diff options
Diffstat (limited to 'compat')
-rw-r--r-- | compat/arc4random.c | 10 | ||||
-rw-r--r-- | compat/getentropy_aix.c | 4 | ||||
-rw-r--r-- | compat/posix_win.c | 113 |
3 files changed, 99 insertions, 28 deletions
diff --git a/compat/arc4random.c b/compat/arc4random.c index 6f95d57..1ec8e1e 100644 --- a/compat/arc4random.c +++ b/compat/arc4random.c @@ -1,4 +1,4 @@ -/* $OpenBSD: arc4random.c,v 1.56 2022/02/28 21:56:29 dtucker Exp $ */ +/* $OpenBSD: arc4random.c,v 1.58 2022/07/31 13:41:45 tb Exp $ */ /* * Copyright (c) 1996, David Mazieres <dm@uun.org> @@ -49,6 +49,8 @@ #define BLOCKSZ 64 #define RSBUFSZ (16*BLOCKSZ) +#define REKEY_BASE (1024*1024) /* NB. should be a power of 2 */ + /* Marked MAP_INHERIT_ZERO, so zero'd out in fork children. */ static struct _rs { size_t rs_have; /* valid bytes at end of rs_buf */ @@ -86,6 +88,7 @@ static void _rs_stir(void) { u_char rnd[KEYSZ + IVSZ]; + uint32_t rekey_fuzz = 0; if (getentropy(rnd, sizeof rnd) == -1) _getentropy_fail(); @@ -100,7 +103,10 @@ _rs_stir(void) rs->rs_have = 0; memset(rsx->rs_buf, 0, sizeof(rsx->rs_buf)); - rs->rs_count = 1600000; + /* rekey interval should not be predictable */ + chacha_encrypt_bytes(&rsx->rs_chacha, (uint8_t *)&rekey_fuzz, + (uint8_t *)&rekey_fuzz, sizeof(rekey_fuzz)); + rs->rs_count = REKEY_BASE + (rekey_fuzz % REKEY_BASE); } static inline void diff --git a/compat/getentropy_aix.c b/compat/getentropy_aix.c index 7fb857e..9d085cf 100644 --- a/compat/getentropy_aix.c +++ b/compat/getentropy_aix.c @@ -1,4 +1,4 @@ -/* $OpenBSD: getentropy_aix.c,v 1.8 2021/10/24 21:24:20 deraadt Exp $ */ +/* $OpenBSD: getentropy_aix.c,v 1.9 2022/12/26 07:18:50 jmc Exp $ */ /* * Copyright (c) 2015 Michael Felt <aixtools@gmail.com> @@ -21,7 +21,7 @@ * http://man.openbsd.org/getentropy.2 */ /* - * -lperfstat is needed for the psuedo entropy data + * -lperfstat is needed for the pseudo entropy data */ #include <sys/mman.h> diff --git a/compat/posix_win.c b/compat/posix_win.c index 30c93cd..b3a4687 100644 --- a/compat/posix_win.c +++ b/compat/posix_win.c @@ -148,6 +148,49 @@ wsa_errno(int err) return -1; } +/* + * Employ a similar trick to cpython (pycore_fileutils.h) where the CRT report + * handler is disabled while checking if a descriptor is a socket or a file + */ +#if defined _MSC_VER && _MSC_VER >= 1900 + +#include <crtdbg.h> +#include <stdlib.h> + +static void noop_handler(const wchar_t *expression, const wchar_t *function, + const wchar_t *file, unsigned int line, uintptr_t pReserved) +{ + return; +} + +#define BEGIN_SUPPRESS_IPH \ + _invalid_parameter_handler old_handler = _set_thread_local_invalid_parameter_handler(noop_handler) +#define END_SUPPRESS_IPH \ + _set_thread_local_invalid_parameter_handler(old_handler) + +#else + +#define BEGIN_SUPPRESS_IPH +#define END_SUPPRESS_IPH + +#endif + +static int +is_socket(int fd) +{ + intptr_t hd; + + BEGIN_SUPPRESS_IPH; + hd = _get_osfhandle(fd); + END_SUPPRESS_IPH; + + if (hd == (intptr_t)INVALID_HANDLE_VALUE) { + return 1; /* fd is not file descriptor */ + } + + return 0; +} + int posix_connect(int sockfd, const struct sockaddr *addr, socklen_t addrlen) { @@ -160,24 +203,31 @@ posix_connect(int sockfd, const struct sockaddr *addr, socklen_t addrlen) int posix_close(int fd) { - if (closesocket(fd) == SOCKET_ERROR) { - int err = WSAGetLastError(); - return (err == WSAENOTSOCK || err == WSAEBADF || - err == WSANOTINITIALISED) ? - close(fd) : wsa_errno(err); + int rc; + + if (is_socket(fd)) { + if ((rc = closesocket(fd)) == SOCKET_ERROR) { + int err = WSAGetLastError(); + rc = wsa_errno(err); + } + } else { + rc = close(fd); } - return 0; + return rc; } ssize_t posix_read(int fd, void *buf, size_t count) { - ssize_t rc = recv(fd, buf, count, 0); - if (rc == SOCKET_ERROR) { - int err = WSAGetLastError(); - return (err == WSAENOTSOCK || err == WSAEBADF || - err == WSANOTINITIALISED) ? - read(fd, buf, count) : wsa_errno(err); + ssize_t rc; + + if (is_socket(fd)) { + if ((rc = recv(fd, buf, count, 0)) == SOCKET_ERROR) { + int err = WSAGetLastError(); + rc = wsa_errno(err); + } + } else { + rc = read(fd, buf, count); } return rc; } @@ -185,12 +235,13 @@ posix_read(int fd, void *buf, size_t count) ssize_t posix_write(int fd, const void *buf, size_t count) { - ssize_t rc = send(fd, buf, count, 0); - if (rc == SOCKET_ERROR) { - int err = WSAGetLastError(); - return (err == WSAENOTSOCK || err == WSAEBADF || - err == WSANOTINITIALISED) ? - write(fd, buf, count) : wsa_errno(err); + ssize_t rc; + if (is_socket(fd)) { + if ((rc = send(fd, buf, count, 0)) == SOCKET_ERROR) { + rc = wsa_errno(WSAGetLastError()); + } + } else { + rc = write(fd, buf, count); } return rc; } @@ -199,17 +250,32 @@ int posix_getsockopt(int sockfd, int level, int optname, void *optval, socklen_t *optlen) { - int rc = getsockopt(sockfd, level, optname, (char *)optval, optlen); - return rc == 0 ? 0 : wsa_errno(WSAGetLastError()); - + int rc; + if (is_socket(sockfd)) { + rc = getsockopt(sockfd, level, optname, (char *)optval, optlen); + if (rc != 0) { + rc = wsa_errno(WSAGetLastError()); + } + } else { + rc = -1; + } + return rc; } int posix_setsockopt(int sockfd, int level, int optname, const void *optval, socklen_t optlen) { - int rc = setsockopt(sockfd, level, optname, (char *)optval, optlen); - return rc == 0 ? 0 : wsa_errno(WSAGetLastError()); + int rc; + if (is_socket(sockfd)) { + rc = setsockopt(sockfd, level, optname, (char *)optval, optlen); + if (rc != 0) { + rc = wsa_errno(WSAGetLastError()); + } + } else { + rc = -1; + } + return rc; } uid_t getuid(void) @@ -241,5 +307,4 @@ int gettimeofday(struct timeval * tp, struct timezone * tzp) tp->tv_usec = (long)(system_time.wMilliseconds * 1000); return 0; } - #endif |