From owner-svn-src-all@FreeBSD.ORG Wed May 14 17:45:11 2014 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 955728F5; Wed, 14 May 2014 17:45:11 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 75F0427BD; Wed, 14 May 2014 17:45:11 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4EHjBLT056715; Wed, 14 May 2014 17:45:11 GMT (envelope-from tuexen@svn.freebsd.org) Received: (from tuexen@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4EHjBn9056713; Wed, 14 May 2014 17:45:11 GMT (envelope-from tuexen@svn.freebsd.org) Message-Id: <201405141745.s4EHjBn9056713@svn.freebsd.org> From: Michael Tuexen Date: Wed, 14 May 2014 17:45:11 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r266060 - stable/9/sys/netinet X-SVN-Group: stable-9 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 May 2014 17:45:11 -0000 Author: tuexen Date: Wed May 14 17:45:10 2014 New Revision: 266060 URL: http://svnweb.freebsd.org/changeset/base/266060 Log: MFC r257804: Get rid of the artification limitation enforced by SCTP_AUTH_RANDOM_SIZE_MAX. This was suggested by Andrew Galante. Modified: stable/9/sys/netinet/sctp_auth.c stable/9/sys/netinet/sctp_auth.h Directory Properties: stable/9/sys/ (props changed) Modified: stable/9/sys/netinet/sctp_auth.c ============================================================================== --- stable/9/sys/netinet/sctp_auth.c Wed May 14 17:43:49 2014 (r266059) +++ stable/9/sys/netinet/sctp_auth.c Wed May 14 17:45:10 2014 (r266060) @@ -333,10 +333,6 @@ sctp_generate_random_key(uint32_t keylen { sctp_key_t *new_key; - /* validate keylen */ - if (keylen > SCTP_AUTH_RANDOM_SIZE_MAX) - keylen = SCTP_AUTH_RANDOM_SIZE_MAX; - new_key = sctp_alloc_key(keylen); if (new_key == NULL) { /* out of memory */ @@ -374,7 +370,7 @@ sctp_compare_key(sctp_key_t * key1, sctp uint32_t i; uint32_t key1len, key2len; uint8_t *key_1, *key_2; - uint8_t temp[SCTP_AUTH_RANDOM_SIZE_MAX]; + uint8_t val1, val2; /* sanity/length check */ key1len = sctp_get_keylen(key1); @@ -386,38 +382,24 @@ sctp_compare_key(sctp_key_t * key1, sctp else if (key2len == 0) return (1); - if (key1len != key2len) { - if (key1len >= key2len) - maxlen = key1len; - else - maxlen = key2len; - bzero(temp, maxlen); - if (key1len < maxlen) { - /* prepend zeroes to key1 */ - bcopy(key1->key, temp + (maxlen - key1len), key1len); - key_1 = temp; - key_2 = key2->key; - } else { - /* prepend zeroes to key2 */ - bcopy(key2->key, temp + (maxlen - key2len), key2len); - key_1 = key1->key; - key_2 = temp; - } + if (key1len < key2len) { + maxlen = key2len; } else { maxlen = key1len; - key_1 = key1->key; - key_2 = key2->key; } - + key_1 = key1->key; + key_2 = key2->key; + /* check for numeric equality */ for (i = 0; i < maxlen; i++) { - if (*key_1 > *key_2) + /* left-pad with zeros */ + val1 = (i < (maxlen - key1len)) ? 0 : *(key_1++); + val2 = (i < (maxlen - key2len)) ? 0 : *(key_2++); + if (val1 > val2) { return (1); - else if (*key_1 < *key_2) + } else if (val1 < val2) { return (-1); - key_1++; - key_2++; + } } - /* keys are equal value, so check lengths */ if (key1len == key2len) return (0); Modified: stable/9/sys/netinet/sctp_auth.h ============================================================================== --- stable/9/sys/netinet/sctp_auth.h Wed May 14 17:43:49 2014 (r266059) +++ stable/9/sys/netinet/sctp_auth.h Wed May 14 17:45:10 2014 (r266060) @@ -46,7 +46,6 @@ __FBSDID("$FreeBSD$"); /* random sizes */ #define SCTP_AUTH_RANDOM_SIZE_DEFAULT 32 #define SCTP_AUTH_RANDOM_SIZE_REQUIRED 32 -#define SCTP_AUTH_RANDOM_SIZE_MAX 256 /* union of all supported HMAC algorithm contexts */ typedef union sctp_hash_context {