Update md5.h / md5.c from upstream OpenBSD#127
Update md5.h / md5.c from upstream OpenBSD#127DimitriPapadopoulos wants to merge 1 commit intoFreeRADIUS:masterfrom
Conversation
| } | ||
| for (i = 0; i < 4; i++) | ||
| PUT_32BIT_LE(digest + i * 4, ctx->state[i]); | ||
| memset(ctx, 0, sizeof(*ctx)); /* in case it's sensitive */ |
There was a problem hiding this comment.
That's where upstream introduced a bzero_explicit() call, which we keep translating into a memset() call.
|
Are there any functionality changes here? I'm not sure why these changes are needed. |
|
No functionality changes. The rationale is that upstream have changed bzero() to memset() in their latest version 1.4. The header claims that the following changes have been applied to upstream version 1.1: That would be true compared to the latest upstream version 1.4, but not compared to upstream version 1.1, where the following comment would be required: I find it better to update the base upstream version from 1.1 to the latest 1.4, since it includes changes that have also been applied here, than documenting these changes in the header. Here is the diff between upstream 1.1 and 1.4: This PR also fixes the URL of the OpenBSD source repository. Finally, I wanted to point out that the explicit_bzero() call from upstream 1.4 has been transformed into a mere memset(). Perhaps I should add this to the changes listed in the comments, shouldn't I? |
|
It just occurred to me that I should also update https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/crypto/md5.h.diff?r1=1.1&r2=1.3&f=h |
DimitriPapadopoulos
force-pushed
the
md5.c_1.4
branch
3 times, most recently
from
021da95 to
8bf6b33
Compare
DimitriPapadopoulos
changed the title
DimitriPapadopoulos
force-pushed
the
md5.c_1.4
branch
2 times, most recently
from
2ad19ca to
6a882d0
Compare
DimitriPapadopoulos
changed the title
md5.h: 1.1 → 1.3 md5.c: 1.1 → 1.4 Changes are minimal, as upstream itself changed bzero() → memset(). Note that the new bzero_explicit() function call in upstream has been changed to a memset() function call, in the absence of a widely available memset_explicit() function for now. Also update the URL of the OpenBSD source repository.
DimitriPapadopoulos
force-pushed
the
md5.c_1.4
branch
from
6a882d0 to
f2f465c
Compare
2 participants
Changes are minimal, as upstream itself changed bzero() → memset().
Note that the new bzero_explicit() function call in upstream has been changed to a memset() function call, in the absence of a widely available memset_explicit() function for now.
Also update the URL of the OpenBSD source repository.