAS(BN_is_negative); -char * -BN_options(void) -{ - static int init = 0; - static char data[16]; - - if (!init) { - init++; -#ifdef BN_LLONG - snprintf(data,sizeof data, "bn(%d,%d)", - (int)sizeof(BN_ULLONG) * 8, (int)sizeof(BN_ULONG) * 8); -#else - snprintf(data,sizeof data, "bn(%d,%d)", - (int)sizeof(BN_ULONG) * 8, (int)sizeof(BN_ULONG) * 8); -#endif - } - return (data); -} -LCRYPTO_ALIAS(BN_options); - /* * Bits of security, see SP800-57, section 5.6.11, table 2. */ diff --git a/lib/libcrypto/bn/bn_local.h b/lib/libcrypto/bn/bn_local.h index a8d40fbcc..989770f2d 100644 --- a/lib/libcrypto/bn/bn_local.h +++ b/lib/libcrypto/bn/bn_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_local.h,v 1.26 2023/07/09 18:27:22 tb Exp $ */ +/* $OpenBSD: bn_local.h,v 1.27 2023/07/28 10:05:16 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -291,6 +291,27 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, BN_RECP_CTX *recp, BN_CTX *ctx); +/* BN_BLINDING flags */ +#define BN_BLINDING_NO_UPDATE 0x00000001 +#define BN_BLINDING_NO_RECREATE 0x00000002 + +BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod); +void BN_BLINDING_free(BN_BLINDING *b); +int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx); +int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); +int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); +int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *); +int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *); + +CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *); +unsigned long BN_BLINDING_get_flags(const BN_BLINDING *); +void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long); +BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b, + const BIGNUM *e, BIGNUM *m, BN_CTX *ctx, + int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), + BN_MONT_CTX *m_ctx); + /* Explicitly const time / non-const time versions for internal use */ int BN_mod_exp_ct(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx); diff --git a/lib/libcrypto/buffer/buf_str.c b/lib/libcrypto/buffer/buf_str.c deleted file mode 100644 index 4ebc4717c..000000000 --- a/lib/libcrypto/buffer/buf_str.c +++ /dev/null @@ -1,79 +0,0 @@ -/* $OpenBSD: buf_str.c,v 1.11 2017/04/09 14:33:21 jsing Exp $ */ -/* - * Copyright (c) 2014 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include -#include -#include - -#include -#include - -/* - * XXX these functions accept a NULL arg and return NULL - * when the standard ones do not. we should at an appropriate - * time change these to find the bad callers - */ - -char * -BUF_strdup(const char *str) -{ - char *ret = NULL; - - if (str != NULL) { - if ((ret = strdup(str)) == NULL) - BUFerror(ERR_R_MALLOC_FAILURE); - } - return ret; -} - -char * -BUF_strndup(const char *str, size_t siz) -{ - char *ret = NULL; - - if (str != NULL) { - if ((ret = strndup(str, siz)) == NULL) - BUFerror(ERR_R_MALLOC_FAILURE); - } - return ret; -} - -void * -BUF_memdup(const void *data, size_t siz) -{ - void *ret = NULL; - - if (data != NULL) { - if ((ret = malloc(siz)) == NULL) - BUFerror(ERR_R_MALLOC_FAILURE); - else - (void) memcpy(ret, data, siz); - } - return ret; -} - -size_t -BUF_strlcpy(char *dst, const char *src, size_t size) -{ - return strlcpy(dst, src, size); -} - -size_t -BUF_strlcat(char *dst, const char *src, size_t size) -{ - return strlcat(dst, src, size); -} diff --git a/lib/libcrypto/buffer/buffer.h b/lib/libcrypto/buffer/buffer.h index c210bfd1c..d461d6493 100644 --- a/lib/libcrypto/buffer/buffer.h +++ b/lib/libcrypto/buffer/buffer.h @@ -1,4 +1,4 @@ -/* $OpenBSD: buffer.h,v 1.16 2022/07/12 14:42:48 kn Exp $ */ +/* $OpenBSD: buffer.h,v 1.17 2023/07/28 10:17:21 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -58,9 +58,6 @@ #ifndef HEADER_BUFFER_H #define HEADER_BUFFER_H -#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__OpenBSD__) -#define __bounded__(x, y, z) -#endif #include @@ -85,19 +82,6 @@ void BUF_MEM_free(BUF_MEM *a); int BUF_MEM_grow(BUF_MEM *str, size_t len); int BUF_MEM_grow_clean(BUF_MEM *str, size_t len); -#ifndef LIBRESSL_INTERNAL -char * BUF_strdup(const char *str); -char * BUF_strndup(const char *str, size_t siz); -void * BUF_memdup(const void *data, size_t siz); -void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz); - -/* safe string functions */ -size_t BUF_strlcpy(char *dst, const char *src, size_t siz) - __attribute__ ((__bounded__(__string__,1,3))); -size_t BUF_strlcat(char *dst, const char *src, size_t siz) - __attribute__ ((__bounded__(__string__,1,3))); -#endif - void ERR_load_BUF_strings(void); /* Error codes for the BUF functions. */ diff --git a/lib/libcrypto/cms/cms.h b/lib/libcrypto/cms/cms.h index 3c92be34f..76672af09 100644 --- a/lib/libcrypto/cms/cms.h +++ b/lib/libcrypto/cms/cms.h @@ -1,4 +1,4 @@ -/* $OpenBSD: cms.h,v 1.15 2019/08/11 10:15:30 jsing Exp $ */ +/* $OpenBSD: cms.h,v 1.16 2023/07/28 10:28:02 tb Exp $ */ /* * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. @@ -128,6 +128,9 @@ int CMS_ContentInfo_print_ctx(BIO *out, CMS_ContentInfo *x, int indent, const AS const ASN1_OBJECT *CMS_get0_type(const CMS_ContentInfo *cms); +int CMS_get_version(const CMS_ContentInfo *cms, long *version); +int CMS_SignerInfo_get_version(const CMS_SignerInfo *si, long *version); + BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont); int CMS_dataFinal(CMS_ContentInfo *cms, BIO *bio); diff --git a/lib/libcrypto/cms/cms_lib.c b/lib/libcrypto/cms/cms_lib.c index fa62e61e9..37a11ba00 100644 --- a/lib/libcrypto/cms/cms_lib.c +++ b/lib/libcrypto/cms/cms_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cms_lib.c,v 1.18 2023/07/08 08:26:26 beck Exp $ */ +/* $OpenBSD: cms_lib.c,v 1.19 2023/07/28 10:28:02 tb Exp $ */ /* * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. @@ -237,6 +237,49 @@ CMS_dataFinal(CMS_ContentInfo *cms, BIO *cmsbio) } LCRYPTO_ALIAS(CMS_dataFinal); +int +CMS_get_version(const CMS_ContentInfo *cms, long *version) +{ + switch (OBJ_obj2nid(cms->contentType)) { + case NID_pkcs7_signed: + *version = cms->d.signedData->version; + return 1; + + case NID_pkcs7_enveloped: + *version = cms->d.envelopedData->version; + return 1; + + case NID_pkcs7_digest: + *version = cms->d.digestedData->version; + return 1; + + case NID_pkcs7_encrypted: + *version = cms->d.encryptedData->version; + return 1; + + case NID_id_smime_ct_authData: + *version = cms->d.authenticatedData->version; + return 1; + + case NID_id_smime_ct_compressedData: + *version = cms->d.compressedData->version; + return 1; + + default: + CMSerror(CMS_R_UNSUPPORTED_TYPE); + return 0; + } +} +LCRYPTO_ALIAS(CMS_get_version); + +int +CMS_SignerInfo_get_version(const CMS_SignerInfo *si, long *version) +{ + *version = si->version; + return 1; +} +LCRYPTO_ALIAS(CMS_SignerInfo_get_version); + /* * Return an OCTET STRING pointer to content. This allows it to be accessed * or set later. diff --git a/lib/libcrypto/comp/c_rle.c b/lib/libcrypto/comp/c_rle.c deleted file mode 100644 index 7907dd83c..000000000 --- a/lib/libcrypto/comp/c_rle.c +++ /dev/null @@ -1,172 +0,0 @@ -/* $OpenBSD: c_rle.c,v 1.12 2023/07/08 08:26:26 beck Exp $ */ -/* - * --------------------------------------------------------------------------- - * Patches to this file were contributed by - * Ulf Moeller and Bodo Moeller . - * --------------------------------------------------------------------------- - * Copyright (c) 1999, 2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - * --------------------------------------------------------------------------- - * Parts of this file are derived from SSLeay code - * which is covered by the following Copyright and license: - * --------------------------------------------------------------------------- - * Copyright (c) 1998 Eric Young - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young . - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson . - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given - * attribution as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young " - * The word 'cryptographic' can be left out if the rouines from the - * library being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) - * from the apps directory (application code) you must include an - * acknowledgement: "This product includes software written - * by Tim Hudson " - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version - * or derivative of this code cannot be changed. i.e. this code cannot - * simply be copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include -#include - -#include "comp_local.h" - -static int rle_compress_block(COMP_CTX *ctx, unsigned char *out, - unsigned int olen, unsigned char *in, unsigned int ilen); -static int rle_expand_block(COMP_CTX *ctx, unsigned char *out, - unsigned int olen, unsigned char *in, unsigned int ilen); - -static COMP_METHOD rle_method = { - .type = NID_rle_compression, - .name = LN_rle_compression, - .compress = rle_compress_block, - .expand = rle_expand_block -}; - -COMP_METHOD * -COMP_rle(void) -{ - return (&rle_method); -} -LCRYPTO_ALIAS(COMP_rle); - -static int -rle_compress_block(COMP_CTX *ctx, unsigned char *out, unsigned int olen, - unsigned char *in, unsigned int ilen) -{ - - if (ilen == 0 || olen < (ilen - 1)) { - return (-1); - } - - *(out++) = 0; - memcpy(out, in, ilen); - return (ilen + 1); -} - -static int -rle_expand_block(COMP_CTX *ctx, unsigned char *out, unsigned int olen, - unsigned char *in, unsigned int ilen) -{ - int i; - - if (olen < (ilen - 1)) { - return (-1); - } - - i= *(in++); - if (i == 0) { - memcpy(out, in, ilen - 1); - } - return (ilen - 1); -} diff --git a/lib/libcrypto/comp/c_zlib.c b/lib/libcrypto/comp/c_zlib.c deleted file mode 100644 index 087e2f4c6..000000000 --- a/lib/libcrypto/comp/c_zlib.c +++ /dev/null @@ -1,146 +0,0 @@ -/* $OpenBSD: c_zlib.c,v 1.28 2023/07/08 08:26:26 beck Exp $ */ -/* - * --------------------------------------------------------------------------- - * Major patches to this file were contributed by - * Richard Levitte , Nils Larsch , - * and Dr. Stephen Henson . - * --------------------------------------------------------------------------- - * Copyright (c) 2002, 2003, 2007, 2008, 2010 The OpenSSL Project. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - * --------------------------------------------------------------------------- - * Parts of this file are derived from SSLeay code - * which is covered by the following Copyright and license: - * --------------------------------------------------------------------------- - * Copyright (c) 1998 Eric Young - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young . - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson . - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given - * attribution as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young " - * The word 'cryptographic' can be left out if the rouines from the - * library being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) - * from the apps directory (application code) you must include an - * acknowledgement: "This product includes software written - * by Tim Hudson " - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version - * or derivative of this code cannot be changed. i.e. this code cannot - * simply be copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include -#include -#include - -#include "bio_local.h" -#include "comp_local.h" - -COMP_METHOD *COMP_zlib(void ); - -static COMP_METHOD zlib_method_nozlib = { - .type = NID_undef, - .name = "(undef)" -}; - -COMP_METHOD * -COMP_zlib(void) -{ - return &zlib_method_nozlib; -} -LCRYPTO_ALIAS(COMP_zlib); - -void -COMP_zlib_cleanup(void) -{ -} -LCRYPTO_ALIAS(COMP_zlib_cleanup); diff --git a/lib/libcrypto/comp/comp.h b/lib/libcrypto/comp/comp.h index 8f3645f37..f0330276f 100644 --- a/lib/libcrypto/comp/comp.h +++ b/lib/libcrypto/comp/comp.h @@ -1,152 +1,7 @@ -/* $OpenBSD: comp.h,v 1.12 2023/06/11 05:35:43 tb Exp $ */ +/* $OpenBSD: comp.h,v 1.13 2023/07/28 09:42:44 tb Exp $ */ + /* - * --------------------------------------------------------------------------- - * Patches to this file were contributed by - * Dr. Stephen Henson . - * --------------------------------------------------------------------------- - * Copyright (c) 1999, 2002, 2008 The OpenSSL Project. All rights reserved. + * Public domain. * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - * --------------------------------------------------------------------------- - * Parts of this file are derived from SSLeay code - * which is covered by the following Copyright and license: - * --------------------------------------------------------------------------- - * Copyright (c) 1998 Eric Young - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young . - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson . - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given - * attribution as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young " - * The word 'cryptographic' can be left out if the rouines from the - * library being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) - * from the apps directory (application code) you must include an - * acknowledgement: "This product includes software written - * by Tim Hudson " - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version - * or derivative of this code cannot be changed. i.e. this code cannot - * simply be copied and put under another distribution licence - * [including the GNU Public Licence.] + * This header is intentionally left empty. Some software uses it unnecessarily. */ - -#ifndef HEADER_COMP_H -#define HEADER_COMP_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -COMP_CTX *COMP_CTX_new(COMP_METHOD *meth); -void COMP_CTX_free(COMP_CTX *ctx); -int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen, - unsigned char *in, int ilen); -int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen, - unsigned char *in, int ilen); -COMP_METHOD *COMP_rle(void ); -COMP_METHOD *COMP_zlib(void ); -void COMP_zlib_cleanup(void); - -void ERR_load_COMP_strings(void); - -/* Error codes for the COMP functions. */ - -/* Function codes. */ -#define COMP_F_BIO_ZLIB_FLUSH 99 -#define COMP_F_BIO_ZLIB_NEW 100 -#define COMP_F_BIO_ZLIB_READ 101 -#define COMP_F_BIO_ZLIB_WRITE 102 - -/* Reason codes. */ -#define COMP_R_ZLIB_DEFLATE_ERROR 99 -#define COMP_R_ZLIB_INFLATE_ERROR 100 -#define COMP_R_ZLIB_NOT_SUPPORTED 101 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/lib/libcrypto/comp/comp_err.c b/lib/libcrypto/comp/comp_err.c deleted file mode 100644 index 49c476c02..000000000 --- a/lib/libcrypto/comp/comp_err.c +++ /dev/null @@ -1,95 +0,0 @@ -/* $OpenBSD: comp_err.c,v 1.14 2023/07/08 08:26:26 beck Exp $ */ -/* ==================================================================== - * This file was written by Dr. Stephen Henson . - * Copyright (c) 1999, 2005, 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#include "comp_local.h" - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_COMP,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_COMP,0,reason) - -static ERR_STRING_DATA COMP_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static ERR_STRING_DATA COMP_str_reasons[] = { - {ERR_REASON(COMP_R_ZLIB_DEFLATE_ERROR) , "zlib deflate error"}, - {ERR_REASON(COMP_R_ZLIB_INFLATE_ERROR) , "zlib inflate error"}, - {ERR_REASON(COMP_R_ZLIB_NOT_SUPPORTED) , "zlib not supported"}, - {0, NULL} -}; - -#endif - -void -ERR_load_COMP_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(COMP_str_functs[0].error) == NULL) { - ERR_load_strings(0, COMP_str_functs); - ERR_load_strings(0, COMP_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_COMP_strings); diff --git a/lib/libcrypto/comp/comp_lib.c b/lib/libcrypto/comp/comp_lib.c deleted file mode 100644 index f26edc000..000000000 --- a/lib/libcrypto/comp/comp_lib.c +++ /dev/null @@ -1,188 +0,0 @@ -/* $OpenBSD: comp_lib.c,v 1.12 2023/07/08 08:26:26 beck Exp $ */ -/* - * --------------------------------------------------------------------------- - * Patches to this file were contributed by - * Ben Laurie and Ulf Moeller . - * --------------------------------------------------------------------------- - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - * --------------------------------------------------------------------------- - * Parts of this file are derived from SSLeay code - * which is covered by the following Copyright and license: - * --------------------------------------------------------------------------- - * Copyright (c) 1998 Eric Young - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young . - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson . - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given - * attribution as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young " - * The word 'cryptographic' can be left out if the rouines from the - * library being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) - * from the apps directory (application code) you must include an - * acknowledgement: "This product includes software written - * by Tim Hudson " - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version - * or derivative of this code cannot be changed. i.e. this code cannot - * simply be copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include -#include - -#include "comp_local.h" - -COMP_CTX * -COMP_CTX_new(COMP_METHOD *meth) -{ - COMP_CTX *ret; - - if ((ret = calloc(1, sizeof(COMP_CTX))) == NULL) { - return (NULL); - } - ret->meth = meth; - if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { - free(ret); - ret = NULL; - } - return (ret); -} -LCRYPTO_ALIAS(COMP_CTX_new); - -void -COMP_CTX_free(COMP_CTX *ctx) -{ - if (ctx == NULL) - return; - - if (ctx->meth->finish != NULL) - ctx->meth->finish(ctx); - - free(ctx); -} -LCRYPTO_ALIAS(COMP_CTX_free); - -int -COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen, - unsigned char *in, int ilen) -{ - int ret; - - if (ctx->meth->compress == NULL) { - return (-1); - } - ret = ctx->meth->compress(ctx, out, olen, in, ilen); - if (ret > 0) { - ctx->compress_in += ilen; - ctx->compress_out += ret; - } - return (ret); -} -LCRYPTO_ALIAS(COMP_compress_block); - -int -COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen, - unsigned char *in, int ilen) -{ - int ret; - - if (ctx->meth->expand == NULL) { - return (-1); - } - ret = ctx->meth->expand(ctx, out, olen, in, ilen); - if (ret > 0) { - ctx->expand_in += ilen; - ctx->expand_out += ret; - } - return (ret); -} -LCRYPTO_ALIAS(COMP_expand_block); diff --git a/lib/libcrypto/comp/comp_local.h b/lib/libcrypto/comp/comp_local.h deleted file mode 100644 index e26a800ba..000000000 --- a/lib/libcrypto/comp/comp_local.h +++ /dev/null @@ -1,148 +0,0 @@ -/* $OpenBSD: comp_local.h,v 1.4 2022/12/24 07:12:09 tb Exp $ */ -/* - * --------------------------------------------------------------------------- - * Patches to this file were contributed by - * Richard Levitte . - * --------------------------------------------------------------------------- - * Copyright (c) 1999, 2000, 2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - * --------------------------------------------------------------------------- - * Parts of this file are derived from SSLeay code - * which is covered by the following Copyright and license: - * --------------------------------------------------------------------------- - * Copyright (c) 1998 Eric Young - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young . - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson . - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given - * attribution as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young " - * The word 'cryptographic' can be left out if the rouines from the - * library being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) - * from the apps directory (application code) you must include an - * acknowledgement: "This product includes software written - * by Tim Hudson " - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version - * or derivative of this code cannot be changed. i.e. this code cannot - * simply be copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_COMP_LOCAL_H -#define HEADER_COMP_LOCAL_H - -__BEGIN_HIDDEN_DECLS - -struct CMP_CTX; - -struct comp_method_st { - int type; /* NID for compression library */ - const char *name; /* A text string to identify the library */ - int (*init)(COMP_CTX *ctx); - void (*finish)(COMP_CTX *ctx); - int (*compress)(COMP_CTX *ctx, unsigned char *out, unsigned int olen, - unsigned char *in, unsigned int ilen); - int (*expand)(COMP_CTX *ctx, unsigned char *out, unsigned int olen, - unsigned char *in, unsigned int ilen); - /* The following two do NOTHING, but are kept for backward compatibility */ - long (*ctrl)(void); - long (*callback_ctrl)(void); -} /* COMP_METHOD */; - -struct comp_ctx_st { - COMP_METHOD *meth; - unsigned long compress_in; - unsigned long compress_out; - unsigned long expand_in; - unsigned long expand_out; - - CRYPTO_EX_DATA ex_data; -} /* COMP_CTX */; - -__END_HIDDEN_DECLS - -#endif /* !HEADER_COMP_LOCAL_H */ diff --git a/lib/libcrypto/crypto.h b/lib/libcrypto/crypto.h index f91374f49..07a55ec1f 100644 --- a/lib/libcrypto/crypto.h +++ b/lib/libcrypto/crypto.h @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto.h,v 1.62 2023/07/05 13:06:06 bcook Exp $ */ +/* $OpenBSD: crypto.h,v 1.63 2023/07/28 10:19:20 tb Exp $ */ /* ==================================================================== * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * @@ -244,44 +244,22 @@ struct crypto_ex_data_st { }; DECLARE_STACK_OF(void) -/* This stuff is basically class callback functions - * The current classes are SSL_CTX, SSL, SSL_SESSION, and a few more */ - -typedef struct crypto_ex_data_func_st { - long argl; /* Arbitrary long */ - void *argp; /* Arbitrary void * */ - CRYPTO_EX_new *new_func; - CRYPTO_EX_free *free_func; - CRYPTO_EX_dup *dup_func; -} CRYPTO_EX_DATA_FUNCS; - -DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS) - -/* Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA - * entry. - */ - -#define CRYPTO_EX_INDEX_BIO 0 -#define CRYPTO_EX_INDEX_SSL 1 -#define CRYPTO_EX_INDEX_SSL_CTX 2 -#define CRYPTO_EX_INDEX_SSL_SESSION 3 -#define CRYPTO_EX_INDEX_X509_STORE 4 -#define CRYPTO_EX_INDEX_X509_STORE_CTX 5 -#define CRYPTO_EX_INDEX_RSA 6 -#define CRYPTO_EX_INDEX_DSA 7 -#define CRYPTO_EX_INDEX_DH 8 -#define CRYPTO_EX_INDEX_ENGINE 9 -#define CRYPTO_EX_INDEX_X509 10 -#define CRYPTO_EX_INDEX_UI 11 -#define CRYPTO_EX_INDEX_ECDSA 12 -#define CRYPTO_EX_INDEX_ECDH 13 -#define CRYPTO_EX_INDEX_COMP 14 -#define CRYPTO_EX_INDEX_STORE 15 -#define CRYPTO_EX_INDEX_EC_KEY 16 - -/* Dynamically assigned indexes start from this value (don't use directly, use - * via CRYPTO_ex_data_new_class). */ -#define CRYPTO_EX_INDEX_USER 100 +#define CRYPTO_EX_INDEX_SSL 0 +#define CRYPTO_EX_INDEX_SSL_CTX 1 +#define CRYPTO_EX_INDEX_SSL_SESSION 2 +#define CRYPTO_EX_INDEX_APP 3 +#define CRYPTO_EX_INDEX_BIO 4 +#define CRYPTO_EX_INDEX_DH 5 +#define CRYPTO_EX_INDEX_DSA 6 +#define CRYPTO_EX_INDEX_EC_KEY 7 +#define CRYPTO_EX_INDEX_ENGINE 8 +#define CRYPTO_EX_INDEX_RSA 9 +#define CRYPTO_EX_INDEX_UI 10 +#define CRYPTO_EX_INDEX_UI_METHOD 11 +#define CRYPTO_EX_INDEX_X509 12 +#define CRYPTO_EX_INDEX_X509_STORE 13 +#define CRYPTO_EX_INDEX_X509_STORE_CTX 14 +#define CRYPTO_EX_INDEX__COUNT 15 #ifndef LIBRESSL_INTERNAL #define CRYPTO_malloc_init() (0) @@ -328,14 +306,6 @@ unsigned long OpenSSL_version_num(void); const char *SSLeay_version(int type); unsigned long SSLeay(void); -/* An opaque type representing an implementation of "ex_data" support */ -typedef struct st_CRYPTO_EX_DATA_IMPL CRYPTO_EX_DATA_IMPL; -/* Return an opaque pointer to the current "ex_data" implementation */ -const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void); -/* Sets the "ex_data" implementation to be used (if it's not too late) */ -int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i); -/* Get a new "ex_data" class, and return the corresponding "class_index" */ -int CRYPTO_ex_data_new_class(void); /* Within a given class, get/register a new index */ int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, diff --git a/lib/libcrypto/dso/dso.h b/lib/libcrypto/dso/dso.h deleted file mode 100644 index c3963a8e0..000000000 --- a/lib/libcrypto/dso/dso.h +++ /dev/null @@ -1,382 +0,0 @@ -/* $OpenBSD: dso.h,v 1.14 2022/12/26 07:18:51 jmc Exp $ */ -/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_DSO_H -#define HEADER_DSO_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* These values are used as commands to DSO_ctrl() */ -#define DSO_CTRL_GET_FLAGS 1 -#define DSO_CTRL_SET_FLAGS 2 -#define DSO_CTRL_OR_FLAGS 3 - -/* By default, DSO_load() will translate the provided filename into a form - * typical for the platform (more specifically the DSO_METHOD) using the - * dso_name_converter function of the method. Eg. win32 will transform "blah" - * into "blah.dll", and dlfcn will transform it into "libblah.so". The - * behaviour can be overridden by setting the name_converter callback in the DSO - * object (using DSO_set_name_converter()). This callback could even utilise - * the DSO_METHOD's converter too if it only wants to override behaviour for - * one or two possible DSO methods. However, the following flag can be set in a - * DSO to prevent *any* native name-translation at all - eg. if the caller has - * prompted the user for a path to a driver library so the filename should be - * interpreted as-is. */ -#define DSO_FLAG_NO_NAME_TRANSLATION 0x01 -/* An extra flag to give if only the extension should be added as - * translation. This is obviously only of importance on Unix and - * other operating systems where the translation also may prefix - * the name with something, like 'lib', and ignored everywhere else. - * This flag is also ignored if DSO_FLAG_NO_NAME_TRANSLATION is used - * at the same time. */ -#define DSO_FLAG_NAME_TRANSLATION_EXT_ONLY 0x02 - -/* The following flag controls the translation of symbol names to upper - * case. This is currently only being implemented for OpenVMS. - */ -#define DSO_FLAG_UPCASE_SYMBOL 0x10 - -/* This flag loads the library with public symbols. - * Meaning: The exported symbols of this library are public - * to all libraries loaded after this library. - * At the moment only implemented in unix. - */ -#define DSO_FLAG_GLOBAL_SYMBOLS 0x20 - - -typedef void (*DSO_FUNC_TYPE)(void); - -typedef struct dso_st DSO; - -/* The function prototype used for method functions (or caller-provided - * callbacks) that transform filenames. They are passed a DSO structure pointer - * (or NULL if they are to be used independently of a DSO object) and a - * filename to transform. They should either return NULL (if there is an error - * condition) or a newly allocated string containing the transformed form that - * the caller will need to free with free() when done. */ -typedef char* (*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *); -/* The function prototype used for method functions (or caller-provided - * callbacks) that merge two file specifications. They are passed a - * DSO structure pointer (or NULL if they are to be used independently of - * a DSO object) and two file specifications to merge. They should - * either return NULL (if there is an error condition) or a newly allocated - * string containing the result of merging that the caller will need - * to free with free() when done. - * Here, merging means that bits and pieces are taken from each of the - * file specifications and added together in whatever fashion that is - * sensible for the DSO method in question. The only rule that really - * applies is that if the two specification contain pieces of the same - * type, the copy from the first string takes priority. One could see - * it as the first specification is the one given by the user and the - * second being a bunch of defaults to add on if they're missing in the - * first. */ -typedef char* (*DSO_MERGER_FUNC)(DSO *, const char *, const char *); - -typedef struct dso_meth_st { - const char *name; - /* Loads a shared library, NB: new DSO_METHODs must ensure that a - * successful load populates the loaded_filename field, and likewise a - * successful unload frees and NULLs it out. */ - int (*dso_load)(DSO *dso); - /* Unloads a shared library */ - int (*dso_unload)(DSO *dso); - /* Binds a variable */ - void *(*dso_bind_var)(DSO *dso, const char *symname); - /* Binds a function - assumes a return type of DSO_FUNC_TYPE. - * This should be cast to the real function prototype by the - * caller. Platforms that don't have compatible representations - * for different prototypes (this is possible within ANSI C) - * are highly unlikely to have shared libraries at all, let - * alone a DSO_METHOD implemented for them. */ - DSO_FUNC_TYPE (*dso_bind_func)(DSO *dso, const char *symname); - - /* The generic (yuck) "ctrl()" function. NB: Negative return - * values (rather than zero) indicate errors. */ - long (*dso_ctrl)(DSO *dso, int cmd, long larg, void *parg); - /* The default DSO_METHOD-specific function for converting filenames to - * a canonical native form. */ - DSO_NAME_CONVERTER_FUNC dso_name_converter; - /* The default DSO_METHOD-specific function for converting filenames to - * a canonical native form. */ - DSO_MERGER_FUNC dso_merger; - - /* [De]Initialisation handlers. */ - int (*init)(DSO *dso); - int (*finish)(DSO *dso); - - /* Return pathname of the module containing location */ - int (*pathbyaddr)(void *addr, char *path, int sz); - /* Perform global symbol lookup, i.e. among *all* modules */ - void *(*globallookup)(const char *symname); -} DSO_METHOD; - -/**********************************************************************/ -/* The low-level handle type used to refer to a loaded shared library */ - -struct dso_st { - DSO_METHOD *meth; - /* Standard dlopen uses a (void *). Win32 uses a HANDLE. VMS - * doesn't use anything but will need to cache the filename - * for use in the dso_bind handler. All in all, let each - * method control its own destiny. "Handles" and such go in - * a STACK. */ - STACK_OF(void) *meth_data; - int references; - int flags; - /* For use by applications etc ... use this for your bits'n'pieces, - * don't touch meth_data! */ - CRYPTO_EX_DATA ex_data; - /* If this callback function pointer is set to non-NULL, then it will - * be used in DSO_load() in place of meth->dso_name_converter. NB: This - * should normally set using DSO_set_name_converter(). */ - DSO_NAME_CONVERTER_FUNC name_converter; - /* If this callback function pointer is set to non-NULL, then it will - * be used in DSO_load() in place of meth->dso_merger. NB: This - * should normally set using DSO_set_merger(). */ - DSO_MERGER_FUNC merger; - /* This is populated with (a copy of) the platform-independant - * filename used for this DSO. */ - char *filename; - /* This is populated with (a copy of) the translated filename by which - * the DSO was actually loaded. It is NULL iff the DSO is not currently - * loaded. NB: This is here because the filename translation process - * may involve a callback being invoked more than once not only to - * convert to a platform-specific form, but also to try different - * filenames in the process of trying to perform a load. As such, this - * variable can be used to indicate (a) whether this DSO structure - * corresponds to a loaded library or not, and (b) the filename with - * which it was actually loaded. */ - char *loaded_filename; -}; - - -DSO * DSO_new(void); -DSO * DSO_new_method(DSO_METHOD *method); -int DSO_free(DSO *dso); -int DSO_flags(DSO *dso); -int DSO_up_ref(DSO *dso); -long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg); - -/* This function sets the DSO's name_converter callback. If it is non-NULL, - * then it will be used instead of the associated DSO_METHOD's function. If - * oldcb is non-NULL then it is set to the function pointer value being - * replaced. Return value is non-zero for success. */ -int DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb, - DSO_NAME_CONVERTER_FUNC *oldcb); -/* These functions can be used to get/set the platform-independant filename - * used for a DSO. NB: set will fail if the DSO is already loaded. */ -const char *DSO_get_filename(DSO *dso); -int DSO_set_filename(DSO *dso, const char *filename); -/* This function will invoke the DSO's name_converter callback to translate a - * filename, or if the callback isn't set it will instead use the DSO_METHOD's - * converter. If "filename" is NULL, the "filename" in the DSO itself will be - * used. If the DSO_FLAG_NO_NAME_TRANSLATION flag is set, then the filename is - * simply duplicated. NB: This function is usually called from within a - * DSO_METHOD during the processing of a DSO_load() call, and is exposed so that - * caller-created DSO_METHODs can do the same thing. A non-NULL return value - * will need to be free()'d. */ -char *DSO_convert_filename(DSO *dso, const char *filename); -/* This function will invoke the DSO's merger callback to merge two file - * specifications, or if the callback isn't set it will instead use the - * DSO_METHOD's merger. A non-NULL return value will need to be - * free()'d. */ -char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2); -/* If the DSO is currently loaded, this returns the filename that it was loaded - * under, otherwise it returns NULL. So it is also useful as a test as to - * whether the DSO is currently loaded. NB: This will not necessarily return - * the same value as DSO_convert_filename(dso, dso->filename), because the - * DSO_METHOD's load function may have tried a variety of filenames (with - * and/or without the aid of the converters) before settling on the one it - * actually loaded. */ -const char *DSO_get_loaded_filename(DSO *dso); - -void DSO_set_default_method(DSO_METHOD *meth); -DSO_METHOD *DSO_get_default_method(void); -DSO_METHOD *DSO_get_method(DSO *dso); -DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth); - -/* The all-singing all-dancing load function, you normally pass NULL - * for the first and third parameters. Use DSO_up and DSO_free for - * subsequent reference count handling. Any flags passed in will be set - * in the constructed DSO after its init() function but before the - * load operation. If 'dso' is non-NULL, 'flags' is ignored. */ -DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags); - -/* This function binds to a variable inside a shared library. */ -void *DSO_bind_var(DSO *dso, const char *symname); - -/* This function binds to a function inside a shared library. */ -DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname); - -/* This method is the default, but will beg, borrow, or steal whatever - * method should be the default on any particular platform (including - * DSO_METH_null() if necessary). */ -DSO_METHOD *DSO_METHOD_openssl(void); - -/* This method is defined for all platforms - if a platform has no - * DSO support then this will be the only method! */ -DSO_METHOD *DSO_METHOD_null(void); - -/* If DSO_DLFCN is defined, the standard dlfcn.h-style functions - * (dlopen, dlclose, dlsym, etc) will be used and incorporated into - * this method. If not, this method will return NULL. */ -DSO_METHOD *DSO_METHOD_dlfcn(void); - -/* This function writes null-terminated pathname of DSO module - * containing 'addr' into 'sz' large caller-provided 'path' and - * returns the number of characters [including trailing zero] - * written to it. If 'sz' is 0 or negative, 'path' is ignored and - * required amount of characters [including trailing zero] to - * accommodate pathname is returned. If 'addr' is NULL, then - * pathname of cryptolib itself is returned. Negative or zero - * return value denotes error. - */ -int DSO_pathbyaddr(void *addr, char *path, int sz); - -/* This function should be used with caution! It looks up symbols in - * *all* loaded modules and if module gets unloaded by somebody else - * attempt to dereference the pointer is doomed to have fatal - * consequences. Primary usage for this function is to probe *core* - * system functionality, e.g. check if getnameinfo(3) is available - * at run-time without bothering about OS-specific details such as - * libc.so.versioning or where does it actually reside: in libc - * itself or libsocket. */ -void *DSO_global_lookup(const char *name); - -void ERR_load_DSO_strings(void); - -/* Error codes for the DSO functions. */ - -/* Function codes. */ -#define DSO_F_BEOS_BIND_FUNC 144 -#define DSO_F_BEOS_BIND_VAR 145 -#define DSO_F_BEOS_LOAD 146 -#define DSO_F_BEOS_NAME_CONVERTER 147 -#define DSO_F_BEOS_UNLOAD 148 -#define DSO_F_DLFCN_BIND_FUNC 100 -#define DSO_F_DLFCN_BIND_VAR 101 -#define DSO_F_DLFCN_LOAD 102 -#define DSO_F_DLFCN_MERGER 130 -#define DSO_F_DLFCN_NAME_CONVERTER 123 -#define DSO_F_DLFCN_UNLOAD 103 -#define DSO_F_DL_BIND_FUNC 104 -#define DSO_F_DL_BIND_VAR 105 -#define DSO_F_DL_LOAD 106 -#define DSO_F_DL_MERGER 131 -#define DSO_F_DL_NAME_CONVERTER 124 -#define DSO_F_DL_UNLOAD 107 -#define DSO_F_DSO_BIND_FUNC 108 -#define DSO_F_DSO_BIND_VAR 109 -#define DSO_F_DSO_CONVERT_FILENAME 126 -#define DSO_F_DSO_CTRL 110 -#define DSO_F_DSO_FREE 111 -#define DSO_F_DSO_GET_FILENAME 127 -#define DSO_F_DSO_GET_LOADED_FILENAME 128 -#define DSO_F_DSO_GLOBAL_LOOKUP 139 -#define DSO_F_DSO_LOAD 112 -#define DSO_F_DSO_MERGE 132 -#define DSO_F_DSO_NEW_METHOD 113 -#define DSO_F_DSO_PATHBYADDR 140 -#define DSO_F_DSO_SET_FILENAME 129 -#define DSO_F_DSO_SET_NAME_CONVERTER 122 -#define DSO_F_DSO_UP_REF 114 -#define DSO_F_GLOBAL_LOOKUP_FUNC 138 -#define DSO_F_PATHBYADDR 137 -#define DSO_F_VMS_BIND_SYM 115 -#define DSO_F_VMS_LOAD 116 -#define DSO_F_VMS_MERGER 133 -#define DSO_F_VMS_UNLOAD 117 -#define DSO_F_WIN32_BIND_FUNC 118 -#define DSO_F_WIN32_BIND_VAR 119 -#define DSO_F_WIN32_GLOBALLOOKUP 142 -#define DSO_F_WIN32_GLOBALLOOKUP_FUNC 143 -#define DSO_F_WIN32_JOINER 135 -#define DSO_F_WIN32_LOAD 120 -#define DSO_F_WIN32_MERGER 134 -#define DSO_F_WIN32_NAME_CONVERTER 125 -#define DSO_F_WIN32_PATHBYADDR 141 -#define DSO_F_WIN32_SPLITTER 136 -#define DSO_F_WIN32_UNLOAD 121 - -/* Reason codes. */ -#define DSO_R_CTRL_FAILED 100 -#define DSO_R_DSO_ALREADY_LOADED 110 -#define DSO_R_EMPTY_FILE_STRUCTURE 113 -#define DSO_R_FAILURE 114 -#define DSO_R_FILENAME_TOO_BIG 101 -#define DSO_R_FINISH_FAILED 102 -#define DSO_R_INCORRECT_FILE_SYNTAX 115 -#define DSO_R_LOAD_FAILED 103 -#define DSO_R_NAME_TRANSLATION_FAILED 109 -#define DSO_R_NO_FILENAME 111 -#define DSO_R_NO_FILE_SPECIFICATION 116 -#define DSO_R_NULL_HANDLE 104 -#define DSO_R_SET_FILENAME_FAILED 112 -#define DSO_R_STACK_ERROR 105 -#define DSO_R_SYM_FAILURE 106 -#define DSO_R_UNLOAD_FAILED 107 -#define DSO_R_UNSUPPORTED 108 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/lib/libcrypto/dso/dso_dlfcn.c b/lib/libcrypto/dso/dso_dlfcn.c deleted file mode 100644 index 77c19aa27..000000000 --- a/lib/libcrypto/dso/dso_dlfcn.c +++ /dev/null @@ -1,355 +0,0 @@ -/* $OpenBSD: dso_dlfcn.c,v 1.30 2023/07/08 07:22:58 beck Exp $ */ -/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include - -#ifndef DSO_DLFCN -DSO_METHOD * -DSO_METHOD_dlfcn(void) -{ - return NULL; -} -LCRYPTO_ALIAS(DSO_METHOD_dlfcn); -#else - -#ifdef HAVE_DLFCN_H -# include -# define HAVE_DLINFO 1 -#endif - -/* Part of the hack in "dlfcn_load" ... */ -#define DSO_MAX_TRANSLATED_SIZE 256 - -static int dlfcn_load(DSO *dso); -static int dlfcn_unload(DSO *dso); -static void *dlfcn_bind_var(DSO *dso, const char *symname); -static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname); -static char *dlfcn_name_converter(DSO *dso, const char *filename); -static char *dlfcn_merger(DSO *dso, const char *filespec1, - const char *filespec2); -static int dlfcn_pathbyaddr(void *addr, char *path, int sz); -static void *dlfcn_globallookup(const char *name); - -static DSO_METHOD dso_meth_dlfcn = { - .name = "OpenSSL 'dlfcn' shared library method", - .dso_load = dlfcn_load, - .dso_unload = dlfcn_unload, - .dso_bind_var = dlfcn_bind_var, - .dso_bind_func = dlfcn_bind_func, - .dso_name_converter = dlfcn_name_converter, - .dso_merger = dlfcn_merger, - .pathbyaddr = dlfcn_pathbyaddr, - .globallookup = dlfcn_globallookup -}; - -DSO_METHOD * -DSO_METHOD_dlfcn(void) -{ - return (&dso_meth_dlfcn); -} -LCRYPTO_ALIAS(DSO_METHOD_dlfcn); - -/* For this DSO_METHOD, our meth_data STACK will contain; - * (i) the handle (void*) returned from dlopen(). - */ - -static int -dlfcn_load(DSO *dso) -{ - void *ptr = NULL; - /* See applicable comments in dso_dl.c */ - char *filename = DSO_convert_filename(dso, NULL); - int flags = RTLD_LAZY; - - if (filename == NULL) { - DSOerror(DSO_R_NO_FILENAME); - goto err; - } - - if (dso->flags & DSO_FLAG_GLOBAL_SYMBOLS) - flags |= RTLD_GLOBAL; - ptr = dlopen(filename, flags); - if (ptr == NULL) { - DSOerror(DSO_R_LOAD_FAILED); - ERR_asprintf_error_data("filename(%s): %s", filename, - dlerror()); - goto err; - } - if (!sk_void_push(dso->meth_data, (char *)ptr)) { - DSOerror(DSO_R_STACK_ERROR); - goto err; - } - /* Success */ - dso->loaded_filename = filename; - return (1); - -err: - /* Cleanup! */ - free(filename); - if (ptr != NULL) - dlclose(ptr); - return (0); -} - -static int -dlfcn_unload(DSO *dso) -{ - void *ptr; - if (dso == NULL) { - DSOerror(ERR_R_PASSED_NULL_PARAMETER); - return (0); - } - if (sk_void_num(dso->meth_data) < 1) - return (1); - ptr = sk_void_pop(dso->meth_data); - if (ptr == NULL) { - DSOerror(DSO_R_NULL_HANDLE); - /* Should push the value back onto the stack in - * case of a retry. */ - sk_void_push(dso->meth_data, ptr); - return (0); - } - /* For now I'm not aware of any errors associated with dlclose() */ - dlclose(ptr); - return (1); -} - -static void * -dlfcn_bind_var(DSO *dso, const char *symname) -{ - void *ptr, *sym; - - if ((dso == NULL) || (symname == NULL)) { - DSOerror(ERR_R_PASSED_NULL_PARAMETER); - return (NULL); - } - if (sk_void_num(dso->meth_data) < 1) { - DSOerror(DSO_R_STACK_ERROR); - return (NULL); - } - ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1); - if (ptr == NULL) { - DSOerror(DSO_R_NULL_HANDLE); - return (NULL); - } - sym = dlsym(ptr, symname); - if (sym == NULL) { - DSOerror(DSO_R_SYM_FAILURE); - ERR_asprintf_error_data("symname(%s): %s", symname, dlerror()); - return (NULL); - } - return (sym); -} - -static DSO_FUNC_TYPE -dlfcn_bind_func(DSO *dso, const char *symname) -{ - void *ptr; - union { - DSO_FUNC_TYPE sym; - void *dlret; - } u; - - if ((dso == NULL) || (symname == NULL)) { - DSOerror(ERR_R_PASSED_NULL_PARAMETER); - return (NULL); - } - if (sk_void_num(dso->meth_data) < 1) { - DSOerror(DSO_R_STACK_ERROR); - return (NULL); - } - ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1); - if (ptr == NULL) { - DSOerror(DSO_R_NULL_HANDLE); - return (NULL); - } - u.dlret = dlsym(ptr, symname); - if (u.dlret == NULL) { - DSOerror(DSO_R_SYM_FAILURE); - ERR_asprintf_error_data("symname(%s): %s", symname, dlerror()); - return (NULL); - } - return u.sym; -} - -static char * -dlfcn_merger(DSO *dso, const char *filespec1, const char *filespec2) -{ - char *merged; - - if (!filespec1 && !filespec2) { - DSOerror(ERR_R_PASSED_NULL_PARAMETER); - return (NULL); - } - /* If the first file specification is a rooted path, it rules. - same goes if the second file specification is missing. */ - if (!filespec2 || (filespec1 != NULL && filespec1[0] == '/')) { - merged = strdup(filespec1); - if (!merged) { - DSOerror(ERR_R_MALLOC_FAILURE); - return (NULL); - } - } - /* If the first file specification is missing, the second one rules. */ - else if (!filespec1) { - merged = strdup(filespec2); - if (!merged) { - DSOerror(ERR_R_MALLOC_FAILURE); - return (NULL); - } - } else - /* This part isn't as trivial as it looks. It assumes that - the second file specification really is a directory, and - makes no checks whatsoever. Therefore, the result becomes - the concatenation of filespec2 followed by a slash followed - by filespec1. */ - { - size_t spec2len, len; - - spec2len = strlen(filespec2); - len = spec2len + (filespec1 ? strlen(filespec1) : 0); - - if (filespec2 && filespec2[spec2len - 1] == '/') { - spec2len--; - len--; - } - merged = malloc(len + 2); - if (!merged) { - DSOerror(ERR_R_MALLOC_FAILURE); - return (NULL); - } - strlcpy(merged, filespec2, len + 2); - merged[spec2len] = '/'; - strlcpy(&merged[spec2len + 1], filespec1, len + 1 - spec2len); - } - return (merged); -} - -#define DSO_ext ".so" -#define DSO_extlen 3 - -static char * -dlfcn_name_converter(DSO *dso, const char *filename) -{ - char *translated; - int ret; - - if (strchr(filename, '/') == NULL) { - /* Bare name, so convert to "%s.so" or "lib%s.so" */ - if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0) - ret = asprintf(&translated, "lib%s" DSO_ext, filename); - else - ret = asprintf(&translated, "%s" DSO_ext, filename); - if (ret == -1) - translated = NULL; - } else { - /* Full path, so just duplicate it */ - translated = strdup(filename); - } - - if (translated == NULL) - DSOerror(DSO_R_NAME_TRANSLATION_FAILED); - return (translated); -} - -static int -dlfcn_pathbyaddr(void *addr, char *path, int sz) -{ - Dl_info dli; - int len; - - if (addr == NULL) { - union{ - int(*f)(void*, char*, int); - void *p; - } t = { dlfcn_pathbyaddr }; - addr = t.p; - } - - if (dladdr(addr, &dli)) { - len = (int)strlen(dli.dli_fname); - if (sz <= 0) - return len + 1; - if (len >= sz) - len = sz - 1; - memcpy(path, dli.dli_fname, len); - path[len++] = 0; - return len; - } - - ERR_asprintf_error_data("dlfcn_pathbyaddr(): %s", dlerror()); - return -1; -} - -static void * -dlfcn_globallookup(const char *name) -{ - void *ret = NULL, *handle = dlopen(NULL, RTLD_LAZY); - - if (handle) { - ret = dlsym(handle, name); - dlclose(handle); - } - - return ret; -} -#endif /* DSO_DLFCN */ diff --git a/lib/libcrypto/dso/dso_err.c b/lib/libcrypto/dso/dso_err.c deleted file mode 100644 index 9dec8a66b..000000000 --- a/lib/libcrypto/dso/dso_err.c +++ /dev/null @@ -1,106 +0,0 @@ -/* $OpenBSD: dso_err.c,v 1.11 2023/07/08 07:22:58 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DSO,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSO,0,reason) - -static ERR_STRING_DATA DSO_str_functs[]= { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static ERR_STRING_DATA DSO_str_reasons[]= { - {ERR_REASON(DSO_R_CTRL_FAILED) , "control command failed"}, - {ERR_REASON(DSO_R_DSO_ALREADY_LOADED) , "dso already loaded"}, - {ERR_REASON(DSO_R_EMPTY_FILE_STRUCTURE) , "empty file structure"}, - {ERR_REASON(DSO_R_FAILURE) , "failure"}, - {ERR_REASON(DSO_R_FILENAME_TOO_BIG) , "filename too big"}, - {ERR_REASON(DSO_R_FINISH_FAILED) , "cleanup method function failed"}, - {ERR_REASON(DSO_R_INCORRECT_FILE_SYNTAX) , "incorrect file syntax"}, - {ERR_REASON(DSO_R_LOAD_FAILED) , "could not load the shared library"}, - {ERR_REASON(DSO_R_NAME_TRANSLATION_FAILED), "name translation failed"}, - {ERR_REASON(DSO_R_NO_FILENAME) , "no filename"}, - {ERR_REASON(DSO_R_NO_FILE_SPECIFICATION) , "no file specification"}, - {ERR_REASON(DSO_R_NULL_HANDLE) , "a null shared library handle was used"}, - {ERR_REASON(DSO_R_SET_FILENAME_FAILED) , "set filename failed"}, - {ERR_REASON(DSO_R_STACK_ERROR) , "the meth_data stack is corrupt"}, - {ERR_REASON(DSO_R_SYM_FAILURE) , "could not bind to the requested symbol name"}, - {ERR_REASON(DSO_R_UNLOAD_FAILED) , "could not unload the shared library"}, - {ERR_REASON(DSO_R_UNSUPPORTED) , "functionality not supported"}, - {0, NULL} -}; - -#endif - -void -ERR_load_DSO_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(DSO_str_functs[0].error) == NULL) { - ERR_load_strings(0, DSO_str_functs); - ERR_load_strings(0, DSO_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_DSO_strings); diff --git a/lib/libcrypto/dso/dso_lib.c b/lib/libcrypto/dso/dso_lib.c deleted file mode 100644 index ca762f68d..000000000 --- a/lib/libcrypto/dso/dso_lib.c +++ /dev/null @@ -1,474 +0,0 @@ -/* $OpenBSD: dso_lib.c,v 1.21 2023/07/08 07:22:58 beck Exp $ */ -/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -#include -#include -#include - -static DSO_METHOD *default_DSO_meth = NULL; - -DSO * -DSO_new(void) -{ - return (DSO_new_method(NULL)); -} -LCRYPTO_ALIAS(DSO_new); - -void -DSO_set_default_method(DSO_METHOD *meth) -{ - default_DSO_meth = meth; -} -LCRYPTO_ALIAS(DSO_set_default_method); - -DSO_METHOD * -DSO_get_default_method(void) -{ - return (default_DSO_meth); -} -LCRYPTO_ALIAS(DSO_get_default_method); - -DSO_METHOD * -DSO_get_method(DSO *dso) -{ - return (dso->meth); -} -LCRYPTO_ALIAS(DSO_get_method); - -DSO_METHOD * -DSO_set_method(DSO *dso, DSO_METHOD *meth) -{ - DSO_METHOD *mtmp; - - mtmp = dso->meth; - dso->meth = meth; - return (mtmp); -} -LCRYPTO_ALIAS(DSO_set_method); - -DSO * -DSO_new_method(DSO_METHOD *meth) -{ - DSO *ret; - - if (default_DSO_meth == NULL) - /* We default to DSO_METH_openssl() which in turn defaults - * to stealing the "best available" method. Will fallback - * to DSO_METH_null() in the worst case. */ - default_DSO_meth = DSO_METHOD_openssl(); - ret = calloc(1, sizeof(DSO)); - if (ret == NULL) { - DSOerror(ERR_R_MALLOC_FAILURE); - return (NULL); - } - ret->meth_data = sk_void_new_null(); - if (ret->meth_data == NULL) { - /* sk_new doesn't generate any errors so we do */ - DSOerror(ERR_R_MALLOC_FAILURE); - free(ret); - return (NULL); - } - if (meth == NULL) - ret->meth = default_DSO_meth; - else - ret->meth = meth; - ret->references = 1; - if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { - free(ret); - ret = NULL; - } - return (ret); -} -LCRYPTO_ALIAS(DSO_new_method); - -int -DSO_free(DSO *dso) -{ - int i; - - if (dso == NULL) { - DSOerror(ERR_R_PASSED_NULL_PARAMETER); - return (0); - } - - i = CRYPTO_add(&dso->references, -1, CRYPTO_LOCK_DSO); - if (i > 0) - return (1); - - if ((dso->meth->dso_unload != NULL) && !dso->meth->dso_unload(dso)) { - DSOerror(DSO_R_UNLOAD_FAILED); - return (0); - } - - if ((dso->meth->finish != NULL) && !dso->meth->finish(dso)) { - DSOerror(DSO_R_FINISH_FAILED); - return (0); - } - - sk_void_free(dso->meth_data); - free(dso->filename); - free(dso->loaded_filename); - free(dso); - return (1); -} -LCRYPTO_ALIAS(DSO_free); - -int -DSO_flags(DSO *dso) -{ - return ((dso == NULL) ? 0 : dso->flags); -} -LCRYPTO_ALIAS(DSO_flags); - - -int -DSO_up_ref(DSO *dso) -{ - int refs; - - if (dso == NULL) { - DSOerror(ERR_R_PASSED_NULL_PARAMETER); - return (0); - } - - refs = CRYPTO_add(&dso->references, 1, CRYPTO_LOCK_DSO); - return ((refs > 1) ? 1 : 0); -} -LCRYPTO_ALIAS(DSO_up_ref); - -DSO * -DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags) -{ - DSO *ret; - int allocated = 0; - - if (dso == NULL) { - ret = DSO_new_method(meth); - if (ret == NULL) { - DSOerror(ERR_R_MALLOC_FAILURE); - goto err; - } - allocated = 1; - /* Pass the provided flags to the new DSO object */ - if (DSO_ctrl(ret, DSO_CTRL_SET_FLAGS, flags, NULL) < 0) { - DSOerror(DSO_R_CTRL_FAILED); - goto err; - } - } else - ret = dso; - /* Don't load if we're currently already loaded */ - if (ret->filename != NULL) { - DSOerror(DSO_R_DSO_ALREADY_LOADED); - goto err; - } - /* filename can only be NULL if we were passed a dso that already has - * one set. */ - if (filename != NULL) - if (!DSO_set_filename(ret, filename)) { - DSOerror(DSO_R_SET_FILENAME_FAILED); - goto err; - } - filename = ret->filename; - if (filename == NULL) { - DSOerror(DSO_R_NO_FILENAME); - goto err; - } - if (ret->meth->dso_load == NULL) { - DSOerror(DSO_R_UNSUPPORTED); - goto err; - } - if (!ret->meth->dso_load(ret)) { - DSOerror(DSO_R_LOAD_FAILED); - goto err; - } - /* Load succeeded */ - return (ret); - -err: - if (allocated) - DSO_free(ret); - return (NULL); -} -LCRYPTO_ALIAS(DSO_load); - -void * -DSO_bind_var(DSO *dso, const char *symname) -{ - void *ret = NULL; - - if ((dso == NULL) || (symname == NULL)) { - DSOerror(ERR_R_PASSED_NULL_PARAMETER); - return (NULL); - } - if (dso->meth->dso_bind_var == NULL) { - DSOerror(DSO_R_UNSUPPORTED); - return (NULL); - } - if ((ret = dso->meth->dso_bind_var(dso, symname)) == NULL) { - DSOerror(DSO_R_SYM_FAILURE); - return (NULL); - } - /* Success */ - return (ret); -} -LCRYPTO_ALIAS(DSO_bind_var); - -DSO_FUNC_TYPE -DSO_bind_func(DSO *dso, const char *symname) -{ - DSO_FUNC_TYPE ret = NULL; - - if ((dso == NULL) || (symname == NULL)) { - DSOerror(ERR_R_PASSED_NULL_PARAMETER); - return (NULL); - } - if (dso->meth->dso_bind_func == NULL) { - DSOerror(DSO_R_UNSUPPORTED); - return (NULL); - } - if ((ret = dso->meth->dso_bind_func(dso, symname)) == NULL) { - DSOerror(DSO_R_SYM_FAILURE); - return (NULL); - } - /* Success */ - return (ret); -} -LCRYPTO_ALIAS(DSO_bind_func); - -/* I don't really like these *_ctrl functions very much to be perfectly - * honest. For one thing, I think I have to return a negative value for - * any error because possible DSO_ctrl() commands may return values - * such as "size"s that can legitimately be zero (making the standard - * "if(DSO_cmd(...))" form that works almost everywhere else fail at - * odd times. I'd prefer "output" values to be passed by reference and - * the return value as success/failure like usual ... but we conform - * when we must... :-) */ -long -DSO_ctrl(DSO *dso, int cmd, long larg, void *parg) -{ - if (dso == NULL) { - DSOerror(ERR_R_PASSED_NULL_PARAMETER); - return (-1); - } - /* We should intercept certain generic commands and only pass control - * to the method-specific ctrl() function if it's something we don't - * handle. */ - switch (cmd) { - case DSO_CTRL_GET_FLAGS: - return dso->flags; - case DSO_CTRL_SET_FLAGS: - dso->flags = (int)larg; - return (0); - case DSO_CTRL_OR_FLAGS: - dso->flags |= (int)larg; - return (0); - default: - break; - } - if ((dso->meth == NULL) || (dso->meth->dso_ctrl == NULL)) { - DSOerror(DSO_R_UNSUPPORTED); - return (-1); - } - return (dso->meth->dso_ctrl(dso, cmd, larg, parg)); -} -LCRYPTO_ALIAS(DSO_ctrl); - -int -DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb, - DSO_NAME_CONVERTER_FUNC *oldcb) -{ - if (dso == NULL) { - DSOerror(ERR_R_PASSED_NULL_PARAMETER); - return (0); - } - if (oldcb) - *oldcb = dso->name_converter; - dso->name_converter = cb; - return (1); -} -LCRYPTO_ALIAS(DSO_set_name_converter); - -const char * -DSO_get_filename(DSO *dso) -{ - if (dso == NULL) { - DSOerror(ERR_R_PASSED_NULL_PARAMETER); - return (NULL); - } - return (dso->filename); -} -LCRYPTO_ALIAS(DSO_get_filename); - -int -DSO_set_filename(DSO *dso, const char *filename) -{ - char *copied; - - if ((dso == NULL) || (filename == NULL)) { - DSOerror(ERR_R_PASSED_NULL_PARAMETER); - return (0); - } - if (dso->loaded_filename) { - DSOerror(DSO_R_DSO_ALREADY_LOADED); - return (0); - } - /* We'll duplicate filename */ - copied = strdup(filename); - if (copied == NULL) { - DSOerror(ERR_R_MALLOC_FAILURE); - return (0); - } - free(dso->filename); - dso->filename = copied; - return (1); -} -LCRYPTO_ALIAS(DSO_set_filename); - -char * -DSO_merge(DSO *dso, const char *filespec1, const char *filespec2) -{ - char *result = NULL; - - if (dso == NULL || filespec1 == NULL) { - DSOerror(ERR_R_PASSED_NULL_PARAMETER); - return (NULL); - } - if ((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0) { - if (dso->merger != NULL) - result = dso->merger(dso, filespec1, filespec2); - else if (dso->meth->dso_merger != NULL) - result = dso->meth->dso_merger(dso, - filespec1, filespec2); - } - return (result); -} -LCRYPTO_ALIAS(DSO_merge); - -char * -DSO_convert_filename(DSO *dso, const char *filename) -{ - char *result = NULL; - - if (dso == NULL) { - DSOerror(ERR_R_PASSED_NULL_PARAMETER); - return (NULL); - } - if (filename == NULL) - filename = dso->filename; - if (filename == NULL) { - DSOerror(DSO_R_NO_FILENAME); - return (NULL); - } - if ((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0) { - if (dso->name_converter != NULL) - result = dso->name_converter(dso, filename); - else if (dso->meth->dso_name_converter != NULL) - result = dso->meth->dso_name_converter(dso, filename); - } - if (result == NULL) { - result = strdup(filename); - if (result == NULL) { - DSOerror(ERR_R_MALLOC_FAILURE); - return (NULL); - } - } - return (result); -} -LCRYPTO_ALIAS(DSO_convert_filename); - -const char * -DSO_get_loaded_filename(DSO *dso) -{ - if (dso == NULL) { - DSOerror(ERR_R_PASSED_NULL_PARAMETER); - return (NULL); - } - return (dso->loaded_filename); -} -LCRYPTO_ALIAS(DSO_get_loaded_filename); - -int -DSO_pathbyaddr(void *addr, char *path, int sz) -{ - DSO_METHOD *meth = default_DSO_meth; - if (meth == NULL) - meth = DSO_METHOD_openssl(); - if (meth->pathbyaddr == NULL) { - DSOerror(DSO_R_UNSUPPORTED); - return -1; - } - return (*meth->pathbyaddr)(addr, path, sz); -} -LCRYPTO_ALIAS(DSO_pathbyaddr); - -void * -DSO_global_lookup(const char *name) -{ - DSO_METHOD *meth = default_DSO_meth; - if (meth == NULL) - meth = DSO_METHOD_openssl(); - if (meth->globallookup == NULL) { - DSOerror(DSO_R_UNSUPPORTED); - return NULL; - } - return (*meth->globallookup)(name); -} -LCRYPTO_ALIAS(DSO_global_lookup); diff --git a/lib/libcrypto/dso/dso_null.c b/lib/libcrypto/dso/dso_null.c deleted file mode 100644 index dfe6a8444..000000000 --- a/lib/libcrypto/dso/dso_null.c +++ /dev/null @@ -1,75 +0,0 @@ -/* $OpenBSD: dso_null.c,v 1.8 2023/07/08 07:22:58 beck Exp $ */ -/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* This "NULL" method is provided as the fallback for systems that have - * no appropriate support for "shared-libraries". */ - -#include - -#include - -static DSO_METHOD dso_meth_null = { - .name = "NULL shared library method" -}; - -DSO_METHOD * -DSO_METHOD_null(void) -{ - return (&dso_meth_null); -} -LCRYPTO_ALIAS(DSO_METHOD_null); diff --git a/lib/libcrypto/dso/dso_openssl.c b/lib/libcrypto/dso/dso_openssl.c deleted file mode 100644 index a639a5c7d..000000000 --- a/lib/libcrypto/dso/dso_openssl.c +++ /dev/null @@ -1,76 +0,0 @@ -/* $OpenBSD: dso_openssl.c,v 1.7 2023/07/08 07:22:58 beck Exp $ */ -/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -/* We just pinch the method from an appropriate "default" method. */ - -DSO_METHOD * -DSO_METHOD_openssl(void) -{ -#ifdef DEF_DSO_METHOD - return (DEF_DSO_METHOD()); -#elif defined(DSO_DLFCN) - return (DSO_METHOD_dlfcn()); -#else - return (DSO_METHOD_null()); -#endif -} -LCRYPTO_ALIAS(DSO_METHOD_openssl); diff --git a/lib/libcrypto/ec/ec.h b/lib/libcrypto/ec/ec.h index f711d5505..85951f0b9 100644 --- a/lib/libcrypto/ec/ec.h +++ b/lib/libcrypto/ec/ec.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ec.h,v 1.42 2023/07/05 17:10:10 tb Exp $ */ +/* $OpenBSD: ec.h,v 1.45 2023/07/28 09:28:37 tb Exp $ */ /* * Originally written by Bodo Moeller for the OpenSSL project. */ @@ -326,6 +326,36 @@ void EC_KEY_set_default_method(const EC_KEY_METHOD *meth); const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key); int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth); EC_KEY *EC_KEY_new_method(ENGINE *engine); + +int ECDH_size(const EC_KEY *ecdh); +int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, + EC_KEY *ecdh, + void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); + +typedef struct ECDSA_SIG_st ECDSA_SIG; + +ECDSA_SIG *ECDSA_SIG_new(void); +void ECDSA_SIG_free(ECDSA_SIG *sig); +int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp); +ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len); + +const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig); +const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig); +void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); +int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s); + +int ECDSA_size(const EC_KEY *eckey); + +ECDSA_SIG *ECDSA_do_sign(const unsigned char *digest, int digest_len, + EC_KEY *eckey); +int ECDSA_do_verify(const unsigned char *digest, int digest_len, + const ECDSA_SIG *sig, EC_KEY *eckey); + +int ECDSA_sign(int type, const unsigned char *digest, int digest_len, + unsigned char *signature, unsigned int *signature_len, EC_KEY *eckey); +int ECDSA_verify(int type, const unsigned char *digest, int digest_len, + const unsigned char *signature, int signature_len, EC_KEY *eckey); + EC_KEY_METHOD *EC_KEY_METHOD_new(const EC_KEY_METHOD *meth); void EC_KEY_METHOD_free(EC_KEY_METHOD *meth); void EC_KEY_METHOD_set_init(EC_KEY_METHOD *meth, @@ -338,8 +368,20 @@ void EC_KEY_METHOD_set_init(EC_KEY_METHOD *meth, void EC_KEY_METHOD_set_keygen(EC_KEY_METHOD *meth, int (*keygen)(EC_KEY *key)); void EC_KEY_METHOD_set_compute_key(EC_KEY_METHOD *meth, - int (*ckey)(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen))); + int (*ckey)(unsigned char **out, size_t *out_len, const EC_POINT *pub_key, + const EC_KEY *ecdh)); +void EC_KEY_METHOD_set_sign(EC_KEY_METHOD *meth, + int (*sign)(int type, const unsigned char *digest, int digest_len, + unsigned char *signature, unsigned int *signature_len, + const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey), + int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp), + ECDSA_SIG *(*sign_sig)(const unsigned char *digest, int digest_len, + const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey)); +void EC_KEY_METHOD_set_verify(EC_KEY_METHOD *meth, + int (*verify)(int type, const unsigned char *digest, int digest_len, + const unsigned char *signature, int signature_len, EC_KEY *eckey), + int (*verify_sig)(const unsigned char *digest, int digest_len, + const ECDSA_SIG *sig, EC_KEY *eckey)); void EC_KEY_METHOD_get_init(const EC_KEY_METHOD *meth, int (**pinit)(EC_KEY *key), void (**pfinish)(EC_KEY *key), @@ -350,8 +392,20 @@ void EC_KEY_METHOD_get_init(const EC_KEY_METHOD *meth, void EC_KEY_METHOD_get_keygen(const EC_KEY_METHOD *meth, int (**pkeygen)(EC_KEY *key)); void EC_KEY_METHOD_get_compute_key(const EC_KEY_METHOD *meth, - int (**pck)(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen))); + int (**pck)(unsigned char **out, size_t *out_len, const EC_POINT *pub_key, + const EC_KEY *ecdh)); +void EC_KEY_METHOD_get_sign(const EC_KEY_METHOD *meth, + int (**psign)(int type, const unsigned char *digest, int digest_len, + unsigned char *signature, unsigned int *signature_len, + const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey), + int (**psign_setup)(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp), + ECDSA_SIG *(**psign_sig)(const unsigned char *digest, int digest_len, + const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey)); +void EC_KEY_METHOD_get_verify(const EC_KEY_METHOD *meth, + int (**pverify)(int type, const unsigned char *digest, int digest_len, + const unsigned char *signature, int signature_len, EC_KEY *eckey), + int (**pverify_sig)(const unsigned char *digest, int digest_len, + const ECDSA_SIG *sig, EC_KEY *eckey)); EC_KEY *ECParameters_dup(EC_KEY *key); @@ -630,6 +684,7 @@ void ERR_load_EC_strings(void); #define EC_R_INVALID_FORM 104 #define EC_R_INVALID_GROUP_ORDER 122 #define EC_R_INVALID_KEY 165 +#define EC_R_INVALID_OUTPUT_LENGTH 171 #define EC_R_INVALID_PEER_KEY 152 #define EC_R_INVALID_PENTANOMIAL_BASIS 132 #define EC_R_INVALID_PRIVATE_KEY 123 diff --git a/lib/libcrypto/ec/ec_err.c b/lib/libcrypto/ec/ec_err.c index d797b937c..9f2253ddd 100644 --- a/lib/libcrypto/ec/ec_err.c +++ b/lib/libcrypto/ec/ec_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_err.c,v 1.17 2023/07/07 13:54:45 beck Exp $ */ +/* $OpenBSD: ec_err.c,v 1.18 2023/07/28 09:28:37 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. * @@ -98,6 +98,7 @@ static ERR_STRING_DATA EC_str_reasons[] = {ERR_REASON(EC_R_INVALID_FORM), "invalid form"}, {ERR_REASON(EC_R_INVALID_GROUP_ORDER), "invalid group order"}, {ERR_REASON(EC_R_INVALID_KEY), "invalid key"}, + {ERR_REASON(EC_R_INVALID_OUTPUT_LENGTH), "invalid output length"}, {ERR_REASON(EC_R_INVALID_PEER_KEY), "invalid peer key"}, {ERR_REASON(EC_R_INVALID_PENTANOMIAL_BASIS), "invalid pentanomial basis"}, {ERR_REASON(EC_R_INVALID_PRIVATE_KEY), "invalid private key"}, diff --git a/lib/libcrypto/ec/ec_kmeth.c b/lib/libcrypto/ec/ec_kmeth.c index 3e997f8a5..38aca0028 100644 --- a/lib/libcrypto/ec/ec_kmeth.c +++ b/lib/libcrypto/ec/ec_kmeth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_kmeth.c,v 1.11 2023/07/07 13:54:45 beck Exp $ */ +/* $OpenBSD: ec_kmeth.c,v 1.12 2023/07/28 09:28:37 tb Exp $ */ /* * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. @@ -238,8 +238,8 @@ LCRYPTO_ALIAS(EC_KEY_METHOD_set_keygen); void EC_KEY_METHOD_set_compute_key(EC_KEY_METHOD *meth, - int (*ckey)(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen))) + int (*ckey)(unsigned char **out, size_t *out_len, const EC_POINT *pub_key, + const EC_KEY *ecdh)) { meth->compute_key = ckey; } @@ -310,8 +310,8 @@ LCRYPTO_ALIAS(EC_KEY_METHOD_get_keygen); void EC_KEY_METHOD_get_compute_key(const EC_KEY_METHOD *meth, - int (**pck)(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen))) + int (**pck)(unsigned char **out, size_t *out_len, const EC_POINT *pub_key, + const EC_KEY *ecdh)) { if (pck != NULL) *pck = meth->compute_key; diff --git a/lib/libcrypto/ec/ec_local.h b/lib/libcrypto/ec/ec_local.h index 7a1f90886..3252eeb1c 100644 --- a/lib/libcrypto/ec/ec_local.h +++ b/lib/libcrypto/ec/ec_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_local.h,v 1.24 2023/07/05 08:39:40 tb Exp $ */ +/* $OpenBSD: ec_local.h,v 1.26 2023/07/28 15:50:33 tb Exp $ */ /* * Originally written by Bodo Moeller for the OpenSSL project. */ @@ -73,7 +73,6 @@ #include #include -#include #include #include "bn_local.h" @@ -323,8 +322,8 @@ struct ec_key_method_st { int (*set_private)(EC_KEY *key, const BIGNUM *priv_key); int (*set_public)(EC_KEY *key, const EC_POINT *pub_key); int (*keygen)(EC_KEY *key); - int (*compute_key)(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen)); + int (*compute_key)(unsigned char **out, size_t *out_len, + const EC_POINT *pub_key, const EC_KEY *ecdh); int (*sign)(int type, const unsigned char *dgst, int dlen, unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey); @@ -342,8 +341,8 @@ struct ec_key_method_st { #define EC_KEY_METHOD_DYNAMIC 1 int ec_key_gen(EC_KEY *eckey); -int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen)); +int ecdh_compute_key(unsigned char **out, size_t *out_len, + const EC_POINT *pub_key, const EC_KEY *ecdh); int ecdsa_verify(int type, const unsigned char *dgst, int dgst_len, const unsigned char *sigbuf, int sig_len, EC_KEY *eckey); int ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, diff --git a/lib/libcrypto/ec/ec_pmeth.c b/lib/libcrypto/ec/ec_pmeth.c index 7c94f80c7..d3bf7e8cd 100644 --- a/lib/libcrypto/ec/ec_pmeth.c +++ b/lib/libcrypto/ec/ec_pmeth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_pmeth.c,v 1.18 2023/06/25 19:26:04 tb Exp $ */ +/* $OpenBSD: ec_pmeth.c,v 1.19 2023/07/28 15:50:33 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -61,7 +61,6 @@ #include #include -#include #include #include #include diff --git a/lib/libcrypto/ecdh/ecdh.c b/lib/libcrypto/ecdh/ecdh.c index 6ab4ff838..b0a8e60a2 100644 --- a/lib/libcrypto/ecdh/ecdh.c +++ b/lib/libcrypto/ecdh/ecdh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ecdh.c,v 1.6 2023/07/24 17:08:53 tb Exp $ */ +/* $OpenBSD: ecdh.c,v 1.10 2023/07/28 09:31:21 tb Exp $ */ /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * @@ -71,11 +71,8 @@ #include #include -#include - #include #include -#include #include #include @@ -145,10 +142,9 @@ ecdh_KDF_X9_63(unsigned char *out, size_t outlen, const unsigned char *Z, /* * Based on the ECKAS-DH1 and ECSVDP-DH primitives in the IEEE 1363 standard. */ -/* XXX - KDF handling moved to ECDH_compute_key(). See OpenSSL e2285d87. */ int -ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)) +ecdh_compute_key(unsigned char **out, size_t *out_len, const EC_POINT *pub_key, + const EC_KEY *ecdh) { BN_CTX *ctx; BIGNUM *x; @@ -156,14 +152,11 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh const EC_GROUP *group; EC_POINT *point = NULL; unsigned char *buf = NULL; - int buflen; - int ret = -1; + int buf_len = 0; + int ret = 0; - if (outlen > INT_MAX) { - /* Sort of, anyway. */ - ECerror(ERR_R_MALLOC_FAILURE); - return -1; - } + *out = NULL; + *out_len = 0; if ((ctx = BN_CTX_new()) == NULL) goto err; @@ -199,56 +192,84 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh goto err; } - if ((buflen = ECDH_size(ecdh)) < BN_num_bytes(x)) { + if ((buf_len = ECDH_size(ecdh)) < BN_num_bytes(x)) { ECerror(ERR_R_INTERNAL_ERROR); goto err; } - if (KDF == NULL && outlen < buflen) { - /* The resulting key would be truncated. */ - ECerror(EC_R_KEY_TRUNCATION); - goto err; - } - if ((buf = malloc(buflen)) == NULL) { + if ((buf = calloc(1, buf_len)) == NULL) { ECerror(ERR_R_MALLOC_FAILURE); goto err; } - if (BN_bn2binpad(x, buf, buflen) != buflen) { + if (BN_bn2binpad(x, buf, buf_len) != buf_len) { ECerror(ERR_R_BN_LIB); goto err; } - if (KDF != NULL) { - if (KDF(buf, buflen, out, &outlen) == NULL) { - ECerror(EC_R_KDF_FAILED); - goto err; - } - } else { - memset(out, 0, outlen); - if (outlen > buflen) - outlen = buflen; - memcpy(out, buf, outlen); - } + *out = buf; + *out_len = buf_len; + buf = NULL; + buf_len = 0; + + ret = 1; - ret = outlen; err: EC_POINT_free(point); BN_CTX_end(ctx); BN_CTX_free(ctx); - free(buf); + freezero(buf, buf_len); return ret; } int -ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, +ECDH_compute_key(void *out, size_t out_len, const EC_POINT *pub_key, EC_KEY *eckey, - void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)) + void *(*KDF)(const void *in, size_t inlen, void *out, size_t *out_len)) { + unsigned char *secret = NULL; + size_t secret_len = 0; + int ret = 0; + if (eckey->meth->compute_key == NULL) { ECerror(EC_R_NOT_IMPLEMENTED); - return 0; + goto err; } - return eckey->meth->compute_key(out, outlen, pub_key, eckey, KDF); + + if (out_len > INT_MAX) { + ECerror(EC_R_INVALID_OUTPUT_LENGTH); + goto err; + } + + if (!eckey->meth->compute_key(&secret, &secret_len, pub_key, eckey)) + goto err; + + memset(out, 0, out_len); + if (KDF != NULL) { + if (KDF(secret, secret_len, out, &out_len) == NULL) { + ECerror(EC_R_KDF_FAILED); + goto err; + } + } else { + if (out_len < secret_len) { + /* The resulting key would be truncated. */ + ECerror(EC_R_KEY_TRUNCATION); + goto err; + } + out_len = secret_len; + memcpy(out, secret, out_len); + } + + if (out_len > INT_MAX) { + ECerror(EC_R_INVALID_OUTPUT_LENGTH); + goto err; + } + + ret = out_len; + + err: + freezero(secret, secret_len); + + return ret; } LCRYPTO_ALIAS(ECDH_compute_key); diff --git a/lib/libcrypto/ecdh/ecdh.h b/lib/libcrypto/ecdh/ecdh.h index 98cc2223a..0149d5cdf 100644 --- a/lib/libcrypto/ecdh/ecdh.h +++ b/lib/libcrypto/ecdh/ecdh.h @@ -1,122 +1,6 @@ -/* $OpenBSD: ecdh.h,v 1.7 2023/04/18 08:33:43 tb Exp $ */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * The Elliptic Curve Public-Key Crypto Library (ECC Code) included - * herein is developed by SUN MICROSYSTEMS, INC., and is contributed - * to the OpenSSL project. - * - * The ECC Code is licensed pursuant to the OpenSSL open source - * license provided below. - * - * The ECDH software is originally written by Douglas Stebila of - * Sun Microsystems Laboratories. - * +/* $OpenBSD: ecdh.h,v 1.10 2023/07/28 09:25:12 tb Exp $ */ +/* + * Public domain. */ -/* ==================================================================== - * Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -#ifndef HEADER_ECDH_H -#define HEADER_ECDH_H - -#include - -#ifdef OPENSSL_NO_ECDH -#error ECDH is disabled. -#endif #include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -const ECDH_METHOD *ECDH_OpenSSL(void); - -void ECDH_set_default_method(const ECDH_METHOD *); -const ECDH_METHOD *ECDH_get_default_method(void); -int ECDH_set_method(EC_KEY *, const ECDH_METHOD *); - -int ECDH_size(const EC_KEY *ecdh); -int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, - EC_KEY *ecdh, - void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); - -int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new -*new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg); -void *ECDH_get_ex_data(EC_KEY *d, int idx); - - -void ERR_load_ECDH_strings(void); - -/* Error codes for the ECDH functions. */ - -/* Function codes. */ -#define ECDH_F_ECDH_CHECK 102 -#define ECDH_F_ECDH_COMPUTE_KEY 100 -#define ECDH_F_ECDH_DATA_NEW_METHOD 101 - -/* Reason codes. */ -#define ECDH_R_KDF_FAILED 102 -#define ECDH_R_KEY_TRUNCATION 104 -#define ECDH_R_NON_FIPS_METHOD 103 -#define ECDH_R_NO_PRIVATE_VALUE 100 -#define ECDH_R_POINT_ARITHMETIC_FAILURE 101 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/lib/libcrypto/ecdh/ech_err.c b/lib/libcrypto/ecdh/ech_err.c deleted file mode 100644 index 1b194fe0f..000000000 --- a/lib/libcrypto/ecdh/ech_err.c +++ /dev/null @@ -1,94 +0,0 @@ -/* $OpenBSD: ech_err.c,v 1.8 2023/07/07 13:54:45 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ECDH,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECDH,0,reason) - -static ERR_STRING_DATA ECDH_str_functs[]= { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static ERR_STRING_DATA ECDH_str_reasons[]= { - {ERR_REASON(ECDH_R_KDF_FAILED) , "KDF failed"}, - {ERR_REASON(ECDH_R_KEY_TRUNCATION), "key would be truncated"}, - {ERR_REASON(ECDH_R_NON_FIPS_METHOD) , "non fips method"}, - {ERR_REASON(ECDH_R_NO_PRIVATE_VALUE) , "no private value"}, - {ERR_REASON(ECDH_R_POINT_ARITHMETIC_FAILURE), "point arithmetic failure"}, - {0, NULL} -}; - -#endif - -void -ERR_load_ECDH_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(ECDH_str_functs[0].error) == NULL) { - ERR_load_strings(0, ECDH_str_functs); - ERR_load_strings(0, ECDH_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_ECDH_strings); diff --git a/lib/libcrypto/ecdh/ech_lib.c b/lib/libcrypto/ecdh/ech_lib.c deleted file mode 100644 index c8e5744c0..000000000 --- a/lib/libcrypto/ecdh/ech_lib.c +++ /dev/null @@ -1,147 +0,0 @@ -/* $OpenBSD: ech_lib.c,v 1.24 2023/07/07 13:54:45 beck Exp $ */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * The Elliptic Curve Public-Key Crypto Library (ECC Code) included - * herein is developed by SUN MICROSYSTEMS, INC., and is contributed - * to the OpenSSL project. - * - * The ECC Code is licensed pursuant to the OpenSSL open source - * license provided below. - * - * The ECDH software is originally written by Douglas Stebila of - * Sun Microsystems Laboratories. - * - */ -/* ==================================================================== - * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#ifndef OPENSSL_NO_ENGINE -#include -#endif -#include - -#include "ec_local.h" - -struct ecdh_method { - const char *name; - int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); - int flags; - char *app_data; -}; - -static const ECDH_METHOD *default_ECDH_method = NULL; - -static const ECDH_METHOD openssl_ecdh_meth = { - .name = "OpenSSL ECDH method", - .compute_key = ecdh_compute_key, -}; - -const ECDH_METHOD * -ECDH_OpenSSL(void) -{ - return &openssl_ecdh_meth; -} -LCRYPTO_ALIAS(ECDH_OpenSSL); - -void -ECDH_set_default_method(const ECDH_METHOD *meth) -{ - default_ECDH_method = meth; -} -LCRYPTO_ALIAS(ECDH_set_default_method); - -const ECDH_METHOD * -ECDH_get_default_method(void) -{ - if (!default_ECDH_method) { - default_ECDH_method = ECDH_OpenSSL(); - } - return default_ECDH_method; -} -LCRYPTO_ALIAS(ECDH_get_default_method); - -int -ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth) -{ - return 0; -} -LCRYPTO_ALIAS(ECDH_set_method); - -int -ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -{ - return -1; -} -LCRYPTO_ALIAS(ECDH_get_ex_new_index); - -int -ECDH_set_ex_data(EC_KEY *d, int idx, void *arg) -{ - return 0; -} -LCRYPTO_ALIAS(ECDH_set_ex_data); - -void * -ECDH_get_ex_data(EC_KEY *d, int idx) -{ - return NULL; -} -LCRYPTO_ALIAS(ECDH_get_ex_data); diff --git a/lib/libcrypto/ecdsa/ecdsa.c b/lib/libcrypto/ecdsa/ecdsa.c index e47ec2128..1252ab2a4 100644 --- a/lib/libcrypto/ecdsa/ecdsa.c +++ b/lib/libcrypto/ecdsa/ecdsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ecdsa.c,v 1.12 2023/07/10 19:10:51 tb Exp $ */ +/* $OpenBSD: ecdsa.c,v 1.16 2023/07/28 09:18:10 tb Exp $ */ /* ==================================================================== * Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved. * @@ -57,15 +57,11 @@ #include #include -#include - #include #include #include -#include #include #include -#include #include "bn_local.h" #include "ec_local.h" @@ -225,11 +221,16 @@ ecdsa_sign(int type, const unsigned char *digest, int digest_len, unsigned char *signature, unsigned int *signature_len, const BIGNUM *kinv, const BIGNUM *r, EC_KEY *key) { - ECDSA_SIG *sig; + ECDSA_SIG *sig = NULL; int out_len = 0; int ret = 0; - if ((sig = ECDSA_do_sign_ex(digest, digest_len, kinv, r, key)) == NULL) + if (kinv != NULL || r != NULL) { + ECerror(EC_R_NOT_IMPLEMENTED); + goto err; + } + + if ((sig = ECDSA_do_sign(digest, digest_len, key)) == NULL) goto err; if ((out_len = i2d_ECDSA_SIG(sig, &signature)) < 0) { @@ -246,6 +247,19 @@ ecdsa_sign(int type, const unsigned char *digest, int digest_len, return ret; } +int +ECDSA_sign(int type, const unsigned char *digest, int digest_len, + unsigned char *signature, unsigned int *signature_len, EC_KEY *key) +{ + if (key->meth->sign == NULL) { + ECerror(EC_R_NOT_IMPLEMENTED); + return 0; + } + return key->meth->sign(type, digest, digest_len, signature, + signature_len, NULL, NULL, key); +} +LCRYPTO_ALIAS(ECDSA_sign); + /* * FIPS 186-5, section 6.4.1, steps 3-8 and 11: Generate k, calculate r and * kinv. If r == 0, try again with a new random k. @@ -391,6 +405,17 @@ ecdsa_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv, BIGNUM **out_r) return ret; } +static int +ECDSA_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv, + BIGNUM **out_r) +{ + if (key->meth->sign_setup == NULL) { + ECerror(EC_R_NOT_IMPLEMENTED); + return 0; + } + return key->meth->sign_setup(key, in_ctx, out_kinv, out_r); +} + /* * FIPS 186-5, section 6.4.1, step 9: compute s = inv(k)(e + xr) mod order. * In order to reduce the possibility of a side-channel attack, the following @@ -519,10 +544,14 @@ ecdsa_sign_sig(const unsigned char *digest, int digest_len, BN_CTX *ctx = NULL; BIGNUM *kinv = NULL, *r = NULL, *s = NULL; BIGNUM *e; - int caller_supplied_values = 0; int attempts = 0; ECDSA_SIG *sig = NULL; + if (in_kinv != NULL || in_r != NULL) { + ECerror(EC_R_NOT_IMPLEMENTED); + goto err; + } + if ((ctx = BN_CTX_new()) == NULL) { ECerror(ERR_R_MALLOC_FAILURE); goto err; @@ -537,31 +566,11 @@ ecdsa_sign_sig(const unsigned char *digest, int digest_len, if (!ecdsa_prepare_digest(digest, digest_len, key, e)) goto err; - if (in_kinv != NULL && in_r != NULL) { - /* - * Use the caller's kinv and r. Don't call ECDSA_sign_setup(). - * If we're unable to compute a valid signature, the caller - * must provide new values. - */ - caller_supplied_values = 1; - - if ((kinv = BN_dup(in_kinv)) == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - if ((r = BN_dup(in_r)) == NULL) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - } - do { /* Steps 3-8: calculate kinv and r. */ - if (!caller_supplied_values) { - if (!ECDSA_sign_setup(key, ctx, &kinv, &r)) { - ECerror(ERR_R_EC_LIB); - goto err; - } + if (!ECDSA_sign_setup(key, ctx, &kinv, &r)) { + ECerror(ERR_R_EC_LIB); + goto err; } /* @@ -572,11 +581,6 @@ ecdsa_sign_sig(const unsigned char *digest, int digest_len, if (s != NULL) break; - if (caller_supplied_values) { - ECerror(EC_R_NEED_NEW_SETUP_VALUES); - goto err; - } - if (++attempts > ECDSA_MAX_SIGN_ITERATIONS) { ECerror(EC_R_WRONG_CURVE_PARAMETERS); goto err; @@ -605,6 +609,17 @@ ecdsa_sign_sig(const unsigned char *digest, int digest_len, return sig; } +ECDSA_SIG * +ECDSA_do_sign(const unsigned char *digest, int digest_len, EC_KEY *key) +{ + if (key->meth->sign_sig == NULL) { + ECerror(EC_R_NOT_IMPLEMENTED); + return 0; + } + return key->meth->sign_sig(digest, digest_len, NULL, NULL, key); +} +LCRYPTO_ALIAS(ECDSA_do_sign); + int ecdsa_verify(int type, const unsigned char *digest, int digest_len, const unsigned char *sigbuf, int sig_len, EC_KEY *key) @@ -637,6 +652,18 @@ ecdsa_verify(int type, const unsigned char *digest, int digest_len, return ret; } +int +ECDSA_verify(int type, const unsigned char *digest, int digest_len, + const unsigned char *sigbuf, int sig_len, EC_KEY *key) +{ + if (key->meth->verify == NULL) { + ECerror(EC_R_NOT_IMPLEMENTED); + return 0; + } + return key->meth->verify(type, digest, digest_len, sigbuf, sig_len, key); +} +LCRYPTO_ALIAS(ECDSA_verify); + /* * FIPS 186-5, section 6.4.2: ECDSA signature verification. * The caller provides us with the hash of the message, so has performed step 2. @@ -755,60 +782,6 @@ ecdsa_verify_sig(const unsigned char *digest, int digest_len, return ret; } -ECDSA_SIG * -ECDSA_do_sign(const unsigned char *digest, int digest_len, EC_KEY *key) -{ - return ECDSA_do_sign_ex(digest, digest_len, NULL, NULL, key); -} -LCRYPTO_ALIAS(ECDSA_do_sign); - -ECDSA_SIG * -ECDSA_do_sign_ex(const unsigned char *digest, int digest_len, - const BIGNUM *kinv, const BIGNUM *out_r, EC_KEY *key) -{ - if (key->meth->sign_sig == NULL) { - ECerror(EC_R_NOT_IMPLEMENTED); - return 0; - } - return key->meth->sign_sig(digest, digest_len, kinv, out_r, key); -} -LCRYPTO_ALIAS(ECDSA_do_sign_ex); - -int -ECDSA_sign(int type, const unsigned char *digest, int digest_len, - unsigned char *signature, unsigned int *signature_len, EC_KEY *key) -{ - return ECDSA_sign_ex(type, digest, digest_len, signature, signature_len, - NULL, NULL, key); -} -LCRYPTO_ALIAS(ECDSA_sign); - -int -ECDSA_sign_ex(int type, const unsigned char *digest, int digest_len, - unsigned char *signature, unsigned int *signature_len, const BIGNUM *kinv, - const BIGNUM *r, EC_KEY *key) -{ - if (key->meth->sign == NULL) { - ECerror(EC_R_NOT_IMPLEMENTED); - return 0; - } - return key->meth->sign(type, digest, digest_len, signature, - signature_len, kinv, r, key); -} -LCRYPTO_ALIAS(ECDSA_sign_ex); - -int -ECDSA_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv, - BIGNUM **out_r) -{ - if (key->meth->sign_setup == NULL) { - ECerror(EC_R_NOT_IMPLEMENTED); - return 0; - } - return key->meth->sign_setup(key, in_ctx, out_kinv, out_r); -} -LCRYPTO_ALIAS(ECDSA_sign_setup); - int ECDSA_do_verify(const unsigned char *digest, int digest_len, const ECDSA_SIG *sig, EC_KEY *key) @@ -820,15 +793,3 @@ ECDSA_do_verify(const unsigned char *digest, int digest_len, return key->meth->verify_sig(digest, digest_len, sig, key); } LCRYPTO_ALIAS(ECDSA_do_verify); - -int -ECDSA_verify(int type, const unsigned char *digest, int digest_len, - const unsigned char *sigbuf, int sig_len, EC_KEY *key) -{ - if (key->meth->verify == NULL) { - ECerror(EC_R_NOT_IMPLEMENTED); - return 0; - } - return key->meth->verify(type, digest, digest_len, sigbuf, sig_len, key); -} -LCRYPTO_ALIAS(ECDSA_verify); diff --git a/lib/libcrypto/ecdsa/ecdsa.h b/lib/libcrypto/ecdsa/ecdsa.h index 2e6b67262..9f498eb4a 100644 --- a/lib/libcrypto/ecdsa/ecdsa.h +++ b/lib/libcrypto/ecdsa/ecdsa.h @@ -1,191 +1,6 @@ -/* $OpenBSD: ecdsa.h,v 1.16 2023/06/19 09:12:41 tb Exp $ */ +/* $OpenBSD: ecdsa.h,v 1.20 2023/07/28 09:16:17 tb Exp $ */ /* - * Written by Nils Larsch for the OpenSSL project + * Public domain. */ -/* ==================================================================== - * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -#ifndef HEADER_ECDSA_H -#define HEADER_ECDSA_H -#include - -#ifdef OPENSSL_NO_ECDSA -#error ECDSA is disabled. -#endif - -#include #include - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct ECDSA_SIG_st ECDSA_SIG; - -struct ecdsa_method { - const char *name; - ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len, - const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey); - int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, - BIGNUM **r); - int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len, - const ECDSA_SIG *sig, EC_KEY *eckey); - int flags; - char *app_data; -}; - -/* - * If this flag is set, the ECDSA method is FIPS compliant and can be used - * in FIPS mode. This is set in the validated module method. If an - * application sets this flag in its own methods it is its responsibility - * to ensure the result is compliant. - */ - -#define ECDSA_FLAG_FIPS_METHOD 0x1 - -ECDSA_SIG *ECDSA_SIG_new(void); -void ECDSA_SIG_free(ECDSA_SIG *sig); -int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp); -ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len); -void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps); - -const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig); -const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig); -int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s); - -ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len, - EC_KEY *eckey); -ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen, - const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey); -int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, - const ECDSA_SIG *sig, EC_KEY* eckey); - -const ECDSA_METHOD *ECDSA_OpenSSL(void); -void ECDSA_set_default_method(const ECDSA_METHOD *meth); -const ECDSA_METHOD *ECDSA_get_default_method(void); -int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth); -int ECDSA_size(const EC_KEY *eckey); - -int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, - BIGNUM **rp); -int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen, - unsigned char *sig, unsigned int *siglen, EC_KEY *eckey); -int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen, - unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv, - const BIGNUM *rp, EC_KEY *eckey); -int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen, - const unsigned char *sig, int siglen, EC_KEY *eckey); - -int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg); -void *ECDSA_get_ex_data(EC_KEY *d, int idx); - -/* XXX should be in ec.h, but needs ECDSA_SIG */ -void EC_KEY_METHOD_set_sign(EC_KEY_METHOD *meth, - int (*sign)(int type, const unsigned char *dgst, - int dlen, unsigned char *sig, unsigned int *siglen, - const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey), - int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in, - BIGNUM **kinvp, BIGNUM **rp), - ECDSA_SIG *(*sign_sig)(const unsigned char *dgst, - int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, - EC_KEY *eckey)); -void EC_KEY_METHOD_set_verify(EC_KEY_METHOD *meth, - int (*verify)(int type, const unsigned char *dgst, int dgst_len, - const unsigned char *sigbuf, int sig_len, EC_KEY *eckey), - int (*verify_sig)(const unsigned char *dgst, int dgst_len, - const ECDSA_SIG *sig, EC_KEY *eckey)); -void EC_KEY_METHOD_get_sign(const EC_KEY_METHOD *meth, - int (**psign)(int type, const unsigned char *dgst, - int dlen, unsigned char *sig, unsigned int *siglen, - const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey), - int (**psign_setup)(EC_KEY *eckey, BN_CTX *ctx_in, - BIGNUM **kinvp, BIGNUM **rp), - ECDSA_SIG *(**psign_sig)(const unsigned char *dgst, - int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, - EC_KEY *eckey)); -void EC_KEY_METHOD_get_verify(const EC_KEY_METHOD *meth, - int (**pverify)(int type, const unsigned char *dgst, int dgst_len, - const unsigned char *sigbuf, int sig_len, EC_KEY *eckey), - int (**pverify_sig)(const unsigned char *dgst, int dgst_len, - const ECDSA_SIG *sig, EC_KEY *eckey)); - -void ERR_load_ECDSA_strings(void); - -/* Error codes for the ECDSA functions. */ - -/* Function codes. */ -#define ECDSA_F_ECDSA_CHECK 104 -#define ECDSA_F_ECDSA_DATA_NEW_METHOD 100 -#define ECDSA_F_ECDSA_DO_SIGN 101 -#define ECDSA_F_ECDSA_DO_VERIFY 102 -#define ECDSA_F_ECDSA_SIGN_SETUP 103 - -/* Reason codes. */ -#define ECDSA_R_BAD_SIGNATURE 100 -#define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 101 -#define ECDSA_R_ERR_EC_LIB 102 -#define ECDSA_R_MISSING_PARAMETERS 103 -#define ECDSA_R_NEED_NEW_SETUP_VALUES 106 -#define ECDSA_R_NON_FIPS_METHOD 107 -#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104 -#define ECDSA_R_SIGNATURE_MALLOC_FAILED 105 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/lib/libcrypto/ecdsa/ecdsa_local.h b/lib/libcrypto/ecdsa/ecdsa_local.h index 249e04590..cc3af3e10 100644 --- a/lib/libcrypto/ecdsa/ecdsa_local.h +++ b/lib/libcrypto/ecdsa/ecdsa_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ecdsa_local.h,v 1.1 2023/07/05 11:37:46 tb Exp $ */ +/* $OpenBSD: ecdsa_local.h,v 1.2 2023/07/28 15:50:33 tb Exp $ */ /* * Written by Nils Larsch for the OpenSSL project */ @@ -59,7 +59,7 @@ #ifndef HEADER_ECS_LOCAL_H #define HEADER_ECS_LOCAL_H -#include +#include __BEGIN_HIDDEN_DECLS diff --git a/lib/libcrypto/ecdsa/ecs_err.c b/lib/libcrypto/ecdsa/ecs_err.c deleted file mode 100644 index 54d2f3f6e..000000000 --- a/lib/libcrypto/ecdsa/ecs_err.c +++ /dev/null @@ -1,97 +0,0 @@ -/* $OpenBSD: ecs_err.c,v 1.8 2023/07/07 13:54:45 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ECDSA,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECDSA,0,reason) - -static ERR_STRING_DATA ECDSA_str_functs[]= { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static ERR_STRING_DATA ECDSA_str_reasons[]= { - {ERR_REASON(ECDSA_R_BAD_SIGNATURE) , "bad signature"}, - {ERR_REASON(ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE), "data too large for key size"}, - {ERR_REASON(ECDSA_R_ERR_EC_LIB) , "err ec lib"}, - {ERR_REASON(ECDSA_R_MISSING_PARAMETERS) , "missing parameters"}, - {ERR_REASON(ECDSA_R_NEED_NEW_SETUP_VALUES), "need new setup values"}, - {ERR_REASON(ECDSA_R_NON_FIPS_METHOD) , "non fips method"}, - {ERR_REASON(ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED), "random number generation failed"}, - {ERR_REASON(ECDSA_R_SIGNATURE_MALLOC_FAILED), "signature malloc failed"}, - {0, NULL} -}; - -#endif - -void -ERR_load_ECDSA_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(ECDSA_str_functs[0].error) == NULL) { - ERR_load_strings(0, ECDSA_str_functs); - ERR_load_strings(0, ECDSA_str_reasons); - } -#endif -} -LCRYPTO_ALIAS(ERR_load_ECDSA_strings); diff --git a/lib/libcrypto/ecdsa/ecs_lib.c b/lib/libcrypto/ecdsa/ecs_lib.c deleted file mode 100644 index e3e67ba07..000000000 --- a/lib/libcrypto/ecdsa/ecs_lib.c +++ /dev/null @@ -1,129 +0,0 @@ -/* $OpenBSD: ecs_lib.c,v 1.25 2023/07/07 13:54:45 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#ifndef OPENSSL_NO_ENGINE -#include -#endif -#include -#include - -#include "ec_local.h" -#include "ecdsa_local.h" - -static const ECDSA_METHOD *default_ECDSA_method = NULL; - -static const ECDSA_METHOD openssl_ecdsa_meth = { - .name = "OpenSSL ECDSA method", - .ecdsa_do_sign = ecdsa_sign_sig, - .ecdsa_sign_setup = ecdsa_sign_setup, - .ecdsa_do_verify = ecdsa_verify_sig, -}; - -const ECDSA_METHOD * -ECDSA_OpenSSL(void) -{ - return &openssl_ecdsa_meth; -} -LCRYPTO_ALIAS(ECDSA_OpenSSL); - -void -ECDSA_set_default_method(const ECDSA_METHOD *meth) -{ - default_ECDSA_method = meth; -} -LCRYPTO_ALIAS(ECDSA_set_default_method); - -const ECDSA_METHOD * -ECDSA_get_default_method(void) -{ - if (!default_ECDSA_method) { - default_ECDSA_method = ECDSA_OpenSSL(); - } - return default_ECDSA_method; -} -LCRYPTO_ALIAS(ECDSA_get_default_method); - -int -ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth) -{ - return 0; -} -LCRYPTO_ALIAS(ECDSA_set_method); - -int -ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -{ - return -1; -} -LCRYPTO_ALIAS(ECDSA_get_ex_new_index); - -int -ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg) -{ - return 0; -} -LCRYPTO_ALIAS(ECDSA_set_ex_data); - -void * -ECDSA_get_ex_data(EC_KEY *d, int idx) -{ - return NULL; -} -LCRYPTO_ALIAS(ECDSA_get_ex_data); diff --git a/lib/libcrypto/engine/README b/lib/libcrypto/engine/README deleted file mode 100644 index bc4a9041f..000000000 --- a/lib/libcrypto/engine/README +++ /dev/null @@ -1,211 +0,0 @@ -Notes: 2001-09-24 ------------------ - -This "description" (if one chooses to call it that) needed some major updating -so here goes. This update addresses a change being made at the same time to -OpenSSL, and it pretty much completely restructures the underlying mechanics of -the "ENGINE" code. So it serves a double purpose of being a "ENGINE internals -for masochists" document *and* a rather extensive commit log message. (I'd get -lynched for sticking all this in CHANGES or the commit mails :-). - -ENGINE_TABLE underlies this restructuring, as described in the internal header -"eng_int.h", implemented in eng_table.c, and used in each of the "class" files; -tb_rsa.c, tb_dsa.c, etc. - -However, "EVP_CIPHER" underlies the motivation and design of ENGINE_TABLE so -I'll mention a bit about that first. EVP_CIPHER (and most of this applies -equally to EVP_MD for digests) is both a "method" and a algorithm/mode -identifier that, in the current API, "lingers". These cipher description + -implementation structures can be defined or obtained directly by applications, -or can be loaded "en masse" into EVP storage so that they can be catalogued and -searched in various ways, ie. two ways of encrypting with the "des_cbc" -algorithm/mode pair are; - -(i) directly; - const EVP_CIPHER *cipher = EVP_des_cbc(); - EVP_EncryptInit(&ctx, cipher, key, iv); - [ ... use EVP_EncryptUpdate() and EVP_EncryptFinal() ...] - -(ii) indirectly; - OpenSSL_add_all_ciphers(); - cipher = EVP_get_cipherbyname("des_cbc"); - EVP_EncryptInit(&ctx, cipher, key, iv); - [ ... etc ... ] - -The latter is more generally used because it also allows ciphers/digests to be -looked up based on other identifiers which can be useful for automatic cipher -selection, eg. in SSL/TLS, or by user-controllable configuration. - -The important point about this is that EVP_CIPHER definitions and structures are -passed around with impunity and there is no safe way, without requiring massive -rewrites of many applications, to assume that EVP_CIPHERs can be reference -counted. One an EVP_CIPHER is exposed to the caller, neither it nor anything it -comes from can "safely" be destroyed. Unless of course the way of getting to -such ciphers is via entirely distinct API calls that didn't exist before. -However existing API usage cannot be made to understand when an EVP_CIPHER -pointer, that has been passed to the caller, is no longer being used. - -The other problem with the existing API w.r.t. to hooking EVP_CIPHER support -into ENGINE is storage - the OBJ_NAME-based storage used by EVP to register -ciphers simultaneously registers cipher *types* and cipher *implementations* - -they are effectively the same thing, an "EVP_CIPHER" pointer. The problem with -hooking in ENGINEs is that multiple ENGINEs may implement the same ciphers. The -solution is necessarily that ENGINE-provided ciphers simply are not registered, -stored, or exposed to the caller in the same manner as existing ciphers. This is -especially necessary considering the fact ENGINE uses reference counts to allow -for cleanup, modularity, and DSO support - yet EVP_CIPHERs, as exposed to -callers in the current API, support no such controls. - -Another sticking point for integrating cipher support into ENGINE is linkage. -Already there is a problem with the way ENGINE supports RSA, DSA, etc whereby -they are available *because* they're part of a giant ENGINE called "openssl". -Ie. all implementations *have* to come from an ENGINE, but we get round that by -having a giant ENGINE with all the software support encapsulated. This creates -linker hassles if nothing else - linking a 1-line application that calls 2 basic -RSA functions (eg. "RSA_free(RSA_new());") will result in large quantities of -ENGINE code being linked in *and* because of that DSA, DH, and RAND also. If we -continue with this approach for EVP_CIPHER support (even if it *was* possible) -we would lose our ability to link selectively by selectively loading certain -implementations of certain functionality. Touching any part of any kind of -crypto would result in massive static linkage of everything else. So the -solution is to change the way ENGINE feeds existing "classes", ie. how the -hooking to ENGINE works from RSA, DSA, DH, RAND, as well as adding new hooking -for EVP_CIPHER, and EVP_MD. - -The way this is now being done is by mostly reverting back to how things used to -work prior to ENGINE :-). Ie. RSA now has a "RSA_METHOD" pointer again - this -was previously replaced by an "ENGINE" pointer and all RSA code that required -the RSA_METHOD would call ENGINE_get_RSA() each time on its ENGINE handle to -temporarily get and use the ENGINE's RSA implementation. Apart from being more -efficient, switching back to each RSA having an RSA_METHOD pointer also allows -us to conceivably operate with *no* ENGINE. As we'll see, this removes any need -for a fallback ENGINE that encapsulates default implementations - we can simply -have our RSA structure pointing its RSA_METHOD pointer to the software -implementation and have its ENGINE pointer set to NULL. - -A look at the EVP_CIPHER hooking is most explanatory, the RSA, DSA (etc) cases -turn out to be degenerate forms of the same thing. The EVP storage of ciphers, -and the existing EVP API functions that return "software" implementations and -descriptions remain untouched. However, the storage takes more meaning in terms -of "cipher description" and less meaning in terms of "implementation". When an -EVP_CIPHER_CTX is actually initialised with an EVP_CIPHER method and is about to -begin en/decryption, the hooking to ENGINE comes into play. What happens is that -cipher-specific ENGINE code is asked for an ENGINE pointer (a functional -reference) for any ENGINE that is registered to perform the algo/mode that the -provided EVP_CIPHER structure represents. Under normal circumstances, that -ENGINE code will return NULL because no ENGINEs will have had any cipher -implementations *registered*. As such, a NULL ENGINE pointer is stored in the -EVP_CIPHER_CTX context, and the EVP_CIPHER structure is left hooked into the -context and so is used as the implementation. Pretty much how things work now -except we'd have a redundant ENGINE pointer set to NULL and doing nothing. - -Conversely, if an ENGINE *has* been registered to perform the algorithm/mode -combination represented by the provided EVP_CIPHER, then a functional reference -to that ENGINE will be returned to the EVP_CIPHER_CTX during initialisation. -That functional reference will be stored in the context (and released on -cleanup) - and having that reference provides a *safe* way to use an EVP_CIPHER -definition that is private to the ENGINE. Ie. the EVP_CIPHER provided by the -application will actually be replaced by an EVP_CIPHER from the registered -ENGINE - it will support the same algorithm/mode as the original but will be a -completely different implementation. Because this EVP_CIPHER isn't stored in the -EVP storage, nor is it returned to applications from traditional API functions, -there is no associated problem with it not having reference counts. And of -course, when one of these "private" cipher implementations is hooked into -EVP_CIPHER_CTX, it is done whilst the EVP_CIPHER_CTX holds a functional -reference to the ENGINE that owns it, thus the use of the ENGINE's EVP_CIPHER is -safe. - -The "cipher-specific ENGINE code" I mentioned is implemented in tb_cipher.c but -in essence it is simply an instantiation of "ENGINE_TABLE" code for use by -EVP_CIPHER code. tb_digest.c is virtually identical but, of course, it is for -use by EVP_MD code. Ditto for tb_rsa.c, tb_dsa.c, etc. These instantiations of -ENGINE_TABLE essentially provide linker-separation of the classes so that even -if ENGINEs implement *all* possible algorithms, an application using only -EVP_CIPHER code will link at most code relating to EVP_CIPHER, tb_cipher.c, core -ENGINE code that is independent of class, and of course the ENGINE -implementation that the application loaded. It will *not* however link any -class-specific ENGINE code for digests, RSA, etc nor will it bleed over into -other APIs, such as the RSA/DSA/etc library code. - -ENGINE_TABLE is a little more complicated than may seem necessary but this is -mostly to avoid a lot of "init()"-thrashing on ENGINEs (that may have to load -DSOs, and other expensive setup that shouldn't be thrashed unnecessarily) *and* -to duplicate "default" behaviour. Basically an ENGINE_TABLE instantiation, for -example tb_cipher.c, implements a hash-table keyed by integer "nid" values. -These nids provide the uniquenness of an algorithm/mode - and each nid will hash -to a potentially NULL "ENGINE_PILE". An ENGINE_PILE is essentially a list of -pointers to ENGINEs that implement that particular 'nid'. Each "pile" uses some -caching tricks such that requests on that 'nid' will be cached and all future -requests will return immediately (well, at least with minimal operation) unless -a change is made to the pile, eg. perhaps an ENGINE was unloaded. The reason is -that an application could have support for 10 ENGINEs statically linked -in, and the machine in question may not have any of the hardware those 10 -ENGINEs support. If each of those ENGINEs has a "des_cbc" implementation, we -want to avoid every EVP_CIPHER_CTX setup from trying (and failing) to initialise -each of those 10 ENGINEs. Instead, the first such request will try to do that -and will either return (and cache) a NULL ENGINE pointer or will return a -functional reference to the first that successfully initialised. In the latter -case it will also cache an extra functional reference to the ENGINE as a -"default" for that 'nid'. The caching is acknowledged by a 'uptodate' variable -that is unset only if un/registration takes place on that pile. Ie. if -implementations of "des_cbc" are added or removed. This behaviour can be -tweaked; the ENGINE_TABLE_FLAG_NOINIT value can be passed to -ENGINE_set_table_flags(), in which case the only ENGINEs that tb_cipher.c will -try to initialise from the "pile" will be those that are already initialised -(ie. it's simply an increment of the functional reference count, and no real -"initialisation" will take place). - -RSA, DSA, DH, and RAND all have their own ENGINE_TABLE code as well, and the -difference is that they all use an implicit 'nid' of 1. Whereas EVP_CIPHERs are -actually qualitatively different depending on 'nid' (the "des_cbc" EVP_CIPHER is -not an interoperable implementation of "aes_256_cbc"), RSA_METHODs are -necessarily interoperable and don't have different flavours, only different -implementations. In other words, the ENGINE_TABLE for RSA will either be empty, -or will have a single ENGING_PILE hashed to by the 'nid' 1 and that pile -represents ENGINEs that implement the single "type" of RSA there is. - -Cleanup - the registration and unregistration may pose questions about how -cleanup works with the ENGINE_PILE doing all this caching nonsense (ie. when the -application or EVP_CIPHER code releases its last reference to an ENGINE, the -ENGINE_PILE code may still have references and thus those ENGINEs will stay -hooked in forever). The way this is handled is via "unregistration". With these -new ENGINE changes, an abstract ENGINE can be loaded and initialised, but that -is an algorithm-agnostic process. Even if initialised, it will not have -registered any of its implementations (to do so would link all class "table" -code despite the fact the application may use only ciphers, for example). This -is deliberately a distinct step. Moreover, registration and unregistration has -nothing to do with whether an ENGINE is *functional* or not (ie. you can even -register an ENGINE and its implementations without it being operational, you may -not even have the drivers to make it operate). What actually happens with -respect to cleanup is managed inside eng_lib.c with the "engine_cleanup_***" -functions. These functions are internal-only and each part of ENGINE code that -could require cleanup will, upon performing its first allocation, register a -callback with the "engine_cleanup" code. The other part of this that makes it -tick is that the ENGINE_TABLE instantiations (tb_***.c) use NULL as their -initialised state. So if RSA code asks for an ENGINE and no ENGINE has -registered an implementation, the code will simply return NULL and the tb_rsa.c -state will be unchanged. Thus, no cleanup is required unless registration takes -place. ENGINE_cleanup() will simply iterate across a list of registered cleanup -callbacks calling each in turn, and will then internally delete its own storage -(a STACK). When a cleanup callback is next registered (eg. if the cleanup() is -part of a graceful restart and the application wants to cleanup all state then -start again), the internal STACK storage will be freshly allocated. This is much -the same as the situation in the ENGINE_TABLE instantiations ... NULL is the -initialised state, so only modification operations (not queries) will cause that -code to have to register a cleanup. - -What else? The bignum callbacks and associated ENGINE functions have been -removed for two obvious reasons; (i) there was no way to generalise them to the -mechanism now used by RSA/DSA/..., because there's no such thing as a BIGNUM -method, and (ii) because of (i), there was no meaningful way for library or -application code to automatically hook and use ENGINE supplied bignum functions -anyway. Also, ENGINE_cpy() has been removed (although an internal-only version -exists) - the idea of providing an ENGINE_cpy() function probably wasn't a good -one and now certainly doesn't make sense in any generalised way. Some of the -RSA, DSA, DH, and RAND functions that were fiddled during the original ENGINE -changes have now, as a consequence, been reverted back. This is because the -hooking of ENGINE is now automatic (and passive, it can interally use a NULL -ENGINE pointer to simply ignore ENGINE from then on). - -Hell, that should be enough for now ... comments welcome: geoff@openssl.org - diff --git a/lib/libcrypto/engine/eng_all.c b/lib/libcrypto/engine/eng_all.c deleted file mode 100644 index 403ca6865..000000000 --- a/lib/libcrypto/engine/eng_all.c +++ /dev/null @@ -1,88 +0,0 @@ -/* $OpenBSD: eng_all.c,v 1.30 2018/03/17 16:20:01 beck Exp $ */ -/* Written by Richard Levitte for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include "cryptlib.h" -#include "eng_int.h" - -void -ENGINE_load_builtin_engines_internal(void) -{ -#ifndef OPENSSL_NO_STATIC_ENGINE -#ifndef OPENSSL_NO_HW -#ifndef OPENSSL_NO_HW_PADLOCK - ENGINE_load_padlock(); -#endif -#endif -#endif - ENGINE_register_all_complete(); -} - -void -ENGINE_load_builtin_engines(void) -{ - static pthread_once_t once = PTHREAD_ONCE_INIT; - - /* Prayer and clean living lets you ignore errors, OpenSSL style */ - (void) OPENSSL_init_crypto(0, NULL); - - (void) pthread_once(&once, ENGINE_load_builtin_engines_internal); -} diff --git a/lib/libcrypto/engine/eng_cnf.c b/lib/libcrypto/engine/eng_cnf.c deleted file mode 100644 index 24358af8c..000000000 --- a/lib/libcrypto/engine/eng_cnf.c +++ /dev/null @@ -1,252 +0,0 @@ -/* $OpenBSD: eng_cnf.c,v 1.15 2018/04/14 07:18:37 tb Exp $ */ -/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL - * project 2001. - */ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include "eng_int.h" -#include - -/* #define ENGINE_CONF_DEBUG */ - -/* ENGINE config module */ - -static char * -skip_dot(char *name) -{ - char *p; - - p = strchr(name, '.'); - if (p) - return p + 1; - return name; -} - -static STACK_OF(ENGINE) *initialized_engines = NULL; - -static int -int_engine_init(ENGINE *e) -{ - if (!ENGINE_init(e)) - return 0; - if (!initialized_engines) - initialized_engines = sk_ENGINE_new_null(); - if (!initialized_engines || !sk_ENGINE_push(initialized_engines, e)) { - ENGINE_finish(e); - return 0; - } - return 1; -} - - -static int -int_engine_configure(char *name, char *value, const CONF *cnf) -{ - int i; - int ret = 0; - long do_init = -1; - STACK_OF(CONF_VALUE) *ecmds; - CONF_VALUE *ecmd = NULL; - char *ctrlname, *ctrlvalue; - ENGINE *e = NULL; - int soft = 0; - - name = skip_dot(name); -#ifdef ENGINE_CONF_DEBUG - fprintf(stderr, "Configuring engine %s\n", name); -#endif - /* Value is a section containing ENGINE commands */ - ecmds = NCONF_get_section(cnf, value); - - if (!ecmds) { - ENGINEerror(ENGINE_R_ENGINE_SECTION_ERROR); - return 0; - } - - for (i = 0; i < sk_CONF_VALUE_num(ecmds); i++) { - ecmd = sk_CONF_VALUE_value(ecmds, i); - ctrlname = skip_dot(ecmd->name); - ctrlvalue = ecmd->value; -#ifdef ENGINE_CONF_DEBUG - fprintf(stderr, "ENGINE conf: doing ctrl(%s,%s)\n", - ctrlname, ctrlvalue); -#endif - - /* First handle some special pseudo ctrls */ - - /* Override engine name to use */ - if (!strcmp(ctrlname, "engine_id")) - name = ctrlvalue; - else if (!strcmp(ctrlname, "soft_load")) - soft = 1; - /* Load a dynamic ENGINE */ - else if (!strcmp(ctrlname, "dynamic_path")) { - e = ENGINE_by_id("dynamic"); - if (!e) - goto err; - if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", ctrlvalue, 0)) - goto err; - if (!ENGINE_ctrl_cmd_string(e, "LIST_ADD", "2", 0)) - goto err; - if (!ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0)) - goto err; - } - /* ... add other pseudos here ... */ - else { - /* At this point we need an ENGINE structural reference - * if we don't already have one. - */ - if (!e) { - e = ENGINE_by_id(name); - if (!e && soft) { - ERR_clear_error(); - return 1; - } - if (!e) - goto err; - } - /* Allow "EMPTY" to mean no value: this allows a valid - * "value" to be passed to ctrls of type NO_INPUT - */ - if (!strcmp(ctrlvalue, "EMPTY")) - ctrlvalue = NULL; - if (!strcmp(ctrlname, "init")) { - if (!NCONF_get_number_e(cnf, value, "init", - &do_init)) - goto err; - if (do_init == 1) { - if (!int_engine_init(e)) - goto err; - } else if (do_init != 0) { - ENGINEerror(ENGINE_R_INVALID_INIT_VALUE); - goto err; - } - } - else if (!strcmp(ctrlname, "default_algorithms")) { - if (!ENGINE_set_default_string(e, ctrlvalue)) - goto err; - } else if (!ENGINE_ctrl_cmd_string(e, - ctrlname, ctrlvalue, 0)) - goto err; - } - } - if (e && (do_init == -1) && !int_engine_init(e)) { - ecmd = NULL; - goto err; - } - ret = 1; - -err: - if (ret != 1) { - ENGINEerror(ENGINE_R_ENGINE_CONFIGURATION_ERROR); - if (ecmd) - ERR_asprintf_error_data( - "section=%s, name=%s, value=%s", - ecmd->section, ecmd->name, ecmd->value); - } - ENGINE_free(e); - return ret; -} - - -static int -int_engine_module_init(CONF_IMODULE *md, const CONF *cnf) -{ - STACK_OF(CONF_VALUE) *elist; - CONF_VALUE *cval; - int i; - -#ifdef ENGINE_CONF_DEBUG - fprintf(stderr, "Called engine module: name %s, value %s\n", - CONF_imodule_get_name(md), CONF_imodule_get_value(md)); -#endif - /* Value is a section containing ENGINEs to configure */ - elist = NCONF_get_section(cnf, CONF_imodule_get_value(md)); - - if (!elist) { - ENGINEerror(ENGINE_R_ENGINES_SECTION_ERROR); - return 0; - } - - for (i = 0; i < sk_CONF_VALUE_num(elist); i++) { - cval = sk_CONF_VALUE_value(elist, i); - if (!int_engine_configure(cval->name, cval->value, cnf)) - return 0; - } - - return 1; -} - -static void -int_engine_module_finish(CONF_IMODULE *md) -{ - ENGINE *e; - - while ((e = sk_ENGINE_pop(initialized_engines))) - ENGINE_finish(e); - sk_ENGINE_free(initialized_engines); - initialized_engines = NULL; -} - -void -ENGINE_add_conf_module(void) -{ - CONF_module_add("engines", int_engine_module_init, - int_engine_module_finish); -} diff --git a/lib/libcrypto/engine/eng_ctrl.c b/lib/libcrypto/engine/eng_ctrl.c deleted file mode 100644 index 1a3c25fba..000000000 --- a/lib/libcrypto/engine/eng_ctrl.c +++ /dev/null @@ -1,379 +0,0 @@ -/* $OpenBSD: eng_ctrl.c,v 1.11 2017/01/29 17:49:23 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include "eng_int.h" - -/* When querying a ENGINE-specific control command's 'description', this string - * is used if the ENGINE_CMD_DEFN has cmd_desc set to NULL. */ -static const char *int_no_description = ""; - -/* These internal functions handle 'CMD'-related control commands when the - * ENGINE in question has asked us to take care of it (ie. the ENGINE did not - * set the ENGINE_FLAGS_MANUAL_CMD_CTRL flag. */ - -static int -int_ctrl_cmd_is_null(const ENGINE_CMD_DEFN *defn) -{ - if ((defn->cmd_num == 0) || (defn->cmd_name == NULL)) - return 1; - return 0; -} - -static int -int_ctrl_cmd_by_name(const ENGINE_CMD_DEFN *defn, const char *s) -{ - int idx = 0; - while (!int_ctrl_cmd_is_null(defn) && - (strcmp(defn->cmd_name, s) != 0)) { - idx++; - defn++; - } - if (int_ctrl_cmd_is_null(defn)) - /* The given name wasn't found */ - return -1; - return idx; -} - -static int -int_ctrl_cmd_by_num(const ENGINE_CMD_DEFN *defn, unsigned int num) -{ - int idx = 0; - /* NB: It is stipulated that 'cmd_defn' lists are ordered by cmd_num. So - * our searches don't need to take any longer than necessary. */ - while (!int_ctrl_cmd_is_null(defn) && (defn->cmd_num < num)) { - idx++; - defn++; - } - if (defn->cmd_num == num) - return idx; - /* The given cmd_num wasn't found */ - return -1; -} - -static int -int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) -{ - int idx; - int ret; - char *s = (char *)p; - - /* Take care of the easy one first (eg. it requires no searches) */ - if (cmd == ENGINE_CTRL_GET_FIRST_CMD_TYPE) { - if ((e->cmd_defns == NULL) || - int_ctrl_cmd_is_null(e->cmd_defns)) - return 0; - return e->cmd_defns->cmd_num; - } - /* One or two commands require that "p" be a valid string buffer */ - if ((cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) || - (cmd == ENGINE_CTRL_GET_NAME_FROM_CMD) || - (cmd == ENGINE_CTRL_GET_DESC_FROM_CMD)) { - if (s == NULL) { - ENGINEerror(ERR_R_PASSED_NULL_PARAMETER); - return -1; - } - } - /* Now handle cmd_name -> cmd_num conversion */ - if (cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) { - if ((e->cmd_defns == NULL) || - ((idx = int_ctrl_cmd_by_name(e->cmd_defns, s)) < 0)) { - ENGINEerror(ENGINE_R_INVALID_CMD_NAME); - return -1; - } - return e->cmd_defns[idx].cmd_num; - } - /* For the rest of the commands, the 'long' argument must specify a - * valie command number - so we need to conduct a search. */ - if ((e->cmd_defns == NULL) || - ((idx = int_ctrl_cmd_by_num(e->cmd_defns, (unsigned int)i)) < 0)) { - ENGINEerror(ENGINE_R_INVALID_CMD_NUMBER); - return -1; - } - /* Now the logic splits depending on command type */ - switch (cmd) { - case ENGINE_CTRL_GET_NEXT_CMD_TYPE: - idx++; - if (int_ctrl_cmd_is_null(e->cmd_defns + idx)) - /* end-of-list */ - return 0; - else - return e->cmd_defns[idx].cmd_num; - case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD: - return strlen(e->cmd_defns[idx].cmd_name); - case ENGINE_CTRL_GET_NAME_FROM_CMD: - ret = snprintf(s, strlen(e->cmd_defns[idx].cmd_name) + 1, - "%s", e->cmd_defns[idx].cmd_name); - if (ret >= (strlen(e->cmd_defns[idx].cmd_name) + 1)) - ret = -1; - return ret; - case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD: - if (e->cmd_defns[idx].cmd_desc) - return strlen(e->cmd_defns[idx].cmd_desc); - return strlen(int_no_description); - case ENGINE_CTRL_GET_DESC_FROM_CMD: - if (e->cmd_defns[idx].cmd_desc) { - ret = snprintf(s, - strlen(e->cmd_defns[idx].cmd_desc) + 1, - "%s", e->cmd_defns[idx].cmd_desc); - if (ret >= strlen(e->cmd_defns[idx].cmd_desc) + 1) - ret = -1; - return ret; - } - ret = snprintf(s, strlen(int_no_description) + 1, "%s", - int_no_description); - if (ret >= strlen(int_no_description) + 1) - ret = -1; - return ret; - case ENGINE_CTRL_GET_CMD_FLAGS: - return e->cmd_defns[idx].cmd_flags; - } - - /* Shouldn't really be here ... */ - ENGINEerror(ENGINE_R_INTERNAL_LIST_ERROR); - return -1; -} - -int -ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)) -{ - int ctrl_exists, ref_exists; - - if (e == NULL) { - ENGINEerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - ref_exists = ((e->struct_ref > 0) ? 1 : 0); - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - ctrl_exists = ((e->ctrl == NULL) ? 0 : 1); - if (!ref_exists) { - ENGINEerror(ENGINE_R_NO_REFERENCE); - return 0; - } - /* Intercept any "root-level" commands before trying to hand them on to - * ctrl() handlers. */ - switch (cmd) { - case ENGINE_CTRL_HAS_CTRL_FUNCTION: - return ctrl_exists; - case ENGINE_CTRL_GET_FIRST_CMD_TYPE: - case ENGINE_CTRL_GET_NEXT_CMD_TYPE: - case ENGINE_CTRL_GET_CMD_FROM_NAME: - case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD: - case ENGINE_CTRL_GET_NAME_FROM_CMD: - case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD: - case ENGINE_CTRL_GET_DESC_FROM_CMD: - case ENGINE_CTRL_GET_CMD_FLAGS: - if (ctrl_exists && !(e->flags & ENGINE_FLAGS_MANUAL_CMD_CTRL)) - return int_ctrl_helper(e, cmd, i, p, f); - if (!ctrl_exists) { - ENGINEerror(ENGINE_R_NO_CONTROL_FUNCTION); - /* For these cmd-related functions, failure is indicated - * by a -1 return value (because 0 is used as a valid - * return in some places). */ - return -1; - } - default: - break; - } - /* Anything else requires a ctrl() handler to exist. */ - if (!ctrl_exists) { - ENGINEerror(ENGINE_R_NO_CONTROL_FUNCTION); - return 0; - } - return e->ctrl(e, cmd, i, p, f); -} - -int -ENGINE_cmd_is_executable(ENGINE *e, int cmd) -{ - int flags; - - if ((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, cmd, - NULL, NULL)) < 0) { - ENGINEerror(ENGINE_R_INVALID_CMD_NUMBER); - return 0; - } - if (!(flags & ENGINE_CMD_FLAG_NO_INPUT) && - !(flags & ENGINE_CMD_FLAG_NUMERIC) && - !(flags & ENGINE_CMD_FLAG_STRING)) - return 0; - return 1; -} - -int -ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name, long i, void *p, - void (*f)(void), int cmd_optional) -{ - int num; - - if ((e == NULL) || (cmd_name == NULL)) { - ENGINEerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if ((e->ctrl == NULL) || - ((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FROM_NAME, - 0, (void *)cmd_name, NULL)) <= 0)) { - /* If the command didn't *have* to be supported, we fake - * success. This allows certain settings to be specified for - * multiple ENGINEs and only require a change of ENGINE id - * (without having to selectively apply settings). Eg. changing - * from a hardware device back to the regular software ENGINE - * without editing the config file, etc. */ - if (cmd_optional) { - ERR_clear_error(); - return 1; - } - ENGINEerror(ENGINE_R_INVALID_CMD_NAME); - return 0; - } - - /* Force the result of the control command to 0 or 1, for the reasons - * mentioned before. */ - if (ENGINE_ctrl(e, num, i, p, f) > 0) - return 1; - - return 0; -} - -int -ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg, - int cmd_optional) -{ - int num, flags; - long l; - char *ptr; - - if ((e == NULL) || (cmd_name == NULL)) { - ENGINEerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if ((e->ctrl == NULL) || - ((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FROM_NAME, 0, - (void *)cmd_name, NULL)) <= 0)) { - /* If the command didn't *have* to be supported, we fake - * success. This allows certain settings to be specified for - * multiple ENGINEs and only require a change of ENGINE id - * (without having to selectively apply settings). Eg. changing - * from a hardware device back to the regular software ENGINE - * without editing the config file, etc. */ - if (cmd_optional) { - ERR_clear_error(); - return 1; - } - ENGINEerror(ENGINE_R_INVALID_CMD_NAME); - return 0; - } - if (!ENGINE_cmd_is_executable(e, num)) { - ENGINEerror(ENGINE_R_CMD_NOT_EXECUTABLE); - return 0; - } - if ((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num, - NULL, NULL)) < 0) { - /* Shouldn't happen, given that ENGINE_cmd_is_executable() - * returned success. */ - ENGINEerror(ENGINE_R_INTERNAL_LIST_ERROR); - return 0; - } - /* If the command takes no input, there must be no input. And vice - * versa. */ - if (flags & ENGINE_CMD_FLAG_NO_INPUT) { - if (arg != NULL) { - ENGINEerror(ENGINE_R_COMMAND_TAKES_NO_INPUT); - return 0; - } - /* We deliberately force the result of ENGINE_ctrl() to 0 or 1 - * rather than returning it as "return data". This is to ensure - * usage of these commands is consistent across applications and - * that certain applications don't understand it one way, and - * others another. */ - if (ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0) - return 1; - return 0; - } - /* So, we require input */ - if (arg == NULL) { - ENGINEerror(ENGINE_R_COMMAND_TAKES_INPUT); - return 0; - } - /* If it takes string input, that's easy */ - if (flags & ENGINE_CMD_FLAG_STRING) { - /* Same explanation as above */ - if (ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0) - return 1; - return 0; - } - /* If it doesn't take numeric either, then it is unsupported for use in - * a config-setting situation, which is what this function is for. This - * should never happen though, because ENGINE_cmd_is_executable() was - * used. */ - if (!(flags & ENGINE_CMD_FLAG_NUMERIC)) { - ENGINEerror(ENGINE_R_INTERNAL_LIST_ERROR); - return 0; - } - l = strtol(arg, &ptr, 10); - if ((arg == ptr) || (*ptr != '\0')) { - ENGINEerror(ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER); - return 0; - } - /* Force the result of the control command to 0 or 1, for the reasons - * mentioned before. */ - if (ENGINE_ctrl(e, num, l, NULL, NULL) > 0) - return 1; - return 0; -} diff --git a/lib/libcrypto/engine/eng_dyn.c b/lib/libcrypto/engine/eng_dyn.c deleted file mode 100644 index 400ce7268..000000000 --- a/lib/libcrypto/engine/eng_dyn.c +++ /dev/null @@ -1,64 +0,0 @@ -/* $OpenBSD: eng_dyn.c,v 1.14 2015/06/19 06:05:11 bcook Exp $ */ -/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL - * project 2001. - */ -/* ==================================================================== - * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -void -ENGINE_load_dynamic(void) -{ -} diff --git a/lib/libcrypto/engine/eng_err.c b/lib/libcrypto/engine/eng_err.c deleted file mode 100644 index 5f86a4154..000000000 --- a/lib/libcrypto/engine/eng_err.c +++ /dev/null @@ -1,129 +0,0 @@ -/* $OpenBSD: eng_err.c,v 1.12 2022/07/12 14:42:49 kn Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2010 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include -#include - -#ifndef OPENSSL_NO_ERR - -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ENGINE,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ENGINE,0,reason) - -static ERR_STRING_DATA ENGINE_str_functs[] = { - {ERR_FUNC(0xfff), "CRYPTO_internal"}, - {0, NULL} -}; - -static ERR_STRING_DATA ENGINE_str_reasons[] = { - {ERR_REASON(ENGINE_R_ALREADY_LOADED) , "already loaded"}, - {ERR_REASON(ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER), "argument is not a number"}, - {ERR_REASON(ENGINE_R_CMD_NOT_EXECUTABLE) , "cmd not executable"}, - {ERR_REASON(ENGINE_R_COMMAND_TAKES_INPUT), "command takes input"}, - {ERR_REASON(ENGINE_R_COMMAND_TAKES_NO_INPUT), "command takes no input"}, - {ERR_REASON(ENGINE_R_CONFLICTING_ENGINE_ID), "conflicting engine id"}, - {ERR_REASON(ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED), "ctrl command not implemented"}, - {ERR_REASON(ENGINE_R_DH_NOT_IMPLEMENTED) , "dh not implemented"}, - {ERR_REASON(ENGINE_R_DSA_NOT_IMPLEMENTED), "dsa not implemented"}, - {ERR_REASON(ENGINE_R_DSO_FAILURE) , "DSO failure"}, - {ERR_REASON(ENGINE_R_DSO_NOT_FOUND) , "dso not found"}, - {ERR_REASON(ENGINE_R_ENGINES_SECTION_ERROR), "engines section error"}, - {ERR_REASON(ENGINE_R_ENGINE_CONFIGURATION_ERROR), "engine configuration error"}, - {ERR_REASON(ENGINE_R_ENGINE_IS_NOT_IN_LIST), "engine is not in the list"}, - {ERR_REASON(ENGINE_R_ENGINE_SECTION_ERROR), "engine section error"}, - {ERR_REASON(ENGINE_R_FAILED_LOADING_PRIVATE_KEY), "failed loading private key"}, - {ERR_REASON(ENGINE_R_FAILED_LOADING_PUBLIC_KEY), "failed loading public key"}, - {ERR_REASON(ENGINE_R_FINISH_FAILED) , "finish failed"}, - {ERR_REASON(ENGINE_R_GET_HANDLE_FAILED) , "could not obtain hardware handle"}, - {ERR_REASON(ENGINE_R_ID_OR_NAME_MISSING) , "'id' or 'name' missing"}, - {ERR_REASON(ENGINE_R_INIT_FAILED) , "init failed"}, - {ERR_REASON(ENGINE_R_INTERNAL_LIST_ERROR), "internal list error"}, - {ERR_REASON(ENGINE_R_INVALID_ARGUMENT) , "invalid argument"}, - {ERR_REASON(ENGINE_R_INVALID_CMD_NAME) , "invalid cmd name"}, - {ERR_REASON(ENGINE_R_INVALID_CMD_NUMBER) , "invalid cmd number"}, - {ERR_REASON(ENGINE_R_INVALID_INIT_VALUE) , "invalid init value"}, - {ERR_REASON(ENGINE_R_INVALID_STRING) , "invalid string"}, - {ERR_REASON(ENGINE_R_NOT_INITIALISED) , "not initialised"}, - {ERR_REASON(ENGINE_R_NOT_LOADED) , "not loaded"}, - {ERR_REASON(ENGINE_R_NO_CONTROL_FUNCTION), "no control function"}, - {ERR_REASON(ENGINE_R_NO_INDEX) , "no index"}, - {ERR_REASON(ENGINE_R_NO_LOAD_FUNCTION) , "no load function"}, - {ERR_REASON(ENGINE_R_NO_REFERENCE) , "no reference"}, - {ERR_REASON(ENGINE_R_NO_SUCH_ENGINE) , "no such engine"}, - {ERR_REASON(ENGINE_R_NO_UNLOAD_FUNCTION) , "no unload function"}, - {ERR_REASON(ENGINE_R_PROVIDE_PARAMETERS) , "provide parameters"}, - {ERR_REASON(ENGINE_R_RSA_NOT_IMPLEMENTED), "rsa not implemented"}, - {ERR_REASON(ENGINE_R_UNIMPLEMENTED_CIPHER), "unimplemented cipher"}, - {ERR_REASON(ENGINE_R_UNIMPLEMENTED_DIGEST), "unimplemented digest"}, - {ERR_REASON(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD), "unimplemented public key method"}, - {ERR_REASON(ENGINE_R_VERSION_INCOMPATIBILITY), "version incompatibility"}, - {0, NULL} -}; - -#endif - -void -ERR_load_ENGINE_strings(void) -{ -#ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(ENGINE_str_functs[0].error) == NULL) { - ERR_load_strings(0, ENGINE_str_functs); - ERR_load_strings(0, ENGINE_str_reasons); - } -#endif -} diff --git a/lib/libcrypto/engine/eng_fat.c b/lib/libcrypto/engine/eng_fat.c deleted file mode 100644 index baf1a5488..000000000 --- a/lib/libcrypto/engine/eng_fat.c +++ /dev/null @@ -1,200 +0,0 @@ -/* $OpenBSD: eng_fat.c,v 1.17 2019/01/19 01:07:00 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECDH support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ - -#include - -#include - -#include -#include "eng_int.h" -#include - -int -ENGINE_set_default(ENGINE *e, unsigned int flags) -{ - if ((flags & ENGINE_METHOD_CIPHERS) && !ENGINE_set_default_ciphers(e)) - return 0; - if ((flags & ENGINE_METHOD_DIGESTS) && !ENGINE_set_default_digests(e)) - return 0; -#ifndef OPENSSL_NO_RSA - if ((flags & ENGINE_METHOD_RSA) && !ENGINE_set_default_RSA(e)) - return 0; -#endif -#ifndef OPENSSL_NO_DSA - if ((flags & ENGINE_METHOD_DSA) && !ENGINE_set_default_DSA(e)) - return 0; -#endif -#ifndef OPENSSL_NO_DH - if ((flags & ENGINE_METHOD_DH) && !ENGINE_set_default_DH(e)) - return 0; -#endif -#ifndef OPENSSL_NO_ECDH - if ((flags & ENGINE_METHOD_ECDH) && !ENGINE_set_default_ECDH(e)) - return 0; -#endif -#ifndef OPENSSL_NO_ECDSA - if ((flags & ENGINE_METHOD_ECDSA) && !ENGINE_set_default_ECDSA(e)) - return 0; -#endif -#ifndef OPENSSL_NO_EC - if ((flags & ENGINE_METHOD_EC) && !ENGINE_set_default_EC(e)) - return 0; -#endif - if ((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e)) - return 0; - if ((flags & ENGINE_METHOD_PKEY_METHS) && - !ENGINE_set_default_pkey_meths(e)) - return 0; - if ((flags & ENGINE_METHOD_PKEY_ASN1_METHS) && - !ENGINE_set_default_pkey_asn1_meths(e)) - return 0; - return 1; -} - -/* Set default algorithms using a string */ - -static int -int_def_cb(const char *alg, int len, void *arg) -{ - unsigned int *pflags = arg; - - if (!strncmp(alg, "ALL", len)) - *pflags |= ENGINE_METHOD_ALL; - else if (!strncmp(alg, "RSA", len)) - *pflags |= ENGINE_METHOD_RSA; - else if (!strncmp(alg, "DSA", len)) - *pflags |= ENGINE_METHOD_DSA; - else if (!strncmp(alg, "ECDH", len)) - *pflags |= ENGINE_METHOD_ECDH; - else if (!strncmp(alg, "ECDSA", len)) - *pflags |= ENGINE_METHOD_ECDSA; - else if (!strncmp(alg, "DH", len)) - *pflags |= ENGINE_METHOD_DH; - else if (strncmp(alg, "EC", len) == 0) - *pflags |= ENGINE_METHOD_EC; - else if (!strncmp(alg, "RAND", len)) - *pflags |= ENGINE_METHOD_RAND; - else if (!strncmp(alg, "CIPHERS", len)) - *pflags |= ENGINE_METHOD_CIPHERS; - else if (!strncmp(alg, "DIGESTS", len)) - *pflags |= ENGINE_METHOD_DIGESTS; - else if (!strncmp(alg, "PKEY", len)) - *pflags |= ENGINE_METHOD_PKEY_METHS | - ENGINE_METHOD_PKEY_ASN1_METHS; - else if (!strncmp(alg, "PKEY_CRYPTO", len)) - *pflags |= ENGINE_METHOD_PKEY_METHS; - else if (!strncmp(alg, "PKEY_ASN1", len)) - *pflags |= ENGINE_METHOD_PKEY_ASN1_METHS; - else - return 0; - return 1; -} - -int -ENGINE_set_default_string(ENGINE *e, const char *def_list) -{ - unsigned int flags = 0; - - if (!CONF_parse_list(def_list, ',', 1, int_def_cb, &flags)) { - ENGINEerror(ENGINE_R_INVALID_STRING); - ERR_asprintf_error_data("str=%s",def_list); - return 0; - } - return ENGINE_set_default(e, flags); -} - -int -ENGINE_register_complete(ENGINE *e) -{ - ENGINE_register_ciphers(e); - ENGINE_register_digests(e); -#ifndef OPENSSL_NO_RSA - ENGINE_register_RSA(e); -#endif -#ifndef OPENSSL_NO_DSA - ENGINE_register_DSA(e); -#endif -#ifndef OPENSSL_NO_DH - ENGINE_register_DH(e); -#endif -#ifndef OPENSSL_NO_ECDH - ENGINE_register_ECDH(e); -#endif -#ifndef OPENSSL_NO_ECDSA - ENGINE_register_ECDSA(e); -#endif -#ifndef OPENSSL_NO_EC - ENGINE_register_EC(e); -#endif - ENGINE_register_RAND(e); - ENGINE_register_pkey_meths(e); - return 1; -} - -int -ENGINE_register_all_complete(void) -{ - ENGINE *e; - - for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e)) - if (!(e->flags & ENGINE_FLAGS_NO_REGISTER_ALL)) - ENGINE_register_complete(e); - return 1; -} diff --git a/lib/libcrypto/engine/eng_init.c b/lib/libcrypto/engine/eng_init.c deleted file mode 100644 index 793adba8b..000000000 --- a/lib/libcrypto/engine/eng_init.c +++ /dev/null @@ -1,147 +0,0 @@ -/* $OpenBSD: eng_init.c,v 1.9 2018/04/14 07:09:21 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include "eng_int.h" - -/* Initialise a engine type for use (or up its functional reference count - * if it's already in use). This version is only used internally. */ -int -engine_unlocked_init(ENGINE *e) -{ - int to_return = 1; - - if ((e->funct_ref == 0) && e->init) - /* This is the first functional reference and the engine - * requires initialisation so we do it now. */ - to_return = e->init(e); - if (to_return) { - /* OK, we return a functional reference which is also a - * structural reference. */ - e->struct_ref++; - e->funct_ref++; - engine_ref_debug(e, 0, 1) - engine_ref_debug(e, 1, 1) - } - return to_return; -} - -/* Free a functional reference to a engine type. This version is only used - * internally. */ -int -engine_unlocked_finish(ENGINE *e, int unlock_for_handlers) -{ - int to_return = 1; - - /* Reduce the functional reference count here so if it's the terminating - * case, we can release the lock safely and call the finish() handler - * without risk of a race. We get a race if we leave the count until - * after and something else is calling "finish" at the same time - - * there's a chance that both threads will together take the count from - * 2 to 0 without either calling finish(). */ - e->funct_ref--; - engine_ref_debug(e, 1, -1); - if ((e->funct_ref == 0) && e->finish) { - if (unlock_for_handlers) - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - to_return = e->finish(e); - if (unlock_for_handlers) - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - if (!to_return) - return 0; - } - - /* Release the structural reference too */ - if (!engine_free_util(e, 0)) { - ENGINEerror(ENGINE_R_FINISH_FAILED); - return 0; - } - return to_return; -} - -/* The API (locked) version of "init" */ -int -ENGINE_init(ENGINE *e) -{ - int ret; - - if (e == NULL) { - ENGINEerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - ret = engine_unlocked_init(e); - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - return ret; -} - -/* The API (locked) version of "finish" */ -int -ENGINE_finish(ENGINE *e) -{ - int to_return = 1; - - if (e == NULL) - return 1; - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - to_return = engine_unlocked_finish(e, 1); - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - if (!to_return) { - ENGINEerror(ENGINE_R_FINISH_FAILED); - return 0; - } - return to_return; -} diff --git a/lib/libcrypto/engine/eng_int.h b/lib/libcrypto/engine/eng_int.h deleted file mode 100644 index 298c0e327..000000000 --- a/lib/libcrypto/engine/eng_int.h +++ /dev/null @@ -1,203 +0,0 @@ -/* $OpenBSD: eng_int.h,v 1.10 2019/01/19 01:07:00 tb Exp $ */ -/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECDH support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ - -#ifndef HEADER_ENGINE_INT_H -#define HEADER_ENGINE_INT_H - -/* Take public definitions from engine.h */ -#include - -__BEGIN_HIDDEN_DECLS - -/* If we compile with this symbol defined, then both reference counts in the - * ENGINE structure will be monitored with a line of output on stderr for each - * change. This prints the engine's pointer address (truncated to unsigned int), - * "struct" or "funct" to indicate the reference type, the before and after - * reference count, and the file:line-number pair. The "engine_ref_debug" - * statements must come *after* the change. */ -#ifdef ENGINE_REF_COUNT_DEBUG - -#define engine_ref_debug(e, isfunct, diff) \ - fprintf(stderr, "engine: %08x %s from %d to %d (%s:%d)\n", \ - (unsigned int)(e), (isfunct ? "funct" : "struct"), \ - ((isfunct) ? ((e)->funct_ref - (diff)) : ((e)->struct_ref - (diff))), \ - ((isfunct) ? (e)->funct_ref : (e)->struct_ref), \ - (__FILE__), (__LINE__)); - -#else - -#define engine_ref_debug(e, isfunct, diff) - -#endif - -/* Any code that will need cleanup operations should use these functions to - * register callbacks. ENGINE_cleanup() will call all registered callbacks in - * order. NB: both the "add" functions assume CRYPTO_LOCK_ENGINE to already be - * held (in "write" mode). */ -typedef void (ENGINE_CLEANUP_CB)(void); -typedef struct st_engine_cleanup_item { - ENGINE_CLEANUP_CB *cb; -} ENGINE_CLEANUP_ITEM; -DECLARE_STACK_OF(ENGINE_CLEANUP_ITEM) -void engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb); -void engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb); - -/* We need stacks of ENGINEs for use in eng_table.c */ -DECLARE_STACK_OF(ENGINE) - -/* If this symbol is defined then engine_table_select(), the function that is - * used by RSA, DSA (etc) code to select registered ENGINEs, cache defaults and - * functional references (etc), will display debugging summaries to stderr. */ -/* #define ENGINE_TABLE_DEBUG */ - -/* This represents an implementation table. Dependent code should instantiate it - * as a (ENGINE_TABLE *) pointer value set initially to NULL. */ -typedef struct st_engine_table ENGINE_TABLE; -int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup, - ENGINE *e, const int *nids, int num_nids, int setdefault); -void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e); -void engine_table_cleanup(ENGINE_TABLE **table); -#ifndef ENGINE_TABLE_DEBUG -ENGINE *engine_table_select(ENGINE_TABLE **table, int nid); -#else -ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, - int l); -#define engine_table_select(t,n) engine_table_select_tmp(t,n,__FILE__,__LINE__) -#endif -typedef void (engine_table_doall_cb)(int nid, STACK_OF(ENGINE) *sk, - ENGINE *def, void *arg); -void engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb, - void *arg); - -/* Internal versions of API functions that have control over locking. These are - * used between C files when functionality needs to be shared but the caller may - * already be controlling of the CRYPTO_LOCK_ENGINE lock. */ -int engine_unlocked_init(ENGINE *e); -int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers); -int engine_free_util(ENGINE *e, int locked); - -/* This function will reset all "set"able values in an ENGINE to NULL. This - * won't touch reference counts or ex_data, but is equivalent to calling all the - * ENGINE_set_***() functions with a NULL value. */ -void engine_set_all_null(ENGINE *e); - -/* NB: Bitwise OR-able values for the "flags" variable in ENGINE are now exposed - * in engine.h. */ - -/* Free up dynamically allocated public key methods associated with ENGINE */ - -void engine_pkey_meths_free(ENGINE *e); -void engine_pkey_asn1_meths_free(ENGINE *e); - -/* This is a structure for storing implementations of various crypto - * algorithms and functions. */ -struct engine_st { - const char *id; - const char *name; - const RSA_METHOD *rsa_meth; - const DSA_METHOD *dsa_meth; - const DH_METHOD *dh_meth; - const ECDH_METHOD *ecdh_meth; - const ECDSA_METHOD *ecdsa_meth; - const EC_KEY_METHOD *ec_meth; - const RAND_METHOD *rand_meth; - const STORE_METHOD *store_meth; - /* Cipher handling is via this callback */ - ENGINE_CIPHERS_PTR ciphers; - /* Digest handling is via this callback */ - ENGINE_DIGESTS_PTR digests; - /* Public key handling via this callback */ - ENGINE_PKEY_METHS_PTR pkey_meths; - /* ASN1 public key handling via this callback */ - ENGINE_PKEY_ASN1_METHS_PTR pkey_asn1_meths; - - ENGINE_GEN_INT_FUNC_PTR destroy; - - ENGINE_GEN_INT_FUNC_PTR init; - ENGINE_GEN_INT_FUNC_PTR finish; - ENGINE_CTRL_FUNC_PTR ctrl; - ENGINE_LOAD_KEY_PTR load_privkey; - ENGINE_LOAD_KEY_PTR load_pubkey; - - ENGINE_SSL_CLIENT_CERT_PTR load_ssl_client_cert; - - const ENGINE_CMD_DEFN *cmd_defns; - int flags; - /* reference count on the structure itself */ - int struct_ref; - /* reference count on usability of the engine type. NB: This - * controls the loading and initialisation of any functionlity - * required by this engine, whereas the previous count is - * simply to cope with (de)allocation of this structure. Hence, - * running_ref <= struct_ref at all times. */ - int funct_ref; - /* A place to store per-ENGINE data */ - CRYPTO_EX_DATA ex_data; - /* Used to maintain the linked-list of engines. */ - struct engine_st *prev; - struct engine_st *next; -}; - -__END_HIDDEN_DECLS - -#endif /* HEADER_ENGINE_INT_H */ diff --git a/lib/libcrypto/engine/eng_lib.c b/lib/libcrypto/engine/eng_lib.c deleted file mode 100644 index 1aedcb18c..000000000 --- a/lib/libcrypto/engine/eng_lib.c +++ /dev/null @@ -1,365 +0,0 @@ -/* $OpenBSD: eng_lib.c,v 1.14 2018/04/14 07:18:37 tb Exp $ */ -/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include -#include - -#include "eng_int.h" - -/* The "new"/"free" stuff first */ - -ENGINE * -ENGINE_new(void) -{ - ENGINE *ret; - - if (!OPENSSL_init_crypto(0, NULL)) - return NULL; - - ret = malloc(sizeof(ENGINE)); - if (ret == NULL) { - ENGINEerror(ERR_R_MALLOC_FAILURE); - return NULL; - } - memset(ret, 0, sizeof(ENGINE)); - ret->struct_ref = 1; - engine_ref_debug(ret, 0, 1) - CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ENGINE, ret, &ret->ex_data); - return ret; -} - -/* Placed here (close proximity to ENGINE_new) so that modifications to the - * elements of the ENGINE structure are more likely to be caught and changed - * here. */ -void -engine_set_all_null(ENGINE *e) -{ - e->id = NULL; - e->name = NULL; - e->rsa_meth = NULL; - e->dsa_meth = NULL; - e->dh_meth = NULL; - e->rand_meth = NULL; - e->store_meth = NULL; - e->ciphers = NULL; - e->digests = NULL; - e->destroy = NULL; - e->init = NULL; - e->finish = NULL; - e->ctrl = NULL; - e->load_privkey = NULL; - e->load_pubkey = NULL; - e->cmd_defns = NULL; - e->flags = 0; -} - -int -engine_free_util(ENGINE *e, int locked) -{ - int i; - - if (e == NULL) - return 1; - if (locked) - i = CRYPTO_add(&e->struct_ref, -1, CRYPTO_LOCK_ENGINE); - else - i = --e->struct_ref; - engine_ref_debug(e, 0, -1) - if (i > 0) - return 1; - - /* Free up any dynamically allocated public key methods */ - engine_pkey_meths_free(e); - engine_pkey_asn1_meths_free(e); - /* Give the ENGINE a chance to do any structural cleanup corresponding - * to allocation it did in its constructor (eg. unload error strings) */ - if (e->destroy) - e->destroy(e); - CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ENGINE, e, &e->ex_data); - free(e); - return 1; -} - -int -ENGINE_free(ENGINE *e) -{ - return engine_free_util(e, 1); -} - -/* Cleanup stuff */ - -/* ENGINE_cleanup() is coded such that anything that does work that will need - * cleanup can register a "cleanup" callback here. That way we don't get linker - * bloat by referring to all *possible* cleanups, but any linker bloat into code - * "X" will cause X's cleanup function to end up here. */ -static STACK_OF(ENGINE_CLEANUP_ITEM) *cleanup_stack = NULL; -static int -int_cleanup_check(int create) -{ - if (cleanup_stack) - return 1; - if (!create) - return 0; - cleanup_stack = sk_ENGINE_CLEANUP_ITEM_new_null(); - return (cleanup_stack ? 1 : 0); -} - -static ENGINE_CLEANUP_ITEM * -int_cleanup_item(ENGINE_CLEANUP_CB *cb) -{ - ENGINE_CLEANUP_ITEM *item = malloc(sizeof(ENGINE_CLEANUP_ITEM)); - - if (!item) - return NULL; - item->cb = cb; - return item; -} - -void -engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb) -{ - ENGINE_CLEANUP_ITEM *item; - - if (!int_cleanup_check(1)) - return; - item = int_cleanup_item(cb); - if (item) - sk_ENGINE_CLEANUP_ITEM_insert(cleanup_stack, item, 0); -} - -void -engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb) -{ - ENGINE_CLEANUP_ITEM *item; - - if (!int_cleanup_check(1)) - return; - item = int_cleanup_item(cb); - if (item) - sk_ENGINE_CLEANUP_ITEM_push(cleanup_stack, item); -} -/* The API function that performs all cleanup */ -static void -engine_cleanup_cb_free(ENGINE_CLEANUP_ITEM *item) -{ - (*(item->cb))(); - free(item); -} - -void -ENGINE_cleanup(void) -{ - if (int_cleanup_check(0)) { - sk_ENGINE_CLEANUP_ITEM_pop_free(cleanup_stack, - engine_cleanup_cb_free); - cleanup_stack = NULL; - } - /* FIXME: This should be handled (somehow) through RAND, eg. by it - * registering a cleanup callback. */ - RAND_set_rand_method(NULL); -} - -/* Now the "ex_data" support */ - -int -ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) -{ - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, argl, argp, - new_func, dup_func, free_func); -} - -int -ENGINE_set_ex_data(ENGINE *e, int idx, void *arg) -{ - return (CRYPTO_set_ex_data(&e->ex_data, idx, arg)); -} - -void * -ENGINE_get_ex_data(const ENGINE *e, int idx) -{ - return (CRYPTO_get_ex_data(&e->ex_data, idx)); -} - -/* Functions to get/set an ENGINE's elements - mainly to avoid exposing the - * ENGINE structure itself. */ - -int -ENGINE_set_id(ENGINE *e, const char *id) -{ - if (id == NULL) { - ENGINEerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - e->id = id; - return 1; -} - -int -ENGINE_set_name(ENGINE *e, const char *name) -{ - if (name == NULL) { - ENGINEerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - e->name = name; - return 1; -} - -int -ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f) -{ - e->destroy = destroy_f; - return 1; -} - -int -ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f) -{ - e->init = init_f; - return 1; -} - -int -ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f) -{ - e->finish = finish_f; - return 1; -} - -int -ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f) -{ - e->ctrl = ctrl_f; - return 1; -} - -int -ENGINE_set_flags(ENGINE *e, int flags) -{ - e->flags = flags; - return 1; -} - -int -ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns) -{ - e->cmd_defns = defns; - return 1; -} - -const char * -ENGINE_get_id(const ENGINE *e) -{ - return e->id; -} - -const char * -ENGINE_get_name(const ENGINE *e) -{ - return e->name; -} - -ENGINE_GEN_INT_FUNC_PTR -ENGINE_get_destroy_function(const ENGINE *e) -{ - return e->destroy; -} - -ENGINE_GEN_INT_FUNC_PTR -ENGINE_get_init_function(const ENGINE *e) -{ - return e->init; -} - -ENGINE_GEN_INT_FUNC_PTR -ENGINE_get_finish_function(const ENGINE *e) -{ - return e->finish; -} - -ENGINE_CTRL_FUNC_PTR -ENGINE_get_ctrl_function(const ENGINE *e) -{ - return e->ctrl; -} - -int -ENGINE_get_flags(const ENGINE *e) -{ - return e->flags; -} - -const ENGINE_CMD_DEFN * -ENGINE_get_cmd_defns(const ENGINE *e) -{ - return e->cmd_defns; -} - -/* eng_lib.o is pretty much linked into anything that touches ENGINE already, so - * put the "static_state" hack here. */ - -static int internal_static_hack = 0; - -void * -ENGINE_get_static_state(void) -{ - return &internal_static_hack; -} diff --git a/lib/libcrypto/engine/eng_list.c b/lib/libcrypto/engine/eng_list.c deleted file mode 100644 index 451c8616e..000000000 --- a/lib/libcrypto/engine/eng_list.c +++ /dev/null @@ -1,387 +0,0 @@ -/* $OpenBSD: eng_list.c,v 1.25 2022/12/26 07:18:51 jmc Exp $ */ -/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECDH support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ - -#include -#include - -#include - -#include - -#include "cryptlib.h" -#include "eng_int.h" - -/* The linked-list of pointers to engine types. engine_list_head - * incorporates an implicit structural reference but engine_list_tail - * does not - the latter is a computational niceity and only points - * to something that is already pointed to by its predecessor in the - * list (or engine_list_head itself). In the same way, the use of the - * "prev" pointer in each ENGINE is to save excessive list iteration, - * it doesn't correspond to an extra structural reference. Hence, - * engine_list_head, and each non-null "next" pointer account for - * the list itself assuming exactly 1 structural reference on each - * list member. */ -static ENGINE *engine_list_head = NULL; -static ENGINE *engine_list_tail = NULL; - -/* This cleanup function is only needed internally. If it should be called, we - * register it with the "ENGINE_cleanup()" stack to be called during cleanup. */ - -static void -engine_list_cleanup(void) -{ - ENGINE *iterator = engine_list_head; - - while (iterator != NULL && ENGINE_remove(iterator)) - iterator = engine_list_head; -} - -/* These static functions starting with a lower case "engine_" always - * take place when CRYPTO_LOCK_ENGINE has been locked up. */ -static int -engine_list_add(ENGINE *e) -{ - int conflict = 0; - ENGINE *iterator = NULL; - - if (e == NULL) { - ENGINEerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - iterator = engine_list_head; - while (iterator && !conflict) { - conflict = (strcmp(iterator->id, e->id) == 0); - iterator = iterator->next; - } - if (conflict) { - ENGINEerror(ENGINE_R_CONFLICTING_ENGINE_ID); - return 0; - } - if (engine_list_head == NULL) { - /* We are adding to an empty list. */ - if (engine_list_tail) { - ENGINEerror(ENGINE_R_INTERNAL_LIST_ERROR); - return 0; - } - engine_list_head = e; - e->prev = NULL; - /* The first time the list allocates, we should register the - * cleanup. */ - engine_cleanup_add_last(engine_list_cleanup); - } else { - /* We are adding to the tail of an existing list. */ - if ((engine_list_tail == NULL) || - (engine_list_tail->next != NULL)) { - ENGINEerror(ENGINE_R_INTERNAL_LIST_ERROR); - return 0; - } - engine_list_tail->next = e; - e->prev = engine_list_tail; - } - /* Having the engine in the list assumes a structural - * reference. */ - e->struct_ref++; - engine_ref_debug(e, 0, 1) - /* However it came to be, e is the last item in the list. */ - engine_list_tail = e; - e->next = NULL; - return 1; -} - -static int -engine_list_remove(ENGINE *e) -{ - ENGINE *iterator; - - if (e == NULL) { - ENGINEerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - /* We need to check that e is in our linked list! */ - iterator = engine_list_head; - while (iterator && (iterator != e)) - iterator = iterator->next; - if (iterator == NULL) { - ENGINEerror(ENGINE_R_ENGINE_IS_NOT_IN_LIST); - return 0; - } - /* un-link e from the chain. */ - if (e->next) - e->next->prev = e->prev; - if (e->prev) - e->prev->next = e->next; - /* Correct our head/tail if necessary. */ - if (engine_list_head == e) - engine_list_head = e->next; - if (engine_list_tail == e) - engine_list_tail = e->prev; - engine_free_util(e, 0); - return 1; -} - -/* Get the first/last "ENGINE" type available. */ -ENGINE * -ENGINE_get_first(void) -{ - ENGINE *ret; - - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - ret = engine_list_head; - if (ret) { - ret->struct_ref++; - engine_ref_debug(ret, 0, 1) - } - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - return ret; -} - -ENGINE * -ENGINE_get_last(void) -{ - ENGINE *ret; - - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - ret = engine_list_tail; - if (ret) { - ret->struct_ref++; - engine_ref_debug(ret, 0, 1) - } - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - return ret; -} - -/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */ -ENGINE * -ENGINE_get_next(ENGINE *e) -{ - ENGINE *ret = NULL; - - if (e == NULL) { - ENGINEerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - ret = e->next; - if (ret) { - /* Return a valid structural reference to the next ENGINE */ - ret->struct_ref++; - engine_ref_debug(ret, 0, 1) - } - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - /* Release the structural reference to the previous ENGINE */ - ENGINE_free(e); - return ret; -} - -ENGINE * -ENGINE_get_prev(ENGINE *e) -{ - ENGINE *ret = NULL; - - if (e == NULL) { - ENGINEerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - ret = e->prev; - if (ret) { - /* Return a valid structural reference to the next ENGINE */ - ret->struct_ref++; - engine_ref_debug(ret, 0, 1) - } - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - /* Release the structural reference to the previous ENGINE */ - ENGINE_free(e); - return ret; -} - -/* Add another "ENGINE" type into the list. */ -int -ENGINE_add(ENGINE *e) -{ - int to_return = 1; - - if (e == NULL) { - ENGINEerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - if ((e->id == NULL) || (e->name == NULL)) { - ENGINEerror(ENGINE_R_ID_OR_NAME_MISSING); - } - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - if (!engine_list_add(e)) { - ENGINEerror(ENGINE_R_INTERNAL_LIST_ERROR); - to_return = 0; - } - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - return to_return; -} - -/* Remove an existing "ENGINE" type from the array. */ -int -ENGINE_remove(ENGINE *e) -{ - int to_return = 1; - - if (e == NULL) { - ENGINEerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - if (!engine_list_remove(e)) { - ENGINEerror(ENGINE_R_INTERNAL_LIST_ERROR); - to_return = 0; - } - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - return to_return; -} - -static void -engine_cpy(ENGINE *dest, const ENGINE *src) -{ - dest->id = src->id; - dest->name = src->name; -#ifndef OPENSSL_NO_RSA - dest->rsa_meth = src->rsa_meth; -#endif -#ifndef OPENSSL_NO_DSA - dest->dsa_meth = src->dsa_meth; -#endif -#ifndef OPENSSL_NO_DH - dest->dh_meth = src->dh_meth; -#endif -#ifndef OPENSSL_NO_ECDH - dest->ecdh_meth = src->ecdh_meth; -#endif -#ifndef OPENSSL_NO_ECDSA - dest->ecdsa_meth = src->ecdsa_meth; -#endif -#ifndef OPENSSL_NO_EC - dest->ec_meth = src->ec_meth; -#endif - dest->rand_meth = src->rand_meth; - dest->store_meth = src->store_meth; - dest->ciphers = src->ciphers; - dest->digests = src->digests; - dest->pkey_meths = src->pkey_meths; - dest->destroy = src->destroy; - dest->init = src->init; - dest->finish = src->finish; - dest->ctrl = src->ctrl; - dest->load_privkey = src->load_privkey; - dest->load_pubkey = src->load_pubkey; - dest->cmd_defns = src->cmd_defns; - dest->flags = src->flags; -} - -ENGINE * -ENGINE_by_id(const char *id) -{ - ENGINE *iterator; - - if (id == NULL) { - ENGINEerror(ERR_R_PASSED_NULL_PARAMETER); - return NULL; - } - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - iterator = engine_list_head; - while (iterator && (strcmp(id, iterator->id) != 0)) - iterator = iterator->next; - if (iterator) { - /* We need to return a structural reference. If this is an - * ENGINE type that returns copies, make a duplicate - otherwise - * increment the existing ENGINE's reference count. */ - if (iterator->flags & ENGINE_FLAGS_BY_ID_COPY) { - ENGINE *cp = ENGINE_new(); - if (!cp) - iterator = NULL; - else { - engine_cpy(cp, iterator); - iterator = cp; - } - } else { - iterator->struct_ref++; - engine_ref_debug(iterator, 0, 1) - } - } - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - - if (iterator == NULL) { - ENGINEerror(ENGINE_R_NO_SUCH_ENGINE); - ERR_asprintf_error_data("id=%s", id); - } - return iterator; -} - -int -ENGINE_up_ref(ENGINE *e) -{ - int refs; - - if (e == NULL) { - ENGINEerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - refs = CRYPTO_add(&e->struct_ref, 1, CRYPTO_LOCK_ENGINE); - return refs > 1 ? 1 : 0; -} diff --git a/lib/libcrypto/engine/eng_openssl.c b/lib/libcrypto/engine/eng_openssl.c deleted file mode 100644 index 4e0f144e8..000000000 --- a/lib/libcrypto/engine/eng_openssl.c +++ /dev/null @@ -1,406 +0,0 @@ -/* $OpenBSD: eng_openssl.c,v 1.17 2023/07/20 15:08:12 tb Exp $ */ -/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECDH support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ - -#include -#include - -#include - -#include -#include -#include -#include -#include -#include - -#ifndef OPENSSL_NO_DH -#include -#endif -#ifndef OPENSSL_NO_DSA -#include -#endif -#ifndef OPENSSL_NO_RSA -#include -#endif - -#include "evp_local.h" - -/* This testing gunk is implemented (and explained) lower down. It also assumes - * the application explicitly calls "ENGINE_load_openssl()" because this is no - * longer automatic in ENGINE_load_builtin_engines(). */ -#define TEST_ENG_OPENSSL_RC4 -#define TEST_ENG_OPENSSL_PKEY -/* #define TEST_ENG_OPENSSL_RC4_OTHERS */ -#define TEST_ENG_OPENSSL_RC4_P_INIT -/* #define TEST_ENG_OPENSSL_RC4_P_CIPHER */ -#define TEST_ENG_OPENSSL_SHA -/* #define TEST_ENG_OPENSSL_SHA_OTHERS */ -/* #define TEST_ENG_OPENSSL_SHA_P_INIT */ -/* #define TEST_ENG_OPENSSL_SHA_P_UPDATE */ -/* #define TEST_ENG_OPENSSL_SHA_P_FINAL */ - -/* Now check what of those algorithms are actually enabled */ -#ifdef OPENSSL_NO_RC4 -#undef TEST_ENG_OPENSSL_RC4 -#undef TEST_ENG_OPENSSL_RC4_OTHERS -#undef TEST_ENG_OPENSSL_RC4_P_INIT -#undef TEST_ENG_OPENSSL_RC4_P_CIPHER -#endif -#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA1) -#undef TEST_ENG_OPENSSL_SHA -#undef TEST_ENG_OPENSSL_SHA_OTHERS -#undef TEST_ENG_OPENSSL_SHA_P_INIT -#undef TEST_ENG_OPENSSL_SHA_P_UPDATE -#undef TEST_ENG_OPENSSL_SHA_P_FINAL -#endif - -#ifdef TEST_ENG_OPENSSL_RC4 -static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher, - const int **nids, int nid); -#endif -#ifdef TEST_ENG_OPENSSL_SHA -static int openssl_digests(ENGINE *e, const EVP_MD **digest, - const int **nids, int nid); -#endif - -#ifdef TEST_ENG_OPENSSL_PKEY -static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id, - UI_METHOD *ui_method, void *callback_data); -#endif - -/* The constants used when creating the ENGINE */ -static const char *engine_openssl_id = "openssl"; -static const char *engine_openssl_name = "Software engine support"; - -/* This internal function is used by ENGINE_openssl() and possibly by the - * "dynamic" ENGINE support too */ -static int -bind_helper(ENGINE *e) -{ - if (!ENGINE_set_id(e, engine_openssl_id) || - !ENGINE_set_name(e, engine_openssl_name) -#ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS -#ifndef OPENSSL_NO_RSA - || !ENGINE_set_RSA(e, RSA_get_default_method()) -#endif -#ifndef OPENSSL_NO_DSA - || !ENGINE_set_DSA(e, DSA_get_default_method()) -#endif -#ifndef OPENSSL_NO_ECDH - || !ENGINE_set_ECDH(e, ECDH_OpenSSL()) -#endif -#ifndef OPENSSL_NO_ECDSA - || !ENGINE_set_ECDSA(e, ECDSA_OpenSSL()) -#endif -#ifndef OPENSSL_NO_DH - || !ENGINE_set_DH(e, DH_get_default_method()) -#endif - || !ENGINE_set_RAND(e, RAND_SSLeay()) -#ifdef TEST_ENG_OPENSSL_RC4 - || !ENGINE_set_ciphers(e, openssl_ciphers) -#endif -#ifdef TEST_ENG_OPENSSL_SHA - || !ENGINE_set_digests(e, openssl_digests) -#endif -#endif -#ifdef TEST_ENG_OPENSSL_PKEY - || !ENGINE_set_load_privkey_function(e, openssl_load_privkey) -#endif - ) - return 0; - /* If we add errors to this ENGINE, ensure the error handling is setup here */ - /* openssl_load_error_strings(); */ - return 1; -} - -static ENGINE * -engine_openssl(void) -{ - ENGINE *ret = ENGINE_new(); - - if (ret == NULL) - return NULL; - if (!bind_helper(ret)) { - ENGINE_free(ret); - return NULL; - } - return ret; -} - -void -ENGINE_load_openssl(void) -{ - ENGINE *toadd = engine_openssl(); - - if (toadd == NULL) - return; - (void) ENGINE_add(toadd); - /* If the "add" worked, it gets a structural reference. So either way, - * we release our just-created reference. */ - ENGINE_free(toadd); - ERR_clear_error(); -} - -/* This stuff is needed if this ENGINE is being compiled into a self-contained - * shared-library. */ -#ifdef ENGINE_DYNAMIC_SUPPORT -static int -bind_fn(ENGINE *e, const char *id) -{ - if (id && (strcmp(id, engine_openssl_id) != 0)) - return 0; - if (!bind_helper(e)) - return 0; - return 1; -} -IMPLEMENT_DYNAMIC_CHECK_FN() -IMPLEMENT_DYNAMIC_BIND_FN(bind_fn) -#endif /* ENGINE_DYNAMIC_SUPPORT */ - -#ifdef TEST_ENG_OPENSSL_RC4 -/* This section of code compiles an "alternative implementation" of two modes of - * RC4 into this ENGINE. The result is that EVP_CIPHER operation for "rc4" - * should under normal circumstances go via this support rather than the default - * EVP support. There are other symbols to tweak the testing; - * TEST_ENC_OPENSSL_RC4_OTHERS - print a one line message to stderr each time - * we're asked for a cipher we don't support (should not happen). - * TEST_ENG_OPENSSL_RC4_P_INIT - print a one line message to stderr each time - * the "init_key" handler is called. - * TEST_ENG_OPENSSL_RC4_P_CIPHER - ditto for the "cipher" handler. - */ -#include -#define TEST_RC4_KEY_SIZE 16 -static int test_cipher_nids[] = {NID_rc4, NID_rc4_40}; -static int test_cipher_nids_number = 2; - -typedef struct { - unsigned char key[TEST_RC4_KEY_SIZE]; - RC4_KEY ks; -} TEST_RC4_KEY; - -#define test(ctx) ((TEST_RC4_KEY *)(ctx)->cipher_data) -static int -test_rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ -#ifdef TEST_ENG_OPENSSL_RC4_P_INIT - fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_init_key() called\n"); -#endif - memcpy(&test(ctx)->key[0], key, EVP_CIPHER_CTX_key_length(ctx)); - RC4_set_key(&test(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx), - test(ctx)->key); - return 1; -} - -static int -test_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) -{ -#ifdef TEST_ENG_OPENSSL_RC4_P_CIPHER - fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_cipher() called\n"); -#endif - RC4(&test(ctx)->ks, inl, in, out); - return 1; -} - -static const EVP_CIPHER test_r4_cipher = { - NID_rc4, - 1, TEST_RC4_KEY_SIZE, 0, - EVP_CIPH_VARIABLE_LENGTH, - test_rc4_init_key, - test_rc4_cipher, - NULL, - sizeof(TEST_RC4_KEY), - NULL, - NULL, - NULL, - NULL -}; - -static const EVP_CIPHER test_r4_40_cipher = { - NID_rc4_40, - 1,5 /* 40 bit */,0, - EVP_CIPH_VARIABLE_LENGTH, - test_rc4_init_key, - test_rc4_cipher, - NULL, - sizeof(TEST_RC4_KEY), - NULL, - NULL, - NULL, - NULL -}; - -static int -openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid) -{ - if (!cipher) { - /* We are returning a list of supported nids */ - *nids = test_cipher_nids; - return test_cipher_nids_number; - } - /* We are being asked for a specific cipher */ - if (nid == NID_rc4) - *cipher = &test_r4_cipher; - else if (nid == NID_rc4_40) - *cipher = &test_r4_40_cipher; - else { -#ifdef TEST_ENG_OPENSSL_RC4_OTHERS - fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) returning NULL for " - "nid %d\n", nid); -#endif - *cipher = NULL; - return 0; - } - return 1; -} -#endif - -#ifdef TEST_ENG_OPENSSL_SHA -/* Much the same sort of comment as for TEST_ENG_OPENSSL_RC4 */ -#include -static int test_digest_nids[] = {NID_sha1}; -static int test_digest_nids_number = 1; - -static int -test_sha1_init(EVP_MD_CTX *ctx) -{ -#ifdef TEST_ENG_OPENSSL_SHA_P_INIT - fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_init() called\n"); -#endif - return SHA1_Init(ctx->md_data); -} - -static int -test_sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count) -{ -#ifdef TEST_ENG_OPENSSL_SHA_P_UPDATE - fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_update() called\n"); -#endif - return SHA1_Update(ctx->md_data, data, count); -} - -static int -test_sha1_final(EVP_MD_CTX *ctx, unsigned char *md) -{ -#ifdef TEST_ENG_OPENSSL_SHA_P_FINAL - fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_final() called\n"); -#endif - return SHA1_Final(md, ctx->md_data); -} - -static const EVP_MD test_sha_md = { - .type = NID_sha1, - .pkey_type = NID_sha1WithRSAEncryption, - .md_size = SHA_DIGEST_LENGTH, - .flags = 0, - .init = test_sha1_init, - .update = test_sha1_update, - .final = test_sha1_final, - .copy = NULL, - .cleanup = NULL, - .block_size = SHA_CBLOCK, - .ctx_size = sizeof(EVP_MD *) + sizeof(SHA_CTX), -}; - -static int -openssl_digests(ENGINE *e, const EVP_MD **digest, const int **nids, int nid) -{ - if (!digest) { - /* We are returning a list of supported nids */ - *nids = test_digest_nids; - return test_digest_nids_number; - } - /* We are being asked for a specific digest */ - if (nid == NID_sha1) - *digest = &test_sha_md; - else { -#ifdef TEST_ENG_OPENSSL_SHA_OTHERS - fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) returning NULL for " - "nid %d\n", nid); -#endif - *digest = NULL; - return 0; - } - return 1; -} -#endif - -#ifdef TEST_ENG_OPENSSL_PKEY -static EVP_PKEY * -openssl_load_privkey(ENGINE *eng, const char *key_id, UI_METHOD *ui_method, - void *callback_data) -{ - BIO *in; - EVP_PKEY *key; - - fprintf(stderr, "(TEST_ENG_OPENSSL_PKEY)Loading Private key %s\n", - key_id); - in = BIO_new_file(key_id, "r"); - if (!in) - return NULL; - key = PEM_read_bio_PrivateKey(in, NULL, 0, NULL); - BIO_free(in); - return key; -} -#endif diff --git a/lib/libcrypto/engine/eng_pkey.c b/lib/libcrypto/engine/eng_pkey.c deleted file mode 100644 index a0320e973..000000000 --- a/lib/libcrypto/engine/eng_pkey.c +++ /dev/null @@ -1,184 +0,0 @@ -/* $OpenBSD: eng_pkey.c,v 1.7 2017/01/29 17:49:23 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 1999-2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include "eng_int.h" - -/* Basic get/set stuff */ - -int -ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f) -{ - e->load_privkey = loadpriv_f; - return 1; -} - -int -ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f) -{ - e->load_pubkey = loadpub_f; - return 1; -} - -int -ENGINE_set_load_ssl_client_cert_function(ENGINE *e, - ENGINE_SSL_CLIENT_CERT_PTR loadssl_f) -{ - e->load_ssl_client_cert = loadssl_f; - return 1; -} - -ENGINE_LOAD_KEY_PTR -ENGINE_get_load_privkey_function(const ENGINE *e) -{ - return e->load_privkey; -} - -ENGINE_LOAD_KEY_PTR -ENGINE_get_load_pubkey_function(const ENGINE *e) -{ - return e->load_pubkey; -} - -ENGINE_SSL_CLIENT_CERT_PTR -ENGINE_get_ssl_client_cert_function(const ENGINE *e) -{ - return e->load_ssl_client_cert; -} - -/* API functions to load public/private keys */ - -EVP_PKEY * -ENGINE_load_private_key(ENGINE *e, const char *key_id, UI_METHOD *ui_method, - void *callback_data) -{ - EVP_PKEY *pkey; - - if (e == NULL) { - ENGINEerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - if (e->funct_ref == 0) { - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - ENGINEerror(ENGINE_R_NOT_INITIALISED); - return 0; - } - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - if (!e->load_privkey) { - ENGINEerror(ENGINE_R_NO_LOAD_FUNCTION); - return 0; - } - pkey = e->load_privkey(e, key_id, ui_method, callback_data); - if (!pkey) { - ENGINEerror(ENGINE_R_FAILED_LOADING_PRIVATE_KEY); - return 0; - } - return pkey; -} - -EVP_PKEY * -ENGINE_load_public_key(ENGINE *e, const char *key_id, UI_METHOD *ui_method, - void *callback_data) -{ - EVP_PKEY *pkey; - - if (e == NULL) { - ENGINEerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - if (e->funct_ref == 0) { - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - ENGINEerror(ENGINE_R_NOT_INITIALISED); - return 0; - } - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - if (!e->load_pubkey) { - ENGINEerror(ENGINE_R_NO_LOAD_FUNCTION); - return 0; - } - pkey = e->load_pubkey(e, key_id, ui_method, callback_data); - if (!pkey) { - ENGINEerror(ENGINE_R_FAILED_LOADING_PUBLIC_KEY); - return 0; - } - return pkey; -} - -int -ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s, STACK_OF(X509_NAME) *ca_dn, - X509 **pcert, EVP_PKEY **ppkey, STACK_OF(X509) **pother, - UI_METHOD *ui_method, void *callback_data) -{ - if (e == NULL) { - ENGINEerror(ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - if (e->funct_ref == 0) { - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - ENGINEerror(ENGINE_R_NOT_INITIALISED); - return 0; - } - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - if (!e->load_ssl_client_cert) { - ENGINEerror(ENGINE_R_NO_LOAD_FUNCTION); - return 0; - } - return e->load_ssl_client_cert(e, s, ca_dn, pcert, ppkey, pother, - ui_method, callback_data); -} diff --git a/lib/libcrypto/engine/eng_table.c b/lib/libcrypto/engine/eng_table.c deleted file mode 100644 index 0e7ea3b69..000000000 --- a/lib/libcrypto/engine/eng_table.c +++ /dev/null @@ -1,354 +0,0 @@ -/* $OpenBSD: eng_table.c,v 1.10 2022/12/26 07:18:52 jmc Exp $ */ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include - -#include "eng_int.h" - -/* The type of the items in the table */ -typedef struct st_engine_pile { - /* The 'nid' of this algorithm/mode */ - int nid; - /* ENGINEs that implement this algorithm/mode. */ - STACK_OF(ENGINE) *sk; - /* The default ENGINE to perform this algorithm/mode. */ - ENGINE *funct; - /* Zero if 'sk' is newer than the cached 'funct', non-zero otherwise */ - int uptodate; -} ENGINE_PILE; - -DECLARE_LHASH_OF(ENGINE_PILE); - -/* The type exposed in eng_int.h */ -struct st_engine_table { - LHASH_OF(ENGINE_PILE) piles; -}; /* ENGINE_TABLE */ - -typedef struct st_engine_pile_doall { - engine_table_doall_cb *cb; - void *arg; -} ENGINE_PILE_DOALL; - -/* Global flags (ENGINE_TABLE_FLAG_***). */ -static unsigned int table_flags = 0; - -/* API function manipulating 'table_flags' */ -unsigned int -ENGINE_get_table_flags(void) -{ - return table_flags; -} - -void -ENGINE_set_table_flags(unsigned int flags) -{ - table_flags = flags; -} - -/* Internal functions for the "piles" hash table */ -static unsigned long -engine_pile_hash(const ENGINE_PILE *c) -{ - return c->nid; -} - -static int -engine_pile_cmp(const ENGINE_PILE *a, const ENGINE_PILE *b) -{ - return a->nid - b->nid; -} -static IMPLEMENT_LHASH_HASH_FN(engine_pile, ENGINE_PILE) -static IMPLEMENT_LHASH_COMP_FN(engine_pile, ENGINE_PILE) - -static int -int_table_check(ENGINE_TABLE **t, int create) -{ - LHASH_OF(ENGINE_PILE) *lh; - - if (*t) - return 1; - if (!create) - return 0; - if ((lh = lh_ENGINE_PILE_new()) == NULL) - return 0; - *t = (ENGINE_TABLE *)lh; - return 1; -} - -/* Privately exposed (via eng_int.h) functions for adding and/or removing - * ENGINEs from the implementation table */ -int -engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup, - ENGINE *e, const int *nids, int num_nids, int setdefault) -{ - int ret = 0, added = 0; - ENGINE_PILE tmplate, *fnd; - - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - if (!(*table)) - added = 1; - if (!int_table_check(table, 1)) - goto end; - if (added) - /* The cleanup callback needs to be added */ - engine_cleanup_add_first(cleanup); - while (num_nids--) { - tmplate.nid = *nids; - fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate); - if (!fnd) { - fnd = malloc(sizeof(ENGINE_PILE)); - if (!fnd) - goto end; - fnd->uptodate = 1; - fnd->nid = *nids; - fnd->sk = sk_ENGINE_new_null(); - if (!fnd->sk) { - free(fnd); - goto end; - } - fnd->funct = NULL; - (void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd); - } - /* A registration shouldn't add duplicate entries */ - (void)sk_ENGINE_delete_ptr(fnd->sk, e); - /* if 'setdefault', this ENGINE goes to the head of the list */ - if (!sk_ENGINE_push(fnd->sk, e)) - goto end; - /* "touch" this ENGINE_PILE */ - fnd->uptodate = 0; - if (setdefault) { - if (!engine_unlocked_init(e)) { - ENGINEerror(ENGINE_R_INIT_FAILED); - goto end; - } - if (fnd->funct) - engine_unlocked_finish(fnd->funct, 0); - fnd->funct = e; - fnd->uptodate = 1; - } - nids++; - } - ret = 1; -end: - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - return ret; -} - -static void -int_unregister_cb_doall_arg(ENGINE_PILE *pile, ENGINE *e) -{ - int n; - - /* Iterate the 'c->sk' stack removing any occurrence of 'e' */ - while ((n = sk_ENGINE_find(pile->sk, e)) >= 0) { - (void)sk_ENGINE_delete(pile->sk, n); - pile->uptodate = 0; - } - if (pile->funct == e) { - engine_unlocked_finish(e, 0); - pile->funct = NULL; - } -} -static IMPLEMENT_LHASH_DOALL_ARG_FN(int_unregister_cb, ENGINE_PILE, ENGINE) - -void -engine_table_unregister(ENGINE_TABLE **table, ENGINE *e) -{ - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - if (int_table_check(table, 0)) - lh_ENGINE_PILE_doall_arg(&(*table)->piles, - LHASH_DOALL_ARG_FN(int_unregister_cb), ENGINE, e); - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); -} - -static void -int_cleanup_cb_doall(ENGINE_PILE *p) -{ - sk_ENGINE_free(p->sk); - if (p->funct) - engine_unlocked_finish(p->funct, 0); - free(p); -} -static IMPLEMENT_LHASH_DOALL_FN(int_cleanup_cb, ENGINE_PILE) - -void -engine_table_cleanup(ENGINE_TABLE **table) -{ - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - if (*table) { - lh_ENGINE_PILE_doall(&(*table)->piles, - LHASH_DOALL_FN(int_cleanup_cb)); - lh_ENGINE_PILE_free(&(*table)->piles); - *table = NULL; - } - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); -} - -/* return a functional reference for a given 'nid' */ -#ifndef ENGINE_TABLE_DEBUG -ENGINE * -engine_table_select(ENGINE_TABLE **table, int nid) -#else -ENGINE * -engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, int l) -#endif -{ - ENGINE *ret = NULL; - ENGINE_PILE tmplate, *fnd = NULL; - int initres, loop = 0; - - if (!(*table)) { -#ifdef ENGINE_TABLE_DEBUG - fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, nothing " - "registered!\n", f, l, nid); -#endif - return NULL; - } - ERR_set_mark(); - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - /* Check again inside the lock otherwise we could race against cleanup - * operations. But don't worry about a fprintf(stderr). */ - if (!int_table_check(table, 0)) - goto end; - tmplate.nid = nid; - fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate); - if (!fnd) - goto end; - if (fnd->funct && engine_unlocked_init(fnd->funct)) { -#ifdef ENGINE_TABLE_DEBUG - fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using " - "ENGINE '%s' cached\n", f, l, nid, fnd->funct->id); -#endif - ret = fnd->funct; - goto end; - } - if (fnd->uptodate) { - ret = fnd->funct; - goto end; - } -trynext: - ret = sk_ENGINE_value(fnd->sk, loop++); - if (!ret) { -#ifdef ENGINE_TABLE_DEBUG - fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, no " - "registered implementations would initialise\n", f, l, nid); -#endif - goto end; - } - /* Try to initialise the ENGINE? */ - if ((ret->funct_ref > 0) || !(table_flags & ENGINE_TABLE_FLAG_NOINIT)) - initres = engine_unlocked_init(ret); - else - initres = 0; - if (initres) { - /* Update 'funct' */ - if ((fnd->funct != ret) && engine_unlocked_init(ret)) { - /* If there was a previous default we release it. */ - if (fnd->funct) - engine_unlocked_finish(fnd->funct, 0); - fnd->funct = ret; -#ifdef ENGINE_TABLE_DEBUG - fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, " - "setting default to '%s'\n", f, l, nid, ret->id); -#endif - } -#ifdef ENGINE_TABLE_DEBUG - fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using " - "newly initialised '%s'\n", f, l, nid, ret->id); -#endif - goto end; - } - goto trynext; -end: - /* If it failed, it is unlikely to succeed again until some future - * registrations have taken place. In all cases, we cache. */ - if (fnd) - fnd->uptodate = 1; -#ifdef ENGINE_TABLE_DEBUG - if (ret) - fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching " - "ENGINE '%s'\n", f, l, nid, ret->id); - else - fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching " - "'no matching ENGINE'\n", f, l, nid); -#endif - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - /* Whatever happened, any failed init()s are not failures in this - * context, so clear our error state. */ - ERR_pop_to_mark(); - return ret; -} - -/* Table enumeration */ - -static void -int_cb_doall_arg(ENGINE_PILE *pile, ENGINE_PILE_DOALL *dall) -{ - dall->cb(pile->nid, pile->sk, pile->funct, dall->arg); -} -static IMPLEMENT_LHASH_DOALL_ARG_FN(int_cb, ENGINE_PILE, ENGINE_PILE_DOALL) - -void -engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb, void *arg) -{ - ENGINE_PILE_DOALL dall; - - dall.cb = cb; - dall.arg = arg; - lh_ENGINE_PILE_doall_arg(&table->piles, LHASH_DOALL_ARG_FN(int_cb), - ENGINE_PILE_DOALL, &dall); -} diff --git a/lib/libcrypto/engine/engine.h b/lib/libcrypto/engine/engine.h index 156c2f856..ef5878a5d 100644 --- a/lib/libcrypto/engine/engine.h +++ b/lib/libcrypto/engine/engine.h @@ -1,4 +1,4 @@ -/* $OpenBSD: engine.h,v 1.39 2023/07/21 09:04:23 tb Exp $ */ +/* $OpenBSD: engine.h,v 1.41 2023/07/28 09:22:26 tb Exp $ */ /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL * project 2000. */ @@ -76,12 +76,6 @@ #ifndef OPENSSL_NO_EC #include #endif -#ifndef OPENSSL_NO_ECDH -#include -#endif -#ifndef OPENSSL_NO_ECDSA -#include -#endif #include #ifndef OPENSSL_NO_RSA #include @@ -101,8 +95,6 @@ extern "C" { #define ENGINE_METHOD_DSA (unsigned int)0x0002 #define ENGINE_METHOD_DH (unsigned int)0x0004 #define ENGINE_METHOD_RAND (unsigned int)0x0008 -#define ENGINE_METHOD_ECDH (unsigned int)0x0010 -#define ENGINE_METHOD_ECDSA (unsigned int)0x0020 #define ENGINE_METHOD_CIPHERS (unsigned int)0x0040 #define ENGINE_METHOD_DIGESTS (unsigned int)0x0080 #define ENGINE_METHOD_STORE (unsigned int)0x0100 @@ -379,14 +371,6 @@ int ENGINE_register_DSA(ENGINE *e); void ENGINE_unregister_DSA(ENGINE *e); void ENGINE_register_all_DSA(void); -int ENGINE_register_ECDH(ENGINE *e); -void ENGINE_unregister_ECDH(ENGINE *e); -void ENGINE_register_all_ECDH(void); - -int ENGINE_register_ECDSA(ENGINE *e); -void ENGINE_unregister_ECDSA(ENGINE *e); -void ENGINE_register_all_ECDSA(void); - int ENGINE_register_EC(ENGINE *e); void ENGINE_unregister_EC(ENGINE *e); void ENGINE_register_all_EC(void); @@ -483,8 +467,6 @@ int ENGINE_set_id(ENGINE *e, const char *id); int ENGINE_set_name(ENGINE *e, const char *name); int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth); int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth); -int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth); -int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth); int ENGINE_set_EC(ENGINE *e, const EC_KEY_METHOD *ec_meth); int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth); int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth); @@ -523,8 +505,6 @@ const char *ENGINE_get_id(const ENGINE *e); const char *ENGINE_get_name(const ENGINE *e); const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e); const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e); -const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e); -const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e); const EC_KEY_METHOD *ENGINE_get_EC(const ENGINE *e); const DH_METHOD *ENGINE_get_DH(const ENGINE *e); const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e); @@ -591,8 +571,6 @@ int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s, ENGINE *ENGINE_get_default_RSA(void); /* Same for the other "methods" */ ENGINE *ENGINE_get_default_DSA(void); -ENGINE *ENGINE_get_default_ECDH(void); -ENGINE *ENGINE_get_default_ECDSA(void); ENGINE *ENGINE_get_default_EC(void); ENGINE *ENGINE_get_default_DH(void); ENGINE *ENGINE_get_default_RAND(void); @@ -611,8 +589,6 @@ int ENGINE_set_default_RSA(ENGINE *e); int ENGINE_set_default_string(ENGINE *e, const char *def_list); /* Same for the other "methods" */ int ENGINE_set_default_DSA(ENGINE *e); -int ENGINE_set_default_ECDH(ENGINE *e); -int ENGINE_set_default_ECDSA(ENGINE *e); int ENGINE_set_default_EC(ENGINE *e); int ENGINE_set_default_DH(ENGINE *e); int ENGINE_set_default_RAND(ENGINE *e); diff --git a/lib/libcrypto/engine/tb_asnmth.c b/lib/libcrypto/engine/tb_asnmth.c deleted file mode 100644 index 913230f69..000000000 --- a/lib/libcrypto/engine/tb_asnmth.c +++ /dev/null @@ -1,255 +0,0 @@ -/* $OpenBSD: tb_asnmth.c,v 1.7 2022/11/26 16:08:52 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include - -#include "eng_int.h" -#include "asn1_local.h" -#include - -/* If this symbol is defined then ENGINE_get_pkey_asn1_meth_engine(), the - * function that is used by EVP to hook in pkey_asn1_meth code and cache - * defaults (etc), will display brief debugging summaries to stderr with the - * 'nid'. */ -/* #define ENGINE_PKEY_ASN1_METH_DEBUG */ - -static ENGINE_TABLE *pkey_asn1_meth_table = NULL; - -void -ENGINE_unregister_pkey_asn1_meths(ENGINE *e) -{ - engine_table_unregister(&pkey_asn1_meth_table, e); -} - -static void -engine_unregister_all_pkey_asn1_meths(void) -{ - engine_table_cleanup(&pkey_asn1_meth_table); -} - -int -ENGINE_register_pkey_asn1_meths(ENGINE *e) -{ - if (e->pkey_asn1_meths) { - const int *nids; - int num_nids = e->pkey_asn1_meths(e, NULL, &nids, 0); - if (num_nids > 0) - return engine_table_register(&pkey_asn1_meth_table, - engine_unregister_all_pkey_asn1_meths, e, nids, - num_nids, 0); - } - return 1; -} - -void -ENGINE_register_all_pkey_asn1_meths(void) -{ - ENGINE *e; - - for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e)) - ENGINE_register_pkey_asn1_meths(e); -} - -int -ENGINE_set_default_pkey_asn1_meths(ENGINE *e) -{ - if (e->pkey_asn1_meths) { - const int *nids; - int num_nids = e->pkey_asn1_meths(e, NULL, &nids, 0); - if (num_nids > 0) - return engine_table_register(&pkey_asn1_meth_table, - engine_unregister_all_pkey_asn1_meths, e, nids, - num_nids, 1); - } - return 1; -} - -/* Exposed API function to get a functional reference from the implementation - * table (ie. try to get a functional reference from the tabled structural - * references) for a given pkey_asn1_meth 'nid' */ -ENGINE * -ENGINE_get_pkey_asn1_meth_engine(int nid) -{ - return engine_table_select(&pkey_asn1_meth_table, nid); -} - -/* Obtains a pkey_asn1_meth implementation from an ENGINE functional reference */ -const EVP_PKEY_ASN1_METHOD * -ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid) -{ - EVP_PKEY_ASN1_METHOD *ret; - ENGINE_PKEY_ASN1_METHS_PTR fn = ENGINE_get_pkey_asn1_meths(e); - - if (!fn || !fn(e, &ret, NULL, nid)) { - ENGINEerror(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD); - return NULL; - } - return ret; -} - -/* Gets the pkey_asn1_meth callback from an ENGINE structure */ -ENGINE_PKEY_ASN1_METHS_PTR -ENGINE_get_pkey_asn1_meths(const ENGINE *e) -{ - return e->pkey_asn1_meths; -} - -/* Sets the pkey_asn1_meth callback in an ENGINE structure */ -int -ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f) -{ - e->pkey_asn1_meths = f; - return 1; -} - -/* Internal function to free up EVP_PKEY_ASN1_METHOD structures before an - * ENGINE is destroyed - */ - -void -engine_pkey_asn1_meths_free(ENGINE *e) -{ - int i; - EVP_PKEY_ASN1_METHOD *pkm; - - if (e->pkey_asn1_meths) { - const int *pknids; - int npknids; - npknids = e->pkey_asn1_meths(e, NULL, &pknids, 0); - for (i = 0; i < npknids; i++) { - if (e->pkey_asn1_meths(e, &pkm, NULL, pknids[i])) { - EVP_PKEY_asn1_free(pkm); - } - } - } -} - -/* Find a method based on a string. This does a linear search through - * all implemented algorithms. This is OK in practice because only - * a small number of algorithms are likely to be implemented in an engine - * and it is not used for speed critical operations. - */ - -const EVP_PKEY_ASN1_METHOD * -ENGINE_get_pkey_asn1_meth_str(ENGINE *e, const char *str, int len) -{ - int i, nidcount; - const int *nids; - EVP_PKEY_ASN1_METHOD *ameth; - - if (!e->pkey_asn1_meths) - return NULL; - if (len == -1) - len = strlen(str); - nidcount = e->pkey_asn1_meths(e, NULL, &nids, 0); - for (i = 0; i < nidcount; i++) { - e->pkey_asn1_meths(e, &ameth, NULL, nids[i]); - if (((int)strlen(ameth->pem_str) == len) && - !strncasecmp(ameth->pem_str, str, len)) - return ameth; - } - return NULL; -} - -typedef struct { - ENGINE *e; - const EVP_PKEY_ASN1_METHOD *ameth; - const char *str; - int len; -} ENGINE_FIND_STR; - -static void -look_str_cb(int nid, STACK_OF(ENGINE) *sk, ENGINE *def, void *arg) -{ - ENGINE_FIND_STR *lk = arg; - int i; - - if (lk->ameth) - return; - for (i = 0; i < sk_ENGINE_num(sk); i++) { - ENGINE *e = sk_ENGINE_value(sk, i); - EVP_PKEY_ASN1_METHOD *ameth; - e->pkey_asn1_meths(e, &ameth, NULL, nid); - if (((int)strlen(ameth->pem_str) == lk->len) && - !strncasecmp(ameth->pem_str, lk->str, lk->len)) { - lk->e = e; - lk->ameth = ameth; - return; - } - } -} - -const EVP_PKEY_ASN1_METHOD * -ENGINE_pkey_asn1_find_str(ENGINE **pe, const char *str, int len) -{ - ENGINE_FIND_STR fstr; - - fstr.e = NULL; - fstr.ameth = NULL; - fstr.str = str; - fstr.len = len; - CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); - engine_table_doall(pkey_asn1_meth_table, look_str_cb, &fstr); - /* If found obtain a structural reference to engine */ - if (fstr.e) { - fstr.e->struct_ref++; - engine_ref_debug(fstr.e, 0, 1) - } - *pe = fstr.e; - CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); - return fstr.ameth; -} diff --git a/lib/libcrypto/engine/tb_cipher.c b/lib/libcrypto/engine/tb_cipher.c deleted file mode 100644 index ed87ff199..000000000 --- a/lib/libcrypto/engine/tb_cipher.c +++ /dev/null @@ -1,152 +0,0 @@ -/* $OpenBSD: tb_cipher.c,v 1.8 2017/01/29 17:49:23 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include "eng_int.h" - -/* If this symbol is defined then ENGINE_get_cipher_engine(), the function that - * is used by EVP to hook in cipher code and cache defaults (etc), will display - * brief debugging summaries to stderr with the 'nid'. */ -/* #define ENGINE_CIPHER_DEBUG */ - -static ENGINE_TABLE *cipher_table = NULL; - -void -ENGINE_unregister_ciphers(ENGINE *e) -{ - engine_table_unregister(&cipher_table, e); -} - -static void -engine_unregister_all_ciphers(void) -{ - engine_table_cleanup(&cipher_table); -} - -int -ENGINE_register_ciphers(ENGINE *e) -{ - if (e->ciphers) { - const int *nids; - int num_nids = e->ciphers(e, NULL, &nids, 0); - if (num_nids > 0) - return engine_table_register(&cipher_table, - engine_unregister_all_ciphers, e, nids, - num_nids, 0); - } - return 1; -} - -void -ENGINE_register_all_ciphers(void) -{ - ENGINE *e; - - for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e)) - ENGINE_register_ciphers(e); -} - -int -ENGINE_set_default_ciphers(ENGINE *e) -{ - if (e->ciphers) { - const int *nids; - int num_nids = e->ciphers(e, NULL, &nids, 0); - if (num_nids > 0) - return engine_table_register(&cipher_table, - engine_unregister_all_ciphers, e, nids, - num_nids, 1); - } - return 1; -} - -/* Exposed API function to get a functional reference from the implementation - * table (ie. try to get a functional reference from the tabled structural - * references) for a given cipher 'nid' */ -ENGINE * -ENGINE_get_cipher_engine(int nid) -{ - return engine_table_select(&cipher_table, nid); -} - -/* Obtains a cipher implementation from an ENGINE functional reference */ -const EVP_CIPHER * -ENGINE_get_cipher(ENGINE *e, int nid) -{ - const EVP_CIPHER *ret; - ENGINE_CIPHERS_PTR fn = ENGINE_get_ciphers(e); - - if (!fn || !fn(e, &ret, NULL, nid)) { - ENGINEerror(ENGINE_R_UNIMPLEMENTED_CIPHER); - return NULL; - } - return ret; -} - -/* Gets the cipher callback from an ENGINE structure */ -ENGINE_CIPHERS_PTR -ENGINE_get_ciphers(const ENGINE *e) -{ - return e->ciphers; -} - -/* Sets the cipher callback in an ENGINE structure */ -int -ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f) -{ - e->ciphers = f; - return 1; -} diff --git a/lib/libcrypto/engine/tb_dh.c b/lib/libcrypto/engine/tb_dh.c deleted file mode 100644 index 4f200424e..000000000 --- a/lib/libcrypto/engine/tb_dh.c +++ /dev/null @@ -1,127 +0,0 @@ -/* $OpenBSD: tb_dh.c,v 1.6 2014/06/12 15:49:29 deraadt Exp $ */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include "eng_int.h" - -/* If this symbol is defined then ENGINE_get_default_DH(), the function that is - * used by DH to hook in implementation code and cache defaults (etc), will - * display brief debugging summaries to stderr with the 'nid'. */ -/* #define ENGINE_DH_DEBUG */ - -static ENGINE_TABLE *dh_table = NULL; -static const int dummy_nid = 1; - -void -ENGINE_unregister_DH(ENGINE *e) -{ - engine_table_unregister(&dh_table, e); -} - -static void -engine_unregister_all_DH(void) -{ - engine_table_cleanup(&dh_table); -} - -int -ENGINE_register_DH(ENGINE *e) -{ - if (e->dh_meth) - return engine_table_register(&dh_table, - engine_unregister_all_DH, e, &dummy_nid, 1, 0); - return 1; -} - -void -ENGINE_register_all_DH(void) -{ - ENGINE *e; - - for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e)) - ENGINE_register_DH(e); -} - -int -ENGINE_set_default_DH(ENGINE *e) -{ - if (e->dh_meth) - return engine_table_register(&dh_table, - engine_unregister_all_DH, e, &dummy_nid, 1, 1); - return 1; -} - -/* Exposed API function to get a functional reference from the implementation - * table (ie. try to get a functional reference from the tabled structural - * references). */ -ENGINE * -ENGINE_get_default_DH(void) -{ - return engine_table_select(&dh_table, dummy_nid); -} - -/* Obtains an DH implementation from an ENGINE functional reference */ -const DH_METHOD * -ENGINE_get_DH(const ENGINE *e) -{ - return e->dh_meth; -} - -/* Sets an DH implementation in an ENGINE structure */ -int -ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth) -{ - e->dh_meth = dh_meth; - return 1; -} diff --git a/lib/libcrypto/engine/tb_digest.c b/lib/libcrypto/engine/tb_digest.c deleted file mode 100644 index f1a2e8a6b..000000000 --- a/lib/libcrypto/engine/tb_digest.c +++ /dev/null @@ -1,152 +0,0 @@ -/* $OpenBSD: tb_digest.c,v 1.8 2017/01/29 17:49:23 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include "eng_int.h" - -/* If this symbol is defined then ENGINE_get_digest_engine(), the function that - * is used by EVP to hook in digest code and cache defaults (etc), will display - * brief debugging summaries to stderr with the 'nid'. */ -/* #define ENGINE_DIGEST_DEBUG */ - -static ENGINE_TABLE *digest_table = NULL; - -void -ENGINE_unregister_digests(ENGINE *e) -{ - engine_table_unregister(&digest_table, e); -} - -static void -engine_unregister_all_digests(void) -{ - engine_table_cleanup(&digest_table); -} - -int -ENGINE_register_digests(ENGINE *e) -{ - if (e->digests) { - const int *nids; - int num_nids = e->digests(e, NULL, &nids, 0); - if (num_nids > 0) - return engine_table_register(&digest_table, - engine_unregister_all_digests, e, nids, - num_nids, 0); - } - return 1; -} - -void -ENGINE_register_all_digests(void) -{ - ENGINE *e; - - for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e)) - ENGINE_register_digests(e); -} - -int -ENGINE_set_default_digests(ENGINE *e) -{ - if (e->digests) { - const int *nids; - int num_nids = e->digests(e, NULL, &nids, 0); - if (num_nids > 0) - return engine_table_register(&digest_table, - engine_unregister_all_digests, e, nids, - num_nids, 1); - } - return 1; -} - -/* Exposed API function to get a functional reference from the implementation - * table (ie. try to get a functional reference from the tabled structural - * references) for a given digest 'nid' */ -ENGINE * -ENGINE_get_digest_engine(int nid) -{ - return engine_table_select(&digest_table, nid); -} - -/* Obtains a digest implementation from an ENGINE functional reference */ -const EVP_MD * -ENGINE_get_digest(ENGINE *e, int nid) -{ - const EVP_MD *ret; - ENGINE_DIGESTS_PTR fn = ENGINE_get_digests(e); - - if (!fn || !fn(e, &ret, NULL, nid)) { - ENGINEerror(ENGINE_R_UNIMPLEMENTED_DIGEST); - return NULL; - } - return ret; -} - -/* Gets the digest callback from an ENGINE structure */ -ENGINE_DIGESTS_PTR -ENGINE_get_digests(const ENGINE *e) -{ - return e->digests; -} - -/* Sets the digest callback in an ENGINE structure */ -int -ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f) -{ - e->digests = f; - return 1; -} diff --git a/lib/libcrypto/engine/tb_dsa.c b/lib/libcrypto/engine/tb_dsa.c deleted file mode 100644 index 23e923610..000000000 --- a/lib/libcrypto/engine/tb_dsa.c +++ /dev/null @@ -1,127 +0,0 @@ -/* $OpenBSD: tb_dsa.c,v 1.7 2014/06/12 15:49:29 deraadt Exp $ */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include "eng_int.h" - -/* If this symbol is defined then ENGINE_get_default_DSA(), the function that is - * used by DSA to hook in implementation code and cache defaults (etc), will - * display brief debugging summaries to stderr with the 'nid'. */ -/* #define ENGINE_DSA_DEBUG */ - -static ENGINE_TABLE *dsa_table = NULL; -static const int dummy_nid = 1; - -void -ENGINE_unregister_DSA(ENGINE *e) -{ - engine_table_unregister(&dsa_table, e); -} - -static void -engine_unregister_all_DSA(void) -{ - engine_table_cleanup(&dsa_table); -} - -int -ENGINE_register_DSA(ENGINE *e) -{ - if (e->dsa_meth) - return engine_table_register(&dsa_table, - engine_unregister_all_DSA, e, &dummy_nid, 1, 0); - return 1; -} - -void -ENGINE_register_all_DSA(void) -{ - ENGINE *e; - - for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e)) - ENGINE_register_DSA(e); -} - -int -ENGINE_set_default_DSA(ENGINE *e) -{ - if (e->dsa_meth) - return engine_table_register(&dsa_table, - engine_unregister_all_DSA, e, &dummy_nid, 1, 1); - return 1; -} - -/* Exposed API function to get a functional reference from the implementation - * table (ie. try to get a functional reference from the tabled structural - * references). */ -ENGINE * -ENGINE_get_default_DSA(void) -{ - return engine_table_select(&dsa_table, dummy_nid); -} - -/* Obtains an DSA implementation from an ENGINE functional reference */ -const DSA_METHOD * -ENGINE_get_DSA(const ENGINE *e) -{ - return e->dsa_meth; -} - -/* Sets an DSA implementation in an ENGINE structure */ -int -ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth) -{ - e->dsa_meth = dsa_meth; - return 1; -} diff --git a/lib/libcrypto/engine/tb_ecdh.c b/lib/libcrypto/engine/tb_ecdh.c deleted file mode 100644 index a67877add..000000000 --- a/lib/libcrypto/engine/tb_ecdh.c +++ /dev/null @@ -1,141 +0,0 @@ -/* $OpenBSD: tb_ecdh.c,v 1.4 2014/06/12 15:49:29 deraadt Exp $ */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * The Elliptic Curve Public-Key Crypto Library (ECC Code) included - * herein is developed by SUN MICROSYSTEMS, INC., and is contributed - * to the OpenSSL project. - * - * The ECC Code is licensed pursuant to the OpenSSL open source - * license provided below. - * - * The ECDH engine software is originally written by Nils Gura and - * Douglas Stebila of Sun Microsystems Laboratories. - * - */ -/* ==================================================================== - * Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include "eng_int.h" - -/* If this symbol is defined then ENGINE_get_default_ECDH(), the function that is - * used by ECDH to hook in implementation code and cache defaults (etc), will - * display brief debugging summaries to stderr with the 'nid'. */ -/* #define ENGINE_ECDH_DEBUG */ - -static ENGINE_TABLE *ecdh_table = NULL; -static const int dummy_nid = 1; - -void -ENGINE_unregister_ECDH(ENGINE *e) -{ - engine_table_unregister(&ecdh_table, e); -} - -static void -engine_unregister_all_ECDH(void) -{ - engine_table_cleanup(&ecdh_table); -} - -int -ENGINE_register_ECDH(ENGINE *e) -{ - if (e->ecdh_meth) - return engine_table_register(&ecdh_table, - engine_unregister_all_ECDH, e, &dummy_nid, 1, 0); - return 1; -} - -void -ENGINE_register_all_ECDH(void) -{ - ENGINE *e; - - for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e)) - ENGINE_register_ECDH(e); -} - -int -ENGINE_set_default_ECDH(ENGINE *e) -{ - if (e->ecdh_meth) - return engine_table_register(&ecdh_table, - engine_unregister_all_ECDH, e, &dummy_nid, 1, 1); - return 1; -} - -/* Exposed API function to get a functional reference from the implementation - * table (ie. try to get a functional reference from the tabled structural - * references). */ -ENGINE * -ENGINE_get_default_ECDH(void) -{ - return engine_table_select(&ecdh_table, dummy_nid); -} - -/* Obtains an ECDH implementation from an ENGINE functional reference */ -const ECDH_METHOD * -ENGINE_get_ECDH(const ENGINE *e) -{ - return e->ecdh_meth; -} - -/* Sets an ECDH implementation in an ENGINE structure */ -int -ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth) -{ - e->ecdh_meth = ecdh_meth; - return 1; -} diff --git a/lib/libcrypto/engine/tb_ecdsa.c b/lib/libcrypto/engine/tb_ecdsa.c deleted file mode 100644 index 226b76e18..000000000 --- a/lib/libcrypto/engine/tb_ecdsa.c +++ /dev/null @@ -1,127 +0,0 @@ -/* $OpenBSD: tb_ecdsa.c,v 1.4 2014/06/12 15:49:29 deraadt Exp $ */ -/* ==================================================================== - * Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include "eng_int.h" - -/* If this symbol is defined then ENGINE_get_default_ECDSA(), the function that is - * used by ECDSA to hook in implementation code and cache defaults (etc), will - * display brief debugging summaries to stderr with the 'nid'. */ -/* #define ENGINE_ECDSA_DEBUG */ - -static ENGINE_TABLE *ecdsa_table = NULL; -static const int dummy_nid = 1; - -void -ENGINE_unregister_ECDSA(ENGINE *e) -{ - engine_table_unregister(&ecdsa_table, e); -} - -static void -engine_unregister_all_ECDSA(void) -{ - engine_table_cleanup(&ecdsa_table); -} - -int -ENGINE_register_ECDSA(ENGINE *e) -{ - if (e->ecdsa_meth) - return engine_table_register(&ecdsa_table, - engine_unregister_all_ECDSA, e, &dummy_nid, 1, 0); - return 1; -} - -void -ENGINE_register_all_ECDSA(void) -{ - ENGINE *e; - - for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e)) - ENGINE_register_ECDSA(e); -} - -int -ENGINE_set_default_ECDSA(ENGINE *e) -{ - if (e->ecdsa_meth) - return engine_table_register(&ecdsa_table, - engine_unregister_all_ECDSA, e, &dummy_nid, 1, 1); - return 1; -} - -/* Exposed API function to get a functional reference from the implementation - * table (ie. try to get a functional reference from the tabled structural - * references). */ -ENGINE * -ENGINE_get_default_ECDSA(void) -{ - return engine_table_select(&ecdsa_table, dummy_nid); -} - -/* Obtains an ECDSA implementation from an ENGINE functional reference */ -const ECDSA_METHOD * -ENGINE_get_ECDSA(const ENGINE *e) -{ - return e->ecdsa_meth; -} - -/* Sets an ECDSA implementation in an ENGINE structure */ -int -ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth) -{ - e->ecdsa_meth = ecdsa_meth; - return 1; -} diff --git a/lib/libcrypto/engine/tb_eckey.c b/lib/libcrypto/engine/tb_eckey.c deleted file mode 100644 index 464156aef..000000000 --- a/lib/libcrypto/engine/tb_eckey.c +++ /dev/null @@ -1,124 +0,0 @@ -/* $OpenBSD: tb_eckey.c,v 1.2 2019/01/19 01:18:56 tb Exp $ */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include "eng_int.h" - -static ENGINE_TABLE *ec_table = NULL; -static const int dummy_nid = 1; - -void -ENGINE_unregister_EC(ENGINE *e) -{ - engine_table_unregister(&ec_table, e); -} - -static void -engine_unregister_all_EC(void) -{ - engine_table_cleanup(&ec_table); -} - -int -ENGINE_register_EC(ENGINE *e) -{ - if (e->ec_meth) - return engine_table_register(&ec_table, - engine_unregister_all_EC, e, &dummy_nid, 1, 0); - return 1; -} - -void -ENGINE_register_all_EC(void) -{ - ENGINE *e; - - for (e = ENGINE_get_first(); e != NULL; e = ENGINE_get_next(e)) - ENGINE_register_EC(e); -} - -int -ENGINE_set_default_EC(ENGINE *e) -{ - if (e->ec_meth != NULL) - return engine_table_register(&ec_table, - engine_unregister_all_EC, e, &dummy_nid, 1, 1); - return 1; -} - -/* - * Exposed API function to get a functional reference from the implementation - * table (ie. try to get a functional reference from the tabled structural - * references). - */ -ENGINE * -ENGINE_get_default_EC(void) -{ - return engine_table_select(&ec_table, dummy_nid); -} - -/* Obtains an EC_KEY implementation from an ENGINE functional reference */ -const EC_KEY_METHOD * -ENGINE_get_EC(const ENGINE *e) -{ - return e->ec_meth; -} - -/* Sets an EC_KEY implementation in an ENGINE structure */ -int -ENGINE_set_EC(ENGINE *e, const EC_KEY_METHOD *ec_meth) -{ - e->ec_meth = ec_meth; - return 1; -} diff --git a/lib/libcrypto/engine/tb_pkmeth.c b/lib/libcrypto/engine/tb_pkmeth.c deleted file mode 100644 index 05566a346..000000000 --- a/lib/libcrypto/engine/tb_pkmeth.c +++ /dev/null @@ -1,175 +0,0 @@ -/* $OpenBSD: tb_pkmeth.c,v 1.6 2017/01/29 17:49:23 beck Exp $ */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -#include "eng_int.h" -#include - -/* If this symbol is defined then ENGINE_get_pkey_meth_engine(), the function - * that is used by EVP to hook in pkey_meth code and cache defaults (etc), will - * display brief debugging summaries to stderr with the 'nid'. */ -/* #define ENGINE_PKEY_METH_DEBUG */ - -static ENGINE_TABLE *pkey_meth_table = NULL; - -void -ENGINE_unregister_pkey_meths(ENGINE *e) -{ - engine_table_unregister(&pkey_meth_table, e); -} - -static void -engine_unregister_all_pkey_meths(void) -{ - engine_table_cleanup(&pkey_meth_table); -} - -int -ENGINE_register_pkey_meths(ENGINE *e) -{ - if (e->pkey_meths) { - const int *nids; - int num_nids = e->pkey_meths(e, NULL, &nids, 0); - if (num_nids > 0) - return engine_table_register(&pkey_meth_table, - engine_unregister_all_pkey_meths, e, nids, - num_nids, 0); - } - return 1; -} - -void -ENGINE_register_all_pkey_meths(void) -{ - ENGINE *e; - - for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e)) - ENGINE_register_pkey_meths(e); -} - -int -ENGINE_set_default_pkey_meths(ENGINE *e) -{ - if (e->pkey_meths) { - const int *nids; - int num_nids = e->pkey_meths(e, NULL, &nids, 0); - if (num_nids > 0) - return engine_table_register(&pkey_meth_table, - engine_unregister_all_pkey_meths, e, nids, - num_nids, 1); - } - return 1; -} - -/* Exposed API function to get a functional reference from the implementation - * table (ie. try to get a functional reference from the tabled structural - * references) for a given pkey_meth 'nid' */ -ENGINE * -ENGINE_get_pkey_meth_engine(int nid) -{ - return engine_table_select(&pkey_meth_table, nid); -} - -/* Obtains a pkey_meth implementation from an ENGINE functional reference */ -const EVP_PKEY_METHOD * -ENGINE_get_pkey_meth(ENGINE *e, int nid) -{ - EVP_PKEY_METHOD *ret; - ENGINE_PKEY_METHS_PTR fn = ENGINE_get_pkey_meths(e); - - if (!fn || !fn(e, &ret, NULL, nid)) { - ENGINEerror(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD); - return NULL; - } - return ret; -} - -/* Gets the pkey_meth callback from an ENGINE structure */ -ENGINE_PKEY_METHS_PTR -ENGINE_get_pkey_meths(const ENGINE *e) -{ - return e->pkey_meths; -} - -/* Sets the pkey_meth callback in an ENGINE structure */ -int -ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f) -{ - e->pkey_meths = f; - return 1; -} - -/* Internal function to free up EVP_PKEY_METHOD structures before an - * ENGINE is destroyed - */ - -void -engine_pkey_meths_free(ENGINE *e) -{ - int i; - EVP_PKEY_METHOD *pkm; - - if (e->pkey_meths) { - const int *pknids; - int npknids; - npknids = e->pkey_meths(e, NULL, &pknids, 0); - for (i = 0; i < npknids; i++) { - if (e->pkey_meths(e, &pkm, NULL, pknids[i])) { - EVP_PKEY_meth_free(pkm); - } - } - } -} diff --git a/lib/libcrypto/engine/tb_rand.c b/lib/libcrypto/engine/tb_rand.c deleted file mode 100644 index cc61da747..000000000 --- a/lib/libcrypto/engine/tb_rand.c +++ /dev/null @@ -1,127 +0,0 @@ -/* $OpenBSD: tb_rand.c,v 1.6 2014/06/12 15:49:29 deraadt Exp $ */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include "eng_int.h" - -/* If this symbol is defined then ENGINE_get_default_RAND(), the function that is - * used by RAND to hook in implementation code and cache defaults (etc), will - * display brief debugging summaries to stderr with the 'nid'. */ -/* #define ENGINE_RAND_DEBUG */ - -static ENGINE_TABLE *rand_table = NULL; -static const int dummy_nid = 1; - -void -ENGINE_unregister_RAND(ENGINE *e) -{ - engine_table_unregister(&rand_table, e); -} - -static void -engine_unregister_all_RAND(void) -{ - engine_table_cleanup(&rand_table); -} - -int -ENGINE_register_RAND(ENGINE *e) -{ - if (e->rand_meth) - return engine_table_register(&rand_table, - engine_unregister_all_RAND, e, &dummy_nid, 1, 0); - return 1; -} - -void -ENGINE_register_all_RAND(void) -{ - ENGINE *e; - - for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e)) - ENGINE_register_RAND(e); -} - -int -ENGINE_set_default_RAND(ENGINE *e) -{ - if (e->rand_meth) - return engine_table_register(&rand_table, - engine_unregister_all_RAND, e, &dummy_nid, 1, 1); - return 1; -} - -/* Exposed API function to get a functional reference from the implementation - * table (ie. try to get a functional reference from the tabled structural - * references). */ -ENGINE * -ENGINE_get_default_RAND(void) -{ - return engine_table_select(&rand_table, dummy_nid); -} - -/* Obtains an RAND implementation from an ENGINE functional reference */ -const RAND_METHOD * -ENGINE_get_RAND(const ENGINE *e) -{ - return e->rand_meth; -} - -/* Sets an RAND implementation in an ENGINE structure */ -int -ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth) -{ - e->rand_meth = rand_meth; - return 1; -} diff --git a/lib/libcrypto/engine/tb_rsa.c b/lib/libcrypto/engine/tb_rsa.c deleted file mode 100644 index 52ee8889a..000000000 --- a/lib/libcrypto/engine/tb_rsa.c +++ /dev/null @@ -1,127 +0,0 @@ -/* $OpenBSD: tb_rsa.c,v 1.6 2014/06/12 15:49:29 deraadt Exp $ */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include "eng_int.h" - -/* If this symbol is defined then ENGINE_get_default_RSA(), the function that is - * used by RSA to hook in implementation code and cache defaults (etc), will - * display brief debugging summaries to stderr with the 'nid'. */ -/* #define ENGINE_RSA_DEBUG */ - -static ENGINE_TABLE *rsa_table = NULL; -static const int dummy_nid = 1; - -void -ENGINE_unregister_RSA(ENGINE *e) -{ - engine_table_unregister(&rsa_table, e); -} - -static void -engine_unregister_all_RSA(void) -{ - engine_table_cleanup(&rsa_table); -} - -int -ENGINE_register_RSA(ENGINE *e) -{ - if (e->rsa_meth) - return engine_table_register(&rsa_table, - engine_unregister_all_RSA, e, &dummy_nid, 1, 0); - return 1; -} - -void -ENGINE_register_all_RSA(void) -{ - ENGINE *e; - - for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e)) - ENGINE_register_RSA(e); -} - -int -ENGINE_set_default_RSA(ENGINE *e) -{ - if (e->rsa_meth) - return engine_table_register(&rsa_table, - engine_unregister_all_RSA, e, &dummy_nid, 1, 1); - return 1; -} - -/* Exposed API function to get a functional reference from the implementation - * table (ie. try to get a functional reference from the tabled structural - * references). */ -ENGINE * -ENGINE_get_default_RSA(void) -{ - return engine_table_select(&rsa_table, dummy_nid); -} - -/* Obtains an RSA implementation from an ENGINE functional reference */ -const RSA_METHOD * -ENGINE_get_RSA(const ENGINE *e) -{ - return e->rsa_meth; -} - -/* Sets an RSA implementation in an ENGINE structure */ -int -ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth) -{ - e->rsa_meth = rsa_meth; - return 1; -} diff --git a/lib/libcrypto/engine/tb_store.c b/lib/libcrypto/engine/tb_store.c deleted file mode 100644 index e9ad11ab0..000000000 --- a/lib/libcrypto/engine/tb_store.c +++ /dev/null @@ -1,109 +0,0 @@ -/* $OpenBSD: tb_store.c,v 1.5 2015/02/07 13:19:15 doug Exp $ */ -/* ==================================================================== - * Copyright (c) 2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include "eng_int.h" - -/* If this symbol is defined then ENGINE_get_default_STORE(), the function that is - * used by STORE to hook in implementation code and cache defaults (etc), will - * display brief debugging summaries to stderr with the 'nid'. */ -/* #define ENGINE_STORE_DEBUG */ - -static ENGINE_TABLE *store_table = NULL; -static const int dummy_nid = 1; - -void -ENGINE_unregister_STORE(ENGINE *e) -{ - engine_table_unregister(&store_table, e); -} - -static void -engine_unregister_all_STORE(void) -{ - engine_table_cleanup(&store_table); -} - -int -ENGINE_register_STORE(ENGINE *e) -{ - if (e->store_meth) - return engine_table_register(&store_table, - engine_unregister_all_STORE, e, &dummy_nid, 1, 0); - return 1; -} - -void -ENGINE_register_all_STORE(void) -{ - ENGINE *e; - - for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e)) - ENGINE_register_STORE(e); -} - -/* Obtains an STORE implementation from an ENGINE functional reference */ -const STORE_METHOD * -ENGINE_get_STORE(const ENGINE *e) -{ - return e->store_meth; -} - -/* Sets an STORE implementation in an ENGINE structure */ -int -ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth) -{ - e->store_meth = store_meth; - return 1; -} diff --git a/lib/libcrypto/err/err.c b/lib/libcrypto/err/err.c index 8fbeea715..4b4be213b 100644 --- a/lib/libcrypto/err/err.c +++ b/lib/libcrypto/err/err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: err.c,v 1.54 2023/07/07 19:37:53 beck Exp $ */ +/* $OpenBSD: err.c,v 1.56 2023/07/28 10:23:19 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -125,6 +125,8 @@ DECLARE_LHASH_OF(ERR_STRING_DATA); DECLARE_LHASH_OF(ERR_STATE); +typedef struct st_ERR_FNS ERR_FNS; + static void err_load_strings(int lib, ERR_STRING_DATA *str); static void ERR_STATE_free(ERR_STATE *s); @@ -300,33 +302,6 @@ err_fns_check(void) CRYPTO_w_unlock(CRYPTO_LOCK_ERR); } -/* API functions to get or set the underlying ERR functions. */ - -const ERR_FNS * -ERR_get_implementation(void) -{ - err_fns_check(); - return err_fns; -} -LCRYPTO_ALIAS(ERR_get_implementation); - -int -ERR_set_implementation(const ERR_FNS *fns) -{ - int ret = 0; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - /* It's too late if 'err_fns' is non-NULL. BTW: not much point setting - * an error is there?! */ - if (!err_fns) { - err_fns = fns; - ret = 1; - } - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - return ret; -} -LCRYPTO_ALIAS(ERR_set_implementation); - /* These are the callbacks provided to "lh_new()" when creating the LHASH tables * internal to the "err_defaults" implementation. */ @@ -977,28 +952,6 @@ ERR_error_string(unsigned long e, char *ret) } LCRYPTO_ALIAS(ERR_error_string); -LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void) -{ - err_fns_check(); - return ERRFN(err_get)(0); -} -LCRYPTO_ALIAS(ERR_get_string_table); - -LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void) -{ - err_fns_check(); - return ERRFN(thread_get)(0); -} -LCRYPTO_ALIAS(ERR_get_err_state_table); - -void -ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash) -{ - err_fns_check(); - ERRFN(thread_release)(hash); -} -LCRYPTO_ALIAS(ERR_release_err_state_table); - const char * ERR_lib_error_string(unsigned long e) { diff --git a/lib/libcrypto/err/err.h b/lib/libcrypto/err/err.h index b61599d50..d85de24cb 100644 --- a/lib/libcrypto/err/err.h +++ b/lib/libcrypto/err/err.h @@ -1,4 +1,4 @@ -/* $OpenBSD: err.h,v 1.29 2023/04/09 19:10:23 tb Exp $ */ +/* $OpenBSD: err.h,v 1.31 2023/07/28 10:23:19 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -399,26 +399,11 @@ void ERR_remove_thread_state(const CRYPTO_THREADID *tid); void ERR_remove_state(unsigned long pid); ERR_STATE *ERR_get_state(void); -#ifndef OPENSSL_NO_LHASH -LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void); -LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void); -void ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash); -#endif - int ERR_get_next_error_library(void); int ERR_set_mark(void); int ERR_pop_to_mark(void); -/* Already defined in ossl_typ.h */ -/* typedef struct st_ERR_FNS ERR_FNS; */ -/* An application can use this function and provide the return value to loaded - * modules that should use the application's ERR state/functionality */ -const ERR_FNS *ERR_get_implementation(void); -/* A loaded module should call this function prior to any ERR operations using - * the application's "ERR_FNS". */ -int ERR_set_implementation(const ERR_FNS *fns); - #ifdef __cplusplus } #endif diff --git a/lib/libcrypto/err/err_all.c b/lib/libcrypto/err/err_all.c index 12a0fcd32..2c8a273f1 100644 --- a/lib/libcrypto/err/err_all.c +++ b/lib/libcrypto/err/err_all.c @@ -1,4 +1,4 @@ -/* $OpenBSD: err_all.c,v 1.29 2023/07/07 13:54:45 beck Exp $ */ +/* $OpenBSD: err_all.c,v 1.32 2023/07/28 09:46:36 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -69,7 +69,6 @@ #include #include #include -#include #include #include #include @@ -92,12 +91,6 @@ #ifndef OPENSSL_NO_EC #include #endif -#ifndef OPENSSL_NO_ECDH -#include -#endif -#ifndef OPENSSL_NO_ECDSA -#include -#endif #ifndef OPENSSL_NO_ENGINE #include #endif @@ -133,13 +126,6 @@ ERR_load_crypto_strings_internal(void) #endif #ifndef OPENSSL_NO_DSA ERR_load_DSA_strings(); -#endif - ERR_load_DSO_strings(); -#ifndef OPENSSL_NO_ECDH - ERR_load_ECDH_strings(); -#endif -#ifndef OPENSSL_NO_ECDSA - ERR_load_ECDSA_strings(); #endif #ifndef OPENSSL_NO_EC ERR_load_EC_strings(); diff --git a/lib/libcrypto/ex_data.c b/lib/libcrypto/ex_data.c index 71b2fc397..17db16e58 100644 --- a/lib/libcrypto/ex_data.c +++ b/lib/libcrypto/ex_data.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ex_data.c,v 1.22 2023/07/08 08:28:23 beck Exp $ */ +/* $OpenBSD: ex_data.c,v 1.23 2023/07/28 10:19:20 tb Exp $ */ /* * Overhaul notes; @@ -141,6 +141,26 @@ #include #include +typedef struct crypto_ex_data_func_st { + long argl; /* Arbitrary long */ + void *argp; /* Arbitrary void * */ + CRYPTO_EX_new *new_func; + CRYPTO_EX_free *free_func; + CRYPTO_EX_dup *dup_func; +} CRYPTO_EX_DATA_FUNCS; + +DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS) + +#define sk_CRYPTO_EX_DATA_FUNCS_new_null() SKM_sk_new_null(CRYPTO_EX_DATA_FUNCS) +#define sk_CRYPTO_EX_DATA_FUNCS_num(st) SKM_sk_num(CRYPTO_EX_DATA_FUNCS, (st)) +#define sk_CRYPTO_EX_DATA_FUNCS_value(st, i) SKM_sk_value(CRYPTO_EX_DATA_FUNCS, (st), (i)) +#define sk_CRYPTO_EX_DATA_FUNCS_set(st, i, val) SKM_sk_set(CRYPTO_EX_DATA_FUNCS, (st), (i), (val)) +#define sk_CRYPTO_EX_DATA_FUNCS_push(st, val) SKM_sk_push(CRYPTO_EX_DATA_FUNCS, (st), (val)) +#define sk_CRYPTO_EX_DATA_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_EX_DATA_FUNCS, (st), (free_func)) + +/* An opaque type representing an implementation of "ex_data" support */ +typedef struct st_CRYPTO_EX_DATA_IMPL CRYPTO_EX_DATA_IMPL; + /* What an "implementation of ex_data functionality" looks like */ struct st_CRYPTO_EX_DATA_IMPL { /*********************/ @@ -210,29 +230,6 @@ impl_check(void) * invoking the function (which checks again inside a lock). */ #define IMPL_CHECK if(!impl) impl_check(); -/* API functions to get/set the "ex_data" implementation */ -const CRYPTO_EX_DATA_IMPL * -CRYPTO_get_ex_data_implementation(void) -{ - IMPL_CHECK - return impl; -} -LCRYPTO_ALIAS(CRYPTO_get_ex_data_implementation); - -int -CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i) -{ - int toret = 0; - CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA); - if (!impl) { - impl = i; - toret = 1; - } - CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA); - return toret; -} -LCRYPTO_ALIAS(CRYPTO_set_ex_data_implementation); - /****************************************************************************/ /* Interal (default) implementation of "ex_data" support. API functions are * further down. */ @@ -247,6 +244,7 @@ typedef struct st_ex_class_item { } EX_CLASS_ITEM; /* When assigning new class indexes, this is our counter */ +#define CRYPTO_EX_INDEX_USER 100 static int ex_class = CRYPTO_EX_INDEX_USER; /* The global hash table of EX_CLASS_ITEM items */ @@ -541,16 +539,6 @@ skip: /* API functions that defer all "state" operations to the "ex_data" * implementation we have set. */ -/* Obtain an index for a new class (not the same as getting a new index within - * an existing class - this is actually getting a new *class*) */ -int -CRYPTO_ex_data_new_class(void) -{ - IMPL_CHECK - return EX_IMPL(new_class)(); -} -LCRYPTO_ALIAS(CRYPTO_ex_data_new_class); - /* Release all "ex_data" state to prevent memory leaks. This can't be made * thread-safe without overhauling a lot of stuff, and shouldn't really be * called under potential race-conditions anyway (it's for program shutdown diff --git a/lib/libcrypto/gost/gost_local.h b/lib/libcrypto/gost/gost_local.h index 830f14149..db07d06f0 100644 --- a/lib/libcrypto/gost/gost_local.h +++ b/lib/libcrypto/gost/gost_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: gost_local.h,v 1.2 2022/11/26 17:23:18 tb Exp $ */ +/* $OpenBSD: gost_local.h,v 1.3 2023/07/28 15:50:33 tb Exp $ */ /* * Copyright (c) 2014 Dmitry Eremin-Solenikov * Copyright (c) 2005-2006 Cryptocom LTD @@ -53,7 +53,6 @@ #define HEADER_GOST_LOCAL_H #include -#include __BEGIN_HIDDEN_DECLS diff --git a/lib/libcrypto/gost/gostr341001_pmeth.c b/lib/libcrypto/gost/gostr341001_pmeth.c index 93e4820d7..c5e05bec6 100644 --- a/lib/libcrypto/gost/gostr341001_pmeth.c +++ b/lib/libcrypto/gost/gostr341001_pmeth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gostr341001_pmeth.c,v 1.18 2023/07/05 11:37:45 tb Exp $ */ +/* $OpenBSD: gostr341001_pmeth.c,v 1.19 2023/07/28 15:50:33 tb Exp $ */ /* * Copyright (c) 2014 Dmitry Eremin-Solenikov * Copyright (c) 2005-2006 Cryptocom LTD @@ -59,7 +59,6 @@ #include #include #include -#include #include #include "ecdsa_local.h" diff --git a/lib/libcrypto/hidden/openssl/asn1.h b/lib/libcrypto/hidden/openssl/asn1.h index 7e41ec862..fb1393f2a 100644 --- a/lib/libcrypto/hidden/openssl/asn1.h +++ b/lib/libcrypto/hidden/openssl/asn1.h @@ -1,4 +1,4 @@ -/* $OpenBSD: asn1.h,v 1.2 2023/07/07 19:37:54 beck Exp $ */ +/* $OpenBSD: asn1.h,v 1.6 2023/07/28 10:33:13 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -61,10 +61,6 @@ LCRYPTO_USED(i2d_ASN1_BIT_STRING); LCRYPTO_USED(ASN1_BIT_STRING_set); LCRYPTO_USED(ASN1_BIT_STRING_set_bit); LCRYPTO_USED(ASN1_BIT_STRING_get_bit); -LCRYPTO_USED(ASN1_BIT_STRING_check); -LCRYPTO_USED(ASN1_BIT_STRING_name_print); -LCRYPTO_USED(ASN1_BIT_STRING_num_asc); -LCRYPTO_USED(ASN1_BIT_STRING_set_asc); LCRYPTO_USED(ASN1_INTEGER_new); LCRYPTO_USED(ASN1_INTEGER_free); LCRYPTO_USED(d2i_ASN1_INTEGER); @@ -208,8 +204,6 @@ LCRYPTO_USED(ASN1_GENERALIZEDTIME_print); LCRYPTO_USED(ASN1_TIME_print); LCRYPTO_USED(ASN1_STRING_print); LCRYPTO_USED(ASN1_STRING_print_ex); -LCRYPTO_USED(ASN1_bn_print); -LCRYPTO_USED(ASN1_buf_print); LCRYPTO_USED(ASN1_parse); LCRYPTO_USED(ASN1_parse_dump); LCRYPTO_USED(ASN1_tag2bit); @@ -250,7 +244,6 @@ LCRYPTO_USED(ASN1_PCTX_get_oid_flags); LCRYPTO_USED(ASN1_PCTX_set_oid_flags); LCRYPTO_USED(ASN1_PCTX_get_str_flags); LCRYPTO_USED(ASN1_PCTX_set_str_flags); -LCRYPTO_USED(BIO_f_asn1); LCRYPTO_USED(SMIME_crlf_copy); LCRYPTO_USED(SMIME_text); LCRYPTO_USED(ERR_load_ASN1_strings); diff --git a/lib/libcrypto/hidden/openssl/asn1t.h b/lib/libcrypto/hidden/openssl/asn1t.h index d37d1dbbc..666dea564 100644 --- a/lib/libcrypto/hidden/openssl/asn1t.h +++ b/lib/libcrypto/hidden/openssl/asn1t.h @@ -1,4 +1,4 @@ -/* $OpenBSD: asn1t.h,v 1.2 2023/07/07 19:37:54 beck Exp $ */ +/* $OpenBSD: asn1t.h,v 1.3 2023/07/28 10:00:10 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -27,13 +27,7 @@ LCRYPTO_USED(ASN1_item_ex_new); LCRYPTO_USED(ASN1_item_ex_free); -LCRYPTO_USED(ASN1_template_new); -LCRYPTO_USED(ASN1_primitive_new); -LCRYPTO_USED(ASN1_template_free); -LCRYPTO_USED(ASN1_template_d2i); LCRYPTO_USED(ASN1_item_ex_d2i); LCRYPTO_USED(ASN1_item_ex_i2d); -LCRYPTO_USED(ASN1_template_i2d); -LCRYPTO_USED(ASN1_primitive_free); #endif /* _LIBCRYPTO_ASN1T_H */ diff --git a/lib/libcrypto/hidden/openssl/bio.h b/lib/libcrypto/hidden/openssl/bio.h index c04a0a447..f7e7cd3d8 100644 --- a/lib/libcrypto/hidden/openssl/bio.h +++ b/lib/libcrypto/hidden/openssl/bio.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bio.h,v 1.2 2023/07/07 19:37:54 beck Exp $ */ +/* $OpenBSD: bio.h,v 1.4 2023/07/28 10:13:50 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -63,10 +63,6 @@ LCRYPTO_USED(BIO_set_ex_data); LCRYPTO_USED(BIO_get_ex_data); LCRYPTO_USED(BIO_number_read); LCRYPTO_USED(BIO_number_written); -LCRYPTO_USED(BIO_asn1_set_prefix); -LCRYPTO_USED(BIO_asn1_get_prefix); -LCRYPTO_USED(BIO_asn1_set_suffix); -LCRYPTO_USED(BIO_asn1_get_suffix); LCRYPTO_USED(BIO_get_new_index); LCRYPTO_USED(BIO_s_file); LCRYPTO_USED(BIO_new_file); @@ -101,10 +97,6 @@ LCRYPTO_USED(BIO_get_retry_BIO); LCRYPTO_USED(BIO_get_retry_reason); LCRYPTO_USED(BIO_set_retry_reason); LCRYPTO_USED(BIO_dup_chain); -LCRYPTO_USED(BIO_nread0); -LCRYPTO_USED(BIO_nread); -LCRYPTO_USED(BIO_nwrite0); -LCRYPTO_USED(BIO_nwrite); LCRYPTO_USED(BIO_debug_callback); LCRYPTO_USED(BIO_s_mem); LCRYPTO_USED(BIO_new_mem_buf); diff --git a/lib/libcrypto/hidden/openssl/bn.h b/lib/libcrypto/hidden/openssl/bn.h index 6c23a5c6d..9942cf6fc 100644 --- a/lib/libcrypto/hidden/openssl/bn.h +++ b/lib/libcrypto/hidden/openssl/bn.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bn.h,v 1.1 2023/07/08 12:21:58 beck Exp $ */ +/* $OpenBSD: bn.h,v 1.4 2023/07/29 03:13:38 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -42,7 +42,6 @@ LCRYPTO_USED(BN_is_odd); LCRYPTO_USED(BN_zero); LCRYPTO_USED(BN_one); LCRYPTO_USED(BN_value_one); -LCRYPTO_USED(BN_options); LCRYPTO_USED(BN_CTX_new); LCRYPTO_USED(BN_CTX_free); LCRYPTO_USED(BN_CTX_start); @@ -131,27 +130,8 @@ LCRYPTO_USED(BN_MONT_CTX_free); LCRYPTO_USED(BN_MONT_CTX_set); LCRYPTO_USED(BN_MONT_CTX_copy); LCRYPTO_USED(BN_MONT_CTX_set_locked); -LCRYPTO_USED(BN_BLINDING_new); -LCRYPTO_USED(BN_BLINDING_free); -LCRYPTO_USED(BN_BLINDING_update); -LCRYPTO_USED(BN_BLINDING_convert); -LCRYPTO_USED(BN_BLINDING_invert); -LCRYPTO_USED(BN_BLINDING_convert_ex); -LCRYPTO_USED(BN_BLINDING_invert_ex); -LCRYPTO_USED(BN_BLINDING_thread_id); -LCRYPTO_USED(BN_BLINDING_get_flags); -LCRYPTO_USED(BN_BLINDING_set_flags); -LCRYPTO_USED(BN_BLINDING_create_param); -LCRYPTO_USED(get_rfc2409_prime_768); -LCRYPTO_USED(get_rfc2409_prime_1024); LCRYPTO_USED(BN_get_rfc2409_prime_768); LCRYPTO_USED(BN_get_rfc2409_prime_1024); -LCRYPTO_USED(get_rfc3526_prime_1536); -LCRYPTO_USED(get_rfc3526_prime_2048); -LCRYPTO_USED(get_rfc3526_prime_3072); -LCRYPTO_USED(get_rfc3526_prime_4096); -LCRYPTO_USED(get_rfc3526_prime_6144); -LCRYPTO_USED(get_rfc3526_prime_8192); LCRYPTO_USED(BN_get_rfc3526_prime_1536); LCRYPTO_USED(BN_get_rfc3526_prime_2048); LCRYPTO_USED(BN_get_rfc3526_prime_3072); diff --git a/lib/libcrypto/hidden/openssl/cms.h b/lib/libcrypto/hidden/openssl/cms.h index c777e857d..0f450e603 100644 --- a/lib/libcrypto/hidden/openssl/cms.h +++ b/lib/libcrypto/hidden/openssl/cms.h @@ -1,4 +1,4 @@ -/* $OpenBSD: cms.h,v 1.1 2023/07/08 08:26:26 beck Exp $ */ +/* $OpenBSD: cms.h,v 1.2 2023/07/28 10:28:02 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -35,6 +35,8 @@ LCRYPTO_USED(d2i_CMS_ReceiptRequest); LCRYPTO_USED(i2d_CMS_ReceiptRequest); LCRYPTO_USED(CMS_ContentInfo_print_ctx); LCRYPTO_USED(CMS_get0_type); +LCRYPTO_USED(CMS_get_version); +LCRYPTO_USED(CMS_SignerInfo_get_version); LCRYPTO_USED(CMS_dataInit); LCRYPTO_USED(CMS_dataFinal); LCRYPTO_USED(CMS_is_detached); diff --git a/lib/libcrypto/hidden/openssl/comp.h b/lib/libcrypto/hidden/openssl/comp.h deleted file mode 100644 index fc97324ea..000000000 --- a/lib/libcrypto/hidden/openssl/comp.h +++ /dev/null @@ -1,37 +0,0 @@ -/* $OpenBSD: comp.h,v 1.1 2023/07/08 08:26:26 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_COMP_H -#define _LIBCRYPTO_COMP_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/comp.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(COMP_CTX_new); -LCRYPTO_USED(COMP_CTX_free); -LCRYPTO_USED(COMP_compress_block); -LCRYPTO_USED(COMP_expand_block); -LCRYPTO_USED(COMP_rle); -LCRYPTO_USED(COMP_zlib); -LCRYPTO_USED(COMP_zlib_cleanup); -LCRYPTO_USED(ERR_load_COMP_strings); - -#endif /* _LIBCRYPTO_COMP_H */ diff --git a/lib/libcrypto/hidden/openssl/crypto.h b/lib/libcrypto/hidden/openssl/crypto.h index 69ffa9480..dc0b7a02b 100644 --- a/lib/libcrypto/hidden/openssl/crypto.h +++ b/lib/libcrypto/hidden/openssl/crypto.h @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto.h,v 1.1 2023/07/08 08:28:23 beck Exp $ */ +/* $OpenBSD: crypto.h,v 1.2 2023/07/28 10:19:20 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -29,9 +29,6 @@ LCRYPTO_USED(OpenSSL_version); LCRYPTO_USED(OpenSSL_version_num); LCRYPTO_USED(SSLeay_version); LCRYPTO_USED(SSLeay); -LCRYPTO_USED(CRYPTO_get_ex_data_implementation); -LCRYPTO_USED(CRYPTO_set_ex_data_implementation); -LCRYPTO_USED(CRYPTO_ex_data_new_class); LCRYPTO_USED(CRYPTO_get_ex_new_index); LCRYPTO_USED(CRYPTO_new_ex_data); LCRYPTO_USED(CRYPTO_dup_ex_data); diff --git a/lib/libcrypto/hidden/openssl/dso.h b/lib/libcrypto/hidden/openssl/dso.h deleted file mode 100644 index a5e989c89..000000000 --- a/lib/libcrypto/hidden/openssl/dso.h +++ /dev/null @@ -1,54 +0,0 @@ -/* $OpenBSD: dso.h,v 1.1 2023/07/08 07:22:58 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_DSO_H -#define _LIBCRYPTO_DSO_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/dso.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(DSO_new); -LCRYPTO_USED(DSO_new_method); -LCRYPTO_USED(DSO_free); -LCRYPTO_USED(DSO_flags); -LCRYPTO_USED(DSO_up_ref); -LCRYPTO_USED(DSO_ctrl); -LCRYPTO_USED(DSO_set_name_converter); -LCRYPTO_USED(DSO_get_filename); -LCRYPTO_USED(DSO_set_filename); -LCRYPTO_USED(DSO_convert_filename); -LCRYPTO_USED(DSO_merge); -LCRYPTO_USED(DSO_get_loaded_filename); -LCRYPTO_USED(DSO_set_default_method); -LCRYPTO_USED(DSO_get_default_method); -LCRYPTO_USED(DSO_get_method); -LCRYPTO_USED(DSO_set_method); -LCRYPTO_USED(DSO_load); -LCRYPTO_USED(DSO_bind_var); -LCRYPTO_USED(DSO_bind_func); -LCRYPTO_USED(DSO_METHOD_openssl); -LCRYPTO_USED(DSO_METHOD_null); -LCRYPTO_USED(DSO_METHOD_dlfcn); -LCRYPTO_USED(DSO_pathbyaddr); -LCRYPTO_USED(DSO_global_lookup); -LCRYPTO_USED(ERR_load_DSO_strings); - -#endif /* _LIBCRYPTO_DSO_H */ diff --git a/lib/libcrypto/hidden/openssl/ec.h b/lib/libcrypto/hidden/openssl/ec.h index 5e4121eac..4e82f4846 100644 --- a/lib/libcrypto/hidden/openssl/ec.h +++ b/lib/libcrypto/hidden/openssl/ec.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ec.h,v 1.2 2023/07/07 19:37:54 beck Exp $ */ +/* $OpenBSD: ec.h,v 1.4 2023/07/28 09:25:12 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -132,14 +132,33 @@ LCRYPTO_USED(EC_KEY_set_default_method); LCRYPTO_USED(EC_KEY_get_method); LCRYPTO_USED(EC_KEY_set_method); LCRYPTO_USED(EC_KEY_new_method); +LCRYPTO_USED(ECDH_size); +LCRYPTO_USED(ECDH_compute_key); +LCRYPTO_USED(ECDSA_SIG_new); +LCRYPTO_USED(ECDSA_SIG_free); +LCRYPTO_USED(i2d_ECDSA_SIG); +LCRYPTO_USED(d2i_ECDSA_SIG); +LCRYPTO_USED(ECDSA_SIG_get0_r); +LCRYPTO_USED(ECDSA_SIG_get0_s); +LCRYPTO_USED(ECDSA_SIG_get0); +LCRYPTO_USED(ECDSA_SIG_set0); +LCRYPTO_USED(ECDSA_size); +LCRYPTO_USED(ECDSA_do_sign); +LCRYPTO_USED(ECDSA_do_verify); +LCRYPTO_USED(ECDSA_sign); +LCRYPTO_USED(ECDSA_verify); LCRYPTO_USED(EC_KEY_METHOD_new); LCRYPTO_USED(EC_KEY_METHOD_free); LCRYPTO_USED(EC_KEY_METHOD_set_init); LCRYPTO_USED(EC_KEY_METHOD_set_keygen); LCRYPTO_USED(EC_KEY_METHOD_set_compute_key); +LCRYPTO_USED(EC_KEY_METHOD_set_sign); +LCRYPTO_USED(EC_KEY_METHOD_set_verify); LCRYPTO_USED(EC_KEY_METHOD_get_init); LCRYPTO_USED(EC_KEY_METHOD_get_keygen); LCRYPTO_USED(EC_KEY_METHOD_get_compute_key); +LCRYPTO_USED(EC_KEY_METHOD_get_sign); +LCRYPTO_USED(EC_KEY_METHOD_get_verify); LCRYPTO_USED(ECParameters_dup); LCRYPTO_USED(ERR_load_EC_strings); diff --git a/lib/libcrypto/hidden/openssl/ecdh.h b/lib/libcrypto/hidden/openssl/ecdh.h deleted file mode 100644 index db56f8a58..000000000 --- a/lib/libcrypto/hidden/openssl/ecdh.h +++ /dev/null @@ -1,39 +0,0 @@ -/* $OpenBSD: ecdh.h,v 1.1 2023/07/08 06:04:33 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_ECDH_H -#define _LIBCRYPTO_ECDH_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/ecdh.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(ECDH_OpenSSL); -LCRYPTO_USED(ECDH_set_default_method); -LCRYPTO_USED(ECDH_get_default_method); -LCRYPTO_USED(ECDH_set_method); -LCRYPTO_USED(ECDH_size); -LCRYPTO_USED(ECDH_compute_key); -LCRYPTO_USED(ECDH_get_ex_new_index); -LCRYPTO_USED(ECDH_set_ex_data); -LCRYPTO_USED(ECDH_get_ex_data); -LCRYPTO_USED(ERR_load_ECDH_strings); - -#endif /* _LIBCRYPTO_ECDH_H */ diff --git a/lib/libcrypto/hidden/openssl/ecdsa.h b/lib/libcrypto/hidden/openssl/ecdsa.h deleted file mode 100644 index ef8a78993..000000000 --- a/lib/libcrypto/hidden/openssl/ecdsa.h +++ /dev/null @@ -1,57 +0,0 @@ -/* $OpenBSD: ecdsa.h,v 1.2 2023/07/07 19:37:54 beck Exp $ */ -/* - * Copyright (c) 2023 Bob Beck - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#ifndef _LIBCRYPTO_ECDSA_H -#define _LIBCRYPTO_ECDSA_H - -#ifndef _MSC_VER -#include_next -#else -#include "../include/openssl/ecdsa.h" -#endif -#include "crypto_namespace.h" - -LCRYPTO_USED(ECDSA_SIG_new); -LCRYPTO_USED(ECDSA_SIG_free); -LCRYPTO_USED(i2d_ECDSA_SIG); -LCRYPTO_USED(d2i_ECDSA_SIG); -LCRYPTO_USED(ECDSA_SIG_get0); -LCRYPTO_USED(ECDSA_SIG_get0_r); -LCRYPTO_USED(ECDSA_SIG_get0_s); -LCRYPTO_USED(ECDSA_SIG_set0); -LCRYPTO_USED(ECDSA_do_sign); -LCRYPTO_USED(ECDSA_do_sign_ex); -LCRYPTO_USED(ECDSA_do_verify); -LCRYPTO_USED(ECDSA_OpenSSL); -LCRYPTO_USED(ECDSA_set_default_method); -LCRYPTO_USED(ECDSA_get_default_method); -LCRYPTO_USED(ECDSA_set_method); -LCRYPTO_USED(ECDSA_size); -LCRYPTO_USED(ECDSA_sign_setup); -LCRYPTO_USED(ECDSA_sign); -LCRYPTO_USED(ECDSA_sign_ex); -LCRYPTO_USED(ECDSA_verify); -LCRYPTO_USED(ECDSA_get_ex_new_index); -LCRYPTO_USED(ECDSA_set_ex_data); -LCRYPTO_USED(ECDSA_get_ex_data); -LCRYPTO_USED(EC_KEY_METHOD_set_sign); -LCRYPTO_USED(EC_KEY_METHOD_set_verify); -LCRYPTO_USED(EC_KEY_METHOD_get_sign); -LCRYPTO_USED(EC_KEY_METHOD_get_verify); -LCRYPTO_USED(ERR_load_ECDSA_strings); - -#endif /* _LIBCRYPTO_ECDSA_H */ diff --git a/lib/libcrypto/hidden/openssl/err.h b/lib/libcrypto/hidden/openssl/err.h index bc2a96644..036ead8c0 100644 --- a/lib/libcrypto/hidden/openssl/err.h +++ b/lib/libcrypto/hidden/openssl/err.h @@ -1,4 +1,4 @@ -/* $OpenBSD: err.h,v 1.2 2023/07/07 19:37:54 beck Exp $ */ +/* $OpenBSD: err.h,v 1.4 2023/07/28 10:23:19 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -54,13 +54,8 @@ LCRYPTO_USED(ERR_free_strings); LCRYPTO_USED(ERR_remove_thread_state); LCRYPTO_USED(ERR_remove_state); LCRYPTO_USED(ERR_get_state); -LCRYPTO_USED(ERR_get_string_table); -LCRYPTO_USED(ERR_get_err_state_table); -LCRYPTO_USED(ERR_release_err_state_table); LCRYPTO_USED(ERR_get_next_error_library); LCRYPTO_USED(ERR_set_mark); LCRYPTO_USED(ERR_pop_to_mark); -LCRYPTO_USED(ERR_get_implementation); -LCRYPTO_USED(ERR_set_implementation); #endif /* _LIBCRYPTO_ERR_H */ diff --git a/lib/libcrypto/hidden/openssl/idea.h b/lib/libcrypto/hidden/openssl/idea.h index f8c7caf6a..93b20a9cc 100644 --- a/lib/libcrypto/hidden/openssl/idea.h +++ b/lib/libcrypto/hidden/openssl/idea.h @@ -1,4 +1,4 @@ -/* $OpenBSD: idea.h,v 1.1 2023/07/08 10:44:00 beck Exp $ */ +/* $OpenBSD: idea.h,v 1.2 2023/07/29 03:13:38 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -25,7 +25,6 @@ #endif #include "crypto_namespace.h" -LCRYPTO_USED(idea_options); LCRYPTO_USED(idea_ecb_encrypt); LCRYPTO_USED(idea_set_encrypt_key); LCRYPTO_USED(idea_set_decrypt_key); diff --git a/lib/libcrypto/hidden/openssl/objects.h b/lib/libcrypto/hidden/openssl/objects.h index f658a7cfa..ba5bf8e25 100644 --- a/lib/libcrypto/hidden/openssl/objects.h +++ b/lib/libcrypto/hidden/openssl/objects.h @@ -1,4 +1,4 @@ -/* $OpenBSD: objects.h,v 1.1 2023/07/08 12:27:51 beck Exp $ */ +/* $OpenBSD: objects.h,v 1.2 2023/07/28 10:25:05 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -54,8 +54,6 @@ LCRYPTO_USED(OBJ_length); LCRYPTO_USED(OBJ_get0_data); LCRYPTO_USED(OBJ_find_sigid_algs); LCRYPTO_USED(OBJ_find_sigid_by_algs); -LCRYPTO_USED(OBJ_add_sigid); -LCRYPTO_USED(OBJ_sigid_free); LCRYPTO_USED(ERR_load_OBJ_strings); #endif /* _LIBCRYPTO_OBJECTS_H */ diff --git a/lib/libcrypto/hidden/openssl/rand.h b/lib/libcrypto/hidden/openssl/rand.h index d94a1bfd5..978d10f70 100644 --- a/lib/libcrypto/hidden/openssl/rand.h +++ b/lib/libcrypto/hidden/openssl/rand.h @@ -1,4 +1,4 @@ -/* $OpenBSD: rand.h,v 1.2 2023/07/07 19:37:54 beck Exp $ */ +/* $OpenBSD: rand.h,v 1.3 2023/07/28 09:53:55 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -27,7 +27,6 @@ LCRYPTO_USED(RAND_set_rand_method); LCRYPTO_USED(RAND_get_rand_method); -LCRYPTO_USED(RAND_set_rand_engine); LCRYPTO_USED(RAND_SSLeay); LCRYPTO_USED(ERR_load_RAND_strings); diff --git a/lib/libcrypto/hidden/openssl/rsa.h b/lib/libcrypto/hidden/openssl/rsa.h index f4342e21d..ff47101a0 100644 --- a/lib/libcrypto/hidden/openssl/rsa.h +++ b/lib/libcrypto/hidden/openssl/rsa.h @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa.h,v 1.1 2023/07/08 12:26:45 beck Exp $ */ +/* $OpenBSD: rsa.h,v 1.2 2023/07/28 10:05:16 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -66,7 +66,6 @@ LCRYPTO_USED(RSA_sign_ASN1_OCTET_STRING); LCRYPTO_USED(RSA_verify_ASN1_OCTET_STRING); LCRYPTO_USED(RSA_blinding_on); LCRYPTO_USED(RSA_blinding_off); -LCRYPTO_USED(RSA_setup_blinding); LCRYPTO_USED(RSA_padding_add_PKCS1_type_1); LCRYPTO_USED(RSA_padding_check_PKCS1_type_1); LCRYPTO_USED(RSA_padding_add_PKCS1_type_2); diff --git a/lib/libcrypto/hidden/openssl/ts.h b/lib/libcrypto/hidden/openssl/ts.h index 638f72f2f..0acad2137 100644 --- a/lib/libcrypto/hidden/openssl/ts.h +++ b/lib/libcrypto/hidden/openssl/ts.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ts.h,v 1.2 2023/07/07 19:37:54 beck Exp $ */ +/* $OpenBSD: ts.h,v 1.3 2023/07/28 09:53:55 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -201,8 +201,6 @@ LCRYPTO_USED(TS_CONF_load_certs); LCRYPTO_USED(TS_CONF_load_key); LCRYPTO_USED(TS_CONF_get_tsa_section); LCRYPTO_USED(TS_CONF_set_serial); -LCRYPTO_USED(TS_CONF_set_crypto_device); -LCRYPTO_USED(TS_CONF_set_default_engine); LCRYPTO_USED(TS_CONF_set_signer_cert); LCRYPTO_USED(TS_CONF_set_certs); LCRYPTO_USED(TS_CONF_set_signer_key); diff --git a/lib/libcrypto/idea/i_ecb.c b/lib/libcrypto/idea/i_ecb.c index 19521a753..9f7db232b 100644 --- a/lib/libcrypto/idea/i_ecb.c +++ b/lib/libcrypto/idea/i_ecb.c @@ -1,4 +1,4 @@ -/* $OpenBSD: i_ecb.c,v 1.6 2023/07/08 10:44:00 beck Exp $ */ +/* $OpenBSD: i_ecb.c,v 1.7 2023/07/28 10:35:14 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -60,16 +60,6 @@ #include "idea_local.h" #include -const char * -idea_options(void) -{ - if (sizeof(short) != sizeof(IDEA_INT)) - return ("idea(int)"); - else - return ("idea(short)"); -} -LCRYPTO_ALIAS(idea_options); - void idea_ecb_encrypt(const unsigned char *in, unsigned char *out, IDEA_KEY_SCHEDULE *ks) diff --git a/lib/libcrypto/man/ASN1_BIT_STRING_num_asc.3 b/lib/libcrypto/man/ASN1_BIT_STRING_num_asc.3 deleted file mode 100644 index 3891ced8a..000000000 --- a/lib/libcrypto/man/ASN1_BIT_STRING_num_asc.3 +++ /dev/null @@ -1,146 +0,0 @@ -.\" $OpenBSD: ASN1_BIT_STRING_num_asc.3,v 1.1 2021/11/19 16:00:54 schwarze Exp $ -.\" -.\" Copyright (c) 2021 Ingo Schwarze -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: November 19 2021 $ -.Dt ASN1_BIT_STRING_NUM_ASC 3 -.Os -.Sh NAME -.Nm ASN1_BIT_STRING_num_asc , -.Nm ASN1_BIT_STRING_set_asc , -.Nm ASN1_BIT_STRING_name_print -.Nd names for individual bits -.Sh SYNOPSIS -.In openssl/asn1.h -.Bd -unfilled -typedef struct { - int bitnum; - const char *lname; - const char *sname; -} BIT_STRING_BITNAME; -.Ed -.Pp -.Ft int -.Fo ASN1_BIT_STRING_num_asc -.Fa "const char *name" -.Fa "BIT_STRING_BITNAME *table" -.Fc -.Ft int -.Fo ASN1_BIT_STRING_set_asc -.Fa "ASN1_BIT_STRING *bitstr" -.Fa "const char *name" -.Fa "int set" -.Fa "BIT_STRING_BITNAME *table" -.Fc -.Ft int -.Fo ASN1_BIT_STRING_name_print -.Fa "BIO *bio" -.Fa "ASN1_BIT_STRING *bitstr" -.Fa "BIT_STRING_BITNAME *table" -.Fa "int indent" -.Fc -.Sh DESCRIPTION -These functions provide access to individual bits of an ASN.1 BIT STRING -based on a -.Fa table -assigning names to individual bits. -The -.Fa table -is a variable-sized array. -Each element contains a long name -.Fa lname -and a short name -.Fa sname -for the bit with the bit number -.Fa bitnum . -The table needs to be terminated with a dummy element containing a -.Dv NULL -pointer in the -.Fa lname -field. -.Pp -.Fn ASN1_BIT_STRING_num_asc -retrieves the -.Fa bitnum -from the first element in the -.Fa table -where at least one of the names matches the -.Fa name -argument in the sense of -.Xr strcmp 3 . -That bit number can then be used for -.Xr ASN1_BIT_STRING_get_bit 3 . -.Pp -.Fn ASN1_BIT_STRING_set_asc -converts the -.Fa name -to a bit number using -.Fn ASN1_BIT_STRING_num_asc -and sets or clears that bit in -.Fa bitstr -according to the -.Fa set -argument, using -.Xr ASN1_BIT_STRING_set_bit 3 . -If -.Fa bitstr -is a -.Dv NULL -pointer, no action occurs. -.Pp -.Fn ASN1_BIT_STRING_name_print -prints a single line of text to the given -.Fa BIO . -The line starts with -.Fa indent -space characters, contains the long names of the bit contained in the -.Fa table -that are set in -.Fa bitstr , -separated by commas, and ends with a newline character. -If any bits are set in -.Fa bitstr -that have no corresponding entries in the -.Fa table , -those bits are silently ignored and nothing is printed for them. -.Sh RETURN VALUES -.Fn ASN1_BIT_STRING_num_asc -returns a non-negative bit number or \-1 if the -.Fa name -is not found in the -.Fa table . -.Pp -.Fn ASN1_BIT_STRING_set_asc -returns 1 on success or 0 if the -.Fa name -is not found in the -.Fa table -or if memory allocation fails. -.Pp -.Fn ASN1_BIT_STRING_name_print -is intended to return 1 for success or 0 for failure. -.Sh SEE ALSO -.Xr ASN1_BIT_STRING_new 3 , -.Xr ASN1_BIT_STRING_set 3 , -.Xr BIO_new 3 , -.Xr strcmp 3 -.Sh HISTORY -These functions first appeared in OpenSSL 0.9.5 -and have been available since -.Ox 2.7 . -.Sh BUGS -.Fn ASN1_BIT_STRING_name_print -ignores all errors and always returns 1, -even if nothing or only part of the desired output was printed. diff --git a/lib/libcrypto/man/ASN1_BIT_STRING_set.3 b/lib/libcrypto/man/ASN1_BIT_STRING_set.3 index 5b18c1c43..5d863d19d 100644 --- a/lib/libcrypto/man/ASN1_BIT_STRING_set.3 +++ b/lib/libcrypto/man/ASN1_BIT_STRING_set.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ASN1_BIT_STRING_set.3,v 1.2 2021/11/19 16:00:54 schwarze Exp $ +.\" $OpenBSD: ASN1_BIT_STRING_set.3,v 1.4 2023/07/28 05:53:10 tb Exp $ .\" .\" Copyright (c) 2021 Ingo Schwarze .\" @@ -14,14 +14,13 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: November 19 2021 $ +.Dd $Mdocdate: July 28 2023 $ .Dt ASN1_BIT_STRING_SET 3 .Os .Sh NAME .Nm ASN1_BIT_STRING_set , .Nm ASN1_BIT_STRING_set_bit , -.Nm ASN1_BIT_STRING_get_bit , -.Nm ASN1_BIT_STRING_check +.Nm ASN1_BIT_STRING_get_bit .Nd ASN.1 BIT STRING accessors .Sh SYNOPSIS .In openssl/asn1.h @@ -42,12 +41,6 @@ .Fa "ASN1_BIT_STRING *bitstr" .Fa "int bitnumber" .Fc -.Ft int -.Fo ASN1_BIT_STRING_check -.Fa "ASN1_BIT_STRING *bitstr" -.Fa "const unsigned char *goodbits" -.Fa "int goodbits_len" -.Fc .Sh DESCRIPTION .Fn ASN1_BIT_STRING_set sets the length attribute of @@ -99,21 +92,6 @@ checks that the bit with the given .Fa bitnumber is set in .Fa bitstr . -.Pp -.Fn ASN1_BIT_STRING_check -checks that all bits set in -.Fa bitstr -are also set in -.Fa goodbits . -Expressed symbolically, it evaluates: -.Pp -.D1 Po Fa bitstr No & Pf \(ti Fa goodbits Pc == 0 -.Pp -The buffer -.Fa goodbits -is expected to contain -.Fa goodbits_len -bytes. .Sh RETURN VALUES .Fn ASN1_BIT_STRING_set returns 1 on success or 0 if memory allocation fails or if @@ -145,23 +123,8 @@ if points beyond the last data byte in .Fa bitstr , or if the requested bit is not set. -.Pp -.Fn ASN1_BIT_STRING_check -returns 0 -if at least one bit is set in -.Fa bitstr -that is not set in -.Fa goodbits , -or 1 otherwise. -In particular, it returns 1 if -.Fa bitstr -is -.Dv NULL -or if no bit is set in -.Fa bitstr . .Sh SEE ALSO .Xr ASN1_BIT_STRING_new 3 , -.Xr ASN1_BIT_STRING_num_asc 3 , .Xr ASN1_STRING_set 3 , .Xr d2i_ASN1_BIT_STRING 3 .Sh HISTORY @@ -173,7 +136,3 @@ and first appeared in SSLeay 0.9.0. These functions have been available since .Ox 2.4 . -.Pp -.Fn ASN1_BIT_STRING_check -first appeared in OpenSSL 1.0.0 and has have been available since -.Ox 4.9 . diff --git a/lib/libcrypto/man/ASN1_STRING_new.3 b/lib/libcrypto/man/ASN1_STRING_new.3 index d9f5093f3..9500b82df 100644 --- a/lib/libcrypto/man/ASN1_STRING_new.3 +++ b/lib/libcrypto/man/ASN1_STRING_new.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ASN1_STRING_new.3,v 1.24 2021/12/14 19:36:18 schwarze Exp $ +.\" $OpenBSD: ASN1_STRING_new.3,v 1.25 2023/07/28 05:48:33 tb Exp $ .\" OpenSSL 99d63d46 Tue Mar 24 07:52:24 2015 -0400 .\" .\" Copyright (c) 2017 Ingo Schwarze @@ -15,7 +15,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: December 14 2021 $ +.Dd $Mdocdate: July 28 2023 $ .Dt ASN1_STRING_NEW 3 .Os .Sh NAME @@ -205,7 +205,6 @@ object if successful; otherwise is returned and an error code can be retrieved with .Xr ERR_get_error 3 . .Sh SEE ALSO -.Xr ASN1_BIT_STRING_num_asc 3 , .Xr ASN1_BIT_STRING_set 3 , .Xr ASN1_INTEGER_get 3 , .Xr ASN1_item_pack 3 , diff --git a/lib/libcrypto/man/BF_set_key.3 b/lib/libcrypto/man/BF_set_key.3 index c7e83a752..9fbe731da 100644 --- a/lib/libcrypto/man/BF_set_key.3 +++ b/lib/libcrypto/man/BF_set_key.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: BF_set_key.3,v 1.10 2019/06/06 01:06:58 schwarze Exp $ +.\" $OpenBSD: BF_set_key.3,v 1.11 2023/07/29 03:05:35 tb Exp $ .\" OpenSSL 99d63d46 Jul 19 09:27:53 2016 -0400 .\" .\" This file was written by Richard Levitte . @@ -49,7 +49,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: June 6 2019 $ +.Dd $Mdocdate: July 29 2023 $ .Dt BF_SET_KEY 3 .Os .Sh NAME @@ -60,7 +60,6 @@ .Nm BF_cbc_encrypt , .Nm BF_cfb64_encrypt , .Nm BF_ofb64_encrypt , -.Nm BF_options .Nd Blowfish encryption .Sh SYNOPSIS .In openssl/blowfish.h @@ -115,10 +114,6 @@ .Fa "unsigned char *ivec" .Fa "int *num" .Fc -.Ft const char * -.Fo BF_options -.Fa void -.Fc .Sh DESCRIPTION This library implements the Blowfish cipher, which was invented and defined by @@ -265,9 +260,8 @@ and big-endian on big-endian ones. .Fn BF_ecb_encrypt , .Fn BF_cbc_encrypt , .Fn BF_cfb64_encrypt , -.Fn BF_ofb64_encrypt , and -.Fn BF_options +.Fn BF_ofb64_encrypt first appeared in SSLeay 0.6.6. .Fn BF_decrypt first appeared in SSLeay 0.9.0. diff --git a/lib/libcrypto/man/CRYPTO_set_ex_data.3 b/lib/libcrypto/man/CRYPTO_set_ex_data.3 index 9d72b8564..abdef79d8 100644 --- a/lib/libcrypto/man/CRYPTO_set_ex_data.3 +++ b/lib/libcrypto/man/CRYPTO_set_ex_data.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: CRYPTO_set_ex_data.3,v 1.13 2022/03/31 17:27:16 naddy Exp $ +.\" $OpenBSD: CRYPTO_set_ex_data.3,v 1.14 2023/07/28 14:34:54 tb Exp $ .\" full merge up to: .\" OpenSSL CRYPTO_get_ex_new_index 9e183d22 Mar 11 08:56:44 2017 -0500 .\" selective merge up to: 72a7a702 Feb 26 14:05:09 2019 +0000 @@ -52,7 +52,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: March 31 2022 $ +.Dd $Mdocdate: July 28 2023 $ .Dt CRYPTO_SET_EX_DATA 3 .Os .Sh NAME @@ -161,9 +161,6 @@ retrieved as a .Vt void * type. .Pp -The -.Vt CRYPTO_EX_DATA -type is opaque. To initialize the exdata part of a structure, call .Fn CRYPTO_new_ex_data . .Pp diff --git a/lib/libcrypto/man/Makefile b/lib/libcrypto/man/Makefile index 1697357f6..23e48a987 100644 --- a/lib/libcrypto/man/Makefile +++ b/lib/libcrypto/man/Makefile @@ -1,11 +1,10 @@ -# $OpenBSD: Makefile,v 1.258 2023/07/26 20:08:59 tb Exp $ +# $OpenBSD: Makefile,v 1.259 2023/07/28 05:48:33 tb Exp $ .include MAN= \ ACCESS_DESCRIPTION_new.3 \ AES_encrypt.3 \ - ASN1_BIT_STRING_num_asc.3 \ ASN1_BIT_STRING_set.3 \ ASN1_INTEGER_get.3 \ ASN1_NULL_new.3 \ diff --git a/lib/libcrypto/md4/md4_dgst.c b/lib/libcrypto/md4/md4.c similarity index 95% rename from lib/libcrypto/md4/md4_dgst.c rename to lib/libcrypto/md4/md4.c index 33a1cd777..a60196e5b 100644 --- a/lib/libcrypto/md4/md4_dgst.c +++ b/lib/libcrypto/md4/md4.c @@ -1,4 +1,4 @@ -/* $OpenBSD: md4_dgst.c,v 1.21 2023/07/15 15:30:43 jsing Exp $ */ +/* $OpenBSD: md4.c,v 1.5 2023/07/28 11:04:41 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -247,3 +247,20 @@ md4_block_data_order(MD4_CTX *c, const void *data_, size_t num) } } #endif + +unsigned char * +MD4(const unsigned char *d, size_t n, unsigned char *md) +{ + MD4_CTX c; + static unsigned char m[MD4_DIGEST_LENGTH]; + + if (md == NULL) + md = m; + if (!MD4_Init(&c)) + return NULL; + MD4_Update(&c, d, n); + MD4_Final(md, &c); + explicit_bzero(&c, sizeof(c)); + return (md); +} +LCRYPTO_ALIAS(MD4); diff --git a/lib/libcrypto/md4/md4_one.c b/lib/libcrypto/md4/md4_one.c deleted file mode 100644 index 3879a2ab4..000000000 --- a/lib/libcrypto/md4/md4_one.c +++ /dev/null @@ -1,79 +0,0 @@ -/* $OpenBSD: md4_one.c,v 1.12 2023/07/08 10:45:57 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -unsigned char * -MD4(const unsigned char *d, size_t n, unsigned char *md) -{ - MD4_CTX c; - static unsigned char m[MD4_DIGEST_LENGTH]; - - if (md == NULL) - md = m; - if (!MD4_Init(&c)) - return NULL; - MD4_Update(&c, d, n); - MD4_Final(md, &c); - explicit_bzero(&c, sizeof(c)); - return (md); -} -LCRYPTO_ALIAS(MD4); diff --git a/lib/libcrypto/md5/md5_dgst.c b/lib/libcrypto/md5/md5.c similarity index 96% rename from lib/libcrypto/md5/md5_dgst.c rename to lib/libcrypto/md5/md5.c index 3cd4b1ba7..06516781a 100644 --- a/lib/libcrypto/md5/md5_dgst.c +++ b/lib/libcrypto/md5/md5.c @@ -1,4 +1,4 @@ -/* $OpenBSD: md5_dgst.c,v 1.19 2023/07/15 15:37:05 jsing Exp $ */ +/* $OpenBSD: md5.c,v 1.6 2023/07/28 11:06:28 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -284,3 +284,20 @@ md5_block_data_order(MD5_CTX *c, const void *data_, size_t num) } } #endif + +unsigned char * +MD5(const unsigned char *d, size_t n, unsigned char *md) +{ + MD5_CTX c; + static unsigned char m[MD5_DIGEST_LENGTH]; + + if (md == NULL) + md = m; + if (!MD5_Init(&c)) + return NULL; + MD5_Update(&c, d, n); + MD5_Final(md, &c); + explicit_bzero(&c, sizeof(c)); + return (md); +} +LCRYPTO_ALIAS(MD5); diff --git a/lib/libcrypto/md5/md5_one.c b/lib/libcrypto/md5/md5_one.c deleted file mode 100644 index 3d5fba572..000000000 --- a/lib/libcrypto/md5/md5_one.c +++ /dev/null @@ -1,79 +0,0 @@ -/* $OpenBSD: md5_one.c,v 1.12 2023/07/08 10:45:57 beck Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -unsigned char * -MD5(const unsigned char *d, size_t n, unsigned char *md) -{ - MD5_CTX c; - static unsigned char m[MD5_DIGEST_LENGTH]; - - if (md == NULL) - md = m; - if (!MD5_Init(&c)) - return NULL; - MD5_Update(&c, d, n); - MD5_Final(md, &c); - explicit_bzero(&c, sizeof(c)); - return (md); -} -LCRYPTO_ALIAS(MD5); diff --git a/lib/libcrypto/objects/obj_xref.c b/lib/libcrypto/objects/obj_xref.c index ae18d69af..0fca228ed 100644 --- a/lib/libcrypto/objects/obj_xref.c +++ b/lib/libcrypto/objects/obj_xref.c @@ -1,4 +1,4 @@ -/* $OpenBSD: obj_xref.c,v 1.12 2023/07/22 19:08:03 tb Exp $ */ +/* $OpenBSD: obj_xref.c,v 1.13 2023/07/28 10:25:05 tb Exp $ */ /* * Copyright (c) 2023 Theo Buehler @@ -310,16 +310,3 @@ OBJ_find_sigid_by_algs(int *sign_nid, int hash_nid, int pkey_nid) return 0; } LCRYPTO_ALIAS(OBJ_find_sigid_by_algs); - -int -OBJ_add_sigid(int sign_nid, int hash_nid, int pkey_nid) -{ - return 0; -} -LCRYPTO_ALIAS(OBJ_add_sigid); - -void -OBJ_sigid_free(void) -{ -} -LCRYPTO_ALIAS(OBJ_sigid_free); diff --git a/lib/libcrypto/objects/objects.h b/lib/libcrypto/objects/objects.h index 91e4eb0d1..451545e05 100644 --- a/lib/libcrypto/objects/objects.h +++ b/lib/libcrypto/objects/objects.h @@ -1,4 +1,4 @@ -/* $OpenBSD: objects.h,v 1.22 2023/06/29 06:11:33 tb Exp $ */ +/* $OpenBSD: objects.h,v 1.23 2023/07/28 10:25:05 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -139,8 +139,6 @@ const unsigned char *OBJ_get0_data(const ASN1_OBJECT *obj); int OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid); int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid); -int OBJ_add_sigid(int signid, int dig_id, int pkey_id); -void OBJ_sigid_free(void); void ERR_load_OBJ_strings(void); diff --git a/lib/libcrypto/opensslfeatures.h b/lib/libcrypto/opensslfeatures.h index 1e087f9c2..02d522895 100644 --- a/lib/libcrypto/opensslfeatures.h +++ b/lib/libcrypto/opensslfeatures.h @@ -1,4 +1,4 @@ -/* $OpenBSD: opensslfeatures.h,v 1.39 2023/07/06 06:38:01 beck Exp $ */ +/* $OpenBSD: opensslfeatures.h,v 1.41 2023/07/28 09:53:55 tb Exp $ */ /* * Feature flags for LibreSSL... so you can actually tell when things * are enabled, rather than not being able to tell when things are @@ -51,7 +51,7 @@ /* #define OPENSSL_NO_DGRAM */ /* #define OPENSSL_NO_DH */ /* #define OPENSSL_NO_DSA */ -/* #define OPENSSL_NO_DSO */ +#define OPENSSL_NO_DSO /* #define OPENSSL_NO_DTLS */ #define OPENSSL_NO_DTLS1 #ifndef LIBRESSL_HAS_DTLS1_2 @@ -63,7 +63,7 @@ /* #define OPENSSL_NO_EC */ #define OPENSSL_NO_EC_NISTP_64_GCC_128 #define OPENSSL_NO_EGD -/* #define OPENSSL_NO_ENGINE */ +#define OPENSSL_NO_ENGINE /* #define OPENSSL_NO_ERR */ /* #define OPENSSL_NO_FUZZ_AFL */ /* #define OPENSSL_NO_FUZZ_LIBFUZZER */ diff --git a/lib/libcrypto/ossl_typ.h b/lib/libcrypto/ossl_typ.h index 6e33f8cfb..5da4243f8 100644 --- a/lib/libcrypto/ossl_typ.h +++ b/lib/libcrypto/ossl_typ.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ossl_typ.h,v 1.25 2023/04/25 18:28:05 tb Exp $ */ +/* $OpenBSD: ossl_typ.h,v 1.28 2023/07/28 10:21:01 tb Exp $ */ /* ==================================================================== * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved. * @@ -124,9 +124,6 @@ typedef struct rsa_pss_params_st RSA_PSS_PARAMS; typedef struct rand_meth_st RAND_METHOD; -typedef struct ecdh_method ECDH_METHOD; -typedef struct ecdsa_method ECDSA_METHOD; - typedef struct x509_st X509; typedef struct X509_algor_st X509_ALGOR; typedef struct X509_crl_st X509_CRL; @@ -153,8 +150,6 @@ typedef struct store_method_st STORE_METHOD; typedef struct ui_st UI; typedef struct ui_method_st UI_METHOD; -typedef struct st_ERR_FNS ERR_FNS; - typedef struct engine_st ENGINE; typedef struct ssl_st SSL; typedef struct ssl_ctx_st SSL_CTX; diff --git a/lib/libcrypto/rc4/asm/rc4-586.pl b/lib/libcrypto/rc4/asm/rc4-586.pl index 4991c37c2..bb30f9b88 100644 --- a/lib/libcrypto/rc4/asm/rc4-586.pl +++ b/lib/libcrypto/rc4/asm/rc4-586.pl @@ -384,32 +384,4 @@ $idx="edx"; &mov (&DWP(-4,$out),"eax"); # key->y=0; &function_end("RC4_set_key"); -# const char *RC4_options(void); -&static_label("opts"); -&function_begin_B("RC4_options"); - &picsetup("edx"); - &picsymbol("eax", &label("opts"), "edx"); - &picsymbol("edx", "OPENSSL_ia32cap_P", "edx");; - - &mov ("edx",&DWP(0,"edx")); - &bt ("edx","\$IA32CAP_BIT0_INTELP4"); - &jc (&label("1xchar")); - &bt ("edx","\$IA32CAP_BIT0_SSE2"); - &jnc (&label("ret")); - &add ("eax",25); - &ret (); -&set_label("1xchar"); - &add ("eax",12); -&set_label("ret"); - &ret (); -&function_end_B("RC4_options"); - - &rodataseg(); -&set_label("opts"); -&asciz ("rc4(4x,int)"); -&asciz ("rc4(1x,char)"); -&asciz ("rc4(8x,mmx)"); - &previous(); - &asm_finish(); - diff --git a/lib/libcrypto/rc4/asm/rc4-md5-x86_64.pl b/lib/libcrypto/rc4/asm/rc4-md5-x86_64.pl index 6d058bd9d..3190e6a8e 100644 --- a/lib/libcrypto/rc4/asm/rc4-md5-x86_64.pl +++ b/lib/libcrypto/rc4/asm/rc4-md5-x86_64.pl @@ -491,19 +491,6 @@ RC4_set_key: mov %eax,-4($dat) ret .size RC4_set_key,.-RC4_set_key - -.globl RC4_options -.type RC4_options,\@abi-omnipotent -.align 16 -RC4_options: - endbr64 - lea .Lopts(%rip),%rax - ret -.align 64 -.Lopts: -.asciz "rc4(64x,int)" -.align 64 -.size RC4_options,.-RC4_options ___ } diff --git a/lib/libcrypto/rc4/asm/rc4-parisc.pl b/lib/libcrypto/rc4/asm/rc4-parisc.pl index 24e3e0c30..6a1a2aad7 100644 --- a/lib/libcrypto/rc4/asm/rc4-parisc.pl +++ b/lib/libcrypto/rc4/asm/rc4-parisc.pl @@ -285,29 +285,6 @@ L\$2nd .EXIT nop .PROCEND - - .EXPORT RC4_options,ENTRY - .ALIGN 8 -RC4_options - .PROC - .CALLINFO NO_CALLS - .ENTRY -#ifdef __PIC__ - addil LT'L\$opts, %r19 - ldw RT'L\$opts(%r1), %r28 -#else - ldil L'L\$opts, %t1 - ldo R'L\$opts(%t1), %r28 -#endif - bv (%r2) - .EXIT - nop - .PROCEND - - .section .rodata - .ALIGN 8 -L\$opts - .STRINGZ "rc4(4x,`$SZ==1?"char":"int"`)" ___ $code =~ s/\`([^\`]*)\`/eval $1/gem; $code =~ s/cmpib,\*/comib,/gm if ($SIZE_T==4); diff --git a/lib/libcrypto/rc4/asm/rc4-x86_64.pl b/lib/libcrypto/rc4/asm/rc4-x86_64.pl index 2bac7d744..0472acce8 100755 --- a/lib/libcrypto/rc4/asm/rc4-x86_64.pl +++ b/lib/libcrypto/rc4/asm/rc4-x86_64.pl @@ -503,33 +503,6 @@ RC4_set_key: mov %eax,-4($dat) ret .size RC4_set_key,.-RC4_set_key - -.globl RC4_options -.type RC4_options,\@abi-omnipotent -.align 16 -RC4_options: - endbr64 - lea .Lopts(%rip),%rax - mov OPENSSL_ia32cap_P(%rip),%edx - bt \$IA32CAP_BIT0_INTELP4,%edx - jc .L8xchar - bt \$IA32CAP_BIT0_INTEL,%edx - jnc .Ldone - add \$25,%rax - ret -.L8xchar: - add \$12,%rax -.Ldone: - ret -.section .rodata -.align 64 -.Lopts: -.asciz "rc4(8x,int)" -.asciz "rc4(8x,char)" -.asciz "rc4(16x,int)" -.align 64 -.text -.size RC4_options,.-RC4_options ___ sub reg_part { diff --git a/lib/libcrypto/rc4/rc4.h b/lib/libcrypto/rc4/rc4.h index f59185ed3..7ebe23210 100644 --- a/lib/libcrypto/rc4/rc4.h +++ b/lib/libcrypto/rc4/rc4.h @@ -1,4 +1,4 @@ -/* $OpenBSD: rc4.h,v 1.13 2015/10/20 15:50:13 jsing Exp $ */ +/* $OpenBSD: rc4.h,v 1.14 2023/07/28 10:35:14 tb Exp $ */ /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -76,7 +76,6 @@ typedef struct rc4_key_st { RC4_INT data[256]; } RC4_KEY; -const char *RC4_options(void); void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); void RC4(RC4_KEY *key, size_t len, const unsigned char *indata, diff --git a/lib/libcrypto/rc4/rc4_skey.c b/lib/libcrypto/rc4/rc4_skey.c index e32a6e84a..5833c7bd0 100644 --- a/lib/libcrypto/rc4/rc4_skey.c +++ b/lib/libcrypto/rc4/rc4_skey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rc4_skey.c,v 1.15 2022/11/26 16:08:54 tb Exp $ */ +/* $OpenBSD: rc4_skey.c,v 1.16 2023/07/28 10:35:14 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -57,24 +57,8 @@ */ #include -#include "rc4_local.h" -#include -const char * -RC4_options(void) -{ -#ifdef RC4_INDEX - if (sizeof(RC4_INT) == 1) - return("rc4(idx,char)"); - else - return("rc4(idx,int)"); -#else - if (sizeof(RC4_INT) == 1) - return("rc4(ptr,char)"); - else - return("rc4(ptr,int)"); -#endif -} +#include "rc4_local.h" /* RC4 as implemented from a posting from * Newsgroups: sci.crypt diff --git a/lib/libcrypto/ripemd/rmd_dgst.c b/lib/libcrypto/ripemd/ripemd.c similarity index 97% rename from lib/libcrypto/ripemd/rmd_dgst.c rename to lib/libcrypto/ripemd/ripemd.c index 0b441d5cc..4edf3de4d 100644 --- a/lib/libcrypto/ripemd/rmd_dgst.c +++ b/lib/libcrypto/ripemd/ripemd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rmd_dgst.c,v 1.20 2023/07/08 06:52:56 jsing Exp $ */ +/* $OpenBSD: ripemd.c,v 1.1 2023/07/28 11:08:01 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -422,3 +422,20 @@ ripemd160_block_data_order(RIPEMD160_CTX *ctx, const void *p, size_t num) } } #endif + +unsigned char * +RIPEMD160(const unsigned char *d, size_t n, + unsigned char *md) +{ + RIPEMD160_CTX c; + static unsigned char m[RIPEMD160_DIGEST_LENGTH]; + + if (md == NULL) + md = m; + if (!RIPEMD160_Init(&c)) + return NULL; + RIPEMD160_Update(&c, d, n); + RIPEMD160_Final(md, &c); + explicit_bzero(&c, sizeof(c)); + return (md); +} diff --git a/lib/libcrypto/ripemd/rmd_one.c b/lib/libcrypto/ripemd/rmd_one.c deleted file mode 100644 index 18b746039..000000000 --- a/lib/libcrypto/ripemd/rmd_one.c +++ /dev/null @@ -1,80 +0,0 @@ -/* $OpenBSD: rmd_one.c,v 1.10 2023/07/08 06:52:56 jsing Exp $ */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -unsigned char * -RIPEMD160(const unsigned char *d, size_t n, - unsigned char *md) -{ - RIPEMD160_CTX c; - static unsigned char m[RIPEMD160_DIGEST_LENGTH]; - - if (md == NULL) - md = m; - if (!RIPEMD160_Init(&c)) - return NULL; - RIPEMD160_Update(&c, d, n); - RIPEMD160_Final(md, &c); - explicit_bzero(&c, sizeof(c)); - return (md); -} - diff --git a/lib/libcrypto/rsa/rsa.h b/lib/libcrypto/rsa/rsa.h index ff88240f0..4fcef3a97 100644 --- a/lib/libcrypto/rsa/rsa.h +++ b/lib/libcrypto/rsa/rsa.h @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa.h,v 1.64 2023/05/05 12:30:40 tb Exp $ */ +/* $OpenBSD: rsa.h,v 1.65 2023/07/28 10:05:16 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -321,7 +321,6 @@ int RSA_verify_ASN1_OCTET_STRING(int type, const unsigned char *m, int RSA_blinding_on(RSA *rsa, BN_CTX *ctx); void RSA_blinding_off(RSA *rsa); -BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx); int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen, const unsigned char *f, int fl); diff --git a/lib/libcrypto/rsa/rsa_crpt.c b/lib/libcrypto/rsa/rsa_crpt.c index ea79280b1..15108e24f 100644 --- a/lib/libcrypto/rsa/rsa_crpt.c +++ b/lib/libcrypto/rsa/rsa_crpt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_crpt.c,v 1.22 2023/07/08 12:26:45 beck Exp $ */ +/* $OpenBSD: rsa_crpt.c,v 1.23 2023/07/28 10:05:16 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -229,4 +229,3 @@ err: return ret; } -LCRYPTO_ALIAS(RSA_setup_blinding); diff --git a/lib/libcrypto/rsa/rsa_lib.c b/lib/libcrypto/rsa/rsa_lib.c index 8831253b9..fbd2c2274 100644 --- a/lib/libcrypto/rsa/rsa_lib.c +++ b/lib/libcrypto/rsa/rsa_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_lib.c,v 1.47 2023/07/08 12:26:45 beck Exp $ */ +/* $OpenBSD: rsa_lib.c,v 1.48 2023/07/28 10:05:16 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -67,6 +67,7 @@ #include #include +#include "bn_local.h" #include "evp_local.h" #include "rsa_local.h" diff --git a/lib/libcrypto/rsa/rsa_local.h b/lib/libcrypto/rsa/rsa_local.h index b4e90abd9..e4c3040b6 100644 --- a/lib/libcrypto/rsa/rsa_local.h +++ b/lib/libcrypto/rsa/rsa_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_local.h,v 1.3 2023/07/21 15:26:51 tb Exp $ */ +/* $OpenBSD: rsa_local.h,v 1.4 2023/07/28 10:05:16 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -153,4 +153,6 @@ int RSA_padding_check_X931(unsigned char *to, int tlen, const unsigned char *f, int fl, int rsa_len); int RSA_X931_hash_id(int nid); +BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx); + __END_HIDDEN_DECLS diff --git a/lib/libcrypto/shlib_version b/lib/libcrypto/shlib_version index 789f6ba81..41c861f74 100644 --- a/lib/libcrypto/shlib_version +++ b/lib/libcrypto/shlib_version @@ -1,3 +1,3 @@ # Don't forget to give libssl and libtls the same type of bump! -major=51 +major=52 minor=0 diff --git a/lib/libcrypto/sm2/sm2.h b/lib/libcrypto/sm2/sm2.h index dee75eb68..2f14fe666 100644 --- a/lib/libcrypto/sm2/sm2.h +++ b/lib/libcrypto/sm2/sm2.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sm2.h,v 1.2 2022/07/12 14:42:50 kn Exp $ */ +/* $OpenBSD: sm2.h,v 1.3 2023/07/28 15:50:33 tb Exp $ */ /* * Copyright (c) 2017, 2019 Ribose Inc * @@ -21,7 +21,6 @@ #include #include -#include #ifdef OPENSSL_NO_SM2 #error SM2 is disabled. diff --git a/lib/libcrypto/sm2/sm2_local.h b/lib/libcrypto/sm2/sm2_local.h index ad97f2c77..388c468ef 100644 --- a/lib/libcrypto/sm2/sm2_local.h +++ b/lib/libcrypto/sm2/sm2_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sm2_local.h,v 1.2 2022/11/26 17:23:18 tb Exp $ */ +/* $OpenBSD: sm2_local.h,v 1.3 2023/07/28 15:50:33 tb Exp $ */ /* * Copyright (c) 2017, 2019 Ribose Inc * @@ -19,7 +19,6 @@ #define HEADER_SM2_LOCAL_H #include -#include __BEGIN_HIDDEN_DECLS diff --git a/lib/libcrypto/stack/safestack.h b/lib/libcrypto/stack/safestack.h index c58ebea44..9d0f1e0d1 100644 --- a/lib/libcrypto/stack/safestack.h +++ b/lib/libcrypto/stack/safestack.h @@ -1,4 +1,4 @@ -/* $OpenBSD: safestack.h,v 1.26 2023/04/25 18:53:42 tb Exp $ */ +/* $OpenBSD: safestack.h,v 1.28 2023/07/28 10:26:33 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999 The OpenSSL Project. All rights reserved. * @@ -619,28 +619,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void) #define sk_CONF_VALUE_sort(st) SKM_sk_sort(CONF_VALUE, (st)) #define sk_CONF_VALUE_is_sorted(st) SKM_sk_is_sorted(CONF_VALUE, (st)) -#define sk_CRYPTO_EX_DATA_FUNCS_new(cmp) SKM_sk_new(CRYPTO_EX_DATA_FUNCS, (cmp)) -#define sk_CRYPTO_EX_DATA_FUNCS_new_null() SKM_sk_new_null(CRYPTO_EX_DATA_FUNCS) -#define sk_CRYPTO_EX_DATA_FUNCS_free(st) SKM_sk_free(CRYPTO_EX_DATA_FUNCS, (st)) -#define sk_CRYPTO_EX_DATA_FUNCS_num(st) SKM_sk_num(CRYPTO_EX_DATA_FUNCS, (st)) -#define sk_CRYPTO_EX_DATA_FUNCS_value(st, i) SKM_sk_value(CRYPTO_EX_DATA_FUNCS, (st), (i)) -#define sk_CRYPTO_EX_DATA_FUNCS_set(st, i, val) SKM_sk_set(CRYPTO_EX_DATA_FUNCS, (st), (i), (val)) -#define sk_CRYPTO_EX_DATA_FUNCS_zero(st) SKM_sk_zero(CRYPTO_EX_DATA_FUNCS, (st)) -#define sk_CRYPTO_EX_DATA_FUNCS_push(st, val) SKM_sk_push(CRYPTO_EX_DATA_FUNCS, (st), (val)) -#define sk_CRYPTO_EX_DATA_FUNCS_unshift(st, val) SKM_sk_unshift(CRYPTO_EX_DATA_FUNCS, (st), (val)) -#define sk_CRYPTO_EX_DATA_FUNCS_find(st, val) SKM_sk_find(CRYPTO_EX_DATA_FUNCS, (st), (val)) -#define sk_CRYPTO_EX_DATA_FUNCS_find_ex(st, val) SKM_sk_find_ex(CRYPTO_EX_DATA_FUNCS, (st), (val)) -#define sk_CRYPTO_EX_DATA_FUNCS_delete(st, i) SKM_sk_delete(CRYPTO_EX_DATA_FUNCS, (st), (i)) -#define sk_CRYPTO_EX_DATA_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_EX_DATA_FUNCS, (st), (ptr)) -#define sk_CRYPTO_EX_DATA_FUNCS_insert(st, val, i) SKM_sk_insert(CRYPTO_EX_DATA_FUNCS, (st), (val), (i)) -#define sk_CRYPTO_EX_DATA_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_EX_DATA_FUNCS, (st), (cmp)) -#define sk_CRYPTO_EX_DATA_FUNCS_dup(st) SKM_sk_dup(CRYPTO_EX_DATA_FUNCS, st) -#define sk_CRYPTO_EX_DATA_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_EX_DATA_FUNCS, (st), (free_func)) -#define sk_CRYPTO_EX_DATA_FUNCS_shift(st) SKM_sk_shift(CRYPTO_EX_DATA_FUNCS, (st)) -#define sk_CRYPTO_EX_DATA_FUNCS_pop(st) SKM_sk_pop(CRYPTO_EX_DATA_FUNCS, (st)) -#define sk_CRYPTO_EX_DATA_FUNCS_sort(st) SKM_sk_sort(CRYPTO_EX_DATA_FUNCS, (st)) -#define sk_CRYPTO_EX_DATA_FUNCS_is_sorted(st) SKM_sk_is_sorted(CRYPTO_EX_DATA_FUNCS, (st)) - #define sk_CRYPTO_dynlock_new(cmp) SKM_sk_new(CRYPTO_dynlock, (cmp)) #define sk_CRYPTO_dynlock_new_null() SKM_sk_new_null(CRYPTO_dynlock) #define sk_CRYPTO_dynlock_free(st) SKM_sk_free(CRYPTO_dynlock, (st)) @@ -1831,28 +1809,6 @@ DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void) #define sk_X509_VERIFY_PARAM_sort(st) SKM_sk_sort(X509_VERIFY_PARAM, (st)) #define sk_X509_VERIFY_PARAM_is_sorted(st) SKM_sk_is_sorted(X509_VERIFY_PARAM, (st)) -#define sk_nid_triple_new(cmp) SKM_sk_new(nid_triple, (cmp)) -#define sk_nid_triple_new_null() SKM_sk_new_null(nid_triple) -#define sk_nid_triple_free(st) SKM_sk_free(nid_triple, (st)) -#define sk_nid_triple_num(st) SKM_sk_num(nid_triple, (st)) -#define sk_nid_triple_value(st, i) SKM_sk_value(nid_triple, (st), (i)) -#define sk_nid_triple_set(st, i, val) SKM_sk_set(nid_triple, (st), (i), (val)) -#define sk_nid_triple_zero(st) SKM_sk_zero(nid_triple, (st)) -#define sk_nid_triple_push(st, val) SKM_sk_push(nid_triple, (st), (val)) -#define sk_nid_triple_unshift(st, val) SKM_sk_unshift(nid_triple, (st), (val)) -#define sk_nid_triple_find(st, val) SKM_sk_find(nid_triple, (st), (val)) -#define sk_nid_triple_find_ex(st, val) SKM_sk_find_ex(nid_triple, (st), (val)) -#define sk_nid_triple_delete(st, i) SKM_sk_delete(nid_triple, (st), (i)) -#define sk_nid_triple_delete_ptr(st, ptr) SKM_sk_delete_ptr(nid_triple, (st), (ptr)) -#define sk_nid_triple_insert(st, val, i) SKM_sk_insert(nid_triple, (st), (val), (i)) -#define sk_nid_triple_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(nid_triple, (st), (cmp)) -#define sk_nid_triple_dup(st) SKM_sk_dup(nid_triple, st) -#define sk_nid_triple_pop_free(st, free_func) SKM_sk_pop_free(nid_triple, (st), (free_func)) -#define sk_nid_triple_shift(st) SKM_sk_shift(nid_triple, (st)) -#define sk_nid_triple_pop(st) SKM_sk_pop(nid_triple, (st)) -#define sk_nid_triple_sort(st) SKM_sk_sort(nid_triple, (st)) -#define sk_nid_triple_is_sorted(st) SKM_sk_is_sorted(nid_triple, (st)) - #define sk_void_new(cmp) SKM_sk_new(void, (cmp)) #define sk_void_new_null() SKM_sk_new_null(void) #define sk_void_free(st) SKM_sk_free(void, (st)) diff --git a/lib/libcrypto/ts/ts.h b/lib/libcrypto/ts/ts.h index 6021a309f..0d5de6223 100644 --- a/lib/libcrypto/ts/ts.h +++ b/lib/libcrypto/ts/ts.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ts.h,v 1.21 2023/04/25 17:52:54 tb Exp $ */ +/* $OpenBSD: ts.h,v 1.22 2023/07/28 09:53:55 tb Exp $ */ /* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL * project 2002, 2003, 2004. */ @@ -542,9 +542,11 @@ EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass); const char *TS_CONF_get_tsa_section(CONF *conf, const char *section); int TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb, TS_RESP_CTX *ctx); +#ifndef OPENSSL_NO_ENGINE int TS_CONF_set_crypto_device(CONF *conf, const char *section, const char *device); int TS_CONF_set_default_engine(const char *name); +#endif int TS_CONF_set_signer_cert(CONF *conf, const char *section, const char *cert, TS_RESP_CTX *ctx); int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs, diff --git a/lib/libcrypto/x509/x509.h b/lib/libcrypto/x509/x509.h index c2a9dfedc..f76576f61 100644 --- a/lib/libcrypto/x509/x509.h +++ b/lib/libcrypto/x509/x509.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.h,v 1.100 2023/04/25 18:57:57 tb Exp $ */ +/* $OpenBSD: x509.h,v 1.101 2023/07/28 15:50:33 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -82,12 +82,6 @@ #ifndef OPENSSL_NO_EC #include #endif -#ifndef OPENSSL_NO_ECDSA -#include -#endif -#ifndef OPENSSL_NO_ECDH -#include -#endif #ifndef OPENSSL_NO_EVP #include #endif diff --git a/lib/libssl/Symbols.list b/lib/libssl/Symbols.list index 2b9ec25e1..9f261bb97 100644 --- a/lib/libssl/Symbols.list +++ b/lib/libssl/Symbols.list @@ -95,7 +95,6 @@ SSL_CTX_set_cipher_list SSL_CTX_set_ciphersuites SSL_CTX_set_client_CA_list SSL_CTX_set_client_cert_cb -SSL_CTX_set_client_cert_engine SSL_CTX_set_cookie_generate_cb SSL_CTX_set_cookie_verify_cb SSL_CTX_set_default_passwd_cb diff --git a/lib/libssl/hidden/openssl/ssl.h b/lib/libssl/hidden/openssl/ssl.h index acc99fe13..e4ec6d625 100644 --- a/lib/libssl/hidden/openssl/ssl.h +++ b/lib/libssl/hidden/openssl/ssl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl.h,v 1.3 2023/07/08 16:40:14 beck Exp $ */ +/* $OpenBSD: ssl.h,v 1.4 2023/07/28 09:53:55 tb Exp $ */ /* * Copyright (c) 2023 Bob Beck * @@ -44,7 +44,6 @@ LSSL_USED(SSL_CTX_set_info_callback); LSSL_USED(SSL_CTX_get_info_callback); LSSL_USED(SSL_CTX_set_client_cert_cb); LSSL_USED(SSL_CTX_get_client_cert_cb); -LSSL_USED(SSL_CTX_set_client_cert_engine); LSSL_USED(SSL_CTX_set_cookie_generate_cb); LSSL_USED(SSL_CTX_set_cookie_verify_cb); LSSL_USED(SSL_CTX_set_next_protos_advertised_cb); diff --git a/lib/libssl/shlib_version b/lib/libssl/shlib_version index d3b93e9fd..9416bb7a3 100644 --- a/lib/libssl/shlib_version +++ b/lib/libssl/shlib_version @@ -1,3 +1,3 @@ # Don't forget to give libtls the same type of bump! -major=54 +major=55 minor=0 diff --git a/lib/libssl/ssl_kex.c b/lib/libssl/ssl_kex.c index 85caf25e3..fa420a35a 100644 --- a/lib/libssl/ssl_kex.c +++ b/lib/libssl/ssl_kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_kex.c,v 1.11 2023/06/27 11:03:41 tb Exp $ */ +/* $OpenBSD: ssl_kex.c,v 1.12 2023/07/28 16:02:34 tb Exp $ */ /* * Copyright (c) 2020, 2021 Joel Sing * @@ -20,7 +20,6 @@ #include #include #include -#include #include #include diff --git a/lib/libtls/shlib_version b/lib/libtls/shlib_version index 54ef0c4cc..295c96b24 100644 --- a/lib/libtls/shlib_version +++ b/lib/libtls/shlib_version @@ -1,2 +1,2 @@ -major=27 +major=28 minor=0 diff --git a/regress/lib/libcrypto/dh/dhtest.c b/regress/lib/libcrypto/dh/dhtest.c index ee06259dc..7ddd11812 100644 --- a/regress/lib/libcrypto/dh/dhtest.c +++ b/regress/lib/libcrypto/dh/dhtest.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dhtest.c,v 1.7 2022/01/12 08:58:12 tb Exp $ */ +/* $OpenBSD: dhtest.c,v 1.8 2023/07/28 13:05:59 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -87,8 +87,8 @@ cb(int p, int n, BN_GENCB *arg) c = '*'; if (p == 3) c = '\n'; - BIO_write(BN_GENCB_get_arg(arg), &c, 1); - (void)BIO_flush(BN_GENCB_get_arg(arg)); + printf("%c", c); + fflush(stdout); return 1; } @@ -96,21 +96,15 @@ int main(int argc, char *argv[]) { BN_GENCB *_cb; - DH *a; - char buf[12]; - unsigned char *abuf=NULL; + DH *a = NULL; + unsigned char *abuf = NULL; int i, alen, aout; - BIO *out; int ret = 1; - if ((out = BIO_new(BIO_s_file())) == NULL) - err(1, "BIO_new"); - BIO_set_fp(out, stdout, BIO_NOCLOSE); - if ((_cb = BN_GENCB_new()) == NULL) err(1, "BN_GENCB_new"); - BN_GENCB_set(_cb, &cb, out); + BN_GENCB_set(_cb, &cb, NULL); if ((a = DH_new()) == NULL) goto err; @@ -120,39 +114,42 @@ main(int argc, char *argv[]) if (!DH_check(a, &i)) goto err; if (i & DH_CHECK_P_NOT_PRIME) - BIO_puts(out, "p value is not prime\n"); + puts("p value is not prime\n"); if (i & DH_CHECK_P_NOT_SAFE_PRIME) - BIO_puts(out, "p value is not a safe prime\n"); + puts("p value is not a safe prime\n"); if (i & DH_UNABLE_TO_CHECK_GENERATOR) - BIO_puts(out, "unable to check the generator value\n"); + puts("unable to check the generator value\n"); if (i & DH_NOT_SUITABLE_GENERATOR) - BIO_puts(out, "the g value is not a generator\n"); + puts("the g value is not a generator\n"); - BIO_puts(out, "\np ="); - BN_print(out, DH_get0_p(a)); - BIO_puts(out, "\ng ="); - BN_print(out, DH_get0_g(a)); - BIO_puts(out, "\n"); + printf("\np = "); + if (!BN_print_fp(stdout, DH_get0_p(a))) + goto err; + printf("\ng = "); + if (!BN_print_fp(stdout, DH_get0_g(a))) + goto err; + printf("\n"); if (!DH_generate_key(a)) goto err; - BIO_puts(out, "pri 1="); - BN_print(out, DH_get0_priv_key(a)); - BIO_puts(out, "\npub 1="); - BN_print(out, DH_get0_pub_key(a)); - BIO_puts(out, "\n"); + printf("pri1 = "); + if (!BN_print_fp(stdout, DH_get0_priv_key(a))) + goto err; + printf("\npub1 = "); + if (!BN_print_fp(stdout, DH_get0_pub_key(a))) + goto err; + printf("\n"); alen = DH_size(a); if ((abuf = malloc(alen)) == NULL) err(1, "malloc"); aout = DH_compute_key(abuf, DH_get0_pub_key(a), a); - BIO_puts(out, "key1 ="); - for (i=0; i # # Permission to use, copy, modify, and distribute this software for any @@ -23,11 +23,8 @@ # Skip *_free functions that take more than one or no argument. /^ASN1_item_ex_free$/ || /^ASN1_item_free$/ || -/^ASN1_primitive_free$/ || -/^ASN1_template_free$/ || /^CONF_modules_free$/ || /^EVP_PKEY_asn1_set_free$/ || -/^OBJ_sigid_free$/ || /^X509V3_section_free$/ || /^X509V3_string_free$/ || /^sk_pop_free$/ { diff --git a/regress/lib/libcrypto/free/freenull.c.head b/regress/lib/libcrypto/free/freenull.c.head index 0dec35ba4..dc1a7da52 100644 --- a/regress/lib/libcrypto/free/freenull.c.head +++ b/regress/lib/libcrypto/free/freenull.c.head @@ -1,4 +1,4 @@ -/* $OpenBSD: freenull.c.head,v 1.5 2023/07/26 22:51:01 tb Exp $ */ +/* $OpenBSD: freenull.c.head,v 1.6 2023/07/28 17:13:56 tb Exp $ */ #include #include @@ -6,9 +6,6 @@ #include #include #include -#ifndef OPENSSL_NO_DSO -#include -#endif #ifndef OPENSSL_NO_ENGINE #include #endif diff --git a/regress/usr.bin/rsync/Makefile b/regress/usr.bin/rsync/Makefile index 3be5644e7..50b949615 100644 --- a/regress/usr.bin/rsync/Makefile +++ b/regress/usr.bin/rsync/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.4 2023/07/16 06:36:18 anton Exp $ +# $OpenBSD: Makefile,v 1.5 2023/07/28 17:25:32 bluhm Exp $ # evaluate once in main make invocation, then get list of test from environment .if ! (make(clean) || make(cleandir) || make(obj)) @@ -14,17 +14,15 @@ clean: # some of these tests pass or fail unreliably REGRESS_EXPECTED_FAILURES = run-openrsync-openrsync-test3_minusexclude \ - run-openrsync-openrsync-test6_perms \ run-openrsync-openrsync-test6b_perms \ run-openrsync-openrsync-test7_symlinks \ run-openrsync-openrsync-test10_perms \ - run-openrsync-openrsync-test13_perms \ + run-openrsync-openrsync-test13b_perms \ run-openrsync-rsync-test3_minusexclude \ - run-openrsync-rsync-test6_perms \ run-openrsync-rsync-test6b_perms \ run-openrsync-rsync-test7_symlinks \ run-openrsync-rsync-test10_perms \ - run-openrsync-rsync-test13_perms + run-openrsync-rsync-test13b_perms .if ! exists(${RSYNC_PORT}) .for t in ${RSYNC_TESTS} @@ -34,6 +32,18 @@ REGRESS_SKIP_TARGETS += run-${RSYNC_PORT:T}-${RSYNC_PORT:T}-${t:T:R} .endfor .endif +# these test have to run as regular user +USER_TESTS = test13b_perms + +ROOT_USER != id -g +.for t in ${RSYNC_TESTS} +.if ${ROOT_USER} != 0 || empty(USER_TESTS:M${t:T:R}) +SH_${t:T:R} = sh +.else +SH_${t:T:R} = su build +.endif +.endfor + .for l in ${RSYNC_OPEN} ${RSYNC_PORT} .for r in ${RSYNC_OPEN} ${RSYNC_PORT} @@ -41,8 +51,8 @@ RSYNC_$l_$r = $l --rsync-path=$r .for t in ${RSYNC_TESTS} REGRESS_TARGETS += run-${l:T}-${r:T}-${t:T:R} -run-${l:T}-${r:T}-${t:T:R}: - tstdir="${.CURDIR}" rsync="${RSYNC_$l_$l}" sh $t +run-${l:T}-${r:T}-${t:T:R}: clean + tstdir="${.CURDIR}" rsync="${RSYNC_$l_$l}" ${SH_${t:T:R}} $t .endfor .endfor diff --git a/regress/usr.bin/rsync/test13_perms.test b/regress/usr.bin/rsync/test13_perms.test index 79a010367..52beff092 100644 --- a/regress/usr.bin/rsync/test13_perms.test +++ b/regress/usr.bin/rsync/test13_perms.test @@ -16,7 +16,7 @@ generate_tree dir2 # Also make the target tree and mess up some permissions in there. # We expect rsync to reset this to what dir1 has. generate_tree dir3 -chmod 070 dir3/one.txt +chmod 470 dir3/one.txt touch -m -t 199901020405 dir3/one.txt $rsync -a dir1/ dir3 diff --git a/regress/usr.bin/rsync/test13b_perms.test b/regress/usr.bin/rsync/test13b_perms.test new file mode 100644 index 000000000..092adb4bc --- /dev/null +++ b/regress/usr.bin/rsync/test13b_perms.test @@ -0,0 +1,24 @@ +#! /bin/sh + +. ${tstdir-.}/lib.sh +. ${tstdir-.}/conf.sh + +generate_tree() { + mkdirfile "${1}/one.txt" +} + +rm -rf dir1 dir2 dir3 +# make the copy-from-here tree +generate_tree dir1 +# make the tree we want to compare to +generate_tree dir2 + +# Also make the target tree and mess up some permissions in there. +# We expect rsync to reset this to what dir1 has. +generate_tree dir3 +# regular user cannot read his own file, rsync must fix permissions first +chmod 070 dir3/one.txt +touch -m -t 199901020405 dir3/one.txt + +$rsync -a dir1/ dir3 +compare_trees dir2 dir3 diff --git a/regress/usr.bin/rsync/test6_perms.test b/regress/usr.bin/rsync/test6_perms.test index 36f930b1e..c0461c220 100644 --- a/regress/usr.bin/rsync/test6_perms.test +++ b/regress/usr.bin/rsync/test6_perms.test @@ -20,7 +20,7 @@ cd ../dir3 generate_tree_1 chmod 600 foo/bar/baz/one.txt touch -m -t 199901020405 foo/bar/baz/one.txt -chmod 070 foo/bar/baz/one2.txt +chmod 470 foo/bar/baz/one2.txt touch -m -t 199901020405 foo/bar/baz/one2.txt cd .. diff --git a/regress/usr.bin/ssh/forward-control.sh b/regress/usr.bin/ssh/forward-control.sh index 63bbdebe5..de957fcc8 100644 --- a/regress/usr.bin/ssh/forward-control.sh +++ b/regress/usr.bin/ssh/forward-control.sh @@ -1,4 +1,4 @@ -# $OpenBSD: forward-control.sh,v 1.11 2022/04/21 01:36:46 dtucker Exp $ +# $OpenBSD: forward-control.sh,v 1.12 2023/07/28 05:33:15 djm Exp $ # Placed in the Public Domain. tid="sshd control of local and remote forwarding" @@ -36,7 +36,7 @@ check_lfwd() { -L$LFWD_PORT:127.0.0.1:$PORT \ -o ExitOnForwardFailure=yes \ -MS $CTL -o ControlPersist=yes \ - -f host true + -Nf host mux_cmd check >/dev/null || fatal "check_lfwd ssh fail: $_message" ${SSH} -F $OBJ/ssh_config -p $LFWD_PORT \ -oConnectionAttempts=10 host true >/dev/null 2>&1 @@ -63,7 +63,7 @@ check_rfwd() { -R127.0.0.1:$RFWD_PORT:127.0.0.1:$PORT \ -o ExitOnForwardFailure=yes \ -MS $CTL -o ControlPersist=yes \ - -f host true + -Nf host mux_cmd check >/dev/null _result=$? _sshpid=`controlmaster_pid` diff --git a/sbin/iked/crypto.c b/sbin/iked/crypto.c index 99d32823f..8a65e47ce 100644 --- a/sbin/iked/crypto.c +++ b/sbin/iked/crypto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto.c,v 1.44 2023/06/06 13:27:49 claudio Exp $ */ +/* $OpenBSD: crypto.c,v 1.45 2023/07/28 07:31:38 claudio Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter @@ -327,7 +327,7 @@ hash_free(struct iked_hash *hash) void hash_init(struct iked_hash *hash) { - HMAC_Init_ex(hash->hash_ctx, hash->hash_key->buf, + HMAC_Init_ex(hash->hash_ctx, ibuf_data(hash->hash_key), ibuf_length(hash->hash_key), hash->hash_priv, NULL); } @@ -572,7 +572,7 @@ cipher_init(struct iked_cipher *encr, int enc) encr->encr_saltlength), encr->encr_saltlength); if (nonce == NULL) return (-1); - if (ibuf_add(nonce, ibuf_data(encr->encr_iv) , ibuf_size(encr->encr_iv)) != 0) + if (ibuf_add_buf(nonce, encr->encr_iv) != 0) goto done; if (EVP_CipherInit_ex(encr->encr_ctx, NULL, NULL, ibuf_data(encr->encr_key), ibuf_data(nonce), enc) != 1) diff --git a/sbin/iked/dh.c b/sbin/iked/dh.c index efe0bf283..e545c6df0 100644 --- a/sbin/iked/dh.c +++ b/sbin/iked/dh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh.c,v 1.32 2022/12/03 22:34:35 tobhe Exp $ */ +/* $OpenBSD: dh.c,v 1.33 2023/07/28 07:31:38 claudio Exp $ */ /* * Copyright (c) 2010-2014 Reyk Floeter @@ -401,7 +401,7 @@ dh_create_exchange(struct dh_group *group, struct ibuf **bufp, struct ibuf *iexc if (buf == NULL) return -1; *bufp = buf; - return (group->exchange(group, buf->buf)); + return (group->exchange(group, ibuf_data(buf))); } int @@ -419,7 +419,7 @@ dh_create_shared(struct dh_group *group, struct ibuf **secretp, struct ibuf *exc if (buf == NULL) return -1; *secretp = buf; - return (group->shared(group, buf->buf, exchange->buf)); + return (group->shared(group, ibuf_data(buf), ibuf_data(exchange))); } int @@ -801,7 +801,7 @@ kemsx_create_exchange2(struct dh_group *group, struct ibuf **bufp, buf = ibuf_new(NULL, need); if (buf == NULL) return -1; - cp = buf->buf; + cp = ibuf_data(buf); memcpy(cp, kemsx->public, crypto_kem_sntrup761_PUBLICKEYBYTES); cp += crypto_kem_sntrup761_PUBLICKEYBYTES; @@ -819,8 +819,8 @@ kemsx_create_exchange2(struct dh_group *group, struct ibuf **bufp, buf = ibuf_new(NULL, need); if (buf == NULL) return -1; - cp = buf->buf; - pk = iexchange->buf; + cp = ibuf_data(buf); + pk = ibuf_data(iexchange); crypto_kem_sntrup761_enc(cp, kemsx->kemkey, pk); cp += crypto_kem_sntrup761_CIPHERTEXTBYTES; } @@ -850,7 +850,7 @@ kemsx_create_shared2(struct dh_group *group, struct ibuf **sharedp, return (-1); have = ibuf_size(exchange); - cp = exchange->buf; + cp = ibuf_data(exchange); if (kemsx->initiator) { /* input */ need = crypto_kem_sntrup761_CIPHERTEXTBYTES + @@ -878,7 +878,7 @@ kemsx_create_shared2(struct dh_group *group, struct ibuf **sharedp, EVP_DigestInit_ex(ctx, EVP_sha512(), NULL) != 1 || EVP_DigestUpdate(ctx, kemsx->kemkey, sizeof(kemsx->kemkey)) != 1 || EVP_DigestUpdate(ctx, shared, sizeof(shared)) != 1 || - EVP_DigestFinal_ex(ctx, buf->buf, &len) != 1) { + EVP_DigestFinal_ex(ctx, ibuf_data(buf), &len) != 1) { EVP_MD_CTX_free(ctx); ibuf_free(buf); return (-1); diff --git a/sbin/iked/iked.h b/sbin/iked/iked.h index 7b56e5655..2c7fbe14a 100644 --- a/sbin/iked/iked.h +++ b/sbin/iked/iked.h @@ -1,4 +1,4 @@ -/* $OpenBSD: iked.h,v 1.222 2023/07/18 15:07:41 claudio Exp $ */ +/* $OpenBSD: iked.h,v 1.223 2023/07/28 11:23:03 claudio Exp $ */ /* * Copyright (c) 2019 Tobias Heider @@ -1242,6 +1242,7 @@ const char * void lc_idtype(char *); void print_hex(const uint8_t *, off_t, size_t); void print_hexval(const uint8_t *, off_t, size_t); +void print_hexbuf(struct ibuf *); const char * print_bits(unsigned short, unsigned char *); int sockaddr_cmp(struct sockaddr *, struct sockaddr *, int); diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c index 14e05a070..81df7a28e 100644 --- a/sbin/iked/ikev2.c +++ b/sbin/iked/ikev2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2.c,v 1.374 2023/07/18 15:07:41 claudio Exp $ */ +/* $OpenBSD: ikev2.c,v 1.376 2023/07/28 11:23:03 claudio Exp $ */ /* * Copyright (c) 2019 Tobias Heider @@ -1443,7 +1443,7 @@ ikev2_init_ike_sa_peer(struct iked *env, struct iked_policy *pol, log_debug("%s: added cookie, len %zu", __func__, ibuf_size(cookie)); - print_hex(ibuf_data(cookie), 0, ibuf_size(cookie)); + print_hexbuf(cookie); if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_SA) == -1) goto done; @@ -5738,14 +5738,14 @@ ikev2_sa_keys(struct iked *env, struct iked_sa *sa, struct ibuf *key) log_debug("%s: DHSECRET with %zu bytes", SPI_SA(sa, __func__), ibuf_length(dhsecret)); - print_hex(dhsecret->buf, 0, ibuf_length(dhsecret)); + print_hexbuf(dhsecret); if (!key) { /* * Set PRF key to generate SKEYSEED = prf(Ni | Nr, g^ir) */ - if ((ninr = ibuf_new(sa->sa_inonce->buf, ilen)) == NULL || - ibuf_add(ninr, sa->sa_rnonce->buf, rlen) != 0) { + if ((ninr = ibuf_new(ibuf_data(sa->sa_inonce), ilen)) == NULL || + ibuf_add(ninr, ibuf_data(sa->sa_rnonce), rlen) != 0) { log_info("%s: failed to get nonce key buffer", SPI_SA(sa, __func__)); goto done; @@ -5755,15 +5755,15 @@ ikev2_sa_keys(struct iked *env, struct iked_sa *sa, struct ibuf *key) /* * Set PRF key to generate SKEYSEED = prf(key, g^ir | Ni | Nr) */ - if (ibuf_add(dhsecret, sa->sa_inonce->buf, ilen) != 0 || - ibuf_add(dhsecret, sa->sa_rnonce->buf, rlen) != 0) { + if (ibuf_add(dhsecret, ibuf_data(sa->sa_inonce), ilen) != 0 || + ibuf_add(dhsecret, ibuf_data(sa->sa_rnonce), rlen) != 0) { log_info("%s: failed to get nonce key buffer", SPI_SA(sa, __func__)); goto done; } } - if ((hash_setkey(prf, key->buf, ibuf_length(key))) == NULL) { + if ((hash_setkey(prf, ibuf_data(key), ibuf_length(key))) == NULL) { log_info("%s: failed to set prf key", SPI_SA(sa, __func__)); goto done; } @@ -5776,11 +5776,11 @@ ikev2_sa_keys(struct iked *env, struct iked_sa *sa, struct ibuf *key) tmplen = 0; hash_init(prf); - hash_update(prf, dhsecret->buf, ibuf_length(dhsecret)); - hash_final(prf, skeyseed->buf, &tmplen); + hash_update(prf, ibuf_data(dhsecret), ibuf_length(dhsecret)); + hash_final(prf, ibuf_data(skeyseed), &tmplen); log_debug("%s: SKEYSEED with %zu bytes", __func__, tmplen); - print_hex(skeyseed->buf, 0, tmplen); + print_hex(ibuf_data(skeyseed), 0, tmplen); if (ibuf_setsize(skeyseed, tmplen) == -1) { log_info("%s: failed to set keymaterial length", @@ -5800,8 +5800,8 @@ ikev2_sa_keys(struct iked *env, struct iked_sa *sa, struct ibuf *key) ispi = htobe64(sa->sa_hdr.sh_ispi); rspi = htobe64(sa->sa_hdr.sh_rspi); - if ((s = ibuf_new(sa->sa_inonce->buf, ilen)) == NULL || - ibuf_add(s, sa->sa_rnonce->buf, rlen) != 0 || + if ((s = ibuf_new(ibuf_data(sa->sa_inonce), ilen)) == NULL || + ibuf_add(s, ibuf_data(sa->sa_rnonce), rlen) != 0 || ibuf_add(s, &ispi, sizeof(ispi)) != 0 || ibuf_add(s, &rspi, sizeof(rspi)) != 0) { log_info("%s: failed to set S buffer", @@ -5810,7 +5810,7 @@ ikev2_sa_keys(struct iked *env, struct iked_sa *sa, struct ibuf *key) } log_debug("%s: S with %zu bytes", SPI_SA(sa, __func__), ibuf_length(s)); - print_hex(s->buf, 0, ibuf_length(s)); + print_hexbuf(s); /* * Get the size of the key material we need and the number @@ -5850,29 +5850,27 @@ ikev2_sa_keys(struct iked *env, struct iked_sa *sa, struct ibuf *key) log_debug("%s: SK_d with %zu bytes", __func__, ibuf_length(sa->sa_key_d)); - print_hex(sa->sa_key_d->buf, 0, ibuf_length(sa->sa_key_d)); + print_hexbuf(sa->sa_key_d); if (!isaead) { log_debug("%s: SK_ai with %zu bytes", __func__, ibuf_length(sa->sa_key_iauth)); - print_hex(sa->sa_key_iauth->buf, 0, - ibuf_length(sa->sa_key_iauth)); + print_hexbuf(sa->sa_key_iauth); log_debug("%s: SK_ar with %zu bytes", __func__, ibuf_length(sa->sa_key_rauth)); - print_hex(sa->sa_key_rauth->buf, 0, - ibuf_length(sa->sa_key_rauth)); + print_hexbuf(sa->sa_key_rauth); } log_debug("%s: SK_ei with %zu bytes", __func__, ibuf_length(sa->sa_key_iencr)); - print_hex(sa->sa_key_iencr->buf, 0, ibuf_length(sa->sa_key_iencr)); + print_hexbuf(sa->sa_key_iencr); log_debug("%s: SK_er with %zu bytes", __func__, ibuf_length(sa->sa_key_rencr)); - print_hex(sa->sa_key_rencr->buf, 0, ibuf_length(sa->sa_key_rencr)); + print_hexbuf(sa->sa_key_rencr); log_debug("%s: SK_pi with %zu bytes", __func__, ibuf_length(sa->sa_key_iprf)); - print_hex(sa->sa_key_iprf->buf, 0, ibuf_length(sa->sa_key_iprf)); + print_hexbuf(sa->sa_key_iprf); log_debug("%s: SK_pr with %zu bytes", __func__, ibuf_length(sa->sa_key_rprf)); - print_hex(sa->sa_key_rprf->buf, 0, ibuf_length(sa->sa_key_rprf)); + print_hexbuf(sa->sa_key_rprf); ret = 0; @@ -5930,33 +5928,33 @@ ikev2_prfplus(struct iked_hash *prf, struct ibuf *key, struct ibuf *seed, for (i = 0; i < rlen; i++) { if (t1 != NULL) { - t2 = ibuf_new(t1->buf, ibuf_length(t1)); + t2 = ibuf_new(ibuf_data(t1), ibuf_length(t1)); ibuf_free(t1); } else t2 = ibuf_new(NULL, 0); t1 = ibuf_new(NULL, hash_keylength(prf)); - ibuf_add(t2, seed->buf, ibuf_length(seed)); + ibuf_add_buf(t2, seed); pad = i + 1; ibuf_add(t2, &pad, 1); hash_init(prf); - hash_update(prf, t2->buf, ibuf_length(t2)); - hash_final(prf, t1->buf, &hashlen); + hash_update(prf, ibuf_data(t2), ibuf_length(t2)); + hash_final(prf, ibuf_data(t1), &hashlen); if (hashlen != hash_length(prf)) fatalx("ikev2_prfplus: hash length mismatch"); ibuf_free(t2); - ibuf_add(t, t1->buf, ibuf_length(t1)); + ibuf_add_buf(t, t1); log_debug("%s: T%d with %zu bytes", __func__, pad, ibuf_length(t1)); - print_hex(t1->buf, 0, ibuf_length(t1)); + print_hexbuf(t1); } log_debug("%s: Tn with %zu bytes", __func__, ibuf_length(t)); - print_hex(t->buf, 0, ibuf_length(t)); + print_hexbuf(t); ibuf_free(t1); diff --git a/sbin/iked/ikev2_msg.c b/sbin/iked/ikev2_msg.c index aa7e08d2e..53d6a1495 100644 --- a/sbin/iked/ikev2_msg.c +++ b/sbin/iked/ikev2_msg.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2_msg.c,v 1.97 2023/07/18 15:07:41 claudio Exp $ */ +/* $OpenBSD: ikev2_msg.c,v 1.99 2023/07/28 11:23:03 claudio Exp $ */ /* * Copyright (c) 2019 Tobias Heider @@ -446,9 +446,9 @@ ikev2_msg_encrypt(struct iked *env, struct iked_sa *sa, struct ibuf *src, goto done; log_debug("%s: padded length %zu", __func__, ibuf_size(src)); - print_hex(ibuf_data(src), 0, ibuf_size(src)); + print_hexbuf(src); - cipher_setkey(sa->sa_encr, encr->buf, ibuf_length(encr)); + cipher_setkey(sa->sa_encr, ibuf_data(encr), ibuf_length(encr)); cipher_setiv(sa->sa_encr, NULL, 0); /* XXX ivlen */ if (cipher_init_encrypt(sa->sa_encr) == -1) { log_info("%s: error initiating cipher.", __func__); @@ -489,7 +489,7 @@ ikev2_msg_encrypt(struct iked *env, struct iked_sa *sa, struct ibuf *src, log_debug("%s: length %zu, padding %d, output length %zu", __func__, len + sizeof(pad), pad, ibuf_size(dst)); - print_hex(ibuf_data(dst), 0, ibuf_size(dst)); + print_hexbuf(dst); ibuf_free(src); ibuf_free(out); @@ -510,7 +510,7 @@ ikev2_msg_integr(struct iked *env, struct iked_sa *sa, struct ibuf *src) uint8_t *ptr; log_debug("%s: message length %zu", __func__, ibuf_size(src)); - print_hex(ibuf_data(src), 0, ibuf_size(src)); + print_hexbuf(src); if (sa == NULL || sa->sa_encr == NULL || @@ -557,7 +557,7 @@ ikev2_msg_integr(struct iked *env, struct iked_sa *sa, struct ibuf *src) goto done; memcpy(ptr, ibuf_data(tmp), integrlen); - print_hex(ibuf_data(tmp), 0, ibuf_size(tmp)); + print_hexbuf(tmp); ret = 0; done: @@ -580,7 +580,7 @@ ikev2_msg_decrypt(struct iked *env, struct iked_sa *sa, sa->sa_encr == NULL || sa->sa_integr == NULL) { log_debug("%s: invalid SA", __func__); - print_hex(ibuf_data(src), 0, ibuf_size(src)); + print_hexbuf(src); goto done; } @@ -619,22 +619,23 @@ ikev2_msg_decrypt(struct iked *env, struct iked_sa *sa, if ((tmp = ibuf_new(NULL, hash_keylength(sa->sa_integr))) == NULL) goto done; - hash_setkey(sa->sa_integr, integr->buf, ibuf_length(integr)); + hash_setkey(sa->sa_integr, ibuf_data(integr), + ibuf_length(integr)); hash_init(sa->sa_integr); hash_update(sa->sa_integr, ibuf_data(msg), ibuf_size(msg) - integrlen); - hash_final(sa->sa_integr, tmp->buf, &tmplen); + hash_final(sa->sa_integr, ibuf_data(tmp), &tmplen); integrdata = ibuf_seek(src, integroff, integrlen); if (integrdata == NULL) goto done; - if (memcmp(tmp->buf, integrdata, integrlen) != 0) { + if (memcmp(ibuf_data(tmp), integrdata, integrlen) != 0) { log_debug("%s: integrity check failed", __func__); goto done; } log_debug("%s: integrity check succeeded", __func__); - print_hex(tmp->buf, 0, tmplen); + print_hex(ibuf_data(tmp), 0, tmplen); ibuf_free(tmp); tmp = NULL; @@ -648,7 +649,7 @@ ikev2_msg_decrypt(struct iked *env, struct iked_sa *sa, goto done; } - cipher_setkey(sa->sa_encr, encr->buf, ibuf_length(encr)); + cipher_setkey(sa->sa_encr, ibuf_data(encr), ibuf_length(encr)); cipher_setiv(sa->sa_encr, ibuf_seek(src, ivoff, ivlen), ivlen); if (cipher_init_decrypt(sa->sa_encr) == -1) { log_info("%s: error initiating cipher.", __func__); @@ -698,7 +699,7 @@ ikev2_msg_decrypt(struct iked *env, struct iked_sa *sa, log_debug("%s: decrypted payload length %zd/%zd padding %d", __func__, outlen, encrlen, pad); - print_hex(ibuf_data(out), 0, ibuf_size(out)); + print_hexbuf(out); /* Strip padding and padding length */ if (ibuf_setsize(out, outlen - pad - 1) != 0) @@ -899,7 +900,7 @@ ikev2_send_encrypted_fragments(struct iked *env, struct iked_sa *sa, log_debug("%s: Fragment %zu of %zu has size of %zu bytes.", __func__, frag_num, frag_total, ibuf_size(buf) - sizeof(*hdr)); - print_hex(ibuf_data(buf), 0, ibuf_size(buf)); + print_hexbuf(buf); resp.msg_data = buf; resp.msg_sa = sa; @@ -985,7 +986,7 @@ ikev2_msg_auth(struct iked *env, struct iked_sa *sa, int response) log_debug("%s: %s auth data length %zu", __func__, response ? "responder" : "initiator", ibuf_size(authmsg)); - print_hex(ibuf_data(authmsg), 0, ibuf_size(authmsg)); + print_hexbuf(authmsg); return (authmsg); diff --git a/sbin/iked/util.c b/sbin/iked/util.c index 586233abe..c3c0c3e29 100644 --- a/sbin/iked/util.c +++ b/sbin/iked/util.c @@ -1,4 +1,4 @@ -/* $OpenBSD: util.c,v 1.42 2023/06/16 10:28:43 tb Exp $ */ +/* $OpenBSD: util.c,v 1.43 2023/07/28 11:23:03 claudio Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter @@ -499,6 +499,12 @@ print_hexval(const uint8_t *buf, off_t offset, size_t length) print_debug("\n"); } +void +print_hexbuf(struct ibuf *ibuf) +{ + print_hex(ibuf_data(ibuf), 0, ibuf_size(ibuf)); +} + const char * print_bits(unsigned short v, unsigned char *bits) { diff --git a/sys/arch/amd64/amd64/copy.S b/sys/arch/amd64/amd64/copy.S index 006e16203..d95e09e30 100644 --- a/sys/arch/amd64/amd64/copy.S +++ b/sys/arch/amd64/amd64/copy.S @@ -1,4 +1,4 @@ -/* $OpenBSD: copy.S,v 1.18 2023/01/31 15:18:54 deraadt Exp $ */ +/* $OpenBSD: copy.S,v 1.19 2023/07/28 06:18:35 guenther Exp $ */ /* $NetBSD: copy.S,v 1.1 2003/04/26 18:39:26 fvdl Exp $ */ /* @@ -299,11 +299,5 @@ copystr_return: ret lfence - .section .rodata - .globl _stac -_stac: - stac - - .globl _clac -_clac: - clac +CODEPATCH_CODE(_stac, stac) +CODEPATCH_CODE(_clac, clac) diff --git a/sys/arch/amd64/amd64/cpu.c b/sys/arch/amd64/amd64/cpu.c index 7ede9ddfd..d5f4f2d6d 100644 --- a/sys/arch/amd64/amd64/cpu.c +++ b/sys/arch/amd64/amd64/cpu.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cpu.c,v 1.173 2023/07/25 04:42:00 deraadt Exp $ */ +/* $OpenBSD: cpu.c,v 1.174 2023/07/28 06:36:16 guenther Exp $ */ /* $NetBSD: cpu.c,v 1.1 2003/04/26 18:39:26 fvdl Exp $ */ /*- @@ -222,7 +222,7 @@ replacemeltdown(void) /* enable reuse of PCID for U-K page tables */ if (pmap_use_pcid) { extern long _pcid_set_reuse; - DPRINTF("%s: codepatching PCID use", __func__); + DPRINTF("%s: codepatching PCID use\n", __func__); codepatch_replace(CPTAG_PCID_SET_REUSE, &_pcid_set_reuse, PCID_SET_REUSE_SIZE); } diff --git a/sys/arch/amd64/amd64/locore.S b/sys/arch/amd64/amd64/locore.S index a444ca197..ee946d00a 100644 --- a/sys/arch/amd64/amd64/locore.S +++ b/sys/arch/amd64/amd64/locore.S @@ -1,4 +1,4 @@ -/* $OpenBSD: locore.S,v 1.138 2023/07/27 00:28:24 guenther Exp $ */ +/* $OpenBSD: locore.S,v 1.139 2023/07/28 06:18:35 guenther Exp $ */ /* $NetBSD: locore.S,v 1.13 2004/03/25 18:33:17 drochner Exp $ */ /* @@ -1084,30 +1084,16 @@ NENTRY(xsetbv_resume) lfence END(xsetbv_user) - .section .rodata - .globl _xrstor -_xrstor: - xrstor64 (%rdi) - - .globl _xrstors -_xrstors: - xrstors64 (%rdi) - - .globl _xsave -_xsave: - xsave64 (%rdi) - - .globl _xsaves -_xsaves: - xsaves64 (%rdi) - - .globl _xsaveopt -_xsaveopt: - xsaveopt64 (%rdi) - - .globl _pcid_set_reuse -_pcid_set_reuse: - orl $(CR3_REUSE_PCID >> 32),CPUVAR(USER_CR3 + 4) +CODEPATCH_CODE(_xrstor, xrstor64 (%rdi)) +CODEPATCH_CODE(_xrstors, xrstors64 (%rdi)) +CODEPATCH_CODE(_xsave, xsave64 (%rdi)) +CODEPATCH_CODE(_xsaves, xsaves64 (%rdi)) +CODEPATCH_CODE(_xsaveopt, xsaveopt64 (%rdi)) +CODEPATCH_CODE(_pcid_set_reuse, + orl $(CR3_REUSE_PCID >> 32),CPUVAR(USER_CR3 + 4)) +CODEPATCH_CODE_LEN(_jmprax, jmp *%rax; int3) +CODEPATCH_CODE_LEN(_jmpr11, jmp *%r11; int3) +CODEPATCH_CODE_LEN(_jmpr13, jmp *%r13; int3) ENTRY(pagezero) RETGUARD_SETUP(pagezero, r11) diff --git a/sys/arch/amd64/include/codepatch.h b/sys/arch/amd64/include/codepatch.h index 50618bdda..71fe94757 100644 --- a/sys/arch/amd64/include/codepatch.h +++ b/sys/arch/amd64/include/codepatch.h @@ -1,4 +1,4 @@ -/* $OpenBSD: codepatch.h,v 1.15 2023/07/10 03:32:10 guenther Exp $ */ +/* $OpenBSD: codepatch.h,v 1.16 2023/07/28 06:18:35 guenther Exp $ */ /* * Copyright (c) 2014-2015 Stefan Fritsch * @@ -97,4 +97,20 @@ void codepatch_disable(void); .byte 0x0f, 0x1f, 0x40, 0x00 ;\ CODEPATCH_END2(997, CPTAG_PCID_SET_REUSE) +/* Would be neat if these could be in something like .cptext */ +#define CODEPATCH_CODE(symbol, instructions...) \ + .section .rodata; \ + .globl symbol; \ +symbol: instructions; \ + .size symbol, . - symbol + +/* provide a (short) variable with the length of the patch */ +#define CODEPATCH_CODE_LEN(symbol, instructions...) \ + CODEPATCH_CODE(symbol, instructions); \ +996: .globl symbol##_len; \ + .align 2; \ +symbol##_len: \ + .short 996b - symbol; \ + .size symbol##_len, 2 + #endif /* _MACHINE_CODEPATCH_H_ */ diff --git a/sys/arch/amd64/include/specialreg.h b/sys/arch/amd64/include/specialreg.h index a5c516a8d..86ca64ea1 100644 --- a/sys/arch/amd64/include/specialreg.h +++ b/sys/arch/amd64/include/specialreg.h @@ -1,4 +1,4 @@ -/* $OpenBSD: specialreg.h,v 1.106 2023/07/27 01:51:35 guenther Exp $ */ +/* $OpenBSD: specialreg.h,v 1.107 2023/07/27 16:33:56 guenther Exp $ */ /* $NetBSD: specialreg.h,v 1.1 2003/04/26 18:39:48 fvdl Exp $ */ /* $NetBSD: x86/specialreg.h,v 1.2 2003/04/25 21:54:30 fvdl Exp $ */ @@ -237,7 +237,7 @@ #define SEFF0ECX_AVX512VBMI 0x00000002 /* AVX-512 vector bit inst */ #define SEFF0ECX_UMIP 0x00000004 /* UMIP support */ #define SEFF0ECX_PKU 0x00000008 /* Page prot keys for user mode */ -#define SEFF0ECX_WAITPKG 0x00000010 /* UMONITOR/UMWAIT/TPAUSE insns */ +#define SEFF0ECX_WAITPKG 0x00000020 /* UMONITOR/UMWAIT/TPAUSE insns */ #define SEFF0ECX_PKS 0x80000000 /* Page prot keys for sup mode */ /* SEFF EDX bits */ #define SEFF0EDX_AVX512_4FNNIW 0x00000004 /* AVX-512 neural network insns */ diff --git a/sys/arch/i386/include/specialreg.h b/sys/arch/i386/include/specialreg.h index 5b8edc0f9..d97942479 100644 --- a/sys/arch/i386/include/specialreg.h +++ b/sys/arch/i386/include/specialreg.h @@ -1,4 +1,4 @@ -/* $OpenBSD: specialreg.h,v 1.83 2023/07/24 14:54:00 deraadt Exp $ */ +/* $OpenBSD: specialreg.h,v 1.84 2023/07/28 03:06:46 jsg Exp $ */ /* $NetBSD: specialreg.h,v 1.7 1994/10/27 04:16:26 cgd Exp $ */ /*- @@ -190,7 +190,7 @@ #define SEFF0ECX_AVX512VBMI 0x00000002 /* AVX-512 vector bit inst */ #define SEFF0ECX_UMIP 0x00000004 /* UMIP support */ #define SEFF0ECX_PKU 0x00000008 /* Page prot keys for user mode */ -#define SEFF0ECX_WAITPKG 0x00000010 /* UMONITOR/UMWAIT/TPAUSE insns */ +#define SEFF0ECX_WAITPKG 0x00000020 /* UMONITOR/UMWAIT/TPAUSE insns */ /* SEFF EDX bits */ #define SEFF0EDX_AVX512_4FNNIW 0x00000004 /* AVX-512 neural network insns */ #define SEFF0EDX_AVX512_4FMAPS 0x00000008 /* AVX-512 mult accum single prec */ diff --git a/sys/dev/kcov.c b/sys/dev/kcov.c index 0d5c5d8d5..f572134bb 100644 --- a/sys/dev/kcov.c +++ b/sys/dev/kcov.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kcov.c,v 1.48 2022/01/19 06:46:55 anton Exp $ */ +/* $OpenBSD: kcov.c,v 1.49 2023/07/29 06:52:50 anton Exp $ */ /* * Copyright (c) 2018 Anton Lindqvist @@ -119,7 +119,6 @@ struct kcov_remote *kr_lookup(int, void *); static struct kcov_dev *kd_curproc(int); static struct kcov_cpu *kd_curcpu(void); static uint64_t kd_claim(struct kcov_dev *, int, int); -static inline int inintr(void); TAILQ_HEAD(, kcov_dev) kd_list = TAILQ_HEAD_INITIALIZER(kd_list); TAILQ_HEAD(, kcov_remote) kr_list = TAILQ_HEAD_INITIALIZER(kr_list); @@ -130,10 +129,21 @@ int kr_cold = 1; struct mutex kcov_mtx = MUTEX_INITIALIZER(IPL_MPFLOOR); struct pool kr_pool; +static inline int +inintr(struct cpu_info *ci) +{ +#if defined(__amd64__) || defined(__arm__) || defined(__arm64__) || \ + defined(__i386__) + return (ci->ci_idepth > 0); +#else + return (0); +#endif +} + /* * Compiling the kernel with the `-fsanitize-coverage=trace-pc' option will * cause the following function to be called upon function entry and before - * each block instructions that maps to a single line in the original source + * each block of instructions that maps to a single line in the original source * code. * * If kcov is enabled for the current thread, the kernel program counter will @@ -564,6 +574,7 @@ kd_free(struct kcov_dev *kd) static struct kcov_dev * kd_curproc(int mode) { + struct cpu_info *ci; struct kcov_dev *kd; /* @@ -574,7 +585,8 @@ kd_curproc(int mode) if (__predict_false(kcov_cold)) return (NULL); - kd = curproc->p_kd; + ci = curcpu(); + kd = ci->ci_curproc->p_kd; if (__predict_true(kd == NULL) || kd->kd_mode != mode) return (NULL); @@ -586,7 +598,7 @@ kd_curproc(int mode) return (NULL); /* Do not trace in interrupt context unless this is a remote section. */ - if (inintr() && kd->kd_intr == 0) + if (inintr(ci) && kd->kd_intr == 0) return (NULL); return (kd); @@ -628,20 +640,10 @@ kd_claim(struct kcov_dev *kd, int stride, int nmemb) } } -static inline int -inintr(void) -{ -#if defined(__amd64__) || defined(__arm__) || defined(__arm64__) || \ - defined(__i386__) - return (curcpu()->ci_idepth > 0); -#else - return (0); -#endif -} - void kcov_remote_enter(int subsystem, void *id) { + struct cpu_info *ci; struct kcov_cpu *kc; struct kcov_dev *kd; struct kcov_remote *kr; @@ -654,8 +656,9 @@ kcov_remote_enter(int subsystem, void *id) kd = kr->kr_kd; if (kd == NULL || kd->kd_state != KCOV_STATE_TRACE) goto out; - p = curproc; - if (inintr()) { + ci = curcpu(); + p = ci->ci_curproc; + if (inintr(ci)) { /* * XXX we only expect to be called from softclock interrupts at * this point. @@ -683,18 +686,20 @@ out: void kcov_remote_leave(int subsystem, void *id) { + struct cpu_info *ci; struct kcov_cpu *kc; struct kcov_remote *kr; struct proc *p; mtx_enter(&kcov_mtx); - p = curproc; + ci = curcpu(); + p = ci->ci_curproc; if (p->p_kd == NULL) goto out; kr = kr_lookup(subsystem, id); if (kr == NULL) goto out; - if (inintr()) { + if (inintr(ci)) { kc = kd_curcpu(); if (kc == NULL || kc->kc_kd.kd_intr == 0) goto out; diff --git a/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm.c b/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm.c index 21e07a101..680376c8f 100644 --- a/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm.c +++ b/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm.c @@ -40,6 +40,9 @@ #include "dc/dc_stat.h" #include "amdgpu_dm_trace.h" #include "dc/inc/dc_link_ddc.h" +#include "dpcd_defs.h" +#include "dc/inc/link_dpcd.h" +#include "link_service_types.h" #include "vid.h" #include "amdgpu.h" @@ -211,7 +214,7 @@ static void amdgpu_dm_destroy_drm_device(struct amdgpu_display_manager *dm); static int amdgpu_dm_connector_init(struct amdgpu_display_manager *dm, struct amdgpu_dm_connector *amdgpu_dm_connector, - uint32_t link_index, + u32 link_index, struct amdgpu_encoder *amdgpu_encoder); static int amdgpu_dm_encoder_init(struct drm_device *dev, struct amdgpu_encoder *aencoder, @@ -263,7 +266,7 @@ static u32 dm_vblank_get_counter(struct amdgpu_device *adev, int crtc) static int dm_crtc_get_scanoutpos(struct amdgpu_device *adev, int crtc, u32 *vbl, u32 *position) { - uint32_t v_blank_start, v_blank_end, h_position, v_position; + u32 v_blank_start, v_blank_end, h_position, v_position; if ((crtc < 0) || (crtc >= adev->mode_info.num_crtc)) return -EINVAL; @@ -391,7 +394,7 @@ static void dm_pflip_high_irq(void *interrupt_params) struct amdgpu_device *adev = irq_params->adev; unsigned long flags; struct drm_pending_vblank_event *e; - uint32_t vpos, hpos, v_blank_start, v_blank_end; + u32 vpos, hpos, v_blank_start, v_blank_end; bool vrr_active; amdgpu_crtc = get_crtc_by_otg_inst(adev, irq_params->irq_src - IRQ_TYPE_PFLIP); @@ -405,12 +408,12 @@ static void dm_pflip_high_irq(void *interrupt_params) spin_lock_irqsave(&adev_to_drm(adev)->event_lock, flags); - if (amdgpu_crtc->pflip_status != AMDGPU_FLIP_SUBMITTED){ - DC_LOG_PFLIP("amdgpu_crtc->pflip_status = %d !=AMDGPU_FLIP_SUBMITTED(%d) on crtc:%d[%p] \n", - amdgpu_crtc->pflip_status, - AMDGPU_FLIP_SUBMITTED, - amdgpu_crtc->crtc_id, - amdgpu_crtc); + if (amdgpu_crtc->pflip_status != AMDGPU_FLIP_SUBMITTED) { + DC_LOG_PFLIP("amdgpu_crtc->pflip_status = %d !=AMDGPU_FLIP_SUBMITTED(%d) on crtc:%d[%p]\n", + amdgpu_crtc->pflip_status, + AMDGPU_FLIP_SUBMITTED, + amdgpu_crtc->crtc_id, + amdgpu_crtc); spin_unlock_irqrestore(&adev_to_drm(adev)->event_lock, flags); return; } @@ -678,7 +681,7 @@ static void dmub_hpd_callback(struct amdgpu_device *adev, struct drm_connector *connector; struct drm_connector_list_iter iter; struct dc_link *link; - uint8_t link_index = 0; + u8 link_index = 0; struct drm_device *dev; if (adev == NULL) @@ -779,7 +782,7 @@ static void dm_dmub_outbox1_low_irq(void *interrupt_params) struct amdgpu_device *adev = irq_params->adev; struct amdgpu_display_manager *dm = &adev->dm; struct dmcub_trace_buf_entry entry = { 0 }; - uint32_t count = 0; + u32 count = 0; struct dmub_hpd_work *dmub_hpd_wrk; struct dc_link *plink = NULL; @@ -858,7 +861,7 @@ static int dm_set_powergating_state(void *handle, } /* Prototypes of private functions */ -static int dm_early_init(void* handle); +static int dm_early_init(void *handle); /* Allocate memory for FBC compressed data */ static void amdgpu_dm_fbc_init(struct drm_connector *connector) @@ -1047,7 +1050,7 @@ static int dm_dmub_hw_init(struct amdgpu_device *adev) struct dmub_srv_hw_params hw_params; enum dmub_status status; const unsigned char *fw_inst_const, *fw_bss_data; - uint32_t i, fw_inst_const_size, fw_bss_data_size; + u32 i, fw_inst_const_size, fw_bss_data_size; bool has_hw_support; if (!dmub_srv) @@ -1208,10 +1211,10 @@ static void dm_dmub_hw_resume(struct amdgpu_device *adev) static void mmhub_read_system_context(struct amdgpu_device *adev, struct dc_phy_addr_space_config *pa_config) { - uint64_t pt_base; - uint32_t logical_addr_low; - uint32_t logical_addr_high; - uint32_t agp_base, agp_bot, agp_top; + u64 pt_base; + u32 logical_addr_low; + u32 logical_addr_high; + u32 agp_base, agp_bot, agp_top; PHYSICAL_ADDRESS_LOC page_table_start, page_table_end, page_table_base; memset(pa_config, 0, sizeof(*pa_config)); @@ -1259,7 +1262,7 @@ static void mmhub_read_system_context(struct amdgpu_device *adev, struct dc_phy_ pa_config->system_aperture.start_addr = (uint64_t)logical_addr_low << 18; pa_config->system_aperture.end_addr = (uint64_t)logical_addr_high << 18; - pa_config->system_aperture.agp_base = (uint64_t)agp_base << 24 ; + pa_config->system_aperture.agp_base = (uint64_t)agp_base << 24; pa_config->system_aperture.agp_bot = (uint64_t)agp_bot << 24; pa_config->system_aperture.agp_top = (uint64_t)agp_top << 24; @@ -1275,6 +1278,21 @@ static void mmhub_read_system_context(struct amdgpu_device *adev, struct dc_phy_ } +static void force_connector_state( + struct amdgpu_dm_connector *aconnector, + enum drm_connector_force force_state) +{ + struct drm_connector *connector = &aconnector->base; + + mutex_lock(&connector->dev->mode_config.mutex); + aconnector->base.force = force_state; + mutex_unlock(&connector->dev->mode_config.mutex); + + mutex_lock(&aconnector->hpd_lock); + drm_kms_helper_connector_hotplug_event(connector); + mutex_unlock(&aconnector->hpd_lock); +} + static void dm_handle_hpd_rx_offload_work(struct work_struct *work) { struct hpd_rx_irq_offload_work *offload_work; @@ -1283,6 +1301,9 @@ static void dm_handle_hpd_rx_offload_work(struct work_struct *work) struct amdgpu_device *adev; enum dc_connection_type new_connection_type = dc_connection_none; unsigned long flags; + union test_response test_response; + + memset(&test_response, 0, sizeof(test_response)); offload_work = container_of(work, struct hpd_rx_irq_offload_work, work); aconnector = offload_work->offload_wq->aconnector; @@ -1306,16 +1327,58 @@ static void dm_handle_hpd_rx_offload_work(struct work_struct *work) if (amdgpu_in_reset(adev)) goto skip; + if (offload_work->data.bytes.device_service_irq.bits.UP_REQ_MSG_RDY || + offload_work->data.bytes.device_service_irq.bits.DOWN_REP_MSG_RDY) { + dm_handle_mst_sideband_msg_ready_event(&aconnector->mst_mgr, DOWN_OR_UP_MSG_RDY_EVENT); + spin_lock_irqsave(&offload_work->offload_wq->offload_lock, flags); + offload_work->offload_wq->is_handling_mst_msg_rdy_event = false; + spin_unlock_irqrestore(&offload_work->offload_wq->offload_lock, flags); + goto skip; + } + mutex_lock(&adev->dm.dc_lock); - if (offload_work->data.bytes.device_service_irq.bits.AUTOMATED_TEST) + if (offload_work->data.bytes.device_service_irq.bits.AUTOMATED_TEST) { dc_link_dp_handle_automated_test(dc_link); - else if ((dc_link->connector_signal != SIGNAL_TYPE_EDP) && + + if (aconnector->timing_changed) { + /* force connector disconnect and reconnect */ + force_connector_state(aconnector, DRM_FORCE_OFF); + drm_msleep(100); + force_connector_state(aconnector, DRM_FORCE_UNSPECIFIED); + } + + test_response.bits.ACK = 1; + + core_link_write_dpcd( + dc_link, + DP_TEST_RESPONSE, + &test_response.raw, + sizeof(test_response)); + } else if ((dc_link->connector_signal != SIGNAL_TYPE_EDP) && hpd_rx_irq_check_link_loss_status(dc_link, &offload_work->data) && dc_link_dp_allow_hpd_rx_irq(dc_link)) { - dc_link_dp_handle_link_loss(dc_link); + /* offload_work->data is from handle_hpd_rx_irq-> + * schedule_hpd_rx_offload_work.this is defer handle + * for hpd short pulse. upon here, link status may be + * changed, need get latest link status from dpcd + * registers. if link status is good, skip run link + * training again. + */ + union hpd_irq_data irq_data; + + memset(&irq_data, 0, sizeof(irq_data)); + + /* before dc_link_dp_handle_link_loss, allow new link lost handle + * request be added to work queue if link lost at end of dc_link_ + * dp_handle_link_loss + */ spin_lock_irqsave(&offload_work->offload_wq->offload_lock, flags); offload_work->offload_wq->is_handling_link_loss = false; spin_unlock_irqrestore(&offload_work->offload_wq->offload_lock, flags); + + if ((read_hpd_rx_irq_data(dc_link, &irq_data) == DC_OK) && + hpd_rx_irq_check_link_loss_status(dc_link, &irq_data)) + dc_link_dp_handle_link_loss(dc_link); } mutex_unlock(&adev->dm.dc_lock); @@ -1484,7 +1547,7 @@ static int amdgpu_dm_init(struct amdgpu_device *adev) rw_init(&adev->dm.audio_lock, "dmaud"); mtx_init(&adev->dm.vblank_lock, IPL_TTY); - if(amdgpu_dm_irq_init(adev)) { + if (amdgpu_dm_irq_init(adev)) { DRM_ERROR("amdgpu: failed to initialize DM IRQ support.\n"); goto error; } @@ -1619,9 +1682,8 @@ static int amdgpu_dm_init(struct amdgpu_device *adev) if (amdgpu_dc_debug_mask & DC_DISABLE_STUTTER) adev->dm.dc->debug.disable_stutter = true; - if (amdgpu_dc_debug_mask & DC_DISABLE_DSC) { + if (amdgpu_dc_debug_mask & DC_DISABLE_DSC) adev->dm.dc->debug.disable_dsc = true; - } if (amdgpu_dc_debug_mask & DC_DISABLE_CLOCK_GATING) adev->dm.dc->debug.disable_clock_gate = true; @@ -1842,8 +1904,6 @@ static void amdgpu_dm_fini(struct amdgpu_device *adev) mutex_destroy(&adev->dm.audio_lock); mutex_destroy(&adev->dm.dc_lock); mutex_destroy(&adev->dm.dpia_aux_lock); - - return; } static int load_dmcu_fw(struct amdgpu_device *adev) @@ -1852,7 +1912,7 @@ static int load_dmcu_fw(struct amdgpu_device *adev) int r; const struct dmcu_firmware_header_v1_0 *hdr; - switch(adev->asic_type) { + switch (adev->asic_type) { #if defined(CONFIG_DRM_AMD_DC_SI) case CHIP_TAHITI: case CHIP_PITCAIRN: @@ -2538,7 +2598,7 @@ struct amdgpu_dm_connector * amdgpu_dm_find_first_crtc_matching_connector(struct drm_atomic_state *state, struct drm_crtc *crtc) { - uint32_t i; + u32 i; struct drm_connector_state *new_con_state; struct drm_connector *connector; struct drm_crtc *crtc_from_state; @@ -2644,7 +2704,7 @@ static void dm_gpureset_commit_state(struct dc_state *dc_state, struct dc_scaling_info scaling_infos[MAX_SURFACES]; struct dc_flip_addrs flip_addrs[MAX_SURFACES]; struct dc_stream_update stream_update; - } * bundle; + } *bundle; int k, m; bundle = kzalloc(sizeof(*bundle), GFP_KERNEL); @@ -2674,8 +2734,6 @@ static void dm_gpureset_commit_state(struct dc_state *dc_state, cleanup: kfree(bundle); - - return; } static int dm_resume(void *handle) @@ -2889,8 +2947,7 @@ static const struct amd_ip_funcs amdgpu_dm_funcs = { .set_powergating_state = dm_set_powergating_state, }; -const struct amdgpu_ip_block_version dm_ip_block = -{ +const struct amdgpu_ip_block_version dm_ip_block = { .type = AMD_IP_BLOCK_TYPE_DCE, .major = 1, .minor = 0, @@ -2947,9 +3004,12 @@ static void update_connector_ext_caps(struct amdgpu_dm_connector *aconnector) caps->ext_caps = &aconnector->dc_link->dpcd_sink_ext_caps; caps->aux_support = false; - if (caps->ext_caps->bits.oled == 1 /*|| - caps->ext_caps->bits.sdr_aux_backlight_control == 1 || - caps->ext_caps->bits.hdr_aux_backlight_control == 1*/) + if (caps->ext_caps->bits.oled == 1 + /* + * || + * caps->ext_caps->bits.sdr_aux_backlight_control == 1 || + * caps->ext_caps->bits.hdr_aux_backlight_control == 1 + */) caps->aux_support = true; if (amdgpu_backlight == 0) @@ -3078,6 +3138,10 @@ void amdgpu_dm_update_connector_after_detect( aconnector->edid); } + aconnector->timing_requested = kzalloc(sizeof(struct dc_crtc_timing), GFP_KERNEL); + if (!aconnector->timing_requested) + dm_error("%s: failed to create aconnector->requested_timing\n", __func__); + drm_connector_update_edid_property(connector, aconnector->edid); amdgpu_dm_update_freesync_caps(connector, aconnector->edid); update_connector_ext_caps(aconnector); @@ -3089,6 +3153,8 @@ void amdgpu_dm_update_connector_after_detect( dc_sink_release(aconnector->dc_sink); aconnector->dc_sink = NULL; aconnector->edid = NULL; + kfree(aconnector->timing_requested); + aconnector->timing_requested = NULL; #ifdef CONFIG_DRM_AMD_DC_HDCP /* Set CP to DESIRED if it was ENABLED, so we can re-enable it again on hotplug */ if (connector->state->content_protection == DRM_MODE_CONTENT_PROTECTION_ENABLED) @@ -3133,6 +3199,8 @@ static void handle_hpd_irq_helper(struct amdgpu_dm_connector *aconnector) if (aconnector->fake_enable) aconnector->fake_enable = false; + aconnector->timing_changed = false; + if (!dc_link_detect_sink(aconnector->dc_link, &new_connection_type)) DRM_ERROR("KMS: Failed to detect connector\n"); @@ -3172,84 +3240,6 @@ static void handle_hpd_irq(void *param) } -static void dm_handle_mst_sideband_msg(struct amdgpu_dm_connector *aconnector) -{ - uint8_t esi[DP_PSR_ERROR_STATUS - DP_SINK_COUNT_ESI] = { 0 }; - uint8_t dret; - bool new_irq_handled = false; - int dpcd_addr; - int dpcd_bytes_to_read; - - const int max_process_count = 30; - int process_count = 0; - - const struct dc_link_status *link_status = dc_link_get_status(aconnector->dc_link); - - if (link_status->dpcd_caps->dpcd_rev.raw < 0x12) { - dpcd_bytes_to_read = DP_LANE0_1_STATUS - DP_SINK_COUNT; - /* DPCD 0x200 - 0x201 for downstream IRQ */ - dpcd_addr = DP_SINK_COUNT; - } else { - dpcd_bytes_to_read = DP_PSR_ERROR_STATUS - DP_SINK_COUNT_ESI; - /* DPCD 0x2002 - 0x2005 for downstream IRQ */ - dpcd_addr = DP_SINK_COUNT_ESI; - } - - dret = drm_dp_dpcd_read( - &aconnector->dm_dp_aux.aux, - dpcd_addr, - esi, - dpcd_bytes_to_read); - - while (dret == dpcd_bytes_to_read && - process_count < max_process_count) { - uint8_t retry; - dret = 0; - - process_count++; - - DRM_DEBUG_DRIVER("ESI %02x %02x %02x\n", esi[0], esi[1], esi[2]); - /* handle HPD short pulse irq */ - if (aconnector->mst_mgr.mst_state) - drm_dp_mst_hpd_irq( - &aconnector->mst_mgr, - esi, - &new_irq_handled); - - if (new_irq_handled) { - /* ACK at DPCD to notify down stream */ - const int ack_dpcd_bytes_to_write = - dpcd_bytes_to_read - 1; - - for (retry = 0; retry < 3; retry++) { - uint8_t wret; - - wret = drm_dp_dpcd_write( - &aconnector->dm_dp_aux.aux, - dpcd_addr + 1, - &esi[1], - ack_dpcd_bytes_to_write); - if (wret == ack_dpcd_bytes_to_write) - break; - } - - /* check if there is new irq to be handled */ - dret = drm_dp_dpcd_read( - &aconnector->dm_dp_aux.aux, - dpcd_addr, - esi, - dpcd_bytes_to_read); - - new_irq_handled = false; - } else { - break; - } - } - - if (process_count == max_process_count) - DRM_DEBUG_DRIVER("Loop exceeded max iterations\n"); -} - static void schedule_hpd_rx_offload_work(struct hpd_rx_irq_offload_work_queue *offload_wq, union hpd_irq_data hpd_irq_data) { @@ -3282,7 +3272,7 @@ static void handle_hpd_rx_irq(void *param) union hpd_irq_data hpd_irq_data; bool link_loss = false; bool has_left_work = false; - int idx = aconnector->base.index; + int idx = dc_link->link_index; struct hpd_rx_irq_offload_work_queue *offload_wq = &adev->dm.hpd_rx_offload_wq[idx]; memset(&hpd_irq_data, 0, sizeof(hpd_irq_data)); @@ -3311,7 +3301,23 @@ static void handle_hpd_rx_irq(void *param) if (dc_link_dp_allow_hpd_rx_irq(dc_link)) { if (hpd_irq_data.bytes.device_service_irq.bits.UP_REQ_MSG_RDY || hpd_irq_data.bytes.device_service_irq.bits.DOWN_REP_MSG_RDY) { - dm_handle_mst_sideband_msg(aconnector); + bool skip = false; + + /* + * DOWN_REP_MSG_RDY is also handled by polling method + * mgr->cbs->poll_hpd_irq() + */ + spin_lock(&offload_wq->offload_lock); + skip = offload_wq->is_handling_mst_msg_rdy_event; + + if (!skip) + offload_wq->is_handling_mst_msg_rdy_event = true; + + spin_unlock(&offload_wq->offload_lock); + + if (!skip) + schedule_hpd_rx_offload_work(offload_wq, hpd_irq_data); + goto out; } @@ -3404,7 +3410,7 @@ static void register_hpd_handlers(struct amdgpu_device *adev) aconnector = to_amdgpu_dm_connector(connector); dc_link = aconnector->dc_link; - if (DC_IRQ_SOURCE_INVALID != dc_link->irq_source_hpd) { + if (dc_link->irq_source_hpd != DC_IRQ_SOURCE_INVALID) { int_params.int_context = INTERRUPT_LOW_IRQ_CONTEXT; int_params.irq_source = dc_link->irq_source_hpd; @@ -3413,7 +3419,7 @@ static void register_hpd_handlers(struct amdgpu_device *adev) (void *) aconnector); } - if (DC_IRQ_SOURCE_INVALID != dc_link->irq_source_hpd_rx) { + if (dc_link->irq_source_hpd_rx != DC_IRQ_SOURCE_INVALID) { /* Also register for DP short pulse (hpd_rx). */ int_params.int_context = INTERRUPT_LOW_IRQ_CONTEXT; @@ -3422,11 +3428,11 @@ static void register_hpd_handlers(struct amdgpu_device *adev) amdgpu_dm_irq_register_interrupt(adev, &int_params, handle_hpd_rx_irq, (void *) aconnector); - - if (adev->dm.hpd_rx_offload_wq) - adev->dm.hpd_rx_offload_wq[connector->index].aconnector = - aconnector; } + + if (adev->dm.hpd_rx_offload_wq) + adev->dm.hpd_rx_offload_wq[connector->index].aconnector = + aconnector; } } @@ -3439,7 +3445,7 @@ static int dce60_register_irq_handlers(struct amdgpu_device *adev) struct dc_interrupt_params int_params = {0}; int r; int i; - unsigned client_id = AMDGPU_IRQ_CLIENTID_LEGACY; + unsigned int client_id = AMDGPU_IRQ_CLIENTID_LEGACY; int_params.requested_polarity = INTERRUPT_POLARITY_DEFAULT; int_params.current_polarity = INTERRUPT_POLARITY_DEFAULT; @@ -3453,11 +3459,12 @@ static int dce60_register_irq_handlers(struct amdgpu_device *adev) * Base driver will call amdgpu_dm_irq_handler() for ALL interrupts * coming from DC hardware. * amdgpu_dm_irq_handler() will re-direct the interrupt to DC - * for acknowledging and handling. */ + * for acknowledging and handling. + */ /* Use VBLANK interrupt */ for (i = 0; i < adev->mode_info.num_crtc; i++) { - r = amdgpu_irq_add_id(adev, client_id, i+1 , &adev->crtc_irq); + r = amdgpu_irq_add_id(adev, client_id, i + 1, &adev->crtc_irq); if (r) { DRM_ERROR("Failed to add crtc irq id!\n"); return r; @@ -3465,7 +3472,7 @@ static int dce60_register_irq_handlers(struct amdgpu_device *adev) int_params.int_context = INTERRUPT_HIGH_IRQ_CONTEXT; int_params.irq_source = - dc_interrupt_to_irq_source(dc, i+1 , 0); + dc_interrupt_to_irq_source(dc, i + 1, 0); c_irq_params = &adev->dm.vblank_params[int_params.irq_source - DC_IRQ_SOURCE_VBLANK1]; @@ -3521,7 +3528,7 @@ static int dce110_register_irq_handlers(struct amdgpu_device *adev) struct dc_interrupt_params int_params = {0}; int r; int i; - unsigned client_id = AMDGPU_IRQ_CLIENTID_LEGACY; + unsigned int client_id = AMDGPU_IRQ_CLIENTID_LEGACY; if (adev->family >= AMDGPU_FAMILY_AI) client_id = SOC15_IH_CLIENTID_DCE; @@ -3538,7 +3545,8 @@ static int dce110_register_irq_handlers(struct amdgpu_device *adev) * Base driver will call amdgpu_dm_irq_handler() for ALL interrupts * coming from DC hardware. * amdgpu_dm_irq_handler() will re-direct the interrupt to DC - * for acknowledging and handling. */ + * for acknowledging and handling. + */ /* Use VBLANK interrupt */ for (i = VISLANDS30_IV_SRCID_D1_VERTICAL_INTERRUPT0; i <= VISLANDS30_IV_SRCID_D6_VERTICAL_INTERRUPT0; i++) { @@ -3987,7 +3995,7 @@ static void amdgpu_dm_update_backlight_caps(struct amdgpu_display_manager *dm, } static int get_brightness_range(const struct amdgpu_dm_backlight_caps *caps, - unsigned *min, unsigned *max) + unsigned int *min, unsigned int *max) { if (!caps) return 0; @@ -4007,7 +4015,7 @@ static int get_brightness_range(const struct amdgpu_dm_backlight_caps *caps, static u32 convert_brightness_from_user(const struct amdgpu_dm_backlight_caps *caps, uint32_t brightness) { - unsigned min, max; + unsigned int min, max; if (!get_brightness_range(caps, &min, &max)) return brightness; @@ -4020,7 +4028,7 @@ static u32 convert_brightness_from_user(const struct amdgpu_dm_backlight_caps *c static u32 convert_brightness_to_user(const struct amdgpu_dm_backlight_caps *caps, uint32_t brightness) { - unsigned min, max; + unsigned int min, max; if (!get_brightness_range(caps, &min, &max)) return brightness; @@ -4238,12 +4246,12 @@ static void amdgpu_set_panel_orientation(struct drm_connector *connector); static int amdgpu_dm_initialize_drm_device(struct amdgpu_device *adev) { struct amdgpu_display_manager *dm = &adev->dm; - int32_t i; + s32 i; struct amdgpu_dm_connector *aconnector = NULL; struct amdgpu_encoder *aencoder = NULL; struct amdgpu_mode_info *mode_info = &adev->mode_info; - uint32_t link_cnt; - int32_t primary_planes; + u32 link_cnt; + s32 primary_planes; enum dc_connection_type new_connection_type = dc_connection_none; const struct dc_plane_cap *plane; bool psr_feature_enabled = false; @@ -4501,7 +4509,6 @@ fail: static void amdgpu_dm_destroy_drm_device(struct amdgpu_display_manager *dm) { drm_atomic_private_obj_fini(&dm->atomic_obj); - return; } /****************************************************************************** @@ -4770,7 +4777,7 @@ fill_plane_color_attributes(const struct drm_plane_state *plane_state, static int fill_dc_plane_info_and_addr(struct amdgpu_device *adev, const struct drm_plane_state *plane_state, - const uint64_t tiling_flags, + const u64 tiling_flags, struct dc_plane_info *plane_info, struct dc_plane_address *address, bool tmz_surface, @@ -4979,7 +4986,7 @@ static void fill_dc_dirty_rects(struct drm_plane *plane, uint32_t num_clips; bool bb_changed; bool fb_changed; - uint32_t i = 0; + u32 i = 0; flip_addrs->dirty_rect_count = 0; @@ -5113,7 +5120,7 @@ static enum dc_color_depth convert_color_depth_from_display_info(const struct drm_connector *connector, bool is_y420, int requested_bpc) { - uint8_t bpc; + u8 bpc; if (is_y420) { bpc = 8; @@ -5227,6 +5234,7 @@ static bool adjust_colour_depth_from_display_info( { enum dc_color_depth depth = timing_out->display_color_depth; int normalized_clk; + do { normalized_clk = timing_out->pix_clk_100hz / 10; /* YCbCr 4:2:0 requires additional adjustment of 1/2 */ @@ -5442,6 +5450,7 @@ create_fake_sink(struct amdgpu_dm_connector *aconnector) { struct dc_sink_init_data sink_init_data = { 0 }; struct dc_sink *sink = NULL; + sink_init_data.link = aconnector->dc_link; sink_init_data.sink_signal = aconnector->dc_link->connector_signal; @@ -5565,7 +5574,7 @@ get_highest_refresh_rate_mode(struct amdgpu_dm_connector *aconnector, return &aconnector->freesync_vid_base; /* Find the preferred mode */ - list_for_each_entry (m, list_head, head) { + list_for_each_entry(m, list_head, head) { if (m->type & DRM_MODE_TYPE_PREFERRED) { m_pref = m; break; @@ -5589,7 +5598,7 @@ get_highest_refresh_rate_mode(struct amdgpu_dm_connector *aconnector, * For some monitors, preferred mode is not the mode with highest * supported refresh rate. */ - list_for_each_entry (m, list_head, head) { + list_for_each_entry(m, list_head, head) { current_refresh = drm_mode_vrefresh(m); if (m->hdisplay == m_pref->hdisplay && @@ -5657,8 +5666,8 @@ static void apply_dsc_policy_for_edp(struct amdgpu_dm_connector *aconnector, uint32_t max_dsc_target_bpp_limit_override) { const struct dc_link_settings *verified_link_cap = NULL; - uint32_t link_bw_in_kbps; - uint32_t edp_min_bpp_x16, edp_max_bpp_x16; + u32 link_bw_in_kbps; + u32 edp_min_bpp_x16, edp_max_bpp_x16; struct dc *dc = sink->ctx->dc; struct dc_dsc_bw_range bw_range = {0}; struct dc_dsc_config dsc_cfg = {0}; @@ -5715,17 +5724,15 @@ static void apply_dsc_policy_for_stream(struct amdgpu_dm_connector *aconnector, struct dsc_dec_dpcd_caps *dsc_caps) { struct drm_connector *drm_connector = &aconnector->base; - uint32_t link_bandwidth_kbps; - uint32_t max_dsc_target_bpp_limit_override = 0; + u32 link_bandwidth_kbps; struct dc *dc = sink->ctx->dc; - uint32_t max_supported_bw_in_kbps, timing_bw_in_kbps; - uint32_t dsc_max_supported_bw_in_kbps; + u32 max_supported_bw_in_kbps, timing_bw_in_kbps; + u32 dsc_max_supported_bw_in_kbps; + u32 max_dsc_target_bpp_limit_override = + drm_connector->display_info.max_dsc_bpp; link_bandwidth_kbps = dc_link_bandwidth_kbps(aconnector->dc_link, dc_link_get_link_cap(aconnector->dc_link)); - if (stream->link && stream->link->local_sink) - max_dsc_target_bpp_limit_override = - stream->link->local_sink->edid_caps.panel_patch.max_dsc_target_bpp_limit; /* Set DSC policy according to dsc_clock_en */ dc_dsc_policy_set_enable_dsc_when_not_needed( @@ -5862,7 +5869,7 @@ create_stream_for_sink(struct amdgpu_dm_connector *aconnector, * This may not be an error, the use case is when we have no * usermode calls to reset and set mode upon hotplug. In this * case, we call set mode ourselves to restore the previous mode - * and the modelist may not be filled in in time. + * and the modelist may not be filled in time. */ DRM_DEBUG_DRIVER("No preferred mode found\n"); } else { @@ -5886,9 +5893,9 @@ create_stream_for_sink(struct amdgpu_dm_connector *aconnector, drm_mode_set_crtcinfo(&mode, 0); /* - * If scaling is enabled and refresh rate didn't change - * we copy the vic and polarities of the old timings - */ + * If scaling is enabled and refresh rate didn't change + * we copy the vic and polarities of the old timings + */ if (!scale || mode_refresh != preferred_refresh) fill_stream_properties_from_drm_display_mode( stream, &mode, &aconnector->base, con_state, NULL, @@ -5898,6 +5905,14 @@ create_stream_for_sink(struct amdgpu_dm_connector *aconnector, stream, &mode, &aconnector->base, con_state, old_stream, requested_bpc); + if (aconnector->timing_changed) { + DC_LOG_DEBUG("%s: overriding timing for automated test, bpc %d, changing to %d\n", + __func__, + stream->timing.display_color_depth, + aconnector->timing_requested->display_color_depth); + stream->timing = *aconnector->timing_requested; + } + #if defined(CONFIG_DRM_AMD_DC_DCN) /* SST DSC determination policy */ update_dsc_caps(aconnector, sink, stream, &dsc_caps); @@ -6542,6 +6557,7 @@ static int dm_encoder_helper_atomic_check(struct drm_encoder *encoder, if (!state->duplicated) { int max_bpc = conn_state->max_requested_bpc; + is_y420 = drm_mode_is_420_also(&connector->display_info, adjusted_mode) && aconnector->force_yuv420_output; color_depth = convert_color_depth_from_display_info(connector, @@ -6862,7 +6878,7 @@ static bool is_duplicate_mode(struct amdgpu_dm_connector *aconnector, { struct drm_display_mode *m; - list_for_each_entry (m, &aconnector->base.probed_modes, head) { + list_for_each_entry(m, &aconnector->base.probed_modes, head) { if (drm_mode_equal(m, mode)) return true; } @@ -6875,7 +6891,7 @@ static uint add_fs_modes(struct amdgpu_dm_connector *aconnector) const struct drm_display_mode *m; struct drm_display_mode *new_mode; uint i; - uint32_t new_modes_count = 0; + u32 new_modes_count = 0; /* Standard FPS values * @@ -6889,7 +6905,7 @@ static uint add_fs_modes(struct amdgpu_dm_connector *aconnector) * 60 - Commonly used * 48,72,96,120 - Multiples of 24 */ - static const uint32_t common_rates[] = { + static const u32 common_rates[] = { 23976, 24000, 25000, 29970, 30000, 48000, 50000, 60000, 72000, 96000, 120000 }; @@ -6905,8 +6921,8 @@ static uint add_fs_modes(struct amdgpu_dm_connector *aconnector) return 0; for (i = 0; i < ARRAY_SIZE(common_rates); i++) { - uint64_t target_vtotal, target_vtotal_diff; - uint64_t num, den; + u64 target_vtotal, target_vtotal_diff; + u64 num, den; if (drm_mode_vrefresh(m) * 1000 < common_rates[i]) continue; @@ -6974,13 +6990,7 @@ static int amdgpu_dm_connector_get_modes(struct drm_connector *connector) drm_add_modes_noedid(connector, 640, 480); } else { amdgpu_dm_connector_ddc_get_modes(connector, edid); - /* most eDP supports only timings from its edid, - * usually only detailed timings are available - * from eDP edid. timings which are not from edid - * may damage eDP - */ - if (connector->connector_type != DRM_MODE_CONNECTOR_eDP) - amdgpu_dm_connector_add_common_modes(encoder, connector); + amdgpu_dm_connector_add_common_modes(encoder, connector); amdgpu_dm_connector_add_freesync_modes(connector, edid); } amdgpu_dm_fbc_init(connector); @@ -7012,6 +7022,7 @@ void amdgpu_dm_connector_init_helper(struct amdgpu_display_manager *dm, aconnector->hpd.hpd = AMDGPU_HPD_NONE; /* not used */ aconnector->audio_inst = -1; rw_init(&aconnector->hpd_lock, "dmhpd"); + rw_init(&aconnector->handle_mst_msg_ready, "dmmr"); /* * configure support HPD hot plug connector_>polled default value is 0 @@ -7156,7 +7167,7 @@ create_i2c(struct ddc_service *ddc_service, */ static int amdgpu_dm_connector_init(struct amdgpu_display_manager *dm, struct amdgpu_dm_connector *aconnector, - uint32_t link_index, + u32 link_index, struct amdgpu_encoder *aencoder) { int res = 0; @@ -7167,7 +7178,6 @@ static int amdgpu_dm_connector_init(struct amdgpu_display_manager *dm, link->priv = aconnector; - DRM_DEBUG_DRIVER("%s()\n", __func__); i2c = create_i2c(link->ddc, link->link_index, &res); if (!i2c) { @@ -7647,8 +7657,8 @@ static void amdgpu_dm_commit_planes(struct drm_atomic_state *state, struct drm_crtc *pcrtc, bool wait_for_vblank) { - uint32_t i; - uint64_t timestamp_ns; + u32 i; + u64 timestamp_ns; struct drm_plane *plane; struct drm_plane_state *old_plane_state, *new_plane_state; struct amdgpu_crtc *acrtc_attach = to_amdgpu_crtc(pcrtc); @@ -7659,7 +7669,7 @@ static void amdgpu_dm_commit_planes(struct drm_atomic_state *state, to_dm_crtc_state(drm_atomic_get_old_crtc_state(state, pcrtc)); int planes_count = 0, vpos, hpos; unsigned long flags; - uint32_t target_vblank, last_flip_vblank; + u32 target_vblank, last_flip_vblank; bool vrr_active = amdgpu_dm_vrr_active(acrtc_state); bool cursor_update = false; bool pflip_present = false; @@ -7761,7 +7771,15 @@ static void amdgpu_dm_commit_planes(struct drm_atomic_state *state, * Only allow immediate flips for fast updates that don't * change memory domain, FB pitch, DCC state, rotation or * mirroring. + * + * dm_crtc_helper_atomic_check() only accepts async flips with + * fast updates. */ + if (crtc->state->async_flip && + acrtc_state->update_type != UPDATE_TYPE_FAST) + drm_warn_once(state->dev, + "[PLANE:%d:%s] async flip with non-fast update\n", + plane->base.id, plane->name); bundle->flip_addrs[planes_count].flip_immediate = crtc->state->async_flip && acrtc_state->update_type == UPDATE_TYPE_FAST && @@ -7804,8 +7822,7 @@ static void amdgpu_dm_commit_planes(struct drm_atomic_state *state, * DRI3/Present extension with defined target_msc. */ last_flip_vblank = amdgpu_get_vblank_counter_kms(pcrtc); - } - else { + } else { /* For variable refresh rate mode only: * Get vblank of last completed flip to avoid > 1 vrr * flips per video frame by use of throttling, but allow @@ -8100,7 +8117,7 @@ static void amdgpu_dm_atomic_commit_tail(struct drm_atomic_state *state) struct amdgpu_display_manager *dm = &adev->dm; struct dm_atomic_state *dm_state; struct dc_state *dc_state = NULL, *dc_state_temp = NULL; - uint32_t i, j; + u32 i, j; struct drm_crtc *crtc; struct drm_crtc_state *old_crtc_state, *new_crtc_state; unsigned long flags; @@ -8132,8 +8149,8 @@ static void amdgpu_dm_atomic_commit_tail(struct drm_atomic_state *state) dc_resource_state_copy_construct_current(dm->dc, dc_state); } - for_each_oldnew_crtc_in_state (state, crtc, old_crtc_state, - new_crtc_state, i) { + for_each_oldnew_crtc_in_state(state, crtc, old_crtc_state, + new_crtc_state, i) { struct amdgpu_crtc *acrtc = to_amdgpu_crtc(crtc); dm_old_crtc_state = to_dm_crtc_state(old_crtc_state); @@ -8156,9 +8173,7 @@ static void amdgpu_dm_atomic_commit_tail(struct drm_atomic_state *state) dm_old_crtc_state = to_dm_crtc_state(old_crtc_state); drm_dbg_state(state->dev, - "amdgpu_crtc id:%d crtc_state_flags: enable:%d, active:%d, " - "planes_changed:%d, mode_changed:%d,active_changed:%d," - "connectors_changed:%d\n", + "amdgpu_crtc id:%d crtc_state_flags: enable:%d, active:%d, planes_changed:%d, mode_changed:%d,active_changed:%d,connectors_changed:%d\n", acrtc->crtc_id, new_crtc_state->enable, new_crtc_state->active, @@ -8643,8 +8658,8 @@ static int do_aquire_global_lock(struct drm_device *dev, &commit->flip_done, 10*HZ); if (ret == 0) - DRM_ERROR("[CRTC:%d:%s] hw_done or flip_done " - "timed out\n", crtc->base.id, crtc->name); + DRM_ERROR("[CRTC:%d:%s] hw_done or flip_done timed out\n", + crtc->base.id, crtc->name); drm_crtc_commit_put(commit); } @@ -8729,8 +8744,9 @@ is_timing_unchanged_for_freesync(struct drm_crtc_state *old_crtc_state, return false; } -static void set_freesync_fixed_config(struct dm_crtc_state *dm_new_crtc_state) { - uint64_t num, den, res; +static void set_freesync_fixed_config(struct dm_crtc_state *dm_new_crtc_state) +{ + u64 num, den, res; struct drm_crtc_state *new_crtc_state = &dm_new_crtc_state->base; dm_new_crtc_state->freesync_config.state = VRR_STATE_ACTIVE_FIXED; @@ -8852,9 +8868,7 @@ static int dm_update_crtc_state(struct amdgpu_display_manager *dm, goto skip_modeset; drm_dbg_state(state->dev, - "amdgpu_crtc id:%d crtc_state_flags: enable:%d, active:%d, " - "planes_changed:%d, mode_changed:%d,active_changed:%d," - "connectors_changed:%d\n", + "amdgpu_crtc id:%d crtc_state_flags: enable:%d, active:%d, planes_changed:%d, mode_changed:%d,active_changed:%d,connectors_changed:%d\n", acrtc->crtc_id, new_crtc_state->enable, new_crtc_state->active, @@ -8883,8 +8897,7 @@ static int dm_update_crtc_state(struct amdgpu_display_manager *dm, old_crtc_state)) { new_crtc_state->mode_changed = false; DRM_DEBUG_DRIVER( - "Mode change not required for front porch change, " - "setting mode_changed to %d", + "Mode change not required for front porch change, setting mode_changed to %d", new_crtc_state->mode_changed); set_freesync_fixed_config(dm_new_crtc_state); @@ -8896,9 +8909,8 @@ static int dm_update_crtc_state(struct amdgpu_display_manager *dm, struct drm_display_mode *high_mode; high_mode = get_highest_refresh_rate_mode(aconnector, false); - if (!drm_mode_equal(&new_crtc_state->mode, high_mode)) { + if (!drm_mode_equal(&new_crtc_state->mode, high_mode)) set_freesync_fixed_config(dm_new_crtc_state); - } } ret = dm_atomic_get_state(state, &dm_state); @@ -9066,6 +9078,7 @@ static bool should_reset_plane(struct drm_atomic_state *state, */ for_each_oldnew_plane_in_state(state, other, old_other_state, new_other_state, i) { struct amdgpu_framebuffer *old_afb, *new_afb; + if (other->type == DRM_PLANE_TYPE_CURSOR) continue; @@ -9164,11 +9177,12 @@ static int dm_check_cursor_fb(struct amdgpu_crtc *new_acrtc, } /* Core DRM takes care of checking FB modifiers, so we only need to - * check tiling flags when the FB doesn't have a modifier. */ + * check tiling flags when the FB doesn't have a modifier. + */ if (!(fb->flags & DRM_MODE_FB_MODIFIERS)) { if (adev->family < AMDGPU_FAMILY_AI) { linear = AMDGPU_TILING_GET(afb->tiling_flags, ARRAY_MODE) != DC_ARRAY_2D_TILED_THIN1 && - AMDGPU_TILING_GET(afb->tiling_flags, ARRAY_MODE) != DC_ARRAY_1D_TILED_THIN1 && + AMDGPU_TILING_GET(afb->tiling_flags, ARRAY_MODE) != DC_ARRAY_1D_TILED_THIN1 && AMDGPU_TILING_GET(afb->tiling_flags, MICRO_TILE_MODE) == 0; } else { linear = AMDGPU_TILING_GET(afb->tiling_flags, SWIZZLE_MODE) == 0; @@ -9381,12 +9395,12 @@ static int dm_check_crtc_cursor(struct drm_atomic_state *state, /* On DCE and DCN there is no dedicated hardware cursor plane. We get a * cursor per pipe but it's going to inherit the scaling and * positioning from the underlying pipe. Check the cursor plane's - * blending properties match the underlying planes'. */ + * blending properties match the underlying planes'. + */ new_cursor_state = drm_atomic_get_new_plane_state(state, cursor); - if (!new_cursor_state || !new_cursor_state->fb) { + if (!new_cursor_state || !new_cursor_state->fb) return 0; - } dm_get_oriented_plane_size(new_cursor_state, &cursor_src_w, &cursor_src_h); cursor_scale_w = new_cursor_state->crtc_w * 1000 / cursor_src_w; @@ -9432,6 +9446,7 @@ static int add_affected_mst_dsc_crtcs(struct drm_atomic_state *state, struct drm struct drm_connector_state *conn_state, *old_conn_state; struct amdgpu_dm_connector *aconnector = NULL; int i; + for_each_oldnew_connector_in_state(state, connector, old_conn_state, conn_state, i) { if (!conn_state->crtc) conn_state = old_conn_state; @@ -9874,7 +9889,7 @@ static int amdgpu_dm_atomic_check(struct drm_device *dev, } /* Store the overall update type for use later in atomic check. */ - for_each_new_crtc_in_state (state, crtc, new_crtc_state, i) { + for_each_new_crtc_in_state(state, crtc, new_crtc_state, i) { struct dm_crtc_state *dm_new_crtc_state = to_dm_crtc_state(new_crtc_state); @@ -9896,7 +9911,7 @@ fail: else if (ret == -EINTR || ret == -EAGAIN || ret == -ERESTARTSYS) DRM_DEBUG_DRIVER("Atomic check stopped due to signal.\n"); else - DRM_DEBUG_DRIVER("Atomic check failed with err: %d \n", ret); + DRM_DEBUG_DRIVER("Atomic check failed with err: %d\n", ret); trace_amdgpu_dm_atomic_check_finish(state, ret); @@ -9906,7 +9921,7 @@ fail: static bool is_dp_capable_without_timing_msa(struct dc *dc, struct amdgpu_dm_connector *amdgpu_dm_connector) { - uint8_t dpcd_data; + u8 dpcd_data; bool capable = false; if (amdgpu_dm_connector->dc_link && @@ -9925,7 +9940,7 @@ static bool is_dp_capable_without_timing_msa(struct dc *dc, static bool dm_edid_parser_send_cea(struct amdgpu_display_manager *dm, unsigned int offset, unsigned int total_length, - uint8_t *data, + u8 *data, unsigned int length, struct amdgpu_hdmi_vsdb_info *vsdb) { @@ -9981,7 +9996,7 @@ static bool dm_edid_parser_send_cea(struct amdgpu_display_manager *dm, } static bool parse_edid_cea_dmcu(struct amdgpu_display_manager *dm, - uint8_t *edid_ext, int len, + u8 *edid_ext, int len, struct amdgpu_hdmi_vsdb_info *vsdb_info) { int i; @@ -10022,7 +10037,7 @@ static bool parse_edid_cea_dmcu(struct amdgpu_display_manager *dm, } static bool parse_edid_cea_dmub(struct amdgpu_display_manager *dm, - uint8_t *edid_ext, int len, + u8 *edid_ext, int len, struct amdgpu_hdmi_vsdb_info *vsdb_info) { int i; @@ -10038,7 +10053,7 @@ static bool parse_edid_cea_dmub(struct amdgpu_display_manager *dm, } static bool parse_edid_cea(struct amdgpu_dm_connector *aconnector, - uint8_t *edid_ext, int len, + u8 *edid_ext, int len, struct amdgpu_hdmi_vsdb_info *vsdb_info) { struct amdgpu_device *adev = drm_to_adev(aconnector->base.dev); @@ -10052,7 +10067,7 @@ static bool parse_edid_cea(struct amdgpu_dm_connector *aconnector, static int parse_hdmi_amd_vsdb(struct amdgpu_dm_connector *aconnector, struct edid *edid, struct amdgpu_hdmi_vsdb_info *vsdb_info) { - uint8_t *edid_ext = NULL; + u8 *edid_ext = NULL; int i; bool valid_vsdb_found = false; @@ -10228,7 +10243,7 @@ void amdgpu_dm_trigger_timing_sync(struct drm_device *dev) } void dm_write_reg_func(const struct dc_context *ctx, uint32_t address, - uint32_t value, const char *func_name) + u32 value, const char *func_name) { #ifdef DM_CHECK_ADDR_0 if (address == 0) { @@ -10243,7 +10258,7 @@ void dm_write_reg_func(const struct dc_context *ctx, uint32_t address, uint32_t dm_read_reg_func(const struct dc_context *ctx, uint32_t address, const char *func_name) { - uint32_t value; + u32 value; #ifdef DM_CHECK_ADDR_0 if (address == 0) { DC_ERR("invalid register read; address = 0\n"); diff --git a/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm.h b/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm.h index 4780ac4b5..a9c6eb726 100644 --- a/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm.h +++ b/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm.h @@ -31,6 +31,7 @@ #include #include #include +#include "link_service_types.h" /* * This file contains the definition for amdgpu_display_manager @@ -192,6 +193,11 @@ struct hpd_rx_irq_offload_work_queue { * we're handling link loss */ bool is_handling_link_loss; + /** + * @is_handling_mst_msg_rdy_event: Used to prevent inserting mst message + * ready event when we're already handling mst message ready event + */ + bool is_handling_mst_msg_rdy_event; /** * @aconnector: The aconnector that this work queue is attached to */ @@ -613,6 +619,8 @@ struct amdgpu_dm_connector { struct drm_dp_mst_port *port; struct amdgpu_dm_connector *mst_port; struct drm_dp_aux *dsc_aux; + struct rwlock handle_mst_msg_ready; + /* TODO see if we can merge with ddc_bus or make a dm_connector */ struct amdgpu_i2c_adapter *i2c; @@ -650,6 +658,10 @@ struct amdgpu_dm_connector { /* Record progress status of mst*/ uint8_t mst_status; + + /* Automated testing */ + bool timing_changed; + struct dc_crtc_timing *timing_requested; }; static inline void amdgpu_dm_set_mst_status(uint8_t *status, diff --git a/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm_crtc.c b/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm_crtc.c index 1ec643a0d..b9b70f456 100644 --- a/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm_crtc.c +++ b/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm_crtc.c @@ -406,6 +406,18 @@ static int dm_crtc_helper_atomic_check(struct drm_crtc *crtc, return -EINVAL; } + /* + * Only allow async flips for fast updates that don't change the FB + * pitch, the DCC state, rotation, etc. + */ + if (crtc_state->async_flip && + dm_crtc_state->update_type != UPDATE_TYPE_FAST) { + drm_dbg_atomic(crtc->dev, + "[CRTC:%d:%s] async flips are only supported for fast updates\n", + crtc->base.id, crtc->name); + return -EINVAL; + } + /* In some use cases, like reset, no stream is attached */ if (!dm_crtc_state->stream) return 0; diff --git a/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm_helpers.c b/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm_helpers.c index 9933a30cc..cc4a0d3f9 100644 --- a/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm_helpers.c +++ b/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm_helpers.c @@ -38,6 +38,9 @@ #include "amdgpu_dm.h" #include "amdgpu_dm_irq.h" #include "amdgpu_dm_mst_types.h" +#include "dpcd_defs.h" +#include "dc/inc/core_types.h" +#include "dc_link_dp.h" #include "dm_helpers.h" #include "ddc_service_types.h" @@ -1056,6 +1059,128 @@ void dm_helpers_mst_enable_stream_features(const struct dc_stream_state *stream) sizeof(new_downspread)); } +bool dm_helpers_dp_handle_test_pattern_request( + struct dc_context *ctx, + const struct dc_link *link, + union link_test_pattern dpcd_test_pattern, + union test_misc dpcd_test_params) +{ + enum dp_test_pattern test_pattern; + enum dp_test_pattern_color_space test_pattern_color_space = + DP_TEST_PATTERN_COLOR_SPACE_UNDEFINED; + enum dc_color_depth requestColorDepth = COLOR_DEPTH_UNDEFINED; + enum dc_pixel_encoding requestPixelEncoding = PIXEL_ENCODING_UNDEFINED; + struct pipe_ctx *pipes = link->dc->current_state->res_ctx.pipe_ctx; + struct pipe_ctx *pipe_ctx = NULL; + struct amdgpu_dm_connector *aconnector = link->priv; + int i; + + for (i = 0; i < MAX_PIPES; i++) { + if (pipes[i].stream == NULL) + continue; + + if (pipes[i].stream->link == link && !pipes[i].top_pipe && + !pipes[i].prev_odm_pipe) { + pipe_ctx = &pipes[i]; + break; + } + } + + if (pipe_ctx == NULL) + return false; + + switch (dpcd_test_pattern.bits.PATTERN) { + case LINK_TEST_PATTERN_COLOR_RAMP: + test_pattern = DP_TEST_PATTERN_COLOR_RAMP; + break; + case LINK_TEST_PATTERN_VERTICAL_BARS: + test_pattern = DP_TEST_PATTERN_VERTICAL_BARS; + break; /* black and white */ + case LINK_TEST_PATTERN_COLOR_SQUARES: + test_pattern = (dpcd_test_params.bits.DYN_RANGE == + TEST_DYN_RANGE_VESA ? + DP_TEST_PATTERN_COLOR_SQUARES : + DP_TEST_PATTERN_COLOR_SQUARES_CEA); + break; + default: + test_pattern = DP_TEST_PATTERN_VIDEO_MODE; + break; + } + + if (dpcd_test_params.bits.CLR_FORMAT == 0) + test_pattern_color_space = DP_TEST_PATTERN_COLOR_SPACE_RGB; + else + test_pattern_color_space = dpcd_test_params.bits.YCBCR_COEFS ? + DP_TEST_PATTERN_COLOR_SPACE_YCBCR709 : + DP_TEST_PATTERN_COLOR_SPACE_YCBCR601; + + switch (dpcd_test_params.bits.BPC) { + case 0: // 6 bits + requestColorDepth = COLOR_DEPTH_666; + break; + case 1: // 8 bits + requestColorDepth = COLOR_DEPTH_888; + break; + case 2: // 10 bits + requestColorDepth = COLOR_DEPTH_101010; + break; + case 3: // 12 bits + requestColorDepth = COLOR_DEPTH_121212; + break; + default: + break; + } + + switch (dpcd_test_params.bits.CLR_FORMAT) { + case 0: + requestPixelEncoding = PIXEL_ENCODING_RGB; + break; + case 1: + requestPixelEncoding = PIXEL_ENCODING_YCBCR422; + break; + case 2: + requestPixelEncoding = PIXEL_ENCODING_YCBCR444; + break; + default: + requestPixelEncoding = PIXEL_ENCODING_RGB; + break; + } + + if ((requestColorDepth != COLOR_DEPTH_UNDEFINED + && pipe_ctx->stream->timing.display_color_depth != requestColorDepth) + || (requestPixelEncoding != PIXEL_ENCODING_UNDEFINED + && pipe_ctx->stream->timing.pixel_encoding != requestPixelEncoding)) { + DC_LOG_DEBUG("%s: original bpc %d pix encoding %d, changing to %d %d\n", + __func__, + pipe_ctx->stream->timing.display_color_depth, + pipe_ctx->stream->timing.pixel_encoding, + requestColorDepth, + requestPixelEncoding); + pipe_ctx->stream->timing.display_color_depth = requestColorDepth; + pipe_ctx->stream->timing.pixel_encoding = requestPixelEncoding; + + dp_update_dsc_config(pipe_ctx); + + aconnector->timing_changed = true; + /* store current timing */ + if (aconnector->timing_requested) + *aconnector->timing_requested = pipe_ctx->stream->timing; + else + DC_LOG_ERROR("%s: timing storage failed\n", __func__); + + } + + dc_link_dp_set_test_pattern( + (struct dc_link *) link, + test_pattern, + test_pattern_color_space, + NULL, + NULL, + 0); + + return false; +} + void dm_set_phyd32clk(struct dc_context *ctx, int freq_khz) { // TODO diff --git a/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c b/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c index e2f9141d6..05708684c 100644 --- a/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c +++ b/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.c @@ -590,8 +590,118 @@ dm_dp_add_mst_connector(struct drm_dp_mst_topology_mgr *mgr, return connector; } +void dm_handle_mst_sideband_msg_ready_event( + struct drm_dp_mst_topology_mgr *mgr, + enum mst_msg_ready_type msg_rdy_type) +{ + uint8_t esi[DP_PSR_ERROR_STATUS - DP_SINK_COUNT_ESI] = { 0 }; + uint8_t dret; + bool new_irq_handled = false; + int dpcd_addr; + uint8_t dpcd_bytes_to_read; + const uint8_t max_process_count = 30; + uint8_t process_count = 0; + u8 retry; + struct amdgpu_dm_connector *aconnector = + container_of(mgr, struct amdgpu_dm_connector, mst_mgr); + + + const struct dc_link_status *link_status = dc_link_get_status(aconnector->dc_link); + + if (link_status->dpcd_caps->dpcd_rev.raw < 0x12) { + dpcd_bytes_to_read = DP_LANE0_1_STATUS - DP_SINK_COUNT; + /* DPCD 0x200 - 0x201 for downstream IRQ */ + dpcd_addr = DP_SINK_COUNT; + } else { + dpcd_bytes_to_read = DP_PSR_ERROR_STATUS - DP_SINK_COUNT_ESI; + /* DPCD 0x2002 - 0x2005 for downstream IRQ */ + dpcd_addr = DP_SINK_COUNT_ESI; + } + + mutex_lock(&aconnector->handle_mst_msg_ready); + + while (process_count < max_process_count) { + u8 ack[DP_PSR_ERROR_STATUS - DP_SINK_COUNT_ESI] = {}; + + process_count++; + + dret = drm_dp_dpcd_read( + &aconnector->dm_dp_aux.aux, + dpcd_addr, + esi, + dpcd_bytes_to_read); + + if (dret != dpcd_bytes_to_read) { + DRM_DEBUG_KMS("DPCD read and acked number is not as expected!"); + break; + } + + DRM_DEBUG_DRIVER("ESI %02x %02x %02x\n", esi[0], esi[1], esi[2]); + + switch (msg_rdy_type) { + case DOWN_REP_MSG_RDY_EVENT: + /* Only handle DOWN_REP_MSG_RDY case*/ + esi[1] &= DP_DOWN_REP_MSG_RDY; + break; + case UP_REQ_MSG_RDY_EVENT: + /* Only handle UP_REQ_MSG_RDY case*/ + esi[1] &= DP_UP_REQ_MSG_RDY; + break; + default: + /* Handle both cases*/ + esi[1] &= (DP_DOWN_REP_MSG_RDY | DP_UP_REQ_MSG_RDY); + break; + } + + if (!esi[1]) + break; + + /* handle MST irq */ + if (aconnector->mst_mgr.mst_state) + drm_dp_mst_hpd_irq_handle_event(&aconnector->mst_mgr, + esi, + ack, + &new_irq_handled); + + if (new_irq_handled) { + /* ACK at DPCD to notify down stream */ + for (retry = 0; retry < 3; retry++) { + ssize_t wret; + + wret = drm_dp_dpcd_writeb(&aconnector->dm_dp_aux.aux, + dpcd_addr + 1, + ack[1]); + if (wret == 1) + break; + } + + if (retry == 3) { + DRM_ERROR("Failed to ack MST event.\n"); + return; + } + + drm_dp_mst_hpd_irq_send_new_request(&aconnector->mst_mgr); + + new_irq_handled = false; + } else { + break; + } + } + + mutex_unlock(&aconnector->handle_mst_msg_ready); + + if (process_count == max_process_count) + DRM_DEBUG_DRIVER("Loop exceeded max iterations\n"); +} + +static void dm_handle_mst_down_rep_msg_ready(struct drm_dp_mst_topology_mgr *mgr) +{ + dm_handle_mst_sideband_msg_ready_event(mgr, DOWN_REP_MSG_RDY_EVENT); +} + static const struct drm_dp_mst_topology_cbs dm_mst_cbs = { .add_connector = dm_dp_add_mst_connector, + .poll_hpd_irq = dm_handle_mst_down_rep_msg_ready, }; void amdgpu_dm_initialize_dp_connector(struct amdgpu_display_manager *dm, @@ -673,15 +783,18 @@ static void set_dsc_configs_from_fairness_vars(struct dsc_mst_fairness_params *p int count, int k) { + struct drm_connector *drm_connector; int i; for (i = 0; i < count; i++) { + drm_connector = ¶ms[i].aconnector->base; + memset(¶ms[i].timing->dsc_cfg, 0, sizeof(params[i].timing->dsc_cfg)); if (vars[i + k].dsc_enabled && dc_dsc_compute_config( params[i].sink->ctx->dc->res_pool->dscs[0], ¶ms[i].sink->dsc_caps.dsc_dec_caps, params[i].sink->ctx->dc->debug.dsc_min_slice_height_override, - params[i].sink->edid_caps.panel_patch.max_dsc_target_bpp_limit, + drm_connector->display_info.max_dsc_bpp, 0, params[i].timing, ¶ms[i].timing->dsc_cfg)) { @@ -723,12 +836,16 @@ static int bpp_x16_from_pbn(struct dsc_mst_fairness_params param, int pbn) struct dc_dsc_config dsc_config; u64 kbps; + struct drm_connector *drm_connector = ¶m.aconnector->base; + uint32_t max_dsc_target_bpp_limit_override = + drm_connector->display_info.max_dsc_bpp; + kbps = div_u64((u64)pbn * 994 * 8 * 54, 64); dc_dsc_compute_config( param.sink->ctx->dc->res_pool->dscs[0], ¶m.sink->dsc_caps.dsc_dec_caps, param.sink->ctx->dc->debug.dsc_min_slice_height_override, - param.sink->edid_caps.panel_patch.max_dsc_target_bpp_limit, + max_dsc_target_bpp_limit_override, (int) kbps, param.timing, &dsc_config); return dsc_config.bits_per_pixel; diff --git a/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.h b/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.h index 1e4ede1e5..37c820ab0 100644 --- a/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.h +++ b/sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm_mst_types.h @@ -49,6 +49,13 @@ #define PBN_FEC_OVERHEAD_MULTIPLIER_8B_10B 1031 #define PBN_FEC_OVERHEAD_MULTIPLIER_128B_132B 1000 +enum mst_msg_ready_type { + NONE_MSG_RDY_EVENT = 0, + DOWN_REP_MSG_RDY_EVENT = 1, + UP_REQ_MSG_RDY_EVENT = 2, + DOWN_OR_UP_MSG_RDY_EVENT = 3 +}; + struct amdgpu_display_manager; struct amdgpu_dm_connector; @@ -61,6 +68,10 @@ void amdgpu_dm_initialize_dp_connector(struct amdgpu_display_manager *dm, void dm_dp_create_fake_mst_encoders(struct amdgpu_device *adev); +void dm_handle_mst_sideband_msg_ready_event( + struct drm_dp_mst_topology_mgr *mgr, + enum mst_msg_ready_type msg_rdy_type); + struct dsc_mst_fairness_vars { int pbn; bool dsc_enabled; diff --git a/sys/dev/pci/drm/amd/display/dc/clk_mgr/dcn31/dcn31_clk_mgr.c b/sys/dev/pci/drm/amd/display/dc/clk_mgr/dcn31/dcn31_clk_mgr.c index c1eaf5714..9f593eddb 100644 --- a/sys/dev/pci/drm/amd/display/dc/clk_mgr/dcn31/dcn31_clk_mgr.c +++ b/sys/dev/pci/drm/amd/display/dc/clk_mgr/dcn31/dcn31_clk_mgr.c @@ -86,6 +86,11 @@ static int dcn31_get_active_display_cnt_wa( stream->signal == SIGNAL_TYPE_DVI_SINGLE_LINK || stream->signal == SIGNAL_TYPE_DVI_DUAL_LINK) tmds_present = true; + + /* Checking stream / link detection ensuring that PHY is active*/ + if (dc_is_dp_signal(stream->signal) && !stream->dpms_off) + display_count++; + } for (i = 0; i < dc->link_count; i++) { diff --git a/sys/dev/pci/drm/amd/display/dc/core/dc_link_dp.c b/sys/dev/pci/drm/amd/display/dc/core/dc_link_dp.c index 1f6456524..55ff9d95a 100644 --- a/sys/dev/pci/drm/amd/display/dc/core/dc_link_dp.c +++ b/sys/dev/pci/drm/amd/display/dc/core/dc_link_dp.c @@ -3115,7 +3115,7 @@ struct dc_link_settings dp_get_max_link_cap(struct dc_link *link) return max_link_cap; } -static enum dc_status read_hpd_rx_irq_data( +enum dc_status read_hpd_rx_irq_data( struct dc_link *link, union hpd_irq_data *irq_data) { @@ -4264,124 +4264,6 @@ static void dp_test_send_phy_test_pattern(struct dc_link *link) test_pattern_size); } -static void dp_test_send_link_test_pattern(struct dc_link *link) -{ - union link_test_pattern dpcd_test_pattern; - union test_misc dpcd_test_params; - enum dp_test_pattern test_pattern; - enum dp_test_pattern_color_space test_pattern_color_space = - DP_TEST_PATTERN_COLOR_SPACE_UNDEFINED; - enum dc_color_depth requestColorDepth = COLOR_DEPTH_UNDEFINED; - struct pipe_ctx *pipes = link->dc->current_state->res_ctx.pipe_ctx; - struct pipe_ctx *pipe_ctx = NULL; - int i; - - memset(&dpcd_test_pattern, 0, sizeof(dpcd_test_pattern)); - memset(&dpcd_test_params, 0, sizeof(dpcd_test_params)); - - for (i = 0; i < MAX_PIPES; i++) { - if (pipes[i].stream == NULL) - continue; - - if (pipes[i].stream->link == link && !pipes[i].top_pipe && !pipes[i].prev_odm_pipe) { - pipe_ctx = &pipes[i]; - break; - } - } - - if (pipe_ctx == NULL) - return; - - /* get link test pattern and pattern parameters */ - core_link_read_dpcd( - link, - DP_TEST_PATTERN, - &dpcd_test_pattern.raw, - sizeof(dpcd_test_pattern)); - core_link_read_dpcd( - link, - DP_TEST_MISC0, - &dpcd_test_params.raw, - sizeof(dpcd_test_params)); - - switch (dpcd_test_pattern.bits.PATTERN) { - case LINK_TEST_PATTERN_COLOR_RAMP: - test_pattern = DP_TEST_PATTERN_COLOR_RAMP; - break; - case LINK_TEST_PATTERN_VERTICAL_BARS: - test_pattern = DP_TEST_PATTERN_VERTICAL_BARS; - break; /* black and white */ - case LINK_TEST_PATTERN_COLOR_SQUARES: - test_pattern = (dpcd_test_params.bits.DYN_RANGE == - TEST_DYN_RANGE_VESA ? - DP_TEST_PATTERN_COLOR_SQUARES : - DP_TEST_PATTERN_COLOR_SQUARES_CEA); - break; - default: - test_pattern = DP_TEST_PATTERN_VIDEO_MODE; - break; - } - - if (dpcd_test_params.bits.CLR_FORMAT == 0) - test_pattern_color_space = DP_TEST_PATTERN_COLOR_SPACE_RGB; - else - test_pattern_color_space = dpcd_test_params.bits.YCBCR_COEFS ? - DP_TEST_PATTERN_COLOR_SPACE_YCBCR709 : - DP_TEST_PATTERN_COLOR_SPACE_YCBCR601; - - switch (dpcd_test_params.bits.BPC) { - case 0: // 6 bits - requestColorDepth = COLOR_DEPTH_666; - break; - case 1: // 8 bits - requestColorDepth = COLOR_DEPTH_888; - break; - case 2: // 10 bits - requestColorDepth = COLOR_DEPTH_101010; - break; - case 3: // 12 bits - requestColorDepth = COLOR_DEPTH_121212; - break; - default: - break; - } - - switch (dpcd_test_params.bits.CLR_FORMAT) { - case 0: - pipe_ctx->stream->timing.pixel_encoding = PIXEL_ENCODING_RGB; - break; - case 1: - pipe_ctx->stream->timing.pixel_encoding = PIXEL_ENCODING_YCBCR422; - break; - case 2: - pipe_ctx->stream->timing.pixel_encoding = PIXEL_ENCODING_YCBCR444; - break; - default: - pipe_ctx->stream->timing.pixel_encoding = PIXEL_ENCODING_RGB; - break; - } - - - if (requestColorDepth != COLOR_DEPTH_UNDEFINED - && pipe_ctx->stream->timing.display_color_depth != requestColorDepth) { - DC_LOG_DEBUG("%s: original bpc %d, changing to %d\n", - __func__, - pipe_ctx->stream->timing.display_color_depth, - requestColorDepth); - pipe_ctx->stream->timing.display_color_depth = requestColorDepth; - } - - dp_update_dsc_config(pipe_ctx); - - dc_link_dp_set_test_pattern( - link, - test_pattern, - test_pattern_color_space, - NULL, - NULL, - 0); -} - static void dp_test_get_audio_test_data(struct dc_link *link, bool disable_video) { union audio_test_mode dpcd_test_mode = {0}; @@ -4494,8 +4376,25 @@ void dc_link_dp_handle_automated_test(struct dc_link *link) test_response.bits.ACK = 0; } if (test_request.bits.LINK_TEST_PATTRN) { - dp_test_send_link_test_pattern(link); - test_response.bits.ACK = 1; + union test_misc dpcd_test_params; + union link_test_pattern dpcd_test_pattern; + + memset(&dpcd_test_pattern, 0, sizeof(dpcd_test_pattern)); + memset(&dpcd_test_params, 0, sizeof(dpcd_test_params)); + + /* get link test pattern and pattern parameters */ + core_link_read_dpcd( + link, + DP_TEST_PATTERN, + &dpcd_test_pattern.raw, + sizeof(dpcd_test_pattern)); + core_link_read_dpcd( + link, + DP_TEST_MISC0, + &dpcd_test_params.raw, + sizeof(dpcd_test_params)); + test_response.bits.ACK = dm_helpers_dp_handle_test_pattern_request(link->ctx, link, + dpcd_test_pattern, dpcd_test_params) ? 1 : 0; } if (test_request.bits.AUDIO_TEST_PATTERN) { diff --git a/sys/dev/pci/drm/amd/display/dc/dcn10/dcn10_hw_sequencer.c b/sys/dev/pci/drm/amd/display/dc/dcn10/dcn10_hw_sequencer.c index 0dcd9fea1..a6fde27d1 100644 --- a/sys/dev/pci/drm/amd/display/dc/dcn10/dcn10_hw_sequencer.c +++ b/sys/dev/pci/drm/amd/display/dc/dcn10/dcn10_hw_sequencer.c @@ -3293,7 +3293,8 @@ void dcn10_wait_for_mpcc_disconnect( if (pipe_ctx->stream_res.opp->mpcc_disconnect_pending[mpcc_inst]) { struct hubp *hubp = get_hubp_by_inst(res_pool, mpcc_inst); - if (pipe_ctx->stream_res.tg->funcs->is_tg_enabled(pipe_ctx->stream_res.tg)) + if (pipe_ctx->stream_res.tg && + pipe_ctx->stream_res.tg->funcs->is_tg_enabled(pipe_ctx->stream_res.tg)) res_pool->mpc->funcs->wait_for_idle(res_pool->mpc, mpcc_inst); pipe_ctx->stream_res.opp->mpcc_disconnect_pending[mpcc_inst] = false; hubp->funcs->set_blank(hubp, true); diff --git a/sys/dev/pci/drm/amd/display/dc/dcn303/dcn303_resource.c b/sys/dev/pci/drm/amd/display/dc/dcn303/dcn303_resource.c index 7e7f18bef..1f263326c 100644 --- a/sys/dev/pci/drm/amd/display/dc/dcn303/dcn303_resource.c +++ b/sys/dev/pci/drm/amd/display/dc/dcn303/dcn303_resource.c @@ -65,7 +65,7 @@ static const struct dc_debug_options debug_defaults_drv = { .timing_trace = false, .clock_trace = true, .disable_pplib_clock_request = true, - .pipe_split_policy = MPC_SPLIT_DYNAMIC, + .pipe_split_policy = MPC_SPLIT_AVOID, .force_single_disp_pipe_split = false, .disable_dcc = DCC_ENABLE, .vsr_support = true, diff --git a/sys/dev/pci/drm/amd/display/dc/dm_helpers.h b/sys/dev/pci/drm/amd/display/dc/dm_helpers.h index e3e5c3989..d0ad682fd 100644 --- a/sys/dev/pci/drm/amd/display/dc/dm_helpers.h +++ b/sys/dev/pci/drm/amd/display/dc/dm_helpers.h @@ -156,6 +156,12 @@ enum dc_edid_status dm_helpers_read_local_edid( struct dc_link *link, struct dc_sink *sink); +bool dm_helpers_dp_handle_test_pattern_request( + struct dc_context *ctx, + const struct dc_link *link, + union link_test_pattern dpcd_test_pattern, + union test_misc dpcd_test_params); + void dm_set_dcn_clocks( struct dc_context *ctx, struct dc_clocks *clks); diff --git a/sys/dev/pci/drm/amd/display/dc/inc/dc_link_dp.h b/sys/dev/pci/drm/amd/display/dc/inc/dc_link_dp.h index dab08ad78..197df3967 100644 --- a/sys/dev/pci/drm/amd/display/dc/inc/dc_link_dp.h +++ b/sys/dev/pci/drm/amd/display/dc/inc/dc_link_dp.h @@ -82,6 +82,10 @@ bool perform_link_training_with_retries( enum amd_signal_type signal, bool do_fallback); +enum dc_status read_hpd_rx_irq_data( + struct dc_link *link, + union hpd_irq_data *irq_data); + bool hpd_rx_irq_check_link_loss_status( struct dc_link *link, union hpd_irq_data *hpd_irq_dpcd_data); diff --git a/sys/dev/pci/drm/amd/pm/swsmu/smu11/sienna_cichlid_ppt.c b/sys/dev/pci/drm/amd/pm/swsmu/smu11/sienna_cichlid_ppt.c index e381c289a..9e56f7f87 100644 --- a/sys/dev/pci/drm/amd/pm/swsmu/smu11/sienna_cichlid_ppt.c +++ b/sys/dev/pci/drm/amd/pm/swsmu/smu11/sienna_cichlid_ppt.c @@ -1927,12 +1927,16 @@ static int sienna_cichlid_read_sensor(struct smu_context *smu, *size = 4; break; case AMDGPU_PP_SENSOR_GFX_MCLK: - ret = sienna_cichlid_get_current_clk_freq_by_table(smu, SMU_UCLK, (uint32_t *)data); + ret = sienna_cichlid_get_smu_metrics_data(smu, + METRICS_CURR_UCLK, + (uint32_t *)data); *(uint32_t *)data *= 100; *size = 4; break; case AMDGPU_PP_SENSOR_GFX_SCLK: - ret = sienna_cichlid_get_current_clk_freq_by_table(smu, SMU_GFXCLK, (uint32_t *)data); + ret = sienna_cichlid_get_smu_metrics_data(smu, + METRICS_AVERAGE_GFXCLK, + (uint32_t *)data); *(uint32_t *)data *= 100; *size = 4; break; diff --git a/sys/dev/pci/drm/amd/pm/swsmu/smu13/smu_v13_0_7_ppt.c b/sys/dev/pci/drm/amd/pm/swsmu/smu13/smu_v13_0_7_ppt.c index 17a7b4823..165992dc1 100644 --- a/sys/dev/pci/drm/amd/pm/swsmu/smu13/smu_v13_0_7_ppt.c +++ b/sys/dev/pci/drm/amd/pm/swsmu/smu13/smu_v13_0_7_ppt.c @@ -940,7 +940,7 @@ static int smu_v13_0_7_read_sensor(struct smu_context *smu, break; case AMDGPU_PP_SENSOR_GFX_MCLK: ret = smu_v13_0_7_get_smu_metrics_data(smu, - METRICS_AVERAGE_UCLK, + METRICS_CURR_UCLK, (uint32_t *)data); *(uint32_t *)data *= 100; *size = 4; diff --git a/sys/dev/pci/drm/display/drm_dp_mst_topology.c b/sys/dev/pci/drm/display/drm_dp_mst_topology.c index 3c233f509..a0f8b0579 100644 --- a/sys/dev/pci/drm/display/drm_dp_mst_topology.c +++ b/sys/dev/pci/drm/display/drm_dp_mst_topology.c @@ -4063,17 +4063,28 @@ out: } /** - * drm_dp_mst_hpd_irq() - MST hotplug IRQ notify + * drm_dp_mst_hpd_irq_handle_event() - MST hotplug IRQ handle MST event * @mgr: manager to notify irq for. * @esi: 4 bytes from SINK_COUNT_ESI + * @ack: 4 bytes used to ack events starting from SINK_COUNT_ESI * @handled: whether the hpd interrupt was consumed or not * - * This should be called from the driver when it detects a short IRQ, + * This should be called from the driver when it detects a HPD IRQ, * along with the value of the DEVICE_SERVICE_IRQ_VECTOR_ESI0. The - * topology manager will process the sideband messages received as a result - * of this. + * topology manager will process the sideband messages received + * as indicated in the DEVICE_SERVICE_IRQ_VECTOR_ESI0 and set the + * corresponding flags that Driver has to ack the DP receiver later. + * + * Note that driver shall also call + * drm_dp_mst_hpd_irq_send_new_request() if the 'handled' is set + * after calling this function, to try to kick off a new request in + * the queue if the previous message transaction is completed. + * + * See also: + * drm_dp_mst_hpd_irq_send_new_request() */ -int drm_dp_mst_hpd_irq(struct drm_dp_mst_topology_mgr *mgr, u8 *esi, bool *handled) +int drm_dp_mst_hpd_irq_handle_event(struct drm_dp_mst_topology_mgr *mgr, const u8 *esi, + u8 *ack, bool *handled) { int ret = 0; int sc; @@ -4088,18 +4099,47 @@ int drm_dp_mst_hpd_irq(struct drm_dp_mst_topology_mgr *mgr, u8 *esi, bool *handl if (esi[1] & DP_DOWN_REP_MSG_RDY) { ret = drm_dp_mst_handle_down_rep(mgr); *handled = true; + ack[1] |= DP_DOWN_REP_MSG_RDY; } if (esi[1] & DP_UP_REQ_MSG_RDY) { ret |= drm_dp_mst_handle_up_req(mgr); *handled = true; + ack[1] |= DP_UP_REQ_MSG_RDY; } - drm_dp_mst_kick_tx(mgr); return ret; } -EXPORT_SYMBOL(drm_dp_mst_hpd_irq); +EXPORT_SYMBOL(drm_dp_mst_hpd_irq_handle_event); +/** + * drm_dp_mst_hpd_irq_send_new_request() - MST hotplug IRQ kick off new request + * @mgr: manager to notify irq for. + * + * This should be called from the driver when mst irq event is handled + * and acked. Note that new down request should only be sent when + * previous message transaction is completed. Source is not supposed to generate + * interleaved message transactions. + */ +void drm_dp_mst_hpd_irq_send_new_request(struct drm_dp_mst_topology_mgr *mgr) +{ + struct drm_dp_sideband_msg_tx *txmsg; + bool kick = true; + + mutex_lock(&mgr->qlock); + txmsg = list_first_entry_or_null(&mgr->tx_msg_downq, + struct drm_dp_sideband_msg_tx, next); + /* If last transaction is not completed yet*/ + if (!txmsg || + txmsg->state == DRM_DP_SIDEBAND_TX_START_SEND || + txmsg->state == DRM_DP_SIDEBAND_TX_SENT) + kick = false; + mutex_unlock(&mgr->qlock); + + if (kick) + drm_dp_mst_kick_tx(mgr); +} +EXPORT_SYMBOL(drm_dp_mst_hpd_irq_send_new_request); /** * drm_dp_mst_detect_port() - get connection status for an MST port * @connector: DRM connector for this port diff --git a/sys/dev/pci/drm/dma-resv.c b/sys/dev/pci/drm/dma-resv.c index 76da6c712..8461b4dde 100644 --- a/sys/dev/pci/drm/dma-resv.c +++ b/sys/dev/pci/drm/dma-resv.c @@ -572,6 +572,7 @@ int dma_resv_get_fences(struct dma_resv *obj, enum dma_resv_usage usage, dma_resv_for_each_fence_unlocked(&cursor, fence) { if (dma_resv_iter_is_restarted(&cursor)) { + struct dma_fence **new_fences; unsigned int count; while (*num_fences) @@ -581,9 +582,9 @@ int dma_resv_get_fences(struct dma_resv *obj, enum dma_resv_usage usage, /* Eventually re-allocate the array */ #ifdef __linux__ - *fences = krealloc_array(*fences, count, - sizeof(void *), - GFP_KERNEL); + new_fences = krealloc_array(*fences, count, + sizeof(void *), + GFP_KERNEL); #else nfences = kmalloc(count * sizeof(void *), GFP_KERNEL); @@ -592,13 +593,17 @@ int dma_resv_get_fences(struct dma_resv *obj, enum dma_resv_usage usage, (count - 1) * sizeof(void *)); if (nfences) { kfree(*fences); - *fences = nfences; + new_fences = nfences; } #endif - if (count && !*fences) { + if (count && !new_fences) { + kfree(*fences); + *fences = NULL; + *num_fences = 0; dma_resv_iter_end(&cursor); return -ENOMEM; } + *fences = new_fences; } (*fences)[(*num_fences)++] = dma_fence_get(fence); diff --git a/sys/dev/pci/drm/drm_client_modeset.c b/sys/dev/pci/drm/drm_client_modeset.c index cb1efe491..b06459d77 100644 --- a/sys/dev/pci/drm/drm_client_modeset.c +++ b/sys/dev/pci/drm/drm_client_modeset.c @@ -315,6 +315,9 @@ static bool drm_client_target_cloned(struct drm_device *dev, can_clone = true; dmt_mode = drm_mode_find_dmt(dev, 1024, 768, 60, false); + if (!dmt_mode) + goto fail; + for (i = 0; i < connector_count; i++) { if (!enabled[i]) continue; @@ -330,11 +333,13 @@ static bool drm_client_target_cloned(struct drm_device *dev, if (!modes[i]) can_clone = false; } + kfree(dmt_mode); if (can_clone) { DRM_DEBUG_KMS("can clone using 1024x768\n"); return true; } +fail: DRM_INFO("kms: can't enable cloning when we probably wanted to.\n"); return false; } @@ -876,6 +881,7 @@ int drm_client_modeset_probe(struct drm_client_dev *client, unsigned int width, break; } + kfree(modeset->mode); modeset->mode = drm_mode_duplicate(dev, mode); drm_connector_get(connector); modeset->connectors[modeset->num_connectors++] = connector; diff --git a/sys/dev/pci/drm/i915/display/intel_display.c b/sys/dev/pci/drm/i915/display/intel_display.c index 1acfc87e6..887a9a5df 100644 --- a/sys/dev/pci/drm/i915/display/intel_display.c +++ b/sys/dev/pci/drm/i915/display/intel_display.c @@ -7396,7 +7396,6 @@ static void intel_atomic_commit_fence_wait(struct intel_atomic_state *intel_stat struct wait_queue_entry wait_fence, wait_reset; struct drm_i915_private *dev_priv = to_i915(intel_state->base.dev); -#ifdef notyet init_wait_entry(&wait_fence, 0); init_wait_entry(&wait_reset, 0); for (;;) { @@ -7417,22 +7416,6 @@ static void intel_atomic_commit_fence_wait(struct intel_atomic_state *intel_stat finish_wait(bit_waitqueue(&to_gt(dev_priv)->reset.flags, I915_RESET_MODESET), &wait_reset); -#else - /* XXX above recurses sch_mtx */ - init_wait_entry(&wait_fence, 0); - for (;;) { - prepare_to_wait(&intel_state->commit_ready.wait, - &wait_fence, TASK_UNINTERRUPTIBLE); - - - if (i915_sw_fence_done(&intel_state->commit_ready) || - test_bit(I915_RESET_MODESET, &to_gt(dev_priv)->reset.flags)) - break; - - schedule(); - } - finish_wait(&intel_state->commit_ready.wait, &wait_fence); -#endif } static void intel_cleanup_dsbs(struct intel_atomic_state *state) diff --git a/sys/dev/pci/drm/i915/display/intel_dp.c b/sys/dev/pci/drm/i915/display/intel_dp.c index dd636c23a..68c069279 100644 --- a/sys/dev/pci/drm/i915/display/intel_dp.c +++ b/sys/dev/pci/drm/i915/display/intel_dp.c @@ -3804,9 +3804,7 @@ intel_dp_mst_hpd_irq(struct intel_dp *intel_dp, u8 *esi, u8 *ack) { bool handled = false; - drm_dp_mst_hpd_irq(&intel_dp->mst_mgr, esi, &handled); - if (handled) - ack[1] |= esi[1] & (DP_DOWN_REP_MSG_RDY | DP_UP_REQ_MSG_RDY); + drm_dp_mst_hpd_irq_handle_event(&intel_dp->mst_mgr, esi, ack, &handled); if (esi[1] & DP_CP_IRQ) { intel_hdcp_handle_cp_irq(intel_dp->attached_connector); @@ -3881,6 +3879,9 @@ intel_dp_check_mst_status(struct intel_dp *intel_dp) if (!intel_dp_ack_sink_irq_esi(intel_dp, ack)) drm_dbg_kms(&i915->drm, "Failed to ack ESI\n"); + + if (ack[1] & (DP_DOWN_REP_MSG_RDY | DP_UP_REQ_MSG_RDY)) + drm_dp_mst_hpd_irq_send_new_request(&intel_dp->mst_mgr); } return link_ok; diff --git a/sys/dev/pci/drm/include/drm/display/drm_dp_mst_helper.h b/sys/dev/pci/drm/include/drm/display/drm_dp_mst_helper.h index 8622e3c8f..a7073bde4 100644 --- a/sys/dev/pci/drm/include/drm/display/drm_dp_mst_helper.h +++ b/sys/dev/pci/drm/include/drm/display/drm_dp_mst_helper.h @@ -815,8 +815,11 @@ void drm_dp_mst_topology_mgr_destroy(struct drm_dp_mst_topology_mgr *mgr); bool drm_dp_read_mst_cap(struct drm_dp_aux *aux, const u8 dpcd[DP_RECEIVER_CAP_SIZE]); int drm_dp_mst_topology_mgr_set_mst(struct drm_dp_mst_topology_mgr *mgr, bool mst_state); -int drm_dp_mst_hpd_irq(struct drm_dp_mst_topology_mgr *mgr, u8 *esi, bool *handled); - +int drm_dp_mst_hpd_irq_handle_event(struct drm_dp_mst_topology_mgr *mgr, + const u8 *esi, + u8 *ack, + bool *handled); +void drm_dp_mst_hpd_irq_send_new_request(struct drm_dp_mst_topology_mgr *mgr); int drm_dp_mst_detect_port(struct drm_connector *connector, diff --git a/sys/dev/pci/drm/include/linux/wait.h b/sys/dev/pci/drm/include/linux/wait.h index 6ac025d07..d3bcbd2ac 100644 --- a/sys/dev/pci/drm/include/linux/wait.h +++ b/sys/dev/pci/drm/include/linux/wait.h @@ -1,4 +1,4 @@ -/* $OpenBSD: wait.h,v 1.10 2023/07/18 06:58:59 claudio Exp $ */ +/* $OpenBSD: wait.h,v 1.11 2023/07/28 09:46:13 claudio Exp $ */ /* * Copyright (c) 2013, 2014, 2015 Mark Kettenis * Copyright (c) 2017 Martin Pieuchot @@ -159,11 +159,37 @@ do { \ __ret; \ }) +#define __wait_event_intr_locked(wqh, condition) \ +({ \ + struct wait_queue_entry __wq_entry; \ + int __error; \ + \ + init_wait_entry(&__wq_entry, 0); \ + do { \ + KASSERT(!cold); \ + \ + if (list_empty(&__wq_entry.entry)) \ + __add_wait_queue_entry_tail(&wqh, &__wq_entry); \ + set_current_state(TASK_INTERRUPTIBLE); \ + \ + mtx_leave(&(wqh).lock); \ + __error = sleep_finish(0, 1); \ + mtx_enter(&(wqh).lock); \ + if (__error == ERESTART || __error == EINTR) { \ + __error = -ERESTARTSYS; \ + break; \ + } \ + } while (!(condition)); \ + __remove_wait_queue(&(wqh), &__wq_entry); \ + __set_current_state(TASK_RUNNING); \ + __error; \ +}) + #define wait_event_interruptible_locked(wqh, condition) \ ({ \ int __ret = 0; \ if (!(condition)) \ - __ret = __wait_event_intr_timeout(wqh, condition, 0, PCATCH); \ + __ret = __wait_event_intr_locked(wqh, condition); \ __ret; \ }) diff --git a/sys/dev/pci/drm/radeon/radeon_cs.c b/sys/dev/pci/drm/radeon/radeon_cs.c index 820d50c3c..a185e1f00 100644 --- a/sys/dev/pci/drm/radeon/radeon_cs.c +++ b/sys/dev/pci/drm/radeon/radeon_cs.c @@ -274,7 +274,8 @@ int radeon_cs_parser_init(struct radeon_cs_parser *p, void *data) { struct drm_radeon_cs *cs = data; uint64_t *chunk_array_ptr; - unsigned size, i; + u64 size; + unsigned i; u32 ring = RADEON_CS_RING_GFX; s32 priority = 0; diff --git a/sys/dev/pci/drm/ttm/ttm_resource.c b/sys/dev/pci/drm/ttm/ttm_resource.c index 8b31e8d20..802a724f6 100644 --- a/sys/dev/pci/drm/ttm/ttm_resource.c +++ b/sys/dev/pci/drm/ttm/ttm_resource.c @@ -85,6 +85,8 @@ static void ttm_lru_bulk_move_pos_tail(struct ttm_lru_bulk_move_pos *pos, struct ttm_resource *res) { if (pos->last != res) { + if (pos->first == res) + pos->first = list_next_entry(res, lru); list_move(&res->lru, &pos->last->lru); pos->last = res; } @@ -110,7 +112,8 @@ static void ttm_lru_bulk_move_del(struct ttm_lru_bulk_move *bulk, { struct ttm_lru_bulk_move_pos *pos = ttm_lru_bulk_move_pos(bulk, res); - if (unlikely(pos->first == res && pos->last == res)) { + if (unlikely(WARN_ON(!pos->first || !pos->last) || + (pos->first == res && pos->last == res))) { pos->first = NULL; pos->last = NULL; } else if (pos->first == res) { diff --git a/sys/dev/pci/if_ix.c b/sys/dev/pci/if_ix.c index 3610ed92a..e2a5edc85 100644 --- a/sys/dev/pci/if_ix.c +++ b/sys/dev/pci/if_ix.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_ix.c,v 1.200 2023/07/18 16:01:20 bluhm Exp $ */ +/* $OpenBSD: if_ix.c,v 1.202 2023/07/28 20:25:08 bluhm Exp $ */ /****************************************************************************** @@ -3225,30 +3225,27 @@ ixgbe_rxeof(struct rx_ring *rxr) sendmp = rxbuf->fmp; rxbuf->buf = rxbuf->fmp = NULL; - if (sendmp != NULL) { /* secondary frag */ - sendmp->m_pkthdr.len += mp->m_len; - - /* - * This function iterates over interleaved descriptors. - * Thus, we reuse ph_mss as global segment counter per - * TCP connection, instead of introducing a new variable - * in m_pkthdr. - */ - if (rsccnt) - sendmp->m_pkthdr.ph_mss += rsccnt - 1; - } else { + if (sendmp == NULL) { /* first desc of a non-ps chain */ sendmp = mp; - sendmp->m_pkthdr.len = mp->m_len; - if (rsccnt) - sendmp->m_pkthdr.ph_mss = rsccnt - 1; + sendmp->m_pkthdr.len = 0; + sendmp->m_pkthdr.ph_mss = 0; #if NVLAN > 0 if (sc->vlan_stripping && staterr & IXGBE_RXD_STAT_VP) { sendmp->m_pkthdr.ether_vtag = vtag; - sendmp->m_flags |= M_VLANTAG; + SET(sendmp->m_flags, M_VLANTAG); } #endif } + sendmp->m_pkthdr.len += mp->m_len; + /* + * This function iterates over interleaved descriptors. + * Thus, we reuse ph_mss as global segment counter per + * TCP connection, instead of introducing a new variable + * in m_pkthdr. + */ + if (rsccnt) + sendmp->m_pkthdr.ph_mss += rsccnt - 1; /* Pass the head pointer on */ if (eop == 0) { @@ -3275,6 +3272,10 @@ ixgbe_rxeof(struct rx_ring *rxr) /* Calculate header size. */ ether_extract_headers(sendmp, &ext); hdrlen = sizeof(*ext.eh); +#if NVLAN > 0 + if (ext.evh) + hdrlen += ETHER_VLAN_ENCAP_LEN; +#endif if (ext.ip4) hdrlen += ext.ip4->ip_hl << 2; if (ext.ip6) @@ -3292,7 +3293,8 @@ ixgbe_rxeof(struct rx_ring *rxr) * mark it as TSO, set a correct mss, * and recalculate the TCP checksum. */ - paylen = sendmp->m_pkthdr.len - hdrlen; + paylen = sendmp->m_pkthdr.len > hdrlen ? + sendmp->m_pkthdr.len - hdrlen : 0; if (ext.tcp && paylen >= pkts) { SET(sendmp->m_pkthdr.csum_flags, M_TCP_TSO); diff --git a/sys/dev/pv/if_vio.c b/sys/dev/pv/if_vio.c index b926725a8..28df941e0 100644 --- a/sys/dev/pv/if_vio.c +++ b/sys/dev/pv/if_vio.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_vio.c,v 1.24 2023/07/03 07:40:52 kn Exp $ */ +/* $OpenBSD: if_vio.c,v 1.25 2023/07/28 16:54:48 dv Exp $ */ /* * Copyright (c) 2012 Stefan Fritsch, Alexander Fiveg. @@ -529,7 +529,7 @@ vio_attach(struct device *parent, struct device *self, void *aux) vsc->sc_child = self; vsc->sc_ipl = IPL_NET; vsc->sc_vqs = &sc->sc_vq[0]; - vsc->sc_config_change = 0; + vsc->sc_config_change = NULL; vsc->sc_driver_features = VIRTIO_NET_F_MAC | VIRTIO_NET_F_STATUS | VIRTIO_NET_F_CTRL_VQ | VIRTIO_NET_F_CTRL_RX | VIRTIO_NET_F_MRG_RXBUF | VIRTIO_NET_F_CSUM | diff --git a/sys/dev/pv/vioblk.c b/sys/dev/pv/vioblk.c index 2a8d26778..05ecc7565 100644 --- a/sys/dev/pv/vioblk.c +++ b/sys/dev/pv/vioblk.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vioblk.c,v 1.36 2023/05/29 08:13:35 sf Exp $ */ +/* $OpenBSD: vioblk.c,v 1.37 2023/07/28 16:54:48 dv Exp $ */ /* * Copyright (c) 2012 Stefan Fritsch. @@ -174,7 +174,7 @@ vioblk_attach(struct device *parent, struct device *self, void *aux) vsc->sc_vqs = &sc->sc_vq[0]; vsc->sc_nvqs = 1; - vsc->sc_config_change = 0; + vsc->sc_config_change = NULL; if (vsc->sc_child) panic("already attached to something else"); vsc->sc_child = self; diff --git a/sys/dev/pv/viocon.c b/sys/dev/pv/viocon.c index 4d154c34b..313d3acf7 100644 --- a/sys/dev/pv/viocon.c +++ b/sys/dev/pv/viocon.c @@ -1,4 +1,4 @@ -/* $OpenBSD: viocon.c,v 1.9 2023/05/29 08:13:35 sf Exp $ */ +/* $OpenBSD: viocon.c,v 1.10 2023/07/28 16:54:48 dv Exp $ */ /* * Copyright (c) 2013-2015 Stefan Fritsch @@ -180,7 +180,7 @@ viocon_attach(struct device *parent, struct device *self, void *aux) panic("already attached to something else"); vsc->sc_child = self; vsc->sc_ipl = IPL_TTY; - vsc->sc_config_change = 0; + vsc->sc_config_change = NULL; sc->sc_virtio = vsc; sc->sc_max_ports = maxports; diff --git a/sys/dev/pv/viornd.c b/sys/dev/pv/viornd.c index eb129743b..5f5dfac75 100644 --- a/sys/dev/pv/viornd.c +++ b/sys/dev/pv/viornd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: viornd.c,v 1.6 2023/05/29 08:13:35 sf Exp $ */ +/* $OpenBSD: viornd.c,v 1.7 2023/07/28 16:54:48 dv Exp $ */ /* * Copyright (c) 2014 Stefan Fritsch @@ -88,7 +88,7 @@ viornd_attach(struct device *parent, struct device *self, void *aux) vsc->sc_vqs = &sc->sc_vq; vsc->sc_nvqs = 1; - vsc->sc_config_change = 0; + vsc->sc_config_change = NULL; if (vsc->sc_child != NULL) panic("already attached to something else"); vsc->sc_child = self; diff --git a/sys/kern/kern_clockintr.c b/sys/kern/kern_clockintr.c index 9a9d912f1..0853b10d7 100644 --- a/sys/kern/kern_clockintr.c +++ b/sys/kern/kern_clockintr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_clockintr.c,v 1.28 2023/07/25 18:16:19 cheloha Exp $ */ +/* $OpenBSD: kern_clockintr.c,v 1.29 2023/07/27 17:52:53 cheloha Exp $ */ /* * Copyright (c) 2003 Dale Rahn * Copyright (c) 2020 Mark Kettenis @@ -24,7 +24,9 @@ #include #include #include +#include #include +#include #include #include #include @@ -104,6 +106,7 @@ clockintr_cpu_init(const struct intrclock *ic) uint64_t multiplier = 0; struct cpu_info *ci = curcpu(); struct clockintr_queue *cq = &ci->ci_queue; + struct schedstate_percpu *spc = &ci->ci_schedstate; int reset_cq_intrclock = 0; KASSERT(ISSET(clockintr_flags, CL_INIT)); @@ -189,6 +192,15 @@ clockintr_cpu_init(const struct intrclock *ic) clockintr_advance(cq->cq_schedclock, schedclock_period); } + /* + * XXX Need to find a better place to do this. We can't do it in + * sched_init_cpu() because initclocks() runs after it. + */ + if (spc->spc_profclock->cl_expiration == 0) { + clockintr_stagger(spc->spc_profclock, profclock_period, + multiplier, MAXCPUS); + } + if (reset_cq_intrclock) SET(cq->cq_flags, CQ_INTRCLOCK); } diff --git a/sys/kern/kern_sched.c b/sys/kern/kern_sched.c index e1fb8c4fb..61399e6f3 100644 --- a/sys/kern/kern_sched.c +++ b/sys/kern/kern_sched.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_sched.c,v 1.80 2023/07/25 18:16:19 cheloha Exp $ */ +/* $OpenBSD: kern_sched.c,v 1.81 2023/07/27 17:52:53 cheloha Exp $ */ /* * Copyright (c) 2007, 2008 Artur Grabowski * @@ -92,8 +92,6 @@ sched_init_cpu(struct cpu_info *ci) profclock); if (spc->spc_profclock == NULL) panic("%s: clockintr_establish profclock", __func__); - clockintr_stagger(spc->spc_profclock, profclock_period, - CPU_INFO_UNIT(ci), MAXCPUS); } kthread_create_deferred(sched_kthreads_create, ci); diff --git a/sys/kern/kern_task.c b/sys/kern/kern_task.c index 71de6dc90..38ba22f03 100644 --- a/sys/kern/kern_task.c +++ b/sys/kern/kern_task.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_task.c,v 1.33 2022/08/15 11:38:35 mvs Exp $ */ +/* $OpenBSD: kern_task.c,v 1.34 2023/07/29 06:52:08 anton Exp $ */ /* * Copyright (c) 2013 David Gwynne @@ -363,7 +363,8 @@ task_add(struct taskq *tq, struct task *w) SET(w->t_flags, TASK_ONQUEUE); TAILQ_INSERT_TAIL(&tq->tq_worklist, w, t_entry); #if NKCOV > 0 - w->t_process = curproc->p_p; + if (!kcov_cold) + w->t_process = curproc->p_p; #endif } mtx_leave(&tq->tq_mtx); diff --git a/sys/kern/kern_timeout.c b/sys/kern/kern_timeout.c index b17f17ca1..2ab430ad1 100644 --- a/sys/kern/kern_timeout.c +++ b/sys/kern/kern_timeout.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_timeout.c,v 1.94 2023/07/14 07:07:08 claudio Exp $ */ +/* $OpenBSD: kern_timeout.c,v 1.95 2023/07/29 06:52:08 anton Exp $ */ /* * Copyright (c) 2001 Thomas Nordin * Copyright (c) 2000-2001 Artur Grabowski @@ -307,7 +307,8 @@ timeout_add(struct timeout *new, int to_ticks) CIRCQ_INSERT_TAIL(&timeout_new, &new->to_list); } #if NKCOV > 0 - new->to_process = curproc->p_p; + if (!kcov_cold) + new->to_process = curproc->p_p; #endif tostat.tos_added++; mtx_leave(&timeout_mutex); @@ -406,7 +407,8 @@ timeout_abs_ts(struct timeout *to, const struct timespec *abstime) CIRCQ_INSERT_TAIL(&timeout_new, &to->to_list); } #if NKCOV > 0 - to->to_process = curproc->p_p; + if (!kcov_cold) + to->to_process = curproc->p_p; #endif tostat.tos_added++; diff --git a/sys/net/if_ethersubr.c b/sys/net/if_ethersubr.c index 20f7a9aee..a77a0d654 100644 --- a/sys/net/if_ethersubr.c +++ b/sys/net/if_ethersubr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_ethersubr.c,v 1.290 2023/07/06 19:46:53 kn Exp $ */ +/* $OpenBSD: if_ethersubr.c,v 1.291 2023/07/27 20:21:25 jan Exp $ */ /* $NetBSD: if_ethersubr.c,v 1.19 1996/05/07 02:40:30 thorpej Exp $ */ /* @@ -1040,6 +1040,7 @@ ether_extract_headers(struct mbuf *mp, struct ether_extracted *ext) uint64_t hlen; int hoff; uint8_t ipproto; + uint16_t ether_type; /* Return NULL if header was not recognized. */ memset(ext, 0, sizeof(*ext)); @@ -1048,9 +1049,20 @@ ether_extract_headers(struct mbuf *mp, struct ether_extracted *ext) return; ext->eh = mtod(mp, struct ether_header *); - switch (ntohs(ext->eh->ether_type)) { + ether_type = ntohs(ext->eh->ether_type); + hlen = sizeof(*ext->eh); + +#if NVLAN > 0 + if (ether_type == ETHERTYPE_VLAN) { + ext->evh = mtod(mp, struct ether_vlan_header *); + ether_type = ntohs(ext->evh->evl_proto); + hlen = sizeof(*ext->evh); + } +#endif + + switch (ether_type) { case ETHERTYPE_IP: - m = m_getptr(mp, sizeof(*ext->eh), &hoff); + m = m_getptr(mp, hlen, &hoff); if (m == NULL || m->m_len - hoff < sizeof(*ext->ip4)) return; ext->ip4 = (struct ip *)(mtod(m, caddr_t) + hoff); @@ -1064,7 +1076,7 @@ ether_extract_headers(struct mbuf *mp, struct ether_extracted *ext) break; #ifdef INET6 case ETHERTYPE_IPV6: - m = m_getptr(mp, sizeof(*ext->eh), &hoff); + m = m_getptr(mp, hlen, &hoff); if (m == NULL || m->m_len - hoff < sizeof(*ext->ip6)) return; ext->ip6 = (struct ip6_hdr *)(mtod(m, caddr_t) + hoff); diff --git a/sys/net/rtsock.c b/sys/net/rtsock.c index 0622f40bb..d7c5763df 100644 --- a/sys/net/rtsock.c +++ b/sys/net/rtsock.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rtsock.c,v 1.367 2023/06/26 07:52:18 claudio Exp $ */ +/* $OpenBSD: rtsock.c,v 1.369 2023/07/28 09:33:16 mvs Exp $ */ /* $NetBSD: rtsock.c,v 1.18 1996/03/29 00:32:10 cgd Exp $ */ /* @@ -690,7 +690,7 @@ route_output(struct mbuf *m, struct socket *so) u_char vers, type; if (m == NULL || ((m->m_len < sizeof(int32_t)) && - (m = m_pullup(m, sizeof(int32_t))) == 0)) + (m = m_pullup(m, sizeof(int32_t))) == NULL)) return (ENOBUFS); if ((m->m_flags & M_PKTHDR) == 0) panic("route_output"); @@ -705,7 +705,8 @@ route_output(struct mbuf *m, struct socket *so) sounlock(so); len = m->m_pkthdr.len; - if (len < offsetof(struct rt_msghdr, rtm_hdrlen) + 1 || + if (len < offsetof(struct rt_msghdr, rtm_hdrlen) + + sizeof(rtm->rtm_hdrlen) || len != mtod(m, struct rt_msghdr *)->rtm_msglen) { error = EINVAL; goto fail; diff --git a/sys/netinet/if_ether.h b/sys/netinet/if_ether.h index 9ff5baeae..ed28944e7 100644 --- a/sys/netinet/if_ether.h +++ b/sys/netinet/if_ether.h @@ -1,4 +1,4 @@ -/* $OpenBSD: if_ether.h,v 1.89 2023/07/06 19:46:53 kn Exp $ */ +/* $OpenBSD: if_ether.h,v 1.90 2023/07/27 20:21:25 jan Exp $ */ /* $NetBSD: if_ether.h,v 1.22 1996/05/11 13:00:00 mycroft Exp $ */ /* @@ -301,11 +301,12 @@ uint64_t ether_addr_to_e64(const struct ether_addr *); void ether_e64_to_addr(struct ether_addr *, uint64_t); struct ether_extracted { - struct ether_header *eh; - struct ip *ip4; - struct ip6_hdr *ip6; - struct tcphdr *tcp; - struct udphdr *udp; + struct ether_header *eh; + struct ether_vlan_header *evh; + struct ip *ip4; + struct ip6_hdr *ip6; + struct tcphdr *tcp; + struct udphdr *udp; }; void ether_extract_headers(struct mbuf *, struct ether_extracted *); diff --git a/sys/netinet6/nd6_nbr.c b/sys/netinet6/nd6_nbr.c index 30b8ffedb..92cc4e330 100644 --- a/sys/netinet6/nd6_nbr.c +++ b/sys/netinet6/nd6_nbr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: nd6_nbr.c,v 1.149 2023/05/07 16:23:24 bluhm Exp $ */ +/* $OpenBSD: nd6_nbr.c,v 1.150 2023/07/29 15:59:27 krw Exp $ */ /* $KAME: nd6_nbr.c,v 1.61 2001/02/10 16:06:14 jinmei Exp $ */ /* @@ -1160,8 +1160,7 @@ nd6_dad_timer(void *xifa) { struct ifaddr *ifa = xifa; struct in6_ifaddr *ia6 = ifatoia6(ifa); - struct in6_addr taddr6 = ia6->ia_addr.sin6_addr; - struct in6_addr daddr6; + struct in6_addr daddr6, taddr6; struct ifnet *ifp = ifa->ifa_ifp; struct dadq *dp; char addr[INET6_ADDRSTRLEN]; @@ -1173,6 +1172,7 @@ nd6_dad_timer(void *xifa) log(LOG_ERR, "%s: called with null parameter\n", __func__); goto done; } + taddr6 = ia6->ia_addr.sin6_addr; dp = nd6_dad_find(ifa); if (dp == NULL) { log(LOG_ERR, "%s: DAD structure not found\n", __func__); diff --git a/sys/sys/kcov.h b/sys/sys/kcov.h index 2c357f885..e92aa0abe 100644 --- a/sys/sys/kcov.h +++ b/sys/sys/kcov.h @@ -1,4 +1,4 @@ -/* $OpenBSD: kcov.h,v 1.8 2021/12/29 07:15:13 anton Exp $ */ +/* $OpenBSD: kcov.h,v 1.9 2023/07/29 06:52:08 anton Exp $ */ /* * Copyright (c) 2018 Anton Lindqvist @@ -41,6 +41,8 @@ struct kio_remote_attach { struct proc; +extern int kcov_cold; + void kcov_exit(struct proc *); int kcov_vnode(struct vnode *); void kcov_remote_register(int, void *); diff --git a/usr.bin/openssl/enc.c b/usr.bin/openssl/enc.c index 00ae0e1b7..41732fd05 100644 --- a/usr.bin/openssl/enc.c +++ b/usr.bin/openssl/enc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: enc.c,v 1.30 2023/06/11 12:06:08 tb Exp $ */ +/* $OpenBSD: enc.c,v 1.31 2023/07/29 17:15:45 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -59,16 +59,14 @@ #include #include #include +#include #include "apps.h" #include -#include #include #include #include -#include -#include int set_hex(char *in, unsigned char *out, int size); diff --git a/usr.bin/ssh/auth2-pubkey.c b/usr.bin/ssh/auth2-pubkey.c index a507dca4b..1e536b1c6 100644 --- a/usr.bin/ssh/auth2-pubkey.c +++ b/usr.bin/ssh/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.118 2023/02/17 04:22:50 dtucker Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.119 2023/07/27 22:25:17 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2010 Damien Miller. All rights reserved. @@ -337,8 +337,8 @@ match_principals_file(struct passwd *pw, char *file, * returns 1 if the principal is allowed or 0 otherwise. */ static int -match_principals_command(struct passwd *user_pw, - const struct sshkey *key, struct sshauthopt **authoptsp) +match_principals_command(struct passwd *user_pw, const struct sshkey *key, + const char *conn_id, const char *rdomain, struct sshauthopt **authoptsp) { struct passwd *runas_pw = NULL; const struct sshkey_cert *cert = key->cert; @@ -413,6 +413,8 @@ match_principals_command(struct passwd *user_pw, (unsigned long long)user_pw->pw_uid); for (i = 1; i < ac; i++) { tmp = percent_expand(av[i], + "C", conn_id, + "D", rdomain, "U", uidstr, "u", user_pw->pw_name, "h", user_pw->pw_dir, @@ -474,7 +476,7 @@ match_principals_command(struct passwd *user_pw, static int user_cert_trusted_ca(struct passwd *pw, struct sshkey *key, const char *remote_ip, const char *remote_host, - struct sshauthopt **authoptsp) + const char *conn_id, const char *rdomain, struct sshauthopt **authoptsp) { char *ca_fp, *principals_file = NULL; const char *reason; @@ -511,7 +513,7 @@ user_cert_trusted_ca(struct passwd *pw, struct sshkey *key, } /* Try querying command if specified */ if (!found_principal && match_principals_command(pw, key, - &principals_opts)) + conn_id, rdomain, &principals_opts)) found_principal = 1; /* If principals file or command is specified, then require a match */ use_authorized_principals = principals_file != NULL || @@ -610,7 +612,7 @@ user_key_allowed2(struct passwd *pw, struct sshkey *key, static int user_key_command_allowed2(struct passwd *user_pw, struct sshkey *key, const char *remote_ip, const char *remote_host, - struct sshauthopt **authoptsp) + const char *conn_id, const char *rdomain, struct sshauthopt **authoptsp) { struct passwd *runas_pw = NULL; FILE *f = NULL; @@ -672,6 +674,8 @@ user_key_command_allowed2(struct passwd *user_pw, struct sshkey *key, (unsigned long long)user_pw->pw_uid); for (i = 1; i < ac; i++) { tmp = percent_expand(av[i], + "C", conn_id, + "D", rdomain, "U", uidstr, "u", user_pw->pw_name, "h", user_pw->pw_dir, @@ -746,11 +750,9 @@ user_key_allowed(struct ssh *ssh, struct passwd *pw, struct sshkey *key, int auth_attempt, struct sshauthopt **authoptsp) { u_int success = 0, i; - char *file; + char *file, *conn_id; struct sshauthopt *opts = NULL; - const char *remote_ip = ssh_remote_ipaddr(ssh); - const char *remote_host = auth_get_canonical_hostname(ssh, - options.use_dns); + const char *rdomain, *remote_ip, *remote_host; if (authoptsp != NULL) *authoptsp = NULL; @@ -761,6 +763,14 @@ user_key_allowed(struct ssh *ssh, struct passwd *pw, struct sshkey *key, auth_key_is_revoked(key->cert->signature_key)) return 0; + if ((rdomain = ssh_packet_rdomain_in(ssh)) == NULL) + rdomain = ""; + remote_ip = ssh_remote_ipaddr(ssh); + remote_host = auth_get_canonical_hostname(ssh, options.use_dns); + xasprintf(&conn_id, "%s %d %s %d", + ssh_local_ipaddr(ssh), ssh_local_port(ssh), + remote_ip, ssh_remote_port(ssh)); + for (i = 0; !success && i < options.num_authkeys_files; i++) { if (strcasecmp(options.authorized_keys_files[i], "none") == 0) continue; @@ -778,18 +788,19 @@ user_key_allowed(struct ssh *ssh, struct passwd *pw, struct sshkey *key, goto out; if ((success = user_cert_trusted_ca(pw, key, remote_ip, remote_host, - &opts)) != 0) + conn_id, rdomain, &opts)) != 0) goto out; sshauthopt_free(opts); opts = NULL; if ((success = user_key_command_allowed2(pw, key, remote_ip, - remote_host, &opts)) != 0) + remote_host, conn_id, rdomain, &opts)) != 0) goto out; sshauthopt_free(opts); opts = NULL; out: + free(conn_id); if (success && authoptsp != NULL) { *authoptsp = opts; opts = NULL; diff --git a/usr.bin/ssh/ssh-pkcs11.c b/usr.bin/ssh/ssh-pkcs11.c index e9aada6b8..0576b1c13 100644 --- a/usr.bin/ssh/ssh-pkcs11.c +++ b/usr.bin/ssh/ssh-pkcs11.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-pkcs11.c,v 1.58 2023/07/19 14:02:27 djm Exp $ */ +/* $OpenBSD: ssh-pkcs11.c,v 1.59 2023/07/27 22:26:49 djm Exp $ */ /* * Copyright (c) 2010 Markus Friedl. All rights reserved. * Copyright (c) 2014 Pedro Martelletto. All rights reserved. @@ -612,19 +612,22 @@ pkcs11_ecdsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx, } /* remove trailing spaces */ -static void +static char * rmspace(u_char *buf, size_t len) { size_t i; - if (!len) - return; - for (i = len - 1; i > 0; i--) - if (i == len - 1 || buf[i] == ' ') + if (len == 0) + return buf; + for (i = len - 1; i > 0; i--) + if (buf[i] == ' ') buf[i] = '\0'; else break; + return buf; } +/* Used to printf fixed-width, space-padded, unterminated strings using %.*s */ +#define RMSPACE(s) (int)sizeof(s), rmspace(s, sizeof(s)) /* * open a pkcs11 session and login if required. @@ -1539,15 +1542,13 @@ pkcs11_register_provider(char *provider_id, char *pin, provider_id, rv); goto fail; } - rmspace(p->info.manufacturerID, sizeof(p->info.manufacturerID)); - rmspace(p->info.libraryDescription, sizeof(p->info.libraryDescription)); - debug("provider %s: manufacturerID <%s> cryptokiVersion %d.%d" - " libraryDescription <%s> libraryVersion %d.%d", + debug("provider %s: manufacturerID <%.*s> cryptokiVersion %d.%d" + " libraryDescription <%.*s> libraryVersion %d.%d", provider_id, - p->info.manufacturerID, + RMSPACE(p->info.manufacturerID), p->info.cryptokiVersion.major, p->info.cryptokiVersion.minor, - p->info.libraryDescription, + RMSPACE(p->info.libraryDescription), p->info.libraryVersion.major, p->info.libraryVersion.minor); if ((rv = f->C_GetSlotList(CK_TRUE, NULL, &p->nslots)) != CKR_OK) { @@ -1582,15 +1583,13 @@ pkcs11_register_provider(char *provider_id, char *pin, "provider %s slot %lu", provider_id, (u_long)i); continue; } - rmspace(token->label, sizeof(token->label)); - rmspace(token->manufacturerID, sizeof(token->manufacturerID)); - rmspace(token->model, sizeof(token->model)); - rmspace(token->serialNumber, sizeof(token->serialNumber)); - debug("provider %s slot %lu: label <%s> manufacturerID <%s> " - "model <%s> serial <%s> flags 0x%lx", + debug("provider %s slot %lu: label <%.*s> " + "manufacturerID <%.*s> model <%.*s> serial <%.*s> " + "flags 0x%lx", provider_id, (unsigned long)i, - token->label, token->manufacturerID, token->model, - token->serialNumber, token->flags); + RMSPACE(token->label), RMSPACE(token->manufacturerID), + RMSPACE(token->model), RMSPACE(token->serialNumber), + token->flags); /* * open session, login with pin and retrieve public * keys (if keyp is provided) diff --git a/usr.bin/ssh/sshd_config.5 b/usr.bin/ssh/sshd_config.5 index f7cc6f1b6..dd6245966 100644 --- a/usr.bin/ssh/sshd_config.5 +++ b/usr.bin/ssh/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.348 2023/03/03 04:36:20 djm Exp $ -.Dd $Mdocdate: March 3 2023 $ +.\" $OpenBSD: sshd_config.5,v 1.350 2023/07/28 05:42:36 jmc Exp $ +.Dd $Mdocdate: July 28 2023 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -1998,6 +1998,10 @@ which are expanded at runtime: .It %% A literal .Sq % . +.It \&%C +Identifies the connection endpoints, containing +four space-separated values: client address, client port number, +server address, and server port number. .It \&%D The routing domain in which the incoming connection was received. .It %F @@ -2025,13 +2029,13 @@ The username. .El .Pp .Cm AuthorizedKeysCommand -accepts the tokens %%, %f, %h, %k, %t, %U, and %u. +accepts the tokens %%, %C, %D, %f, %h, %k, %t, %U, and %u. .Pp .Cm AuthorizedKeysFile accepts the tokens %%, %h, %U, and %u. .Pp .Cm AuthorizedPrincipalsCommand -accepts the tokens %%, %F, %f, %h, %i, %K, %k, %s, %T, %t, %U, and %u. +accepts the tokens %%, %C, %D, %F, %f, %h, %i, %K, %k, %s, %T, %t, %U, and %u. .Pp .Cm AuthorizedPrincipalsFile accepts the tokens %%, %h, %U, and %u. diff --git a/usr.bin/ssh/sshkey.c b/usr.bin/ssh/sshkey.c index 3b07c92de..ff58b1bd1 100644 --- a/usr.bin/ssh/sshkey.c +++ b/usr.bin/ssh/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.136 2023/06/21 05:10:26 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.137 2023/07/27 22:23:05 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -68,7 +68,7 @@ #define AUTH_MAGIC "openssh-key-v1" #define SALT_LEN 16 #define DEFAULT_CIPHERNAME "aes256-ctr" -#define DEFAULT_ROUNDS 16 +#define DEFAULT_ROUNDS 24 /* Version identification string for SSH v1 identity files. */ #define LEGACY_BEGIN "SSH PRIVATE KEY FILE FORMAT 1.1\n" diff --git a/usr.sbin/rpki-client/version.h b/usr.sbin/rpki-client/version.h index 671bdd76e..83fb4a17f 100644 --- a/usr.sbin/rpki-client/version.h +++ b/usr.sbin/rpki-client/version.h @@ -1,3 +1,3 @@ -/* $OpenBSD: version.h,v 1.16 2023/04/29 18:53:11 benno Exp $ */ +/* $OpenBSD: version.h,v 1.17 2023/07/28 20:28:11 benno Exp $ */ -#define RPKI_VERSION "8.4" +#define RPKI_VERSION "8.5" diff --git a/usr.sbin/vmd/virtio.c b/usr.sbin/vmd/virtio.c index a58e35115..798b5fea6 100644 --- a/usr.sbin/vmd/virtio.c +++ b/usr.sbin/vmd/virtio.c @@ -1,4 +1,4 @@ -/* $OpenBSD: virtio.c,v 1.105 2023/07/15 18:32:21 dv Exp $ */ +/* $OpenBSD: virtio.c,v 1.106 2023/07/27 09:27:43 dv Exp $ */ /* * Copyright (c) 2015 Mike Larkin @@ -1475,12 +1475,15 @@ virtio_dev_launch(struct vmd_vm *vm, struct virtio_dev *dev) nargv[5] = "-i"; nargv[6] = vmm_fd; nargv[7] = "-n"; + nargv[8] = NULL; - if (env->vmd_verbose) { - nargv[8] = "-v"; + if (env->vmd_verbose == 1) { + nargv[8] = VMD_VERBOSE_1; nargv[9] = NULL; - } else - nargv[8] = NULL; + } else if (env->vmd_verbose > 1) { + nargv[8] = VMD_VERBOSE_2; + nargv[9] = NULL; + } /* Control resumes in vmd.c:main(). */ execvp(nargv[0], nargv); @@ -1699,8 +1702,10 @@ virtio_pci_io(int dir, uint16_t reg, uint32_t *data, uint8_t *intr, imsg_free(&imsg); if (msg.type == VIODEV_MSG_IO_READ && msg.data_valid) { +#if DEBUG log_debug("%s: got sync read response (reg=%s)", __func__, virtio_reg_name(msg.reg)); +#endif /* DEBUG */ *data = msg.data; /* * It's possible we're asked to {de,}assert after the diff --git a/usr.sbin/vmd/vmd.h b/usr.sbin/vmd/vmd.h index 744b8d195..19995e951 100644 --- a/usr.sbin/vmd/vmd.h +++ b/usr.sbin/vmd/vmd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: vmd.h,v 1.123 2023/07/13 18:31:59 dv Exp $ */ +/* $OpenBSD: vmd.h,v 1.124 2023/07/27 09:27:43 dv Exp $ */ /* * Copyright (c) 2015 Mike Larkin @@ -102,6 +102,10 @@ /* Unique local address for IPv6 */ #define VMD_ULA_PREFIX "fd00::/8" +/* Verbosity arguments for use when caling execvp(2). */ +#define VMD_VERBOSE_1 "-v"; +#define VMD_VERBOSE_2 "-vv"; + enum imsg_type { IMSG_VMDOP_START_VM_REQUEST = IMSG_PROC_MAX, IMSG_VMDOP_START_VM_CDROM, diff --git a/usr.sbin/vmd/vmm.c b/usr.sbin/vmd/vmm.c index 541222e02..a48868c8d 100644 --- a/usr.sbin/vmd/vmm.c +++ b/usr.sbin/vmd/vmm.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vmm.c,v 1.113 2023/07/13 18:31:59 dv Exp $ */ +/* $OpenBSD: vmm.c,v 1.114 2023/07/27 09:27:43 dv Exp $ */ /* * Copyright (c) 2015 Mike Larkin @@ -782,12 +782,15 @@ vmm_start_vm(struct imsg *imsg, uint32_t *id, pid_t *pid) nargv[3] = "-n"; nargv[4] = "-i"; nargv[5] = vmm_fd; + nargv[6] = NULL; - if (env->vmd_verbose) { - nargv[6] = "-v"; + if (env->vmd_verbose == 1) { + nargv[6] = VMD_VERBOSE_1; nargv[7] = NULL; - } else - nargv[6] = NULL; + } else if (env->vmd_verbose > 1) { + nargv[6] = VMD_VERBOSE_2; + nargv[7] = NULL; + } /* Control resumes in vmd main(). */ execvp(nargv[0], nargv);