Skip site navigation (1) Skip section navigation (2)

[patch 1/3] small cleanups

From: Marko Kreen <marko(at)l-t(dot)ee>
To: pgsql-patches(at)postgresql(dot)org
Subject: [patch 1/3] small cleanups
Date: 2005-07-15 20:04:03
Message-ID: 20050715200442.153594000@grue (view raw or flat)
Thread:
Lists: pgsql-patches
- Fix couple comments.

- internal.c didnt clean hash contexts when freeing

- zero the system randomness buffer too

- Google tells that we can use /dev/urandom on Cygwin,
  HPUX and AIX.  Add them to random.c

- remove a debug reference from pgp.h


Index: pgsql/contrib/pgcrypto/fortuna.c
===================================================================
*** pgsql.orig/contrib/pgcrypto/fortuna.c
--- pgsql/contrib/pgcrypto/fortuna.c
*************** static void init_state(FState *st)
*** 174,181 ****
  }
  
  /*
!  * Must not reseed more ofter than RESEED_PER_SEC
!  * times per second.
   */
  static int too_often(FState *st)
  {
--- 174,181 ----
  }
  
  /*
!  * The time between reseed must be at least RESEED_INTERVAL
!  * microseconds.
   */
  static int too_often(FState *st)
  {
*************** static void reseed(FState *st)
*** 241,247 ****
  
  	memset(&key_md, 0, sizeof(key_md));
  	memset(buf, 0, BLOCK);
- 	n = k = 0;
  }
  
  /*
--- 241,246 ----
Index: pgsql/contrib/pgcrypto/internal.c
===================================================================
*** pgsql.orig/contrib/pgcrypto/internal.c
--- pgsql/contrib/pgcrypto/internal.c
*************** int_md5_free(PX_MD * h)
*** 127,132 ****
--- 127,133 ----
  {
  	MD5_CTX    *ctx = (MD5_CTX *) h->p.ptr;
  
+ 	memset(ctx, 0, sizeof(*ctx));
  	px_free(ctx);
  	px_free(h);
  }
*************** int_sha1_free(PX_MD * h)
*** 174,179 ****
--- 175,181 ----
  {
  	SHA1_CTX   *ctx = (SHA1_CTX *) h->p.ptr;
  
+ 	memset(ctx, 0, sizeof(*ctx));
  	px_free(ctx);
  	px_free(h);
  }
*************** int_sha256_free(PX_MD * h)
*** 221,226 ****
--- 223,229 ----
  {
  	SHA256_CTX   *ctx = (SHA256_CTX *) h->p.ptr;
  
+ 	memset(ctx, 0, sizeof(*ctx));
  	px_free(ctx);
  	px_free(h);
  }
*************** int_sha384_free(PX_MD * h)
*** 267,272 ****
--- 270,276 ----
  {
  	SHA384_CTX   *ctx = (SHA384_CTX *) h->p.ptr;
  
+ 	memset(ctx, 0, sizeof(*ctx));
  	px_free(ctx);
  	px_free(h);
  }
*************** int_sha512_free(PX_MD * h)
*** 314,319 ****
--- 318,324 ----
  {
  	SHA512_CTX   *ctx = (SHA512_CTX *) h->p.ptr;
  
+ 	memset(ctx, 0, sizeof(*ctx));
  	px_free(ctx);
  	px_free(h);
  }
*************** init_md5(PX_MD * md)
*** 326,331 ****
--- 331,337 ----
  	MD5_CTX    *ctx;
  
  	ctx = px_alloc(sizeof(*ctx));
+ 	memset(ctx, 0, sizeof(*ctx));
  
  	md->p.ptr = ctx;
  
*************** init_sha1(PX_MD * md)
*** 345,350 ****
--- 351,357 ----
  	SHA1_CTX   *ctx;
  
  	ctx = px_alloc(sizeof(*ctx));
+ 	memset(ctx, 0, sizeof(*ctx));
  
  	md->p.ptr = ctx;
  
*************** init_sha256(PX_MD * md)
*** 364,369 ****
--- 371,377 ----
  	SHA256_CTX   *ctx;
  
  	ctx = px_alloc(sizeof(*ctx));
+ 	memset(ctx, 0, sizeof(*ctx));
  
  	md->p.ptr = ctx;
  
*************** init_sha384(PX_MD * md)
*** 383,388 ****
--- 391,397 ----
  	SHA384_CTX   *ctx;
  
  	ctx = px_alloc(sizeof(*ctx));
+ 	memset(ctx, 0, sizeof(*ctx));
  
  	md->p.ptr = ctx;
  
*************** init_sha512(PX_MD * md)
*** 402,407 ****
--- 411,417 ----
  	SHA512_CTX   *ctx;
  
  	ctx = px_alloc(sizeof(*ctx));
+ 	memset(ctx, 0, sizeof(*ctx));
  
  	md->p.ptr = ctx;
  
*************** static void system_reseed(void)
*** 829,834 ****
--- 839,845 ----
  		fortuna_add_entropy(SYSTEM_ENTROPY, buf, n);
  
  	seed_time = t;
+ 	memset(buf, 0, sizeof(buf));
  }
  
  int
Index: pgsql/contrib/pgcrypto/pgp-compress.c
===================================================================
*** pgsql.orig/contrib/pgcrypto/pgp-compress.c
--- pgsql/contrib/pgcrypto/pgp-compress.c
*************** restart:
*** 270,276 ****
  	dec->stream.avail_out = dec->buf_len;
  	dec->pos = dec->buf;
  
! 	// Z_NO_FLUSH, Z_SYNC_FLUSH,
  	flush = dec->stream.avail_in ? Z_SYNC_FLUSH : Z_FINISH;
  	res = inflate(&dec->stream, flush);
  	if (res != Z_OK && res != Z_STREAM_END)
--- 270,280 ----
  	dec->stream.avail_out = dec->buf_len;
  	dec->pos = dec->buf;
  
! 	/*
! 	 * Z_SYNC_FLUSH is tell zlib to output as much as possible.
! 	 * It should do in anyway (Z_NO_FLUSH), but seems to reserve
! 	 * the right not to.  So lets follow the API.
! 	 */
  	flush = dec->stream.avail_in ? Z_SYNC_FLUSH : Z_FINISH;
  	res = inflate(&dec->stream, flush);
  	if (res != Z_OK && res != Z_STREAM_END)
Index: pgsql/contrib/pgcrypto/pgp-decrypt.c
===================================================================
*** pgsql.orig/contrib/pgcrypto/pgp-decrypt.c
--- pgsql/contrib/pgcrypto/pgp-decrypt.c
*************** static void mdc_free(void *priv)
*** 339,345 ****
  	ctx->mdc_ctx = NULL;
  }
  
- // fixme: clarify
  static int mdc_finish(PGP_Context *ctx, PullFilter *src,
  		int len, uint8 **data_p)
  {
--- 339,344 ----
*************** static int mdc_finish(PGP_Context *ctx, 
*** 364,369 ****
--- 363,369 ----
  		return 0;
  	}
  	
+ 	/* safety check */
  	if (ctx->in_mdc_pkt > 1)
  	{
  		px_debug("mdc_finish: several times here?");
*************** static int mdc_finish(PGP_Context *ctx, 
*** 371,376 ****
--- 371,377 ----
  	}
  	ctx->in_mdc_pkt++;
  	
+ 	/* is the packet sane? */
  	if (res != 20)
  	{
  		px_debug("mdc_finish: read failed, res=%d", res);
Index: pgsql/contrib/pgcrypto/random.c
===================================================================
*** pgsql.orig/contrib/pgcrypto/random.c
--- pgsql/contrib/pgcrypto/random.c
***************
*** 44,50 ****
   */
  #if defined(__linux__) || defined(__FreeBSD__) || defined(__OpenBSD__) \
  	|| defined(__NetBSD__) || defined(__DragonFly__) \
! 	|| defined(__darwin__) || defined(__SOLARIS__)
  
  #define TRY_DEV_RANDOM
  
--- 44,52 ----
   */
  #if defined(__linux__) || defined(__FreeBSD__) || defined(__OpenBSD__) \
  	|| defined(__NetBSD__) || defined(__DragonFly__) \
! 	|| defined(__darwin__) || defined(__SOLARIS__) \
! 	|| defined(__hpux) || defined(__HPUX__) \
! 	|| defined(__CYGWIN__) || defined(_AIX)
  
  #define TRY_DEV_RANDOM
  
Index: pgsql/contrib/pgcrypto/pgp.h
===================================================================
*** pgsql.orig/contrib/pgcrypto/pgp.h
--- pgsql/contrib/pgcrypto/pgp.h
*************** unsigned	pgp_armor_dec_len(unsigned len)
*** 238,245 ****
  int pgp_compress_filter(PushFilter **res, PGP_Context *ctx, PushFilter *dst);
  int pgp_decompress_filter(PullFilter **res, PGP_Context *ctx, PullFilter *src);
  
- extern void (*pgp_packet_debug) (int tag, uint8 *buf, int len);
- 
  int pgp_key_alloc(PGP_PubKey **pk_p);
  void pgp_key_free(PGP_PubKey *pk);
  int _pgp_read_public_key(PullFilter *pkt, PGP_PubKey *pk);
--- 238,243 ----

--

In response to

Responses

pgsql-patches by date

Next:From: Marko KreenDate: 2005-07-15 20:04:04
Subject: [patch 2/3] Fortuna fixes
Previous:From: Marko KreenDate: 2005-07-15 20:04:02
Subject: [patch 0/3] last large update to pgcrypto

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group