From: | Marko Kreen <marko(at)l-t(dot)ee> |
---|---|
To: | pgsql-patches(at)postgresql(dot)org |
Subject: | [patch 1/3] small cleanups |
Date: | 2005-07-15 20:04:03 |
Message-ID: | 20050715200442.153594000@grue |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-patches |
- Fix couple comments.
- internal.c didnt clean hash contexts when freeing
- zero the system randomness buffer too
- Google tells that we can use /dev/urandom on Cygwin,
HPUX and AIX. Add them to random.c
- remove a debug reference from pgp.h
Index: pgsql/contrib/pgcrypto/fortuna.c
===================================================================
*** pgsql.orig/contrib/pgcrypto/fortuna.c
--- pgsql/contrib/pgcrypto/fortuna.c
*************** static void init_state(FState *st)
*** 174,181 ****
}
/*
! * Must not reseed more ofter than RESEED_PER_SEC
! * times per second.
*/
static int too_often(FState *st)
{
--- 174,181 ----
}
/*
! * The time between reseed must be at least RESEED_INTERVAL
! * microseconds.
*/
static int too_often(FState *st)
{
*************** static void reseed(FState *st)
*** 241,247 ****
memset(&key_md, 0, sizeof(key_md));
memset(buf, 0, BLOCK);
- n = k = 0;
}
/*
--- 241,246 ----
Index: pgsql/contrib/pgcrypto/internal.c
===================================================================
*** pgsql.orig/contrib/pgcrypto/internal.c
--- pgsql/contrib/pgcrypto/internal.c
*************** int_md5_free(PX_MD * h)
*** 127,132 ****
--- 127,133 ----
{
MD5_CTX *ctx = (MD5_CTX *) h->p.ptr;
+ memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
px_free(h);
}
*************** int_sha1_free(PX_MD * h)
*** 174,179 ****
--- 175,181 ----
{
SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
+ memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
px_free(h);
}
*************** int_sha256_free(PX_MD * h)
*** 221,226 ****
--- 223,229 ----
{
SHA256_CTX *ctx = (SHA256_CTX *) h->p.ptr;
+ memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
px_free(h);
}
*************** int_sha384_free(PX_MD * h)
*** 267,272 ****
--- 270,276 ----
{
SHA384_CTX *ctx = (SHA384_CTX *) h->p.ptr;
+ memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
px_free(h);
}
*************** int_sha512_free(PX_MD * h)
*** 314,319 ****
--- 318,324 ----
{
SHA512_CTX *ctx = (SHA512_CTX *) h->p.ptr;
+ memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
px_free(h);
}
*************** init_md5(PX_MD * md)
*** 326,331 ****
--- 331,337 ----
MD5_CTX *ctx;
ctx = px_alloc(sizeof(*ctx));
+ memset(ctx, 0, sizeof(*ctx));
md->p.ptr = ctx;
*************** init_sha1(PX_MD * md)
*** 345,350 ****
--- 351,357 ----
SHA1_CTX *ctx;
ctx = px_alloc(sizeof(*ctx));
+ memset(ctx, 0, sizeof(*ctx));
md->p.ptr = ctx;
*************** init_sha256(PX_MD * md)
*** 364,369 ****
--- 371,377 ----
SHA256_CTX *ctx;
ctx = px_alloc(sizeof(*ctx));
+ memset(ctx, 0, sizeof(*ctx));
md->p.ptr = ctx;
*************** init_sha384(PX_MD * md)
*** 383,388 ****
--- 391,397 ----
SHA384_CTX *ctx;
ctx = px_alloc(sizeof(*ctx));
+ memset(ctx, 0, sizeof(*ctx));
md->p.ptr = ctx;
*************** init_sha512(PX_MD * md)
*** 402,407 ****
--- 411,417 ----
SHA512_CTX *ctx;
ctx = px_alloc(sizeof(*ctx));
+ memset(ctx, 0, sizeof(*ctx));
md->p.ptr = ctx;
*************** static void system_reseed(void)
*** 829,834 ****
--- 839,845 ----
fortuna_add_entropy(SYSTEM_ENTROPY, buf, n);
seed_time = t;
+ memset(buf, 0, sizeof(buf));
}
int
Index: pgsql/contrib/pgcrypto/pgp-compress.c
===================================================================
*** pgsql.orig/contrib/pgcrypto/pgp-compress.c
--- pgsql/contrib/pgcrypto/pgp-compress.c
*************** restart:
*** 270,276 ****
dec->stream.avail_out = dec->buf_len;
dec->pos = dec->buf;
! // Z_NO_FLUSH, Z_SYNC_FLUSH,
flush = dec->stream.avail_in ? Z_SYNC_FLUSH : Z_FINISH;
res = inflate(&dec->stream, flush);
if (res != Z_OK && res != Z_STREAM_END)
--- 270,280 ----
dec->stream.avail_out = dec->buf_len;
dec->pos = dec->buf;
! /*
! * Z_SYNC_FLUSH is tell zlib to output as much as possible.
! * It should do in anyway (Z_NO_FLUSH), but seems to reserve
! * the right not to. So lets follow the API.
! */
flush = dec->stream.avail_in ? Z_SYNC_FLUSH : Z_FINISH;
res = inflate(&dec->stream, flush);
if (res != Z_OK && res != Z_STREAM_END)
Index: pgsql/contrib/pgcrypto/pgp-decrypt.c
===================================================================
*** pgsql.orig/contrib/pgcrypto/pgp-decrypt.c
--- pgsql/contrib/pgcrypto/pgp-decrypt.c
*************** static void mdc_free(void *priv)
*** 339,345 ****
ctx->mdc_ctx = NULL;
}
- // fixme: clarify
static int mdc_finish(PGP_Context *ctx, PullFilter *src,
int len, uint8 **data_p)
{
--- 339,344 ----
*************** static int mdc_finish(PGP_Context *ctx,
*** 364,369 ****
--- 363,369 ----
return 0;
}
+ /* safety check */
if (ctx->in_mdc_pkt > 1)
{
px_debug("mdc_finish: several times here?");
*************** static int mdc_finish(PGP_Context *ctx,
*** 371,376 ****
--- 371,377 ----
}
ctx->in_mdc_pkt++;
+ /* is the packet sane? */
if (res != 20)
{
px_debug("mdc_finish: read failed, res=%d", res);
Index: pgsql/contrib/pgcrypto/random.c
===================================================================
*** pgsql.orig/contrib/pgcrypto/random.c
--- pgsql/contrib/pgcrypto/random.c
***************
*** 44,50 ****
*/
#if defined(__linux__) || defined(__FreeBSD__) || defined(__OpenBSD__) \
|| defined(__NetBSD__) || defined(__DragonFly__) \
! || defined(__darwin__) || defined(__SOLARIS__)
#define TRY_DEV_RANDOM
--- 44,52 ----
*/
#if defined(__linux__) || defined(__FreeBSD__) || defined(__OpenBSD__) \
|| defined(__NetBSD__) || defined(__DragonFly__) \
! || defined(__darwin__) || defined(__SOLARIS__) \
! || defined(__hpux) || defined(__HPUX__) \
! || defined(__CYGWIN__) || defined(_AIX)
#define TRY_DEV_RANDOM
Index: pgsql/contrib/pgcrypto/pgp.h
===================================================================
*** pgsql.orig/contrib/pgcrypto/pgp.h
--- pgsql/contrib/pgcrypto/pgp.h
*************** unsigned pgp_armor_dec_len(unsigned len)
*** 238,245 ****
int pgp_compress_filter(PushFilter **res, PGP_Context *ctx, PushFilter *dst);
int pgp_decompress_filter(PullFilter **res, PGP_Context *ctx, PullFilter *src);
- extern void (*pgp_packet_debug) (int tag, uint8 *buf, int len);
-
int pgp_key_alloc(PGP_PubKey **pk_p);
void pgp_key_free(PGP_PubKey *pk);
int _pgp_read_public_key(PullFilter *pkt, PGP_PubKey *pk);
--- 238,243 ----
--
From | Date | Subject | |
---|---|---|---|
Next Message | Marko Kreen | 2005-07-15 20:04:04 | [patch 2/3] Fortuna fixes |
Previous Message | Marko Kreen | 2005-07-15 20:04:02 | [patch 0/3] last large update to pgcrypto |