diff options
author | Tim Rühsen <tim.ruehsen@gmx.de> | 2019-05-29 14:15:33 +0000 |
---|---|---|
committer | Tim Rühsen <tim.ruehsen@gmx.de> | 2019-05-29 14:15:33 +0000 |
commit | 98590fe57ba10372036f97fe0ff3c93220bca13c (patch) | |
tree | fce29d6595a1efd78c8b54d50ee1027f6b0f2d3c | |
parent | a67fa87f5382e40a08fdcbd4be554bb786c26b32 (diff) | |
parent | 230a39a73aca2d40626d576e5f537a04b045beee (diff) | |
download | gnutls-98590fe57ba10372036f97fe0ff3c93220bca13c.tar.gz |
Merge branch 'tmp-datum-cleanup' into 'master'
Datum.c cleanup
See merge request gnutls/gnutls!1002
-rw-r--r-- | lib/auth/srp_kx.h | 6 | ||||
-rw-r--r-- | lib/auth/srp_passwd.c | 4 | ||||
-rw-r--r-- | lib/datum.c | 22 | ||||
-rw-r--r-- | lib/datum.h | 18 | ||||
-rw-r--r-- | lib/gnutls_int.h | 38 | ||||
-rw-r--r-- | lib/session.c | 6 | ||||
-rw-r--r-- | lib/srp.c | 26 |
7 files changed, 69 insertions, 51 deletions
diff --git a/lib/auth/srp_kx.h b/lib/auth/srp_kx.h index e4431ee28e..ebe1477e02 100644 --- a/lib/auth/srp_kx.h +++ b/lib/auth/srp_kx.h @@ -25,6 +25,8 @@ #include <auth.h> +#define MAX_FAKE_SALT_SEED_SIZE 64 + typedef struct gnutls_srp_client_credentials_st { char *username; char *password; @@ -38,7 +40,9 @@ typedef struct gnutls_srp_server_credentials_st { * password files. */ gnutls_srp_server_credentials_function *pwd_callback; - gnutls_datum_t fake_salt_seed; + unsigned char fake_salt_seed[MAX_FAKE_SALT_SEED_SIZE]; + unsigned int fake_salt_seed_size; + unsigned int fake_salt_length; } srp_server_cred_st; diff --git a/lib/auth/srp_passwd.c b/lib/auth/srp_passwd.c index 6902be3d26..6cd3f7e524 100644 --- a/lib/auth/srp_passwd.c +++ b/lib/auth/srp_passwd.c @@ -418,8 +418,8 @@ static int _randomize_pwd_entry(SRP_PWD_ENTRY * entry, return GNUTLS_E_MEMORY_ERROR; } - ret = _gnutls_mac_init(&ctx, me, sc->fake_salt_seed.data, - sc->fake_salt_seed.size); + ret = _gnutls_mac_init(&ctx, me, sc->fake_salt_seed, + sc->fake_salt_seed_size); if (ret < 0) { gnutls_assert(); diff --git a/lib/datum.c b/lib/datum.c index ff71068b99..bd0f216438 100644 --- a/lib/datum.c +++ b/lib/datum.c @@ -30,6 +30,7 @@ #include <datum.h> #include "errors.h" +/* On error, @dat is not changed. */ int _gnutls_set_datum(gnutls_datum_t * dat, const void *data, size_t data_size) { @@ -39,10 +40,11 @@ _gnutls_set_datum(gnutls_datum_t * dat, const void *data, size_t data_size) return 0; } - dat->data = gnutls_malloc(data_size); - if (dat->data == NULL) + unsigned char *m = gnutls_malloc(data_size); + if (!m) return GNUTLS_E_MEMORY_ERROR; + dat->data = m; dat->size = data_size; memcpy(dat->data, data, data_size); @@ -51,22 +53,22 @@ _gnutls_set_datum(gnutls_datum_t * dat, const void *data, size_t data_size) /* ensures that the data set are null-terminated * The function always returns an allocated string in @dat on success. + * On error, @dat is not changed. */ int _gnutls_set_strdatum(gnutls_datum_t * dat, const void *data, size_t data_size) { - if (data_size == 0 || data == NULL) { - dat->data = gnutls_calloc(1, 1); - dat->size = 0; - return 0; - } + if (data == NULL) + return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); - dat->data = gnutls_malloc(data_size+1); - if (dat->data == NULL) + unsigned char *m = gnutls_malloc(data_size + 1); + if (!m) return GNUTLS_E_MEMORY_ERROR; + dat->data = m; dat->size = data_size; - memcpy(dat->data, data, data_size); + if (data_size) + memcpy(dat->data, data, data_size); dat->data[data_size] = 0; return 0; diff --git a/lib/datum.h b/lib/datum.h index cdab4b272d..fe847359b0 100644 --- a/lib/datum.h +++ b/lib/datum.h @@ -28,11 +28,13 @@ /* This will copy the provided data in @dat. If the provided data are * NULL or zero-size @dat will be NULL as well. */ +warn_unused_result nonnull((1)) int _gnutls_set_datum(gnutls_datum_t * dat, const void *data, size_t data_size); /* This will always return a non-NULL, and zero-terminated string in @dat. */ +warn_unused_result nonnull((1)) int _gnutls_set_strdatum(gnutls_datum_t * dat, const void *data, size_t data_size); @@ -40,17 +42,13 @@ int _gnutls_set_strdatum(gnutls_datum_t * dat, const void *data, inline static void _gnutls_free_datum(gnutls_datum_t * dat) { - if (dat == NULL) - return; - - if (dat->data != NULL) + if (dat != NULL) { gnutls_free(dat->data); - - dat->data = NULL; - dat->size = 0; + dat->size = 0; + } } -inline static +inline static nonnull_all void _gnutls_free_temp_key_datum(gnutls_datum_t * dat) { if (dat->data != NULL) { @@ -58,11 +56,10 @@ void _gnutls_free_temp_key_datum(gnutls_datum_t * dat) gnutls_free(dat->data); } - dat->data = NULL; dat->size = 0; } -inline static +inline static nonnull_all void _gnutls_free_key_datum(gnutls_datum_t * dat) { if (dat->data != NULL) { @@ -70,7 +67,6 @@ void _gnutls_free_key_datum(gnutls_datum_t * dat) gnutls_free(dat->data); } - dat->data = NULL; dat->size = 0; } diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 0e0942511d..bb49885978 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -57,27 +57,43 @@ typedef int ssize_t; #define ENABLE_ALIGN16 +#ifdef __clang_major +# define _GNUTLS_CLANG_VERSION (__clang_major__ * 10000 + __clang_minor__ * 100 + __clang_patchlevel__) +#endif + +/* clang also defines __GNUC__. It promotes a GCC version of 4.2.1. */ #ifdef __GNUC__ -#ifndef _GNUTLS_GCC_VERSION -#define _GNUTLS_GCC_VERSION (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) +# define _GNUTLS_GCC_VERSION (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) #endif + #if _GNUTLS_GCC_VERSION >= 30100 -#define likely(x) __builtin_expect((x), 1) -#define unlikely(x) __builtin_expect((x), 0) +# define likely(x) __builtin_expect((x), 1) +# define unlikely(x) __builtin_expect((x), 0) +#else +# define likely +# define unlikely #endif -#if _GNUTLS_GCC_VERSION >= 70100 -#define FALLTHROUGH __attribute__ ((fallthrough)) + +#if _GNUTLS_GCC_VERSION >= 30300 +# define nonnull_all __attribute__ ((nonnull)) +# define nonnull(a) __attribute__ ((nonnull a)) +#else +# define G_GNUC_WGET_NONNULL_ALL +# define G_GNUC_WGET_NONNULL(a) #endif + +#if _GNUTLS_GCC_VERSION >= 30400 +# define warn_unused_result __attribute__((warn_unused_result)) +#else +# define warn_unused_result #endif -#ifndef FALLTHROUGH +#if _GNUTLS_GCC_VERSION >= 70100 +# define FALLTHROUGH __attribute__ ((fallthrough)) +#else # define FALLTHROUGH #endif -#ifndef likely -#define likely -#define unlikely -#endif /* some systems had problems with long long int, thus, * it is not used. diff --git a/lib/session.c b/lib/session.c index 10b19abb4e..68d1cebe5c 100644 --- a/lib/session.c +++ b/lib/session.c @@ -305,7 +305,11 @@ gnutls_session_set_data(gnutls_session_t session, if (session->internals.resumption_data.data != NULL) gnutls_free(session->internals.resumption_data.data); - _gnutls_set_datum(&session->internals.resumption_data, session_data, session_data_size); + ret = _gnutls_set_datum(&session->internals.resumption_data, session_data, session_data_size); + if (ret < 0) { + gnutls_assert(); + return ret; + } return 0; } @@ -501,7 +501,6 @@ void gnutls_srp_free_server_credentials(gnutls_srp_server_credentials_t sc) { gnutls_free(sc->password_file); gnutls_free(sc->password_conf_file); - _gnutls_free_datum(&sc->fake_salt_seed); gnutls_free(sc); } @@ -537,17 +536,9 @@ gnutls_srp_allocate_server_credentials(gnutls_srp_server_credentials_t * if (*sc == NULL) return GNUTLS_E_MEMORY_ERROR; - (*sc)->fake_salt_seed.size = DEFAULT_FAKE_SALT_SEED_SIZE; - (*sc)->fake_salt_seed.data = gnutls_malloc( - DEFAULT_FAKE_SALT_SEED_SIZE); - if ((*sc)->fake_salt_seed.data == NULL) { - ret = GNUTLS_E_MEMORY_ERROR; - gnutls_assert(); - goto cleanup; - } - - ret = gnutls_rnd(GNUTLS_RND_RANDOM, (*sc)->fake_salt_seed.data, - DEFAULT_FAKE_SALT_SEED_SIZE); + (*sc)->fake_salt_seed_size = DEFAULT_FAKE_SALT_SEED_SIZE; + ret = gnutls_rnd(GNUTLS_RND_RANDOM, (*sc)->fake_salt_seed, + DEFAULT_FAKE_SALT_SEED_SIZE); if (ret < 0) { gnutls_assert(); @@ -558,7 +549,6 @@ gnutls_srp_allocate_server_credentials(gnutls_srp_server_credentials_t * return 0; cleanup: - _gnutls_free_datum(&(*sc)->fake_salt_seed); gnutls_free(*sc); return ret; } @@ -841,8 +831,14 @@ gnutls_srp_set_server_fake_salt_seed(gnutls_srp_server_credentials_t cred, const gnutls_datum_t * seed, unsigned int salt_length) { - _gnutls_free_datum(&cred->fake_salt_seed); - _gnutls_set_datum(&cred->fake_salt_seed, seed->data, seed->size); + unsigned seed_size = seed->size; + const unsigned char *seed_data = seed->data; + + if (seed_size > sizeof(cred->fake_salt_seed)) + seed_size = sizeof(cred->fake_salt_seed); + + memcpy(cred->fake_salt_seed, seed_data, seed_size); + cred->fake_salt_seed_size = seed_size; /* Cap the salt length at the output size of the MAC algorithm * we are using to generate the fake salts. |