svn commit: r202479 - in stable/6: . sys/opencrypto
Bjoern A. Zeeb
bz at FreeBSD.org
Sun Jan 17 13:36:40 UTC 2010
Author: bz
Date: Sun Jan 17 13:36:40 2010
New Revision: 202479
URL: http://svn.freebsd.org/changeset/base/202479
Log:
MFC r201898:
Add comments trying to explain what bad things happen here, i.e.
how hashed MD5/SHA are implemented, abusing Final() for padding and
sw_octx to transport the key from the beginning to the end.
Enlightened about what was going on here by: cperciva
Reviewed by: cperciva
Modified:
stable/6/Makefile (contents, props changed)
stable/6/sys/opencrypto/cryptosoft.c
Directory Properties:
stable/6/sys/ (props changed)
stable/6/sys/contrib/pf/ (props changed)
stable/6/sys/dev/cxgb/ (props changed)
Modified: stable/6/Makefile
==============================================================================
--- stable/6/Makefile Sun Jan 17 13:36:25 2010 (r202478)
+++ stable/6/Makefile Sun Jan 17 13:36:40 2010 (r202479)
@@ -262,12 +262,14 @@ make: .PHONY
# existing system is.
#
.if make(universe)
+TARGETS?=alpha amd64 i386 ia64 pc98 powerpc sparc64
+
universe: universe_prologue
universe_prologue:
@echo "--------------------------------------------------------------"
@echo ">>> make universe started on ${STARTTIME}"
@echo "--------------------------------------------------------------"
-.for target in alpha amd64 i386 ia64 pc98 powerpc sparc64
+.for target in ${TARGETS}
KERNCONFS!= cd ${.CURDIR}/sys/${target}/conf && \
find [A-Z]*[A-Z] -type f -maxdepth 0 \
! -name DEFAULTS ! -name LINT
@@ -275,22 +277,30 @@ KERNCONFS:= ${KERNCONFS:S/^NOTES$/LINT/}
universe: universe_${target}
.ORDER: universe_prologue universe_${target} universe_epilogue
universe_${target}:
+.if !defined(MAKE_JUST_KERNELS)
@echo ">> ${target} started on `LC_ALL=C date`"
- -cd ${.CURDIR} && ${MAKE} ${JFLAG} buildworld \
+ @(cd ${.CURDIR} && env __MAKE_CONF=/dev/null \
+ ${MAKE} ${JFLAG} buildworld \
TARGET=${target} \
- __MAKE_CONF=/dev/null \
- > _.${target}.buildworld 2>&1
+ > _.${target}.buildworld 2>&1 || \
+ echo "${target} world failed," \
+ "check _.${target}.buildworld for details")
@echo ">> ${target} buildworld completed on `LC_ALL=C date`"
+.endif
.if exists(${.CURDIR}/sys/${target}/conf/NOTES)
- -cd ${.CURDIR}/sys/${target}/conf && ${MAKE} LINT \
- > ${.CURDIR}/_.${target}.makeLINT 2>&1
+ @(cd ${.CURDIR}/sys/${target}/conf && env __MAKE_CONF=/dev/null \
+ ${MAKE} LINT > ${.CURDIR}/_.${target}.makeLINT 2>&1 || \
+ echo "${target} 'make LINT' failed," \
+ "check _.${target}.makeLINT for details")
.endif
.for kernel in ${KERNCONFS}
- -cd ${.CURDIR} && ${MAKE} ${JFLAG} buildkernel \
+ @(cd ${.CURDIR} && env __MAKE_CONF=/dev/null \
+ ${MAKE} ${JFLAG} buildkernel \
TARGET=${target} \
KERNCONF=${kernel} \
- __MAKE_CONF=/dev/null \
- > _.${target}.${kernel} 2>&1
+ > _.${target}.${kernel} 2>&1 || \
+ echo "${target} ${kernel} kernel failed," \
+ "check _.${target}.${kernel} for details")
.endfor
@echo ">> ${target} completed on `LC_ALL=C date`"
.endfor
Modified: stable/6/sys/opencrypto/cryptosoft.c
==============================================================================
--- stable/6/sys/opencrypto/cryptosoft.c Sun Jan 17 13:36:25 2010 (r202478)
+++ stable/6/sys/opencrypto/cryptosoft.c Sun Jan 17 13:36:40 2010 (r202479)
@@ -426,7 +426,16 @@ swcr_authprepare(struct auth_hash *axf,
case CRYPTO_MD5_KPDK:
case CRYPTO_SHA1_KPDK:
{
- /* We need a buffer that can hold an md5 and a sha1 result. */
+ /*
+ * We need a buffer that can hold an md5 and a sha1 result
+ * just to throw it away.
+ * What we do here is the initial part of:
+ * ALGO( key, keyfill, .. )
+ * adding the key to sw_ictx and abusing Final() to get the
+ * "keyfill" padding.
+ * In addition we abuse the sw_octx to save the key to have
+ * it to be able to append it at the end in swcr_authcompute().
+ */
u_char buf[SHA1_RESULTLEN];
sw->sw_klen = klen;
@@ -487,9 +496,17 @@ swcr_authcompute(struct cryptodesc *crd,
case CRYPTO_MD5_KPDK:
case CRYPTO_SHA1_KPDK:
+ /* If we have no key saved, return error. */
if (sw->sw_octx == NULL)
return EINVAL;
+ /*
+ * Add the trailing copy of the key (see comment in
+ * swcr_authprepare()) after the data:
+ * ALGO( .., key, algofill )
+ * and let Final() do the proper, natural "algofill"
+ * padding.
+ */
axf->Update(&ctx, sw->sw_octx, sw->sw_klen);
axf->Final(aalg, &ctx);
break;
More information about the svn-src-stable-6
mailing list