Re: [PATCH 1/7] If EVP_DecryptInit_ex() returns NULL, j is incremented by a random amount in PEM_do_header()

2014-05-31 Thread Joel Sing
On Sun, 1 Jun 2014, Brent Cook wrote: > clang warning: > pem/pem_lib.c:472:6: error: variable 'i' is used uninitialized whenever > 'if' condition is false [-Werror,-Wsometimes-uninitialized] > if (o) > ^ > pem/pem_lib.c:479:7: note: uninitialized use occurs here > j += i

Re: [PATCH 4/7] use BIO_write instead of an unchecked write()

2014-05-31 Thread Brent Cook
On May 31, 2014, at 6:08 PM, Brendan MacDonell wrote: > On Sat, May 31, 2014 at 8:02 PM, Brent Cook wrote: > I totally agree in the general case. BIO is a big pain, and it does seem > crazy to use it for stdio. > > However, in this specific case, this file already calls BIO_printf, BIO_puts >

Correct OpenBSD versions for disabling getserbyname_r

2014-05-31 Thread Andrew Fresh
So, in r1.40 the comment was corrected to reflect that this was fixed in 3.7, but the actual check still only checked up to 3.5. http://www.openbsd.org/cgi-bin/cvsweb/src/gnu/usr.bin/perl/hints/openbsd.sh.diff?r1=1.39;r2=1.40;f=h And then r1.1.1.8 was created with the correct version in the check

Re: [PATCH 4/7] use BIO_write instead of an unchecked write()

2014-05-31 Thread Brendan MacDonell
On Sat, May 31, 2014 at 8:02 PM, Brent Cook wrote: > I totally agree in the general case. BIO is a big pain, and it does seem > crazy to use it for stdio. > > However, in this specific case, this file already calls BIO_printf, > BIO_puts and BIO_write to stdout and stderr, in an unchecked manner,

Remove unneeded workaround for usemallocwrap on m68k in perl

2014-05-31 Thread Andrew Fresh
This local patch should longer be needed with the removal of m68k. OK? Index: hints/openbsd.sh === RCS file: /cvs/src/gnu/usr.bin/perl/hints/openbsd.sh,v retrieving revision 1.49 diff -u -p -u -r1.49 openbsd.sh --- hints/openbsd.sh

Re: [PATCH 4/7] use BIO_write instead of an unchecked write()

2014-05-31 Thread Brent Cook
I totally agree in the general case. BIO is a big pain, and it does seem crazy to use it for stdio. However, in this specific case, this file already calls BIO_printf, BIO_puts and BIO_write to stdout and stderr, in an unchecked manner, several hundred times. I’m not sure if checking write() ac

Re: [PATCH 2/2] remove uses of internally-deprecated OPENSSL_malloc/free

2014-05-31 Thread Bob Beck
You should change this so it doesnt check for null before the free. free handles NULL. On 31 May 2014 16:39, "Brent Cook" wrote: > --- > ecdh/ecdhtest.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/ecdh/ecdhtest.c b/ecdh/ecdhtest.c > index 620424d..ee220dc 100644

Re: [PATCH 4/7] use BIO_write instead of an unchecked write()

2014-05-31 Thread Theo de Raadt
Your change is wrong. There have been lots of discussion about trying to use intrinsics as much as possible. Even though this is the openssl command, I think the consideration is also valid here. You've just run into the reason for using intrinsics as much as possible. BIO_write is different fr

[PATCH 6/7] remove parsing of -rand options in openssl apps

2014-05-31 Thread Brent Cook
Since the random number generator no longer allows being seeded, remove support for parsing the unused -rand option and the unused random buffer variables. Better to fail than to be surprised when the RNG seed does not function as expected. This fixes compiler warnings about unused random seed var

[PATCH 2/2] remove uses of internally-deprecated OPENSSL_malloc/free

2014-05-31 Thread Brent Cook
--- ecdh/ecdhtest.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ecdh/ecdhtest.c b/ecdh/ecdhtest.c index 620424d..ee220dc 100644 --- a/ecdh/ecdhtest.c +++ b/ecdh/ecdhtest.c @@ -358,7 +358,7 @@ static int ecdh_kat(BIO *out, const char *cname, int nid, Ztmplen = (E

[PATCH 1/2] -Werror build fixes for aes_wrap.c

2014-05-31 Thread Brent Cook
include string.h for memcmp remove unused variables --- aeswrap/aes_wrap.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/aeswrap/aes_wrap.c b/aeswrap/aes_wrap.c index b5157d7..c3079e3 100644 --- a/aeswrap/aes_wrap.c +++ b/aeswrap/aes_wrap.c @@ -10,7 +10,7 @@ * are met

[PATCH 5/7] do not include public headers as though they are local

2014-05-31 Thread Brent Cook
Avoid having to use -I trickery to find public header files included as though they are private. --- src/crypto/bn/bn_const.c | 2 +- src/crypto/chacha/chacha.c | 2 +- src/crypto/o_init.c| 2 +- src/crypto/poly1305/poly1305.c | 2 +- src/crypto/ts/ts_lib.c | 2 +- sr

[PATCH 0/2] libcrypto regress fixes

2014-05-31 Thread Brent Cook
This is a series of fixes to issues found while building libcrypto regression tests with -Werror and LIBRESSL_INTERNAL. Do these look OK? - Brent

[PATCH 7/7] avoid defining struct pqueue typedef twice

2014-05-31 Thread Brent Cook
with pqueue moving to a private interface, the typedef can occur twice ../include/openssl/dtls1.h:147:25: error: redefinition of typedef 'pqueue' is a C11 feature [-Werror,-Wtypedef-redefinition] typedef struct _pqueue *pqueue; ^ ../include/pqueue.h:63:25: note: previous d

[PATCH 3/7] remove unused static datastructures

2014-05-31 Thread Brent Cook
Neither of these is used anywhere within their object files. --- src/crypto/ec/ec_lib.c | 3 --- src/crypto/engine/eng_dyn.c | 3 --- 2 files changed, 6 deletions(-) diff --git a/src/crypto/ec/ec_lib.c b/src/crypto/ec/ec_lib.c index 3313573..b8e0e98 100644 --- a/src/crypto/ec/ec_lib.c +++ b/

[PATCH 2/7] fix type string conversion warning

2014-05-31 Thread Brent Cook
ASN1_STRING_data returns an unsigned char *, but strlcat's second parameter is a const char * --- src/crypto/ts/ts_rsp_verify.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/crypto/ts/ts_rsp_verify.c b/src/crypto/ts/ts_rsp_verify.c index 2a4c0c5..49754b5 100644 --- a/src/

[PATCH 1/7] If EVP_DecryptInit_ex() returns NULL, j is incremented by a random amount in PEM_do_header()

2014-05-31 Thread Brent Cook
clang warning: pem/pem_lib.c:472:6: error: variable 'i' is used uninitialized whenever 'if' condition is false [-Werror,-Wsometimes-uninitialized] if (o) ^ pem/pem_lib.c:479:7: note: uninitialized use occurs here j += i; ^ pem/pem_lib.c:472:2: note: r

[PATCH 4/7] use BIO_write instead of an unchecked write()

2014-05-31 Thread Brent Cook
write() warns if its return value is unchecked. Replace with a BIO_write like all of the surrounding code uses anyway. --- src/apps/s_server.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/apps/s_server.c b/src/apps/s_server.c index 51f6b47..fb28489 100644 --- a/src/apps/

[PATCH 0/7] libssl fixes

2014-05-31 Thread Brent Cook
This patch set fixes a series of issues flagged by recent versions of clang and gcc. Do these look OK? - Brent

Re: Remove unneeded patch to alias 646 => ascii in Encode::Alias

2014-05-31 Thread Philip Guenther
On Sat, May 31, 2014 at 10:22 AM, Andrew Fresh wrote: > Turns out in 2008 the regex that aliases ISO-646 to ascii was changed > so that it also matches plain 646, so we no longer need a patch to do > that. > Makes sense. ok guenther@ > The secondary quotes on the definition ('"ascii"') are

Re: 9p

2014-05-31 Thread M Farkas-Dyck
On 31/05/2014, Philip Guenther wrote: > opendir/readdir don't look at the st_size member, so I don't think any of > those will help. You haven't found the real problem yet. Yes, I missed this in getdents docs: "nbytes must be greater than or equal to the block size associated with the file". Wi

Re: LibreSSL and ASN.1 encodings

2014-05-31 Thread D. Spindel
Some historical anecdotes: T.61 was proposed in 93. Utf8 later the same year. utf8 was recommended from 94. 2004 OpenSSL caught up with the recommendation, and decided to go against it to be compatible with Netscape Navigator. Which at that time had a massive 2% of the market. 2005 The behaviou

Re: LibreSSL and ASN.1 encodings

2014-05-31 Thread Bob Beck
Done. Thanks for the giggle. I needed it today. -Bob On Sat, May 31, 2014 at 07:20:56PM +0200, D. Spindel wrote: > a short plea from someone who just had to dig through OpenSSL code and > figuring out why I was getting T.61 strings instead of UTF8Strings. > > Would you _please_ and kindly cha

Re: [PATCH 9] installboot: malloc/memset => calloc

2014-05-31 Thread Benjamin Baier
On Sun, 1 Jun 2014 00:57:43 +1000 Joel Sing wrote: > In this case I think readability wins. I do not believe that there is a lot > to > gain from overflow protection given the numbers used in these calculations > are very small (and many are already bounds checked in some form or other). Well,

Wifi TL W723N

2014-05-31 Thread Sébastien Morand
Hi, I finally bought a TL W723N and try. usbdevs gives: port 2 addr 3: high speed, power 500 mA, config 1, 802.11n NIC(0x8179), Realtek(0x0bda), rev 0.00, iSerialNumber 00E04C0001 0x8179 is not present in kernel source (usbdevs.h) (for realteak there is 0x8178 and 0x817a and around but not this

Remove unneeded patch to alias 646 => ascii in Encode::Alias

2014-05-31 Thread Andrew Fresh
Turns out in 2008 the regex that aliases ISO-646 to ascii was changed so that it also matches plain 646, so we no longer need a patch to do that. https://github.com/dankogai/p5-encode/commit/aa1fdef85add72114ed7badf85e523cfdc9d6275 They adjusted the regex like this, making the leading ISO optiona

LibreSSL and ASN.1 encodings

2014-05-31 Thread D. Spindel
a short plea from someone who just had to dig through OpenSSL code and figuring out why I was getting T.61 strings instead of UTF8Strings. Would you _please_ and kindly change the default of global_mask in crypto/asn1/a_strnid.c from 0xL to B_ASN1_UTF8STRING OpenSSL upstream has had the

Re: [PATCH 9] installboot: malloc/memset => calloc

2014-05-31 Thread Joel Sing
On Sat, 31 May 2014, Benjamin Baier wrote: > This one splits up the malloc parameter, taking full potential from calloc, > hurting readability a bit. which one is preferred? more > readable/maintainable or using the calloc overflow protection? In this case I think readability wins. I do not believ

[PATCH 10] inetd: malloc/memset => calloc

2014-05-31 Thread Benjamin Baier
While here also stop casting {m,c}alloc return value. Index: inetd.c === RCS file: /cvs/src/usr.sbin/inetd/inetd.c,v retrieving revision 1.137 diff -u -p -r1.137 inetd.c --- inetd.c 23 Nov 2013 17:24:29 - 1.137 +++ inetd.

Re: [PATCH] rcs: no way to go, after usage was called

2014-05-31 Thread Fritjof Bornebusch
Any comments? On Thu, May 08, 2014 at 10:17:15PM +0200, Fritjof Bornebusch wrote: > Hi tech, > > there is no way you can go, after usage() was called, so dont't do it. > > fritjof > > Index: ci.c > === > RCS file: /cvs/src/usr.bin/

Re: [PATCH] rcs regression tests

2014-05-31 Thread Fritjof Bornebusch
Any feedback? On Thu, May 15, 2014 at 12:07:56AM +0200, Fritjof Bornebusch wrote: > Hi tech, > > I added some missing ; to the rlog out files, to make sure these tests don't > fail. > > > fritjof > > > Index: rlog-rflag2.out > =

[PATCH 9] installboot: malloc/memset => calloc

2014-05-31 Thread Benjamin Baier
This one splits up the malloc parameter, taking full potential from calloc, hurting readability a bit. which one is preferred? more readable/maintainable or using the calloc overflow protection? Index: bootstrap.c === RCS file: /cvs

[PATCH 8] aic7xxx: malloc/memset => calloc

2014-05-31 Thread Benjamin Baier
Index: aicasm.c === RCS file: /cvs/src/sys/dev/microcode/aic7xxx/aicasm.c,v retrieving revision 1.15 diff -u -p -r1.15 aicasm.c --- aicasm.c5 Dec 2012 23:20:19 - 1.15 +++ aicasm.c31 May 2014 11:01:21 - @@ -500,12

Re: [PATCH]unnecessary return in arc4random

2014-05-31 Thread Jérémie Courrèges-Anglas
Fritjof Bornebusch writes: > Am I wrong? Nope. Committed, thanks. > On Thu, May 22, 2014 at 04:30:03PM +0200, Fritjof Bornebusch wrote: >> Hi tech, >> >> does this return makes any sense, because it's a void function and the >> return is at the end of the function. >> >> fritjof >> >> Index

Re: libssl buffer.c change memset before free to explicit_bzero

2014-05-31 Thread Ted Unangst
On Sat, May 31, 2014 at 17:00, Cameron Stewart wrote: > - change memset before free to explicit_bzero > - change ordinary memset's to bzero Actually, memset is preferred to bzero in the ordinary case. Another good reason to make separate diffs for separate changes. :)

Re: [PATCH]unnecessary return in arc4random

2014-05-31 Thread Fritjof Bornebusch
Am I wrong? On Thu, May 22, 2014 at 04:30:03PM +0200, Fritjof Bornebusch wrote: > Hi tech, > > does this return makes any sense, because it's a void function and the return > is at the end of the function. > > fritjof > > Index: arc4random.c > ==

[PATCH] libssl: malloc checks for NULL

2014-05-31 Thread Chris Hettrick
Hi tech@ Here are some missing checks for NULL after malloc. I sent these in a bit ago, but I didn't see them picked up. Regards Index: src/apps/apps.c === RCS file: /cvs/src/lib/libssl/src/apps/apps.c,v retrieving revision 1.56 dif

Re: 9p

2014-05-31 Thread Philip Guenther
On Fri, May 30, 2014 at 10:42 PM, M Farkas-Dyck wrote: > Ls seems to stat the directory and allocate a large enough dent > buffer. I couldn't find what ls calls to do so, but I assume that it's > a common function and other programs use it too. opendir() and readdir() are the functions you're l

libssl buffer.c change memset before free to explicit_bzero

2014-05-31 Thread Cameron Stewart
- change memset before free to explicit_bzero - change ordinary memset's to bzero - change if(!data) malloc else realloc to realloc - explicit_bzero on downsize instead of memset Possible an advantage (the only?) of the previous allocator was this memset would have never been optimised out. S