Pull up following revision(s) (requested by drochner in ticket #262): dist/bind/lib/dns/openssldsa_link.c: revision 1.3 dist/bind/lib/dns/opensslrsa_link.c: revision 1.2 sync the last commit with the official 9.5.1-P1 release, thanks to Adrian Portelli for the upstream patchdiff -r1.1.1.3.4.1 -r1.1.1.3.4.2 src/dist/bind/lib/dns/openssldsa_link.c
(snj)
--- src/dist/bind/lib/dns/Attic/openssldsa_link.c 2009/01/16 03:11:51 1.1.1.3.4.1
+++ src/dist/bind/lib/dns/Attic/openssldsa_link.c 2009/01/16 03:13:00 1.1.1.3.4.2
| @@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
| 1 | /* $NetBSD: openssldsa_link.c,v 1.1.1.3.4.1 2009/01/16 03:11:51 snj Exp $ */ | 1 | /* $NetBSD: openssldsa_link.c,v 1.1.1.3.4.2 2009/01/16 03:13:00 snj Exp $ */ | |
| 2 | 2 | |||
| 3 | /* | 3 | /* | |
| 4 | * Portions Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") | 4 | * Portions Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") | |
| 5 | * Portions Copyright (C) 1999-2002 Internet Software Consortium. | 5 | * Portions Copyright (C) 1999-2002 Internet Software Consortium. | |
| 6 | * | 6 | * | |
| 7 | * Permission to use, copy, modify, and/or distribute this software for any | 7 | * Permission to use, copy, modify, and/or distribute this software for any | |
| 8 | * purpose with or without fee is hereby granted, provided that the above | 8 | * purpose with or without fee is hereby granted, provided that the above | |
| 9 | * copyright notice and this permission notice appear in all copies. | 9 | * copyright notice and this permission notice appear in all copies. | |
| 10 | * | 10 | * | |
| 11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS | 11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC AND NETWORK ASSOCIATES DISCLAIMS | |
| 12 | * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED | 12 | * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED | |
| 13 | * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE | 13 | * WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE | |
| 14 | * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | 14 | * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | |
| @@ -138,27 +138,27 @@ openssldsa_verify(dst_context_t *dctx, c | @@ -138,27 +138,27 @@ openssldsa_verify(dst_context_t *dctx, c | |||
| 138 | 138 | |||
| 139 | if (sig->length < 2 * ISC_SHA1_DIGESTLENGTH + 1) | 139 | if (sig->length < 2 * ISC_SHA1_DIGESTLENGTH + 1) | |
| 140 | return (DST_R_VERIFYFAILURE); | 140 | return (DST_R_VERIFYFAILURE); | |
| 141 | 141 | |||
| 142 | cp++; /*%< Skip T */ | 142 | cp++; /*%< Skip T */ | |
| 143 | dsasig = DSA_SIG_new(); | 143 | dsasig = DSA_SIG_new(); | |
| 144 | dsasig->r = BN_bin2bn(cp, ISC_SHA1_DIGESTLENGTH, NULL); | 144 | dsasig->r = BN_bin2bn(cp, ISC_SHA1_DIGESTLENGTH, NULL); | |
| 145 | cp += ISC_SHA1_DIGESTLENGTH; | 145 | cp += ISC_SHA1_DIGESTLENGTH; | |
| 146 | dsasig->s = BN_bin2bn(cp, ISC_SHA1_DIGESTLENGTH, NULL); | 146 | dsasig->s = BN_bin2bn(cp, ISC_SHA1_DIGESTLENGTH, NULL); | |
| 147 | cp += ISC_SHA1_DIGESTLENGTH; | 147 | cp += ISC_SHA1_DIGESTLENGTH; | |
| 148 | 148 | |||
| 149 | status = DSA_do_verify(digest, ISC_SHA1_DIGESTLENGTH, dsasig, dsa); | 149 | status = DSA_do_verify(digest, ISC_SHA1_DIGESTLENGTH, dsasig, dsa); | |
| 150 | DSA_SIG_free(dsasig); | 150 | DSA_SIG_free(dsasig); | |
| 151 | if (status <= 0) | 151 | if (status != 1) | |
| 152 | return (dst__openssl_toresult(DST_R_VERIFYFAILURE)); | 152 | return (dst__openssl_toresult(DST_R_VERIFYFAILURE)); | |
| 153 | 153 | |||
| 154 | return (ISC_R_SUCCESS); | 154 | return (ISC_R_SUCCESS); | |
| 155 | } | 155 | } | |
| 156 | 156 | |||
| 157 | static isc_boolean_t | 157 | static isc_boolean_t | |
| 158 | openssldsa_compare(const dst_key_t *key1, const dst_key_t *key2) { | 158 | openssldsa_compare(const dst_key_t *key1, const dst_key_t *key2) { | |
| 159 | int status; | 159 | int status; | |
| 160 | DSA *dsa1, *dsa2; | 160 | DSA *dsa1, *dsa2; | |
| 161 | 161 | |||
| 162 | dsa1 = key1->keydata.dsa; | 162 | dsa1 = key1->keydata.dsa; | |
| 163 | dsa2 = key2->keydata.dsa; | 163 | dsa2 = key2->keydata.dsa; | |
| 164 | 164 |
--- src/dist/bind/lib/dns/Attic/opensslrsa_link.c 2008/06/21 18:31:40 1.1.1.3
+++ src/dist/bind/lib/dns/Attic/opensslrsa_link.c 2009/01/16 03:13:00 1.1.1.3.4.1
| @@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
| 1 | /* $NetBSD: opensslrsa_link.c,v 1.1.1.3 2008/06/21 18:31:40 christos Exp $ */ | 1 | /* $NetBSD: opensslrsa_link.c,v 1.1.1.3.4.1 2009/01/16 03:13:00 snj Exp $ */ | |
| 2 | 2 | |||
| 3 | /* | 3 | /* | |
| 4 | * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") | 4 | * Copyright (C) 2004-2007 Internet Systems Consortium, Inc. ("ISC") | |
| 5 | * Copyright (C) 2000-2003 Internet Software Consortium. | 5 | * Copyright (C) 2000-2003 Internet Software Consortium. | |
| 6 | * | 6 | * | |
| 7 | * Permission to use, copy, modify, and/or distribute this software for any | 7 | * Permission to use, copy, modify, and/or distribute this software for any | |
| 8 | * purpose with or without fee is hereby granted, provided that the above | 8 | * purpose with or without fee is hereby granted, provided that the above | |
| 9 | * copyright notice and this permission notice appear in all copies. | 9 | * copyright notice and this permission notice appear in all copies. | |
| 10 | * | 10 | * | |
| 11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | 11 | * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH | |
| 12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | 12 | * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY | |
| 13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | 13 | * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, | |
| 14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | 14 | * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM | |
| @@ -239,27 +239,27 @@ opensslrsa_verify(dst_context_t *dctx, c | @@ -239,27 +239,27 @@ opensslrsa_verify(dst_context_t *dctx, c | |||
| 239 | digestlen = ISC_MD5_DIGESTLENGTH; | 239 | digestlen = ISC_MD5_DIGESTLENGTH; | |
| 240 | } else { | 240 | } else { | |
| 241 | isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx; | 241 | isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx; | |
| 242 | isc_sha1_final(sha1ctx, digest); | 242 | isc_sha1_final(sha1ctx, digest); | |
| 243 | type = NID_sha1; | 243 | type = NID_sha1; | |
| 244 | digestlen = ISC_SHA1_DIGESTLENGTH; | 244 | digestlen = ISC_SHA1_DIGESTLENGTH; | |
| 245 | } | 245 | } | |
| 246 | 246 | |||
| 247 | if (sig->length < (unsigned int) RSA_size(rsa)) | 247 | if (sig->length < (unsigned int) RSA_size(rsa)) | |
| 248 | return (DST_R_VERIFYFAILURE); | 248 | return (DST_R_VERIFYFAILURE); | |
| 249 | 249 | |||
| 250 | status = RSA_verify(type, digest, digestlen, sig->base, | 250 | status = RSA_verify(type, digest, digestlen, sig->base, | |
| 251 | RSA_size(rsa), rsa); | 251 | RSA_size(rsa), rsa); | |
| 252 | if (status == 0) | 252 | if (status != 1) | |
| 253 | return (dst__openssl_toresult(DST_R_VERIFYFAILURE)); | 253 | return (dst__openssl_toresult(DST_R_VERIFYFAILURE)); | |
| 254 | 254 | |||
| 255 | return (ISC_R_SUCCESS); | 255 | return (ISC_R_SUCCESS); | |
| 256 | } | 256 | } | |
| 257 | 257 | |||
| 258 | static isc_boolean_t | 258 | static isc_boolean_t | |
| 259 | opensslrsa_compare(const dst_key_t *key1, const dst_key_t *key2) { | 259 | opensslrsa_compare(const dst_key_t *key1, const dst_key_t *key2) { | |
| 260 | int status; | 260 | int status; | |
| 261 | RSA *rsa1, *rsa2; | 261 | RSA *rsa1, *rsa2; | |
| 262 | 262 | |||
| 263 | rsa1 = key1->keydata.rsa; | 263 | rsa1 = key1->keydata.rsa; | |
| 264 | rsa2 = key2->keydata.rsa; | 264 | rsa2 = key2->keydata.rsa; | |
| 265 | 265 |