mirror of
https://git.rtems.org/rtems-libbsd/
synced 2025-10-16 13:33:19 +08:00
Update to FreeBSD 9.3
This commit is contained in:
Sebastian Huber
@@ -335,10 +335,6 @@ sctp_generate_random_key(uint32_t keylen)
|
||||
{
|
||||
sctp_key_t *new_key;
|
||||
|
||||
/* validate keylen */
|
||||
if (keylen > SCTP_AUTH_RANDOM_SIZE_MAX)
|
||||
keylen = SCTP_AUTH_RANDOM_SIZE_MAX;
|
||||
|
||||
new_key = sctp_alloc_key(keylen);
|
||||
if (new_key == NULL) {
|
||||
/* out of memory */
|
||||
@@ -376,7 +372,7 @@ sctp_compare_key(sctp_key_t * key1, sctp_key_t * key2)
|
||||
uint32_t i;
|
||||
uint32_t key1len, key2len;
|
||||
uint8_t *key_1, *key_2;
|
||||
uint8_t temp[SCTP_AUTH_RANDOM_SIZE_MAX];
|
||||
uint8_t val1, val2;
|
||||
|
||||
/* sanity/length check */
|
||||
key1len = sctp_get_keylen(key1);
|
||||
@@ -388,38 +384,24 @@ sctp_compare_key(sctp_key_t * key1, sctp_key_t * key2)
|
||||
else if (key2len == 0)
|
||||
return (1);
|
||||
|
||||
if (key1len != key2len) {
|
||||
if (key1len >= key2len)
|
||||
maxlen = key1len;
|
||||
else
|
||||
maxlen = key2len;
|
||||
bzero(temp, maxlen);
|
||||
if (key1len < maxlen) {
|
||||
/* prepend zeroes to key1 */
|
||||
bcopy(key1->key, temp + (maxlen - key1len), key1len);
|
||||
key_1 = temp;
|
||||
key_2 = key2->key;
|
||||
} else {
|
||||
/* prepend zeroes to key2 */
|
||||
bcopy(key2->key, temp + (maxlen - key2len), key2len);
|
||||
key_1 = key1->key;
|
||||
key_2 = temp;
|
||||
}
|
||||
if (key1len < key2len) {
|
||||
maxlen = key2len;
|
||||
} else {
|
||||
maxlen = key1len;
|
||||
key_1 = key1->key;
|
||||
key_2 = key2->key;
|
||||
}
|
||||
|
||||
key_1 = key1->key;
|
||||
key_2 = key2->key;
|
||||
/* check for numeric equality */
|
||||
for (i = 0; i < maxlen; i++) {
|
||||
if (*key_1 > *key_2)
|
||||
/* left-pad with zeros */
|
||||
val1 = (i < (maxlen - key1len)) ? 0 : *(key_1++);
|
||||
val2 = (i < (maxlen - key2len)) ? 0 : *(key_2++);
|
||||
if (val1 > val2) {
|
||||
return (1);
|
||||
else if (*key_1 < *key_2)
|
||||
} else if (val1 < val2) {
|
||||
return (-1);
|
||||
key_1++;
|
||||
key_2++;
|
||||
}
|
||||
}
|
||||
|
||||
/* keys are equal value, so check lengths */
|
||||
if (key1len == key2len)
|
||||
return (0);
|
||||
@@ -705,15 +687,7 @@ sctp_auth_add_hmacid(sctp_hmaclist_t * list, uint16_t hmac_id)
|
||||
return (-1);
|
||||
}
|
||||
if ((hmac_id != SCTP_AUTH_HMAC_ID_SHA1) &&
|
||||
#ifdef HAVE_SHA224
|
||||
(hmac_id != SCTP_AUTH_HMAC_ID_SHA224) &&
|
||||
#endif
|
||||
#ifdef HAVE_SHA2
|
||||
(hmac_id != SCTP_AUTH_HMAC_ID_SHA256) &&
|
||||
(hmac_id != SCTP_AUTH_HMAC_ID_SHA384) &&
|
||||
(hmac_id != SCTP_AUTH_HMAC_ID_SHA512) &&
|
||||
#endif
|
||||
1) {
|
||||
(hmac_id != SCTP_AUTH_HMAC_ID_SHA256)) {
|
||||
return (-1);
|
||||
}
|
||||
/* Now is it already in the list */
|
||||
@@ -756,8 +730,9 @@ sctp_default_supported_hmaclist(void)
|
||||
new_list = sctp_alloc_hmaclist(2);
|
||||
if (new_list == NULL)
|
||||
return (NULL);
|
||||
(void)sctp_auth_add_hmacid(new_list, SCTP_AUTH_HMAC_ID_SHA1);
|
||||
/* We prefer SHA256, so list it first */
|
||||
(void)sctp_auth_add_hmacid(new_list, SCTP_AUTH_HMAC_ID_SHA256);
|
||||
(void)sctp_auth_add_hmacid(new_list, SCTP_AUTH_HMAC_ID_SHA1);
|
||||
return (new_list);
|
||||
}
|
||||
|
||||
@@ -813,19 +788,13 @@ int
|
||||
sctp_verify_hmac_param(struct sctp_auth_hmac_algo *hmacs, uint32_t num_hmacs)
|
||||
{
|
||||
uint32_t i;
|
||||
uint16_t hmac_id;
|
||||
uint32_t sha1_supported = 0;
|
||||
|
||||
for (i = 0; i < num_hmacs; i++) {
|
||||
hmac_id = ntohs(hmacs->hmac_ids[i]);
|
||||
if (hmac_id == SCTP_AUTH_HMAC_ID_SHA1)
|
||||
sha1_supported = 1;
|
||||
if (ntohs(hmacs->hmac_ids[i]) == SCTP_AUTH_HMAC_ID_SHA1) {
|
||||
return (0);
|
||||
}
|
||||
}
|
||||
/* all HMAC id's are supported */
|
||||
if (sha1_supported == 0)
|
||||
return (-1);
|
||||
else
|
||||
return (0);
|
||||
return (-1);
|
||||
}
|
||||
|
||||
sctp_authinfo_t *
|
||||
@@ -879,18 +848,8 @@ sctp_get_hmac_digest_len(uint16_t hmac_algo)
|
||||
switch (hmac_algo) {
|
||||
case SCTP_AUTH_HMAC_ID_SHA1:
|
||||
return (SCTP_AUTH_DIGEST_LEN_SHA1);
|
||||
#ifdef HAVE_SHA224
|
||||
case SCTP_AUTH_HMAC_ID_SHA224:
|
||||
return (SCTP_AUTH_DIGEST_LEN_SHA224);
|
||||
#endif
|
||||
#ifdef HAVE_SHA2
|
||||
case SCTP_AUTH_HMAC_ID_SHA256:
|
||||
return (SCTP_AUTH_DIGEST_LEN_SHA256);
|
||||
case SCTP_AUTH_HMAC_ID_SHA384:
|
||||
return (SCTP_AUTH_DIGEST_LEN_SHA384);
|
||||
case SCTP_AUTH_HMAC_ID_SHA512:
|
||||
return (SCTP_AUTH_DIGEST_LEN_SHA512);
|
||||
#endif
|
||||
default:
|
||||
/* unknown HMAC algorithm: can't do anything */
|
||||
return (0);
|
||||
@@ -902,17 +861,9 @@ sctp_get_hmac_block_len(uint16_t hmac_algo)
|
||||
{
|
||||
switch (hmac_algo) {
|
||||
case SCTP_AUTH_HMAC_ID_SHA1:
|
||||
#ifdef HAVE_SHA224
|
||||
case SCTP_AUTH_HMAC_ID_SHA224:
|
||||
#endif
|
||||
return (64);
|
||||
#ifdef HAVE_SHA2
|
||||
case SCTP_AUTH_HMAC_ID_SHA256:
|
||||
return (64);
|
||||
case SCTP_AUTH_HMAC_ID_SHA384:
|
||||
case SCTP_AUTH_HMAC_ID_SHA512:
|
||||
return (128);
|
||||
#endif
|
||||
case SCTP_AUTH_HMAC_ID_RSVD:
|
||||
default:
|
||||
/* unknown HMAC algorithm: can't do anything */
|
||||
@@ -925,23 +876,11 @@ sctp_hmac_init(uint16_t hmac_algo, sctp_hash_context_t * ctx)
|
||||
{
|
||||
switch (hmac_algo) {
|
||||
case SCTP_AUTH_HMAC_ID_SHA1:
|
||||
SHA1_Init(&ctx->sha1);
|
||||
SCTP_SHA1_INIT(&ctx->sha1);
|
||||
break;
|
||||
#ifdef HAVE_SHA224
|
||||
case SCTP_AUTH_HMAC_ID_SHA224:
|
||||
break;
|
||||
#endif
|
||||
#ifdef HAVE_SHA2
|
||||
case SCTP_AUTH_HMAC_ID_SHA256:
|
||||
SHA256_Init(&ctx->sha256);
|
||||
SCTP_SHA256_INIT(&ctx->sha256);
|
||||
break;
|
||||
case SCTP_AUTH_HMAC_ID_SHA384:
|
||||
SHA384_Init(&ctx->sha384);
|
||||
break;
|
||||
case SCTP_AUTH_HMAC_ID_SHA512:
|
||||
SHA512_Init(&ctx->sha512);
|
||||
break;
|
||||
#endif
|
||||
case SCTP_AUTH_HMAC_ID_RSVD:
|
||||
default:
|
||||
/* unknown HMAC algorithm: can't do anything */
|
||||
@@ -955,23 +894,11 @@ sctp_hmac_update(uint16_t hmac_algo, sctp_hash_context_t * ctx,
|
||||
{
|
||||
switch (hmac_algo) {
|
||||
case SCTP_AUTH_HMAC_ID_SHA1:
|
||||
SHA1_Update(&ctx->sha1, text, textlen);
|
||||
SCTP_SHA1_UPDATE(&ctx->sha1, text, textlen);
|
||||
break;
|
||||
#ifdef HAVE_SHA224
|
||||
case SCTP_AUTH_HMAC_ID_SHA224:
|
||||
break;
|
||||
#endif
|
||||
#ifdef HAVE_SHA2
|
||||
case SCTP_AUTH_HMAC_ID_SHA256:
|
||||
SHA256_Update(&ctx->sha256, text, textlen);
|
||||
SCTP_SHA256_UPDATE(&ctx->sha256, text, textlen);
|
||||
break;
|
||||
case SCTP_AUTH_HMAC_ID_SHA384:
|
||||
SHA384_Update(&ctx->sha384, text, textlen);
|
||||
break;
|
||||
case SCTP_AUTH_HMAC_ID_SHA512:
|
||||
SHA512_Update(&ctx->sha512, text, textlen);
|
||||
break;
|
||||
#endif
|
||||
case SCTP_AUTH_HMAC_ID_RSVD:
|
||||
default:
|
||||
/* unknown HMAC algorithm: can't do anything */
|
||||
@@ -985,24 +912,11 @@ sctp_hmac_final(uint16_t hmac_algo, sctp_hash_context_t * ctx,
|
||||
{
|
||||
switch (hmac_algo) {
|
||||
case SCTP_AUTH_HMAC_ID_SHA1:
|
||||
SHA1_Final(digest, &ctx->sha1);
|
||||
SCTP_SHA1_FINAL(digest, &ctx->sha1);
|
||||
break;
|
||||
#ifdef HAVE_SHA224
|
||||
case SCTP_AUTH_HMAC_ID_SHA224:
|
||||
break;
|
||||
#endif
|
||||
#ifdef HAVE_SHA2
|
||||
case SCTP_AUTH_HMAC_ID_SHA256:
|
||||
SHA256_Final(digest, &ctx->sha256);
|
||||
SCTP_SHA256_FINAL(digest, &ctx->sha256);
|
||||
break;
|
||||
case SCTP_AUTH_HMAC_ID_SHA384:
|
||||
/* SHA384 is truncated SHA512 */
|
||||
SHA384_Final(digest, &ctx->sha384);
|
||||
break;
|
||||
case SCTP_AUTH_HMAC_ID_SHA512:
|
||||
SHA512_Final(digest, &ctx->sha512);
|
||||
break;
|
||||
#endif
|
||||
case SCTP_AUTH_HMAC_ID_RSVD:
|
||||
default:
|
||||
/* unknown HMAC algorithm: can't do anything */
|
||||
@@ -1878,6 +1792,7 @@ sctp_notify_authentication(struct sctp_tcb *stcb, uint32_t indication,
|
||||
|
||||
SCTP_BUF_LEN(m_notify) = 0;
|
||||
auth = mtod(m_notify, struct sctp_authkey_event *);
|
||||
memset(auth, 0, sizeof(struct sctp_authkey_event));
|
||||
auth->auth_type = SCTP_AUTHENTICATION_EVENT;
|
||||
auth->auth_flags = 0;
|
||||
auth->auth_length = sizeof(*auth);
|
||||
|
||||
Reference in New Issue
Block a user