diff options
| author | ume <ume@FreeBSD.org> | 2003-10-12 11:08:18 +0000 |
|---|---|---|
| committer | ume <ume@FreeBSD.org> | 2003-10-12 11:08:18 +0000 |
| commit | a6ff42e2be4799689a4518eba69934a0e3dad141 (patch) | |
| tree | 2b2db04852b1bef879100ffb5f889590eb278516 | |
| parent | 261a4381e898fcaa9855696ab85023cc1ff2de10 (diff) | |
| download | FreeBSD-src-a6ff42e2be4799689a4518eba69934a0e3dad141.zip FreeBSD-src-a6ff42e2be4799689a4518eba69934a0e3dad141.tar.gz | |
- correct signedness mixups.
- avoid assuming result buffer size
Obtained from: KAME
| -rw-r--r-- | sys/netinet6/ah.h | 6 | ||||
| -rw-r--r-- | sys/netinet6/ah6.h | 2 | ||||
| -rw-r--r-- | sys/netinet6/ah_core.c | 151 |
3 files changed, 79 insertions, 80 deletions
diff --git a/sys/netinet6/ah.h b/sys/netinet6/ah.h index 79435a3..24cca8d 100644 --- a/sys/netinet6/ah.h +++ b/sys/netinet6/ah.h @@ -73,8 +73,8 @@ struct ah_algorithm { int keymax; /* in bits */ const char *name; int (*init) __P((struct ah_algorithm_state *, struct secasvar *)); - void (*update) __P((struct ah_algorithm_state *, caddr_t, size_t)); - void (*result) __P((struct ah_algorithm_state *, caddr_t, size_t)); + void (*update) __P((struct ah_algorithm_state *, u_int8_t *, size_t)); + void (*result) __P((struct ah_algorithm_state *, u_int8_t *, size_t)); }; #define AH_MAXSUMSIZE 16 @@ -87,7 +87,7 @@ extern int ah_hdrlen __P((struct secasvar *)); extern size_t ah_hdrsiz __P((struct ipsecrequest *)); extern void ah4_input __P((struct mbuf *, int)); extern int ah4_output __P((struct mbuf *, struct ipsecrequest *)); -extern int ah4_calccksum __P((struct mbuf *, caddr_t, size_t, +extern int ah4_calccksum __P((struct mbuf *, u_int8_t *, size_t, const struct ah_algorithm *, struct secasvar *)); #endif /* _KERNEL */ diff --git a/sys/netinet6/ah6.h b/sys/netinet6/ah6.h index ead07bf..c8e64a5 100644 --- a/sys/netinet6/ah6.h +++ b/sys/netinet6/ah6.h @@ -43,7 +43,7 @@ struct secasvar; extern int ah6_input __P((struct mbuf **, int *, int)); extern int ah6_output __P((struct mbuf *, u_char *, struct mbuf *, struct ipsecrequest *)); -extern int ah6_calccksum __P((struct mbuf *, caddr_t, size_t, +extern int ah6_calccksum __P((struct mbuf *, u_int8_t *, size_t, const struct ah_algorithm *, struct secasvar *)); extern void ah6_ctlinput __P((int, struct sockaddr *, void *)); diff --git a/sys/netinet6/ah_core.c b/sys/netinet6/ah_core.c index c80f2b3..e576248 100644 --- a/sys/netinet6/ah_core.c +++ b/sys/netinet6/ah_core.c @@ -91,64 +91,63 @@ #include <net/net_osdep.h> -#define HMACSIZE 16 - static int ah_sumsiz_1216 __P((struct secasvar *)); static int ah_sumsiz_zero __P((struct secasvar *)); static int ah_common_mature __P((struct secasvar *)); static int ah_none_mature __P((struct secasvar *)); static int ah_none_init __P((struct ah_algorithm_state *, struct secasvar *)); -static void ah_none_loop __P((struct ah_algorithm_state *, caddr_t, size_t)); -static void ah_none_result __P((struct ah_algorithm_state *, caddr_t, size_t)); +static void ah_none_loop __P((struct ah_algorithm_state *, u_int8_t *, size_t)); +static void ah_none_result __P((struct ah_algorithm_state *, + u_int8_t *, size_t)); static int ah_keyed_md5_mature __P((struct secasvar *)); static int ah_keyed_md5_init __P((struct ah_algorithm_state *, struct secasvar *)); -static void ah_keyed_md5_loop __P((struct ah_algorithm_state *, caddr_t, +static void ah_keyed_md5_loop __P((struct ah_algorithm_state *, u_int8_t *, size_t)); static void ah_keyed_md5_result __P((struct ah_algorithm_state *, - caddr_t, size_t)); + u_int8_t *, size_t)); static int ah_keyed_sha1_init __P((struct ah_algorithm_state *, struct secasvar *)); -static void ah_keyed_sha1_loop __P((struct ah_algorithm_state *, caddr_t, +static void ah_keyed_sha1_loop __P((struct ah_algorithm_state *, u_int8_t *, size_t)); -static void ah_keyed_sha1_result __P((struct ah_algorithm_state *, caddr_t, +static void ah_keyed_sha1_result __P((struct ah_algorithm_state *, u_int8_t *, size_t)); static int ah_hmac_md5_init __P((struct ah_algorithm_state *, struct secasvar *)); -static void ah_hmac_md5_loop __P((struct ah_algorithm_state *, caddr_t, +static void ah_hmac_md5_loop __P((struct ah_algorithm_state *, u_int8_t *, size_t)); static void ah_hmac_md5_result __P((struct ah_algorithm_state *, - caddr_t, size_t)); + u_int8_t *, size_t)); static int ah_hmac_sha1_init __P((struct ah_algorithm_state *, struct secasvar *)); -static void ah_hmac_sha1_loop __P((struct ah_algorithm_state *, caddr_t, +static void ah_hmac_sha1_loop __P((struct ah_algorithm_state *, u_int8_t *, size_t)); static void ah_hmac_sha1_result __P((struct ah_algorithm_state *, - caddr_t, size_t)); + u_int8_t *, size_t)); static int ah_hmac_sha2_256_init __P((struct ah_algorithm_state *, struct secasvar *)); -static void ah_hmac_sha2_256_loop __P((struct ah_algorithm_state *, caddr_t, +static void ah_hmac_sha2_256_loop __P((struct ah_algorithm_state *, u_int8_t *, size_t)); static void ah_hmac_sha2_256_result __P((struct ah_algorithm_state *, - caddr_t, size_t)); + u_int8_t *, size_t)); static int ah_hmac_sha2_384_init __P((struct ah_algorithm_state *, struct secasvar *)); -static void ah_hmac_sha2_384_loop __P((struct ah_algorithm_state *, caddr_t, +static void ah_hmac_sha2_384_loop __P((struct ah_algorithm_state *, u_int8_t *, size_t)); static void ah_hmac_sha2_384_result __P((struct ah_algorithm_state *, - caddr_t, size_t)); + u_int8_t *, size_t)); static int ah_hmac_sha2_512_init __P((struct ah_algorithm_state *, struct secasvar *)); -static void ah_hmac_sha2_512_loop __P((struct ah_algorithm_state *, caddr_t, +static void ah_hmac_sha2_512_loop __P((struct ah_algorithm_state *, u_int8_t *, size_t)); static void ah_hmac_sha2_512_result __P((struct ah_algorithm_state *, - caddr_t, size_t)); + u_int8_t *, size_t)); static int ah_hmac_ripemd160_init __P((struct ah_algorithm_state *, struct secasvar *)); -static void ah_hmac_ripemd160_loop __P((struct ah_algorithm_state *, caddr_t, +static void ah_hmac_ripemd160_loop __P((struct ah_algorithm_state *, u_int8_t *, size_t)); static void ah_hmac_ripemd160_result __P((struct ah_algorithm_state *, - caddr_t, size_t)); + u_int8_t *, size_t)); static void ah_update_mbuf __P((struct mbuf *, int, int, const struct ah_algorithm *, struct ah_algorithm_state *)); @@ -289,7 +288,7 @@ ah_none_init(state, sav) static void ah_none_loop(state, addr, len) struct ah_algorithm_state *state; - caddr_t addr; + u_int8_t * addr; size_t len; { } @@ -297,7 +296,7 @@ ah_none_loop(state, addr, len) static void ah_none_result(state, addr, l) struct ah_algorithm_state *state; - caddr_t addr; + u_int8_t *addr; size_t l; { } @@ -371,7 +370,7 @@ ah_keyed_md5_init(state, sav) static void ah_keyed_md5_loop(state, addr, len) struct ah_algorithm_state *state; - caddr_t addr; + u_int8_t * addr; size_t len; { if (!state) @@ -383,7 +382,7 @@ ah_keyed_md5_loop(state, addr, len) static void ah_keyed_md5_result(state, addr, l) struct ah_algorithm_state *state; - caddr_t addr; + u_int8_t *addr; size_t l; { u_char digest[MD5_RESULTLEN]; @@ -396,9 +395,9 @@ ah_keyed_md5_result(state, addr, l) (u_int8_t *)_KEYBUF(state->sav->key_auth), (u_int)_KEYLEN(state->sav->key_auth)); } - MD5Final(&digest[0], (MD5_CTX *)state->foo); + MD5Final(digest, (MD5_CTX *)state->foo); free(state->foo, M_TEMP); - bcopy(&digest[0], (void *)addr, sizeof(digest)); + bcopy(digest, addr, sizeof(digest) > l ? l : sizeof(digest)); } static int @@ -462,7 +461,7 @@ ah_keyed_sha1_init(state, sav) static void ah_keyed_sha1_loop(state, addr, len) struct ah_algorithm_state *state; - caddr_t addr; + u_int8_t * addr; size_t len; { SHA1_CTX *ctxt; @@ -471,13 +470,13 @@ ah_keyed_sha1_loop(state, addr, len) panic("ah_keyed_sha1_loop: what?"); ctxt = (SHA1_CTX *)state->foo; - SHA1Update(ctxt, (caddr_t)addr, (size_t)len); + SHA1Update(ctxt, (u_int8_t *)addr, (size_t)len); } static void ah_keyed_sha1_result(state, addr, l) struct ah_algorithm_state *state; - caddr_t addr; + u_int8_t *addr; size_t l; { u_char digest[SHA1_RESULTLEN]; /* SHA-1 generates 160 bits */ @@ -491,8 +490,8 @@ ah_keyed_sha1_result(state, addr, l) SHA1Update(ctxt, (u_int8_t *)_KEYBUF(state->sav->key_auth), (u_int)_KEYLEN(state->sav->key_auth)); } - SHA1Final((caddr_t)&digest[0], ctxt); - bcopy(&digest[0], (void *)addr, HMACSIZE); + SHA1Final((u_int8_t *)digest, ctxt); + bcopy(digest, addr, sizeof(digest) > l ? l : sizeof(digest)); free(state->foo, M_TEMP); } @@ -553,21 +552,21 @@ ah_hmac_md5_init(state, sav) static void ah_hmac_md5_loop(state, addr, len) struct ah_algorithm_state *state; - caddr_t addr; + u_int8_t * addr; size_t len; { MD5_CTX *ctxt; if (!state || !state->foo) panic("ah_hmac_md5_loop: what?"); - ctxt = (MD5_CTX *)(((caddr_t)state->foo) + 128); + ctxt = (MD5_CTX *)(((u_int8_t *)state->foo) + 128); MD5Update(ctxt, addr, len); } static void ah_hmac_md5_result(state, addr, l) struct ah_algorithm_state *state; - caddr_t addr; + u_int8_t *addr; size_t l; { u_char digest[MD5_RESULTLEN]; @@ -582,14 +581,14 @@ ah_hmac_md5_result(state, addr, l) opad = (u_char *)(ipad + 64); ctxt = (MD5_CTX *)(opad + 64); - MD5Final(&digest[0], ctxt); + MD5Final(digest, ctxt); MD5Init(ctxt); MD5Update(ctxt, opad, 64); - MD5Update(ctxt, &digest[0], sizeof(digest)); - MD5Final(&digest[0], ctxt); + MD5Update(ctxt, digest, sizeof(digest)); + MD5Final(digest, ctxt); - bcopy(&digest[0], (void *)addr, HMACSIZE); + bcopy(digest, addr, sizeof(digest) > l ? l : sizeof(digest)); free(state->foo, M_TEMP); } @@ -651,7 +650,7 @@ ah_hmac_sha1_init(state, sav) static void ah_hmac_sha1_loop(state, addr, len) struct ah_algorithm_state *state; - caddr_t addr; + u_int8_t * addr; size_t len; { SHA1_CTX *ctxt; @@ -660,13 +659,13 @@ ah_hmac_sha1_loop(state, addr, len) panic("ah_hmac_sha1_loop: what?"); ctxt = (SHA1_CTX *)(((u_char *)state->foo) + 128); - SHA1Update(ctxt, (caddr_t)addr, (size_t)len); + SHA1Update(ctxt, (u_int8_t *)addr, (size_t)len); } static void ah_hmac_sha1_result(state, addr, l) struct ah_algorithm_state *state; - caddr_t addr; + u_int8_t *addr; size_t l; { u_char digest[SHA1_RESULTLEN]; /* SHA-1 generates 160 bits */ @@ -681,14 +680,14 @@ ah_hmac_sha1_result(state, addr, l) opad = (u_char *)(ipad + 64); ctxt = (SHA1_CTX *)(opad + 64); - SHA1Final((caddr_t)&digest[0], ctxt); + SHA1Final((u_int8_t *)digest, ctxt); SHA1Init(ctxt); SHA1Update(ctxt, opad, 64); - SHA1Update(ctxt, (caddr_t)&digest[0], sizeof(digest)); - SHA1Final((caddr_t)&digest[0], ctxt); + SHA1Update(ctxt, (u_int8_t *)digest, sizeof(digest)); + SHA1Final((u_int8_t *)digest, ctxt); - bcopy(&digest[0], (void *)addr, HMACSIZE); + bcopy(digest, addr, sizeof(digest) > l ? l : sizeof(digest)); free(state->foo, M_TEMP); } @@ -753,7 +752,7 @@ ah_hmac_sha2_256_init(state, sav) static void ah_hmac_sha2_256_loop(state, addr, len) struct ah_algorithm_state *state; - caddr_t addr; + u_int8_t *addr; size_t len; { SHA256_CTX *ctxt; @@ -768,7 +767,7 @@ ah_hmac_sha2_256_loop(state, addr, len) static void ah_hmac_sha2_256_result(state, addr, l) struct ah_algorithm_state *state; - caddr_t addr; + u_int8_t *addr; size_t l; { u_char digest[SHA256_DIGEST_LENGTH]; @@ -783,15 +782,15 @@ ah_hmac_sha2_256_result(state, addr, l) opad = (u_char *)(ipad + 64); ctxt = (SHA256_CTX *)(opad + 64); - SHA256_Final((caddr_t)&digest[0], ctxt); + SHA256_Final((caddr_t)digest, ctxt); bzero(ctxt, sizeof(*ctxt)); SHA256_Init(ctxt); SHA256_Update(ctxt, opad, 64); - SHA256_Update(ctxt, (caddr_t)&digest[0], sizeof(digest)); - SHA256_Final((caddr_t)&digest[0], ctxt); + SHA256_Update(ctxt, (caddr_t)digest, sizeof(digest)); + SHA256_Final((caddr_t)digest, ctxt); - bcopy(&digest[0], (void *)addr, HMACSIZE); + bcopy(digest, addr, sizeof(digest) > l ? l : sizeof(digest)); free(state->foo, M_TEMP); } @@ -857,7 +856,7 @@ ah_hmac_sha2_384_init(state, sav) static void ah_hmac_sha2_384_loop(state, addr, len) struct ah_algorithm_state *state; - caddr_t addr; + u_int8_t *addr; size_t len; { SHA384_CTX *ctxt; @@ -872,7 +871,7 @@ ah_hmac_sha2_384_loop(state, addr, len) static void ah_hmac_sha2_384_result(state, addr, l) struct ah_algorithm_state *state; - caddr_t addr; + u_int8_t *addr; size_t l; { u_char digest[SHA384_DIGEST_LENGTH]; @@ -887,15 +886,15 @@ ah_hmac_sha2_384_result(state, addr, l) opad = (u_char *)(ipad + 64); ctxt = (SHA384_CTX *)(opad + 64); - SHA384_Final((caddr_t)&digest[0], ctxt); + SHA384_Final((caddr_t)digest, ctxt); bzero(ctxt, sizeof(*ctxt)); SHA384_Init(ctxt); SHA384_Update(ctxt, opad, 64); - SHA384_Update(ctxt, (caddr_t)&digest[0], sizeof(digest)); - SHA384_Final((caddr_t)&digest[0], ctxt); + SHA384_Update(ctxt, (caddr_t)digest, sizeof(digest)); + SHA384_Final((caddr_t)digest, ctxt); - bcopy(&digest[0], (void *)addr, HMACSIZE); + bcopy(digest, addr, sizeof(digest) > l ? l : sizeof(digest)); free(state->foo, M_TEMP); } @@ -961,7 +960,7 @@ ah_hmac_sha2_512_init(state, sav) static void ah_hmac_sha2_512_loop(state, addr, len) struct ah_algorithm_state *state; - caddr_t addr; + u_int8_t *addr; size_t len; { SHA512_CTX *ctxt; @@ -976,7 +975,7 @@ ah_hmac_sha2_512_loop(state, addr, len) static void ah_hmac_sha2_512_result(state, addr, l) struct ah_algorithm_state *state; - caddr_t addr; + u_int8_t *addr; size_t l; { u_char digest[SHA512_DIGEST_LENGTH]; @@ -991,15 +990,15 @@ ah_hmac_sha2_512_result(state, addr, l) opad = (u_char *)(ipad + 64); ctxt = (SHA512_CTX *)(opad + 64); - SHA512_Final((caddr_t)&digest[0], ctxt); + SHA512_Final((caddr_t)digest, ctxt); bzero(ctxt, sizeof(*ctxt)); SHA512_Init(ctxt); SHA512_Update(ctxt, opad, 64); - SHA512_Update(ctxt, (caddr_t)&digest[0], sizeof(digest)); - SHA512_Final((caddr_t)&digest[0], ctxt); + SHA512_Update(ctxt, (caddr_t)digest, sizeof(digest)); + SHA512_Final((caddr_t)digest, ctxt); - bcopy(&digest[0], (void *)addr, HMACSIZE); + bcopy(digest, addr, sizeof(digest) > l ? l : sizeof(digest)); free(state->foo, M_TEMP); } @@ -1065,7 +1064,7 @@ ah_hmac_ripemd160_init(state, sav) static void ah_hmac_ripemd160_loop(state, addr, len) struct ah_algorithm_state *state; - caddr_t addr; + u_int8_t *addr; size_t len; { RMD160_CTX *ctxt; @@ -1080,7 +1079,7 @@ ah_hmac_ripemd160_loop(state, addr, len) static void ah_hmac_ripemd160_result(state, addr, l) struct ah_algorithm_state *state; - caddr_t addr; + u_int8_t *addr; size_t l; { u_char digest[RIPEMD160_RESULTLEN]; @@ -1126,7 +1125,7 @@ ah_update_mbuf(m, off, len, algo, algos) /* easy case first */ if (off + len <= m->m_len) { - (algo->update)(algos, mtod(m, caddr_t) + off, len); + (algo->update)(algos, mtod(m, u_int8_t *) + off, len); return; } @@ -1148,7 +1147,7 @@ ah_update_mbuf(m, off, len, algo, algos) else tlen = len; - (algo->update)(algos, mtod(n, caddr_t) + off, tlen); + (algo->update)(algos, mtod(n, u_int8_t *) + off, tlen); len -= tlen; off = 0; @@ -1166,7 +1165,7 @@ ah_update_mbuf(m, off, len, algo, algos) int ah4_calccksum(m, ahdat, len, algo, sav) struct mbuf *m; - caddr_t ahdat; + u_int8_t * ahdat; size_t len; const struct ah_algorithm *algo; struct secasvar *sav; @@ -1217,7 +1216,7 @@ again: if (ip4_ah_cleartos) iphdr.ip_tos = 0; iphdr.ip_off = htons(ntohs(iphdr.ip_off) & ip4_ah_offsetmask); - (algo->update)(&algos, (caddr_t)&iphdr, sizeof(struct ip)); + (algo->update)(&algos, (u_int8_t *)&iphdr, sizeof(struct ip)); if (hlen != sizeof(struct ip)) { u_char *p; @@ -1356,8 +1355,8 @@ again: } m_copydata(m, off, totlen, mtod(n, caddr_t)); n->m_len = totlen; - bzero(mtod(n, caddr_t) + hdrsiz, siz); - (algo->update)(&algos, mtod(n, caddr_t), n->m_len); + bzero(mtod(n, u_int8_t *) + hdrsiz, siz); + (algo->update)(&algos, mtod(n, u_int8_t *), n->m_len); m_free(n); n = NULL; } else @@ -1409,7 +1408,7 @@ fail: int ah6_calccksum(m, ahdat, len, algo, sav) struct mbuf *m; - caddr_t ahdat; + u_int8_t * ahdat; size_t len; const struct ah_algorithm *algo; struct secasvar *sav; @@ -1466,7 +1465,7 @@ ah6_calccksum(m, ahdat, len, algo, sav) ip6copy.ip6_src.s6_addr16[1] = 0x0000; if (IN6_IS_ADDR_LINKLOCAL(&ip6copy.ip6_dst)) ip6copy.ip6_dst.s6_addr16[1] = 0x0000; - (algo->update)(&algos, (caddr_t)&ip6copy, + (algo->update)(&algos, (u_int8_t *)&ip6copy, sizeof(struct ip6_hdr)); } else { newoff = m->m_pkthdr.len; @@ -1507,8 +1506,8 @@ ah6_calccksum(m, ahdat, len, algo, sav) } m_copydata(m, off, newoff - off, mtod(n, caddr_t)); n->m_len = newoff - off; - bzero(mtod(n, caddr_t) + hdrsiz, siz); - (algo->update)(&algos, mtod(n, caddr_t), n->m_len); + bzero(mtod(n, u_int8_t *) + hdrsiz, siz); + (algo->update)(&algos, mtod(n, u_int8_t *), n->m_len); m_free(n); n = NULL; } else @@ -1580,7 +1579,7 @@ ah6_calccksum(m, ahdat, len, algo, sav) optp += optlen; } - (algo->update)(&algos, mtod(n, caddr_t), n->m_len); + (algo->update)(&algos, mtod(n, u_int8_t *), n->m_len); m_free(n); n = NULL; break; |
