Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src Fix sense of consttime_memequal and update all callers.
details: https://anonhg.NetBSD.org/src/rev/399c524ce684
branches: trunk
changeset: 789625:399c524ce684
user: riastradh <riastradh%NetBSD.org@localhost>
date: Wed Aug 28 15:24:41 2013 +0000
description:
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean
inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
diffstat:
common/lib/libc/string/consttime_memequal.c | 4 ++--
crypto/external/bsd/openssh/dist/dns.c | 6 +++---
lib/libc/string/consttime_memequal.3 | 8 ++++----
sys/netipsec/xform_ah.c | 6 +++---
sys/netipsec/xform_esp.c | 7 +++----
5 files changed, 15 insertions(+), 16 deletions(-)
diffs (127 lines):
diff -r 1c4b9bbed076 -r 399c524ce684 common/lib/libc/string/consttime_memequal.c
--- a/common/lib/libc/string/consttime_memequal.c Wed Aug 28 12:50:18 2013 +0000
+++ b/common/lib/libc/string/consttime_memequal.c Wed Aug 28 15:24:41 2013 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: consttime_memequal.c,v 1.1 2013/06/24 04:21:19 riastradh Exp $ */
+/* $NetBSD: consttime_memequal.c,v 1.2 2013/08/28 15:24:41 riastradh Exp $ */
#if !defined(_KERNEL) && !defined(_STANDALONE)
#include <string.h>
@@ -15,5 +15,5 @@
while (len --)
res |= *c1++ ^ *c2++;
- return res;
+ return !res;
}
diff -r 1c4b9bbed076 -r 399c524ce684 crypto/external/bsd/openssh/dist/dns.c
--- a/crypto/external/bsd/openssh/dist/dns.c Wed Aug 28 12:50:18 2013 +0000
+++ b/crypto/external/bsd/openssh/dist/dns.c Wed Aug 28 15:24:41 2013 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: dns.c,v 1.6 2013/06/24 04:21:19 riastradh Exp $ */
+/* $NetBSD: dns.c,v 1.7 2013/08/28 15:24:41 riastradh Exp $ */
/* $OpenBSD: dns.c,v 1.28 2012/05/23 03:28:28 djm Exp $ */
/*
@@ -27,7 +27,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: dns.c,v 1.6 2013/06/24 04:21:19 riastradh Exp $");
+__RCSID("$NetBSD: dns.c,v 1.7 2013/08/28 15:24:41 riastradh Exp $");
#include <sys/types.h>
#include <sys/socket.h>
@@ -279,7 +279,7 @@
hostkey_digest_type == dnskey_digest_type) {
if (hostkey_digest_len == dnskey_digest_len &&
__consttime_memequal(hostkey_digest, dnskey_digest,
- hostkey_digest_len) == 0)
+ hostkey_digest_len))
*flags |= DNS_VERIFY_MATCH;
}
xfree(dnskey_digest);
diff -r 1c4b9bbed076 -r 399c524ce684 lib/libc/string/consttime_memequal.3
--- a/lib/libc/string/consttime_memequal.3 Wed Aug 28 12:50:18 2013 +0000
+++ b/lib/libc/string/consttime_memequal.3 Wed Aug 28 15:24:41 2013 +0000
@@ -1,4 +1,4 @@
-.\" $NetBSD: consttime_memequal.3,v 1.1 2013/06/24 04:21:20 riastradh Exp $
+.\" $NetBSD: consttime_memequal.3,v 1.2 2013/08/28 15:24:41 riastradh Exp $
.\"
.\" Copyright (c) 2013 The NetBSD Foundation, Inc.
.\" All rights reserved.
@@ -27,7 +27,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
.\" POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd June 23, 2013
+.Dd August 28, 2013
.Dt CONSTTIME_MEMEQUAL 3
.Os
.Sh NAME
@@ -48,8 +48,8 @@
.Fa b1
and
.Fa b2
-for equality, returning zero if they are identical and nonzero
-otherwise.
+for equality, returning zero if they are distinct and nonzero if they
+are identical.
.Pp
The time taken by
.Fn consttime_memequal
diff -r 1c4b9bbed076 -r 399c524ce684 sys/netipsec/xform_ah.c
--- a/sys/netipsec/xform_ah.c Wed Aug 28 12:50:18 2013 +0000
+++ b/sys/netipsec/xform_ah.c Wed Aug 28 15:24:41 2013 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: xform_ah.c,v 1.40 2013/06/24 04:21:20 riastradh Exp $ */
+/* $NetBSD: xform_ah.c,v 1.41 2013/08/28 15:24:41 riastradh Exp $ */
/* $FreeBSD: src/sys/netipsec/xform_ah.c,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */
/* $OpenBSD: ip_ah.c,v 1.63 2001/06/26 06:18:58 angelos Exp $ */
/*
@@ -39,7 +39,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.40 2013/06/24 04:21:20 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_ah.c,v 1.41 2013/08/28 15:24:41 riastradh Exp $");
#include "opt_inet.h"
#ifdef __FreeBSD__
@@ -910,7 +910,7 @@
ptr = (char *) (tc + 1);
/* Verify authenticator. */
- if (consttime_memequal(ptr + skip + rplen, calc, authsize)) {
+ if (!consttime_memequal(ptr + skip + rplen, calc, authsize)) {
u_int8_t *pppp = ptr + skip+rplen;
DPRINTF(("ah_input: authentication hash mismatch " \
"over %d bytes " \
diff -r 1c4b9bbed076 -r 399c524ce684 sys/netipsec/xform_esp.c
--- a/sys/netipsec/xform_esp.c Wed Aug 28 12:50:18 2013 +0000
+++ b/sys/netipsec/xform_esp.c Wed Aug 28 15:24:41 2013 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: xform_esp.c,v 1.43 2013/06/24 04:21:20 riastradh Exp $ */
+/* $NetBSD: xform_esp.c,v 1.44 2013/08/28 15:24:41 riastradh Exp $ */
/* $FreeBSD: src/sys/netipsec/xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $ */
/* $OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */
@@ -39,7 +39,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.43 2013/06/24 04:21:20 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.44 2013/08/28 15:24:41 riastradh Exp $");
#include "opt_inet.h"
#ifdef __FreeBSD__
@@ -593,8 +593,7 @@
ptr = (tc + 1);
/* Verify authenticator */
- if (consttime_memequal(ptr, aalg, esph->authsize)
- != 0) {
+ if (!consttime_memequal(ptr, aalg, esph->authsize)) {
DPRINTF(("esp_input_cb: "
"authentication hash mismatch for packet in SA %s/%08lx\n",
ipsec_address(&saidx->dst),
Home |
Main Index |
Thread Index |
Old Index