diff options
Diffstat (limited to 'security')
23 files changed, 315 insertions, 232 deletions
diff --git a/security/manager/ssl/nsISiteSecurityService.idl b/security/manager/ssl/nsISiteSecurityService.idl index 753f32b57..b61577152 100644 --- a/security/manager/ssl/nsISiteSecurityService.idl +++ b/security/manager/ssl/nsISiteSecurityService.idl @@ -23,7 +23,7 @@ namespace mozilla [ref] native nsCStringTArrayRef(nsTArray<nsCString>); [ref] native mozillaPkixTime(mozilla::pkix::Time); -[scriptable, uuid(275127f8-dbd7-4681-afbf-6df0c6587a01)] +[scriptable, uuid(233908bd-6741-4474-a6e1-f298c6ce9eaf)] interface nsISiteSecurityService : nsISupports { const uint32_t HEADER_HSTS = 0; @@ -98,15 +98,21 @@ interface nsISiteSecurityService : nsISupports * Given a header type, removes state relating to that header of a host, * including the includeSubdomains state that would affect subdomains. * This essentially removes the state for the domain tree rooted at this - * host. + * host. If any preloaded information is present for that host, that + * information will then be used instead of any other previously existing + * state, unless the force parameter is set. + * * @param aType the type of security state in question * @param aURI the URI of the target host * @param aFlags options for this request as defined in nsISocketProvider: * NO_PERMANENT_STORAGE + * @param force if set, forces no-HSTS state by writing a knockout value, + * overriding any preload list state */ void removeState(in uint32_t aType, in nsIURI aURI, - in uint32_t aFlags); + in uint32_t aFlags, + [optional] in boolean force); /** * See isSecureURI diff --git a/security/manager/ssl/nsSiteSecurityService.cpp b/security/manager/ssl/nsSiteSecurityService.cpp index cfee79d8d..44ee7dcc0 100644 --- a/security/manager/ssl/nsSiteSecurityService.cpp +++ b/security/manager/ssl/nsSiteSecurityService.cpp @@ -330,21 +330,22 @@ nsSiteSecurityService::SetHSTSState(uint32_t aType, uint32_t flags, SecurityPropertyState aHSTSState) { - // If max-age is zero, that's an indication to immediately remove the - // security state, so here's a shortcut. - if (!maxage) { - return RemoveState(aType, aSourceURI, flags); + // Exit early if STS not enabled + if (!mUseStsService) { + return NS_OK; + } + + // If max-age is zero, the host is no longer considered HSTS. If the host was + // preloaded, we store an entry indicating that this host is not HSTS, causing + // the preloaded information to be ignored. + if (maxage == 0) { + return RemoveState(aType, aSourceURI, flags, true); } MOZ_ASSERT((aHSTSState == SecurityPropertySet || aHSTSState == SecurityPropertyNegative), "HSTS State must be SecurityPropertySet or SecurityPropertyNegative"); - // Exit early if STS not enabled - if (!mUseStsService) { - return NS_OK; - } - int64_t expiretime = ExpireTimeFromMaxAge(maxage); SiteHSTSState siteState(expiretime, aHSTSState, includeSubdomains); nsAutoCString stateString; @@ -367,7 +368,7 @@ nsSiteSecurityService::SetHSTSState(uint32_t aType, NS_IMETHODIMP nsSiteSecurityService::RemoveState(uint32_t aType, nsIURI* aURI, - uint32_t aFlags) + uint32_t aFlags, bool force = false) { // Child processes are not allowed direct access to this. if (!XRE_IsParentProcess()) { @@ -387,8 +388,9 @@ nsSiteSecurityService::RemoveState(uint32_t aType, nsIURI* aURI, mozilla::DataStorageType storageType = isPrivate ? mozilla::DataStorage_Private : mozilla::DataStorage_Persistent; - // If this host is in the preload list, we have to store a knockout entry. - if (GetPreloadListEntry(hostname.get())) { + // If this host is in the preload list, we have to store a knockout entry + // if it's explicitly forced to not be HSTS anymore + if (force && GetPreloadListEntry(hostname.get())) { SSSLOG(("SSS: storing knockout entry for %s", hostname.get())); SiteHSTSState siteState(0, SecurityPropertyKnockout, false); nsAutoCString stateString; @@ -769,7 +771,10 @@ nsSiteSecurityService::ProcessPKPHeader(nsIURI* aSourceURI, return NS_ERROR_FAILURE; } - // if maxAge == 0 we must delete all state, for now no hole-punching + // If maxAge == 0, we remove dynamic HPKP state for this host. Due to + // architectural constraints, if this host was preloaded, any future lookups + // will use the preloaded state (i.e. we can't store a "this host is not HPKP" + // entry like we can for HSTS). if (maxAge == 0) { return RemoveState(aType, aSourceURI, aFlags); } diff --git a/security/nss/coreconf/coreconf.dep b/security/nss/coreconf/coreconf.dep index 5182f7555..590d1bfae 100644 --- a/security/nss/coreconf/coreconf.dep +++ b/security/nss/coreconf/coreconf.dep @@ -10,3 +10,4 @@ */ #error "Do not include this header file." + diff --git a/security/nss/lib/dbm/include/extern.h b/security/nss/lib/dbm/include/extern.h index 897369fb8..4fbdc2d80 100644 --- a/security/nss/lib/dbm/include/extern.h +++ b/security/nss/lib/dbm/include/extern.h @@ -31,32 +31,32 @@ * @(#)extern.h 8.4 (Berkeley) 6/16/94 */ -BUFHEAD *__add_ovflpage(HTAB *, BUFHEAD *); -int __addel(HTAB *, BUFHEAD *, const DBT *, const DBT *); -int __big_delete(HTAB *, BUFHEAD *); -int __big_insert(HTAB *, BUFHEAD *, const DBT *, const DBT *); -int __big_keydata(HTAB *, BUFHEAD *, DBT *, DBT *, int); -int __big_return(HTAB *, BUFHEAD *, int, DBT *, int); -int __big_split(HTAB *, BUFHEAD *, BUFHEAD *, BUFHEAD *, - uint32, uint32, SPLIT_RETURN *); -int __buf_free(HTAB *, int, int); -void __buf_init(HTAB *, int); -uint32 __call_hash(HTAB *, char *, size_t); -int __delpair(HTAB *, BUFHEAD *, int); -int __expand_table(HTAB *); -int __find_bigpair(HTAB *, BUFHEAD *, int, char *, int); -uint16 __find_last_page(HTAB *, BUFHEAD **); -void __free_ovflpage(HTAB *, BUFHEAD *); -BUFHEAD *__get_buf(HTAB *, uint32, BUFHEAD *, int); -int __get_page(HTAB *, char *, uint32, int, int, int); -int __ibitmap(HTAB *, int, int, int); -uint32 __log2(uint32); -int __put_page(HTAB *, char *, uint32, int, int); -void __reclaim_buf(HTAB *, BUFHEAD *); -int __split_page(HTAB *, uint32, uint32); +BUFHEAD *dbm_add_ovflpage(HTAB *, BUFHEAD *); +int dbm_addel(HTAB *, BUFHEAD *, const DBT *, const DBT *); +int dbm_big_delete(HTAB *, BUFHEAD *); +int dbm_big_insert(HTAB *, BUFHEAD *, const DBT *, const DBT *); +int dbm_big_keydata(HTAB *, BUFHEAD *, DBT *, DBT *, int); +int dbm_big_return(HTAB *, BUFHEAD *, int, DBT *, int); +int dbm_big_split(HTAB *, BUFHEAD *, BUFHEAD *, BUFHEAD *, + uint32, uint32, SPLIT_RETURN *); +int dbm_buf_free(HTAB *, int, int); +void dbm_buf_init(HTAB *, int); +uint32 dbm_call_hash(HTAB *, char *, size_t); +int dbm_delpair(HTAB *, BUFHEAD *, int); +int dbm_expand_table(HTAB *); +int dbm_find_bigpair(HTAB *, BUFHEAD *, int, char *, int); +uint16 dbm_find_last_page(HTAB *, BUFHEAD **); +void dbm_free_ovflpage(HTAB *, BUFHEAD *); +BUFHEAD *dbm_get_buf(HTAB *, uint32, BUFHEAD *, int); +int dbm_get_page(HTAB *, char *, uint32, int, int, int); +int dbm_ibitmap(HTAB *, int, int, int); +uint32 dbm_log2(uint32); +int dbm_put_page(HTAB *, char *, uint32, int, int); +void dbm_reclaim_buf(HTAB *, BUFHEAD *); +int dbm_split_page(HTAB *, uint32, uint32); /* Default hash routine. */ -extern uint32 (*__default_hash)(const void *, size_t); +extern uint32 (*dbm_default_hash)(const void *, size_t); #ifdef HASH_STATISTICS extern int hash_accesses, hash_collisions, hash_expansions, hash_overflows; diff --git a/security/nss/lib/dbm/include/hash.h b/security/nss/lib/dbm/include/hash.h index 7da51dc64..0ce3c3ff2 100644 --- a/security/nss/lib/dbm/include/hash.h +++ b/security/nss/lib/dbm/include/hash.h @@ -190,7 +190,7 @@ typedef struct htab { /* Memory resident data structure */ #define OADDR_OF(S, O) ((uint32)((uint32)(S) << SPLITSHIFT) + (O)) #define BUCKET_TO_PAGE(B) \ - (B) + hashp->HDRPAGES + ((B) ? hashp->SPARES[__log2((uint32)((B) + 1)) - 1] : 0) + (B) + hashp->HDRPAGES + ((B) ? hashp->SPARES[dbm_log2((uint32)((B) + 1)) - 1] : 0) #define OADDR_TO_PAGE(B) \ BUCKET_TO_PAGE((1 << SPLITNUM((B))) - 1) + OPAGENUM((B)); @@ -314,28 +314,28 @@ typedef struct htab { /* Memory resident data structure */ #define NEXT_FREE hdr.next_free #define H_CHARKEY hdr.h_charkey -extern uint32 (*__default_hash)(const void *, size_t); -void __buf_init(HTAB *hashp, int32 nbytes); -int __big_delete(HTAB *hashp, BUFHEAD *bufp); -BUFHEAD *__get_buf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp, int newpage); -uint32 __call_hash(HTAB *hashp, char *k, size_t len); +extern uint32 (*dbm_default_hash)(const void *, size_t); +void dbm_buf_init(HTAB *hashp, int32 nbytes); +int dbm_big_delete(HTAB *hashp, BUFHEAD *bufp); +BUFHEAD *dbm_get_buf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp, int newpage); +uint32 dbm_call_hash(HTAB *hashp, char *k, size_t len); #include "page.h" -extern int __big_split(HTAB *hashp, BUFHEAD *op, BUFHEAD *np, - BUFHEAD *big_keyp, uint32 addr, uint32 obucket, SPLIT_RETURN *ret); -void __free_ovflpage(HTAB *hashp, BUFHEAD *obufp); -BUFHEAD *__add_ovflpage(HTAB *hashp, BUFHEAD *bufp); -int __big_insert(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val); -int __expand_table(HTAB *hashp); -uint32 __log2(uint32 num); -void __reclaim_buf(HTAB *hashp, BUFHEAD *bp); -int __get_page(HTAB *hashp, char *p, uint32 bucket, int is_bucket, int is_disk, int is_bitmap); -int __put_page(HTAB *hashp, char *p, uint32 bucket, int is_bucket, int is_bitmap); -int __ibitmap(HTAB *hashp, int pnum, int nbits, int ndx); -int __buf_free(HTAB *hashp, int do_free, int to_disk); -int __find_bigpair(HTAB *hashp, BUFHEAD *bufp, int ndx, char *key, int size); -uint16 __find_last_page(HTAB *hashp, BUFHEAD **bpp); -int __addel(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val); -int __big_return(HTAB *hashp, BUFHEAD *bufp, int ndx, DBT *val, int set_current); -int __delpair(HTAB *hashp, BUFHEAD *bufp, int ndx); -int __big_keydata(HTAB *hashp, BUFHEAD *bufp, DBT *key, DBT *val, int set); -int __split_page(HTAB *hashp, uint32 obucket, uint32 nbucket); +extern int dbm_big_split(HTAB *hashp, BUFHEAD *op, BUFHEAD *np, + BUFHEAD *big_keyp, uint32 addr, uint32 obucket, SPLIT_RETURN *ret); +void dbm_free_ovflpage(HTAB *hashp, BUFHEAD *obufp); +BUFHEAD *dbm_add_ovflpage(HTAB *hashp, BUFHEAD *bufp); +int dbm_big_insert(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val); +int dbm_expand_table(HTAB *hashp); +uint32 dbm_log2(uint32 num); +void dbm_reclaim_buf(HTAB *hashp, BUFHEAD *bp); +int dbm_get_page(HTAB *hashp, char *p, uint32 bucket, int is_bucket, int is_disk, int is_bitmap); +int dbm_put_page(HTAB *hashp, char *p, uint32 bucket, int is_bucket, int is_bitmap); +int dbm_ibitmap(HTAB *hashp, int pnum, int nbits, int ndx); +int dbm_buf_free(HTAB *hashp, int do_free, int to_disk); +int dbm_find_bigpair(HTAB *hashp, BUFHEAD *bufp, int ndx, char *key, int size); +uint16 dbm_find_last_page(HTAB *hashp, BUFHEAD **bpp); +int dbm_addel(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val); +int dbm_big_return(HTAB *hashp, BUFHEAD *bufp, int ndx, DBT *val, int set_current); +int dbm_delpair(HTAB *hashp, BUFHEAD *bufp, int ndx); +int dbm_big_keydata(HTAB *hashp, BUFHEAD *bufp, DBT *key, DBT *val, int set); +int dbm_split_page(HTAB *hashp, uint32 obucket, uint32 nbucket); diff --git a/security/nss/lib/dbm/include/mcom_db.h b/security/nss/lib/dbm/include/mcom_db.h index 0a4f6dc14..e961dd1b4 100644 --- a/security/nss/lib/dbm/include/mcom_db.h +++ b/security/nss/lib/dbm/include/mcom_db.h @@ -287,16 +287,16 @@ typedef enum { LockOutDatabase, #endif /* Access method description structure. */ -typedef struct __db { +typedef struct dbm_db { DBTYPE type; /* Underlying db type. */ - int (*close)(struct __db *); - int (*del)(const struct __db *, const DBT *, uint); - int (*get)(const struct __db *, const DBT *, DBT *, uint); - int (*put)(const struct __db *, DBT *, const DBT *, uint); - int (*seq)(const struct __db *, DBT *, DBT *, uint); - int (*sync)(const struct __db *, uint); + int (*close)(struct dbm_db *); + int (*del)(const struct dbm_db *, const DBT *, uint); + int (*get)(const struct dbm_db *, const DBT *, DBT *, uint); + int (*put)(const struct dbm_db *, DBT *, const DBT *, uint); + int (*seq)(const struct dbm_db *, DBT *, DBT *, uint); + int (*sync)(const struct dbm_db *, uint); void *internal; /* Access method private. */ - int (*fd)(const struct __db *); + int (*fd)(const struct dbm_db *); } DB; #define BTREEMAGIC 0x053162 @@ -412,10 +412,10 @@ dbopen(const char *, int, int, DBTYPE, const void *); void dbSetOrClearDBLock(DBLockFlagEnum type); #ifdef __DBINTERFACE_PRIVATE -DB *__bt_open(const char *, int, int, const BTREEINFO *, int); -DB *__hash_open(const char *, int, int, const HASHINFO *, int); -DB *__rec_open(const char *, int, int, const RECNOINFO *, int); -void __dbpanic(DB *dbp); +DB *dbm_bt_open(const char *, int, int, const BTREEINFO *, int); +DB *dbm_hash_open(const char *, int, int, const HASHINFO *, int); +DB *dbm_rec_open(const char *, int, int, const RECNOINFO *, int); +void dbm_dbpanic(DB *dbp); #endif PR_END_EXTERN_C diff --git a/security/nss/lib/dbm/include/ncompat.h b/security/nss/lib/dbm/include/ncompat.h index 9fd434799..f9f631622 100644 --- a/security/nss/lib/dbm/include/ncompat.h +++ b/security/nss/lib/dbm/include/ncompat.h @@ -89,13 +89,13 @@ typedef unsigned int sigset_t; #define SIG_UNBLOCK 2 #define SIG_SETMASK 3 -static int __sigtemp; /* For the use of sigprocmask */ +static int dbm_sigtemp; /* For the use of sigprocmask */ /* Repeated test of oset != NULL is to avoid "*0". */ #define sigprocmask(how, set, oset) \ - ((__sigtemp = \ + ((dbm_sigtemp = \ (((how) == SIG_BLOCK) ? sigblock(0) | *(set) : (((how) == SIG_UNBLOCK) ? sigblock(0) & ~(*(set)) : ((how) == SIG_SETMASK ? *(set) : sigblock(0))))), \ - ((oset) ? (*(oset ? oset : set) = sigsetmask(__sigtemp)) : sigsetmask(__sigtemp)), 0) + ((oset) ? (*(oset ? oset : set) = sigsetmask(dbm_sigtemp)) : sigsetmask(dbm_sigtemp)), 0) #endif /* diff --git a/security/nss/lib/dbm/src/db.c b/security/nss/lib/dbm/src/db.c index 5c35bbd48..4b5810760 100644 --- a/security/nss/lib/dbm/src/db.c +++ b/security/nss/lib/dbm/src/db.c @@ -92,16 +92,16 @@ dbopen(const char *fname, int flags, int mode, DBTYPE type, const void *openinfo /* we don't need btree and recno right now */ #if 0 case DB_BTREE: - return (__bt_open(fname, flags & USE_OPEN_FLAGS, + return (dbm_bt_open(fname, flags & USE_OPEN_FLAGS, mode, openinfo, flags & DB_FLAGS)); case DB_RECNO: - return (__rec_open(fname, flags & USE_OPEN_FLAGS, + return (dbm_rec_open(fname, flags & USE_OPEN_FLAGS, mode, openinfo, flags & DB_FLAGS)); #endif case DB_HASH: - return (__hash_open(fname, flags & USE_OPEN_FLAGS, - mode, (const HASHINFO *)openinfo, flags & DB_FLAGS)); + return (dbm_hash_open(fname, flags & USE_OPEN_FLAGS, + mode, (const HASHINFO *)openinfo, flags & DB_FLAGS)); default: break; } @@ -110,7 +110,7 @@ dbopen(const char *fname, int flags, int mode, DBTYPE type, const void *openinfo } static int -__dberr() +dbm_dberr() { return (RET_ERROR); } @@ -122,13 +122,14 @@ __dberr() * dbp: pointer to the DB structure. */ void -__dbpanic(DB *dbp) +dbm_dbpanic(DB *dbp) { /* The only thing that can succeed is a close. */ - dbp->del = (int (*)(const struct __db *, const DBT *, uint))__dberr; - dbp->fd = (int (*)(const struct __db *))__dberr; - dbp->get = (int (*)(const struct __db *, const DBT *, DBT *, uint))__dberr; - dbp->put = (int (*)(const struct __db *, DBT *, const DBT *, uint))__dberr; - dbp->seq = (int (*)(const struct __db *, DBT *, DBT *, uint))__dberr; - dbp->sync = (int (*)(const struct __db *, uint))__dberr; + dbp->del = (int (*)(const struct dbm_db *, const DBT *, uint))dbm_dberr; + dbp->fd = (int (*)(const struct dbm_db *))dbm_dberr; + dbp->get = (int (*)(const struct dbm_db *, const DBT *, DBT *, uint))dbm_dberr; + dbp->put = (int (*)(const struct dbm_db *, DBT *, const DBT *, uint))dbm_dberr; + dbp->seq = (int (*)(const struct dbm_db *, DBT *, DBT *, uint))dbm_dberr; + dbp->sync = (int (*)(const struct dbm_db *, uint))dbm_dberr; + } diff --git a/security/nss/lib/dbm/src/h_bigkey.c b/security/nss/lib/dbm/src/h_bigkey.c index 6edfe7f5a..795c7a09d 100644 --- a/security/nss/lib/dbm/src/h_bigkey.c +++ b/security/nss/lib/dbm/src/h_bigkey.c @@ -85,7 +85,7 @@ static int collect_data(HTAB *, BUFHEAD *, int, int); *-1 ==> ERROR */ extern int -__big_insert(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val) +dbm_big_insert(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val) { register uint16 *p; uint key_size, n, val_size; @@ -114,7 +114,7 @@ __big_insert(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val) FREESPACE(p) = off - PAGE_META(n); OFFSET(p) = off; p[n] = PARTIAL_KEY; - bufp = __add_ovflpage(hashp, bufp); + bufp = dbm_add_ovflpage(hashp, bufp); if (!bufp) return (-1); n = p[0]; @@ -158,7 +158,7 @@ __big_insert(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val) OFFSET(p) = off; if (val_size) { p[n] = FULL_KEY; - bufp = __add_ovflpage(hashp, bufp); + bufp = dbm_add_ovflpage(hashp, bufp); if (!bufp) return (-1); cp = bufp->page; @@ -182,7 +182,7 @@ __big_insert(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val) *-1 => ERROR */ extern int -__big_delete(HTAB *hashp, BUFHEAD *bufp) +dbm_big_delete(HTAB *hashp, BUFHEAD *bufp) { register BUFHEAD *last_bfp, *rbufp; uint16 *bp, pageno; @@ -207,9 +207,9 @@ __big_delete(HTAB *hashp, BUFHEAD *bufp) break; pageno = bp[bp[0] - 1]; rbufp->flags |= BUF_MOD; - rbufp = __get_buf(hashp, pageno, rbufp, 0); + rbufp = dbm_get_buf(hashp, pageno, rbufp, 0); if (last_bfp) - __free_ovflpage(hashp, last_bfp); + dbm_free_ovflpage(hashp, last_bfp); last_bfp = rbufp; if (!rbufp) return (-1); /* Error. */ @@ -244,9 +244,9 @@ __big_delete(HTAB *hashp, BUFHEAD *bufp) bufp->flags |= BUF_MOD; if (rbufp) - __free_ovflpage(hashp, rbufp); + dbm_free_ovflpage(hashp, rbufp); if (last_bfp != rbufp) - __free_ovflpage(hashp, last_bfp); + dbm_free_ovflpage(hashp, last_bfp); hashp->NKEYS--; return (0); @@ -259,7 +259,7 @@ __big_delete(HTAB *hashp, BUFHEAD *bufp) * -3 error */ extern int -__find_bigpair(HTAB *hashp, BUFHEAD *bufp, int ndx, char *key, int size) +dbm_find_bigpair(HTAB *hashp, BUFHEAD *bufp, int ndx, char *key, int size) { register uint16 *bp; register char *p; @@ -279,7 +279,7 @@ __find_bigpair(HTAB *hashp, BUFHEAD *bufp, int ndx, char *key, int size) return (-2); kkey += bytes; ksize -= bytes; - bufp = __get_buf(hashp, bp[ndx + 2], bufp, 0); + bufp = dbm_get_buf(hashp, bp[ndx + 2], bufp, 0); if (!bufp) return (-3); p = bufp->page; @@ -306,7 +306,7 @@ __find_bigpair(HTAB *hashp, BUFHEAD *bufp, int ndx, char *key, int size) * bucket) */ extern uint16 -__find_last_page(HTAB *hashp, BUFHEAD **bpp) +dbm_find_last_page(HTAB *hashp, BUFHEAD **bpp) { BUFHEAD *bufp; uint16 *bp, pageno; @@ -332,7 +332,7 @@ __find_last_page(HTAB *hashp, BUFHEAD **bpp) return (0); pageno = bp[n - 1]; - bufp = __get_buf(hashp, pageno, bufp, 0); + bufp = dbm_get_buf(hashp, pageno, bufp, 0); if (!bufp) return (0); /* Need to indicate an error! */ bp = (uint16 *)bufp->page; @@ -350,7 +350,7 @@ __find_last_page(HTAB *hashp, BUFHEAD **bpp) * index (index should always be 1). */ extern int -__big_return( +dbm_big_return( HTAB *hashp, BUFHEAD *bufp, int ndx, @@ -364,7 +364,7 @@ __big_return( bp = (uint16 *)bufp->page; while (bp[ndx + 1] == PARTIAL_KEY) { - bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0); + bufp = dbm_get_buf(hashp, bp[bp[0] - 1], bufp, 0); if (!bufp) return (-1); bp = (uint16 *)bufp->page; @@ -372,7 +372,7 @@ __big_return( } if (bp[ndx + 1] == FULL_KEY) { - bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0); + bufp = dbm_get_buf(hashp, bp[bp[0] - 1], bufp, 0); if (!bufp) return (-1); bp = (uint16 *)bufp->page; @@ -392,7 +392,7 @@ __big_return( len = bp[1] - off; save_p = bufp; save_addr = bufp->addr; - bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0); + bufp = dbm_get_buf(hashp, bp[bp[0] - 1], bufp, 0); if (!bufp) return (-1); bp = (uint16 *)bufp->page; @@ -409,8 +409,8 @@ __big_return( hashp->cbucket++; hashp->cndx = 1; } else { - hashp->cpage = __get_buf(hashp, - bp[bp[0] - 1], bufp, 0); + hashp->cpage = dbm_get_buf(hashp, + bp[bp[0] - 1], bufp, 0); if (!hashp->cpage) return (-1); hashp->cndx = 1; @@ -470,7 +470,7 @@ collect_data( save_bufp->flags |= BUF_PIN; /* read the length of the buffer */ - for (totlen = len; bufp; bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0)) { + for (totlen = len; bufp; bufp = dbm_get_buf(hashp, bp[bp[0] - 1], bufp, 0)) { bp = (uint16 *)bufp->page; mylen = hashp->BSIZE - bp[1]; @@ -502,7 +502,7 @@ collect_data( /* copy the buffers back into temp buf */ for (bufp = save_bufp; bufp; - bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0)) { + bufp = dbm_get_buf(hashp, bp[bp[0] - 1], bufp, 0)) { bp = (uint16 *)bufp->page; mylen = hashp->BSIZE - bp[1]; memmove(&hashp->tmp_buf[len], (bufp->page) + bp[1], (size_t)mylen); @@ -522,7 +522,7 @@ collect_data( hashp->cpage = NULL; hashp->cbucket++; } else { - hashp->cpage = __get_buf(hashp, bp[bp[0] - 1], bufp, 0); + hashp->cpage = dbm_get_buf(hashp, bp[bp[0] - 1], bufp, 0); if (!hashp->cpage) return (-1); else if (!((uint16 *)hashp->cpage->page)[0]) { @@ -538,7 +538,7 @@ collect_data( * Fill in the key and data for this big pair. */ extern int -__big_keydata( +dbm_big_keydata( HTAB *hashp, BUFHEAD *bufp, DBT *key, DBT *val, @@ -579,10 +579,10 @@ collect_key( free(hashp->tmp_key); if ((hashp->tmp_key = (char *)malloc((size_t)totlen)) == NULL) return (-1); - if (__big_return(hashp, bufp, 1, val, set)) + if (dbm_big_return(hashp, bufp, 1, val, set)) return (-1); } else { - xbp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0); + xbp = dbm_get_buf(hashp, bp[bp[0] - 1], bufp, 0); if (!xbp || ((totlen = collect_key(hashp, xbp, totlen, val, set)) < 1)) return (-1); @@ -601,7 +601,7 @@ collect_key( * -1 => error */ extern int -__big_split( +dbm_big_split( HTAB *hashp, BUFHEAD *op, /* Pointer to where to put keys that go in old bucket */ BUFHEAD *np, /* Pointer to new bucket page */ @@ -621,13 +621,13 @@ __big_split( bp = big_keyp; /* Now figure out where the big key/data goes */ - if (__big_keydata(hashp, big_keyp, &key, &val, 0)) + if (dbm_big_keydata(hashp, big_keyp, &key, &val, 0)) return (-1); - change = (__call_hash(hashp, (char *)key.data, key.size) != obucket); + change = (dbm_call_hash(hashp, (char *)key.data, key.size) != obucket); - if ((ret->next_addr = __find_last_page(hashp, &big_keyp))) { + if ((ret->next_addr = dbm_find_last_page(hashp, &big_keyp))) { if (!(ret->nextp = - __get_buf(hashp, ret->next_addr, big_keyp, 0))) + dbm_get_buf(hashp, ret->next_addr, big_keyp, 0))) return (-1); ; } else @@ -692,7 +692,7 @@ __big_split( tp[0] -= 2; FREESPACE(tp) = free_space + OVFLSIZE; OFFSET(tp) = off; - tmpp = __add_ovflpage(hashp, big_keyp); + tmpp = dbm_add_ovflpage(hashp, big_keyp); if (!tmpp) return (-1); tp[4] = n; @@ -704,4 +704,5 @@ __big_split( else ret->oldp = tmpp; return (0); + } diff --git a/security/nss/lib/dbm/src/h_func.c b/security/nss/lib/dbm/src/h_func.c index 0d8734e8b..897060992 100644 --- a/security/nss/lib/dbm/src/h_func.c +++ b/security/nss/lib/dbm/src/h_func.c @@ -52,7 +52,7 @@ static uint32 hash3(const void *, size_t); static uint32 hash4(const void *, size_t); /* Global default hash function */ -uint32 (*__default_hash)(const void *, size_t) = hash4; +uint32 (*dbm_default_hash)(const void *, size_t) = hash4; /* * HASH FUNCTIONS @@ -205,3 +205,4 @@ hash4(const void *keyarg, register size_t len) } return (h); } + diff --git a/security/nss/lib/dbm/src/h_log2.c b/security/nss/lib/dbm/src/h_log2.c index a42b51a99..0e91fd042 100644 --- a/security/nss/lib/dbm/src/h_log2.c +++ b/security/nss/lib/dbm/src/h_log2.c @@ -43,7 +43,7 @@ static char sccsid[] = "@(#)hash_log2.c 8.2 (Berkeley) 5/31/94"; #include "mcom_db.h" uint32 -__log2(uint32 num) +dbm_log2(uint32 num) { register uint32 i, limit; @@ -51,4 +51,5 @@ __log2(uint32 num) for (i = 0; limit < num; limit = limit << 1, i++) { } return (i); + } diff --git a/security/nss/lib/dbm/src/h_page.c b/security/nss/lib/dbm/src/h_page.c index e5623224b..e6f61c623 100644 --- a/security/nss/lib/dbm/src/h_page.c +++ b/security/nss/lib/dbm/src/h_page.c @@ -204,7 +204,7 @@ putpair(char *p, const DBT *key, DBT *val) * -1 error */ extern int -__delpair(HTAB *hashp, BUFHEAD *bufp, int ndx) +dbm_delpair(HTAB *hashp, BUFHEAD *bufp, int ndx) { register uint16 *bp, newoff; register int n; @@ -214,7 +214,7 @@ __delpair(HTAB *hashp, BUFHEAD *bufp, int ndx) n = bp[0]; if (bp[ndx + 1] < REAL_KEY) - return (__big_delete(hashp, bufp)); + return (dbm_big_delete(hashp, bufp)); if (ndx != 1) newoff = bp[ndx - 1]; else @@ -277,7 +277,7 @@ __delpair(HTAB *hashp, BUFHEAD *bufp, int ndx) * -1 ==> Error */ extern int -__split_page(HTAB *hashp, uint32 obucket, uint32 nbucket) +dbm_split_page(HTAB *hashp, uint32 obucket, uint32 nbucket) { register BUFHEAD *new_bufp, *old_bufp; register uint16 *ino; @@ -292,10 +292,10 @@ __split_page(HTAB *hashp, uint32 obucket, uint32 nbucket) copyto = (uint16)hashp->BSIZE; off = (uint16)hashp->BSIZE; - old_bufp = __get_buf(hashp, obucket, NULL, 0); + old_bufp = dbm_get_buf(hashp, obucket, NULL, 0); if (old_bufp == NULL) return (-1); - new_bufp = __get_buf(hashp, nbucket, NULL, 0); + new_bufp = dbm_get_buf(hashp, nbucket, NULL, 0); if (new_bufp == NULL) return (-1); @@ -331,7 +331,7 @@ __split_page(HTAB *hashp, uint32 obucket, uint32 nbucket) assert(((int)key.size) > -1); #endif - if (__call_hash(hashp, (char *)key.data, key.size) == obucket) { + if (dbm_call_hash(hashp, (char *)key.data, key.size) == obucket) { /* Don't switch page */ diff = copyto - off; if (diff) { @@ -443,8 +443,8 @@ ugly_split(HTAB *hashp, uint32 obucket, BUFHEAD *old_bufp, return DATABASE_CORRUPTED_ERROR; if (ino[2] < REAL_KEY && ino[2] != OVFLPAGE) { - if ((status = __big_split(hashp, old_bufp, - new_bufp, bufp, bufp->addr, obucket, &ret))) + if ((status = dbm_big_split(hashp, old_bufp, + new_bufp, bufp, bufp->addr, obucket, &ret))) return (status); old_bufp = ret.oldp; if (!old_bufp) @@ -477,7 +477,7 @@ ugly_split(HTAB *hashp, uint32 obucket, BUFHEAD *old_bufp, scopyto - sizeof(uint16) * (ino[0] + 3); OFFSET(ino) = scopyto; - bufp = __get_buf(hashp, ov_addr, bufp, 0); + bufp = dbm_get_buf(hashp, ov_addr, bufp, 0); if (!bufp) return (-1); @@ -487,7 +487,7 @@ ugly_split(HTAB *hashp, uint32 obucket, BUFHEAD *old_bufp, moved = 0; if (last_bfp) - __free_ovflpage(hashp, last_bfp); + dbm_free_ovflpage(hashp, last_bfp); last_bfp = bufp; } /* Move regular sized pairs of there are any */ @@ -506,13 +506,13 @@ ugly_split(HTAB *hashp, uint32 obucket, BUFHEAD *old_bufp, val.size = ino[n] - ino[n + 1]; off = ino[n + 1]; - if (__call_hash(hashp, (char *)key.data, key.size) == obucket) { + if (dbm_call_hash(hashp, (char *)key.data, key.size) == obucket) { /* Keep on old page */ if (PAIRFITS(op, (&key), (&val))) putpair((char *)op, &key, &val); else { old_bufp = - __add_ovflpage(hashp, old_bufp); + dbm_add_ovflpage(hashp, old_bufp); if (!old_bufp) return (-1); op = (uint16 *)old_bufp->page; @@ -525,7 +525,7 @@ ugly_split(HTAB *hashp, uint32 obucket, BUFHEAD *old_bufp, putpair((char *)np, &key, &val); else { new_bufp = - __add_ovflpage(hashp, new_bufp); + dbm_add_ovflpage(hashp, new_bufp); if (!new_bufp) return (-1); np = (uint16 *)new_bufp->page; @@ -536,7 +536,7 @@ ugly_split(HTAB *hashp, uint32 obucket, BUFHEAD *old_bufp, } } if (last_bfp) - __free_ovflpage(hashp, last_bfp); + dbm_free_ovflpage(hashp, last_bfp); return (0); } @@ -548,7 +548,7 @@ ugly_split(HTAB *hashp, uint32 obucket, BUFHEAD *old_bufp, * 1 ==> failure */ extern int -__addel(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val) +dbm_addel(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val) { register uint16 *bp, *sop; int do_expand; @@ -562,7 +562,7 @@ __addel(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val) and we need to add another page */ break; else if (bp[2] < REAL_KEY && bp[bp[0]] != OVFLPAGE) { - bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0); + bufp = dbm_get_buf(hashp, bp[bp[0] - 1], bufp, 0); if (!bufp) { #ifdef DEBUG assert(0); @@ -585,7 +585,7 @@ __addel(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val) return (0); } } else { - bufp = __get_buf(hashp, bp[bp[0] - 1], bufp, 0); + bufp = dbm_get_buf(hashp, bp[bp[0] - 1], bufp, 0); if (!bufp) { #ifdef DEBUG assert(0); @@ -599,7 +599,7 @@ __addel(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val) putpair(bufp->page, key, (DBT *)val); else { do_expand = 1; - bufp = __add_ovflpage(hashp, bufp); + bufp = dbm_add_ovflpage(hashp, bufp); if (!bufp) { #ifdef DEBUG assert(0); @@ -610,7 +610,7 @@ __addel(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val) if (PAIRFITS(sop, key, val)) putpair((char *)sop, key, (DBT *)val); - else if (__big_insert(hashp, bufp, key, val)) { + else if (dbm_big_insert(hashp, bufp, key, val)) { #ifdef DEBUG assert(0); #endif @@ -625,7 +625,7 @@ __addel(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val) hashp->NKEYS++; if (do_expand || (hashp->NKEYS / (hashp->MAX_BUCKET + 1) > hashp->FFACTOR)) - return (__expand_table(hashp)); + return (dbm_expand_table(hashp)); return (0); } @@ -636,7 +636,7 @@ __addel(HTAB *hashp, BUFHEAD *bufp, const DBT *key, const DBT *val) * NULL on error */ extern BUFHEAD * -__add_ovflpage(HTAB *hashp, BUFHEAD *bufp) +dbm_add_ovflpage(HTAB *hashp, BUFHEAD *bufp) { register uint16 *sp; uint16 ndx, ovfl_num; @@ -657,7 +657,7 @@ __add_ovflpage(HTAB *hashp, BUFHEAD *bufp) tmp1 = bufp->addr; tmp2 = bufp->ovfl ? bufp->ovfl->addr : 0; #endif - if (!ovfl_num || !(bufp->ovfl = __get_buf(hashp, ovfl_num, bufp, 1))) + if (!ovfl_num || !(bufp->ovfl = dbm_get_buf(hashp, ovfl_num, bufp, 1))) return (NULL); bufp->ovfl->flags |= BUF_MOD; #ifdef DEBUG1 @@ -687,12 +687,12 @@ __add_ovflpage(HTAB *hashp, BUFHEAD *bufp) * -1 indicates FAILURE */ extern int -__get_page(HTAB *hashp, - char *p, - uint32 bucket, - int is_bucket, - int is_disk, - int is_bitmap) +dbm_get_page(HTAB *hashp, + char *p, + uint32 bucket, + int is_bucket, + int is_disk, + int is_bitmap) { register int fd, page; size_t size; @@ -805,7 +805,7 @@ __get_page(HTAB *hashp, * -1 ==>failure */ extern int -__put_page(HTAB *hashp, char *p, uint32 bucket, int is_bucket, int is_bitmap) +dbm_put_page(HTAB *hashp, char *p, uint32 bucket, int is_bucket, int is_bitmap) { register int fd, page; size_t size; @@ -895,7 +895,7 @@ __put_page(HTAB *hashp, char *p, uint32 bucket, int is_bucket, int is_bitmap) * once they are read in. */ extern int -__ibitmap(HTAB *hashp, int pnum, int nbits, int ndx) +dbm_ibitmap(HTAB *hashp, int pnum, int nbits, int ndx) { uint32 *ip; size_t clearbytes, clearints; @@ -1011,8 +1011,8 @@ overflow_page(HTAB *hashp) * don't have to if we tell init_bitmap not to leave it clear * in the first place. */ - if (__ibitmap(hashp, - (int)OADDR_OF(splitnum, offset), 1, free_page)) + if (dbm_ibitmap(hashp, + (int)OADDR_OF(splitnum, offset), 1, free_page)) return (0); hashp->SPARES[splitnum]++; #ifdef DEBUG2 @@ -1084,7 +1084,7 @@ found: * Mark this overflow page as free. */ extern void -__free_ovflpage(HTAB *hashp, BUFHEAD *obufp) +dbm_free_ovflpage(HTAB *hashp, BUFHEAD *obufp) { uint16 addr; uint32 *freep; @@ -1125,7 +1125,7 @@ __free_ovflpage(HTAB *hashp, BUFHEAD *obufp) (void)fprintf(stderr, "FREE_OVFLPAGE: ADDR: %d BIT: %d PAGE %d\n", obufp->addr, free_bit, free_page); #endif - __reclaim_buf(hashp, obufp); + dbm_reclaim_buf(hashp, obufp); } /* @@ -1236,8 +1236,8 @@ fetch_bitmap(HTAB *hashp, uint32 ndx) return (NULL); if ((hashp->mapp[ndx] = (uint32 *)malloc((size_t)hashp->BSIZE)) == NULL) return (NULL); - if (__get_page(hashp, - (char *)hashp->mapp[ndx], hashp->BITMAPS[ndx], 0, 1, 1)) { + if (dbm_get_page(hashp, + (char *)hashp->mapp[ndx], hashp->BITMAPS[ndx], 0, 1, 1)) { free(hashp->mapp[ndx]); hashp->mapp[ndx] = NULL; /* NEW: 9-11-95 */ return (NULL); @@ -1253,15 +1253,16 @@ print_chain(int addr) short *bp, oaddr; (void)fprintf(stderr, "%d ", addr); - bufp = __get_buf(hashp, addr, NULL, 0); + bufp = dbm_get_buf(hashp, addr, NULL, 0); bp = (short *)bufp->page; while (bp[0] && ((bp[bp[0]] == OVFLPAGE) || ((bp[0] > 2) && bp[2] < REAL_KEY))) { oaddr = bp[bp[0] - 1]; (void)fprintf(stderr, "%d ", (int)oaddr); - bufp = __get_buf(hashp, (int)oaddr, bufp, 0); + bufp = dbm_get_buf(hashp, (int)oaddr, bufp, 0); bp = (short *)bufp->page; } (void)fprintf(stderr, "\n"); } + #endif diff --git a/security/nss/lib/dbm/src/hash.c b/security/nss/lib/dbm/src/hash.c index 98b1c07c7..100bbad27 100644 --- a/security/nss/lib/dbm/src/hash.c +++ b/security/nss/lib/dbm/src/hash.c @@ -118,7 +118,7 @@ int hash_accesses, hash_collisions, hash_expansions, hash_overflows; * This closes the file, flushing buffers as appropriate. */ static void -__remove_database(DB *dbp) +dbm_remove_database(DB *dbp) { HTAB *hashp = (HTAB *)dbp->internal; @@ -134,7 +134,7 @@ __remove_database(DB *dbp) /* OPEN/CLOSE */ extern DB * -__hash_open(const char *file, int flags, int mode, const HASHINFO *info, int dflags) +dbm_hash_open(const char *file, int flags, int mode, const HASHINFO *info, int dflags) { HTAB *hashp = NULL; struct stat statbuf; @@ -199,7 +199,7 @@ __hash_open(const char *file, int flags, int mode, const HASHINFO *info, int dfl if (info && info->hash) hashp->hash = info->hash; else - hashp->hash = __default_hash; + hashp->hash = dbm_default_hash; hdrsize = read(hashp->fp, (char *)&hashp->hdr, sizeof(HASHHDR)); if (hdrsize == -1) @@ -243,9 +243,9 @@ __hash_open(const char *file, int flags, int mode, const HASHINFO *info, int dfl /* Initialize Buffer Manager */ if (info && info->cachesize) - __buf_init(hashp, (int32)info->cachesize); + dbm_buf_init(hashp, (int32)info->cachesize); else - __buf_init(hashp, DEF_BUFSIZE); + dbm_buf_init(hashp, DEF_BUFSIZE); hashp->new_file = new_table; #ifdef macintosh @@ -331,7 +331,7 @@ init_hash(HTAB *hashp, const char *file, HASHINFO *info) hashp->SSHIFT = DEF_SEGSIZE_SHIFT; hashp->DSIZE = DEF_DIRSIZE; hashp->FFACTOR = DEF_FFACTOR; - hashp->hash = __default_hash; + hashp->hash = dbm_default_hash; memset(hashp->SPARES, 0, sizeof(hashp->SPARES)); memset(hashp->BITMAPS, 0, sizeof(hashp->BITMAPS)); @@ -353,13 +353,13 @@ init_hash(HTAB *hashp, const char *file, HASHINFO *info) if (hashp->BSIZE > MAX_BSIZE) hashp->BSIZE = MAX_BSIZE; #endif - hashp->BSHIFT = __log2((uint32)hashp->BSIZE); + hashp->BSHIFT = dbm_log2((uint32)hashp->BSIZE); } if (info) { if (info->bsize) { /* Round pagesize up to power of 2 */ - hashp->BSHIFT = __log2(info->bsize); + hashp->BSHIFT = dbm_log2(info->bsize); hashp->BSIZE = 1 << hashp->BSHIFT; if (hashp->BSIZE > MAX_BSIZE) { errno = EINVAL; @@ -406,7 +406,7 @@ init_htab(HTAB *hashp, int nelem) */ nelem = (nelem - 1) / hashp->FFACTOR + 1; - l2 = __log2((uint32)PR_MAX(nelem, 2)); + l2 = dbm_log2((uint32)PR_MAX(nelem, 2)); nbuckets = 1 << l2; hashp->SPARES[l2] = l2 + 1; @@ -415,7 +415,7 @@ init_htab(HTAB *hashp, int nelem) hashp->LAST_FREED = 2; /* First bitmap page is at: splitpoint l2 page offset 1 */ - if (__ibitmap(hashp, (int)OADDR_OF(l2, 1), l2 + 1, 0)) + if (dbm_ibitmap(hashp, (int)OADDR_OF(l2, 1), l2 + 1, 0)) return (-1); hashp->MAX_BUCKET = hashp->LOW_MASK = nbuckets - 1; @@ -425,7 +425,7 @@ init_htab(HTAB *hashp, int nelem) 1; nsegs = (nbuckets - 1) / hashp->SGSIZE + 1; - nsegs = 1 << __log2((uint32)nsegs); + nsegs = 1 << dbm_log2((uint32)nsegs); if (nsegs > hashp->DSIZE) hashp->DSIZE = nsegs; @@ -463,7 +463,7 @@ hdestroy(HTAB *hashp) * Call on buffer manager to free buffers, and if required, * write them to disk. */ - if (__buf_free(hashp, 1, hashp->save_file)) + if (dbm_buf_free(hashp, 1, hashp->save_file)) save_errno = errno; if (hashp->dir) { free(*hashp->dir); /* Free initial segments */ @@ -585,7 +585,7 @@ hash_sync(const DB *dbp, uint flags) if (!hashp->save_file) return (0); - if (__buf_free(hashp, 0, 1) || flush_meta(hashp)) + if (dbm_buf_free(hashp, 0, 1) || flush_meta(hashp)) return (DBM_ERROR); #if defined(_WIN32) || defined(_WINDOWS) if (hashp->updateEOF && hashp->filename && !hashp->is_temp) { @@ -635,8 +635,8 @@ flush_meta(HTAB *hashp) } for (i = 0; i < NCACHED; i++) if (hashp->mapp[i]) - if (__put_page(hashp, (char *)hashp->mapp[i], - hashp->BITMAPS[i], 0, 1)) + if (dbm_put_page(hashp, (char *)hashp->mapp[i], + hashp->BITMAPS[i], 0, 1)) return (-1); return (0); } @@ -675,7 +675,7 @@ hash_get( #if defined(unix) && defined(DEBUG) printf("\n\nDBM Database has been corrupted, tell Lou...\n\n"); #endif - __remove_database((DB *)dbp); + dbm_remove_database((DB *)dbp); } return (rv); @@ -711,7 +711,7 @@ hash_put( #if defined(unix) && defined(DEBUG) printf("\n\nDBM Database has been corrupted, tell Lou...\n\n"); #endif - __remove_database((DB *)dbp); + dbm_remove_database((DB *)dbp); } return (rv); @@ -744,7 +744,7 @@ hash_delete( #if defined(unix) && defined(DEBUG) printf("\n\nDBM Database has been corrupted, tell Lou...\n\n"); #endif - __remove_database((DB *)dbp); + dbm_remove_database((DB *)dbp); } return (rv); @@ -777,7 +777,7 @@ hash_access( off = hashp->BSIZE; size = key->size; kp = (char *)key->data; - rbufp = __get_buf(hashp, __call_hash(hashp, kp, size), NULL, 0); + rbufp = dbm_get_buf(hashp, dbm_call_hash(hashp, kp, size), NULL, 0); if (!rbufp) return (DATABASE_CORRUPTED_ERROR); save_bufp = rbufp; @@ -805,7 +805,7 @@ hash_access( last_overflow_page_no = *bp; - rbufp = __get_buf(hashp, *bp, rbufp, 0); + rbufp = dbm_get_buf(hashp, *bp, rbufp, 0); if (!rbufp) { save_bufp->flags &= ~BUF_PIN; return (DBM_ERROR); @@ -822,17 +822,17 @@ hash_access( off = hashp->BSIZE; } else if (bp[1] < REAL_KEY) { if ((ndx = - __find_bigpair(hashp, rbufp, ndx, kp, (int)size)) > 0) + dbm_find_bigpair(hashp, rbufp, ndx, kp, (int)size)) > 0) goto found; if (ndx == -2) { bufp = rbufp; if (!(pageno = - __find_last_page(hashp, &bufp))) { + dbm_find_last_page(hashp, &bufp))) { ndx = 0; rbufp = bufp; break; /* FOR */ } - rbufp = __get_buf(hashp, pageno, bufp, 0); + rbufp = dbm_get_buf(hashp, pageno, bufp, 0); if (!rbufp) { save_bufp->flags &= ~BUF_PIN; return (DBM_ERROR); @@ -853,7 +853,7 @@ hash_access( switch (action) { case HASH_PUT: case HASH_PUTNEW: - if (__addel(hashp, rbufp, key, val)) { + if (dbm_addel(hashp, rbufp, key, val)) { save_bufp->flags &= ~BUF_PIN; return (DBM_ERROR); } else { @@ -875,7 +875,7 @@ found: case HASH_GET: bp = (uint16 *)rbufp->page; if (bp[ndx + 1] < REAL_KEY) { - if (__big_return(hashp, rbufp, ndx, val, 0)) + if (dbm_big_return(hashp, rbufp, ndx, val, 0)) return (DBM_ERROR); } else { val->data = (uint8 *)rbufp->page + (int)bp[ndx + 1]; @@ -883,14 +883,14 @@ found: } break; case HASH_PUT: - if ((__delpair(hashp, rbufp, ndx)) || - (__addel(hashp, rbufp, key, val))) { + if ((dbm_delpair(hashp, rbufp, ndx)) || + (dbm_addel(hashp, rbufp, key, val))) { save_bufp->flags &= ~BUF_PIN; return (DBM_ERROR); } break; case HASH_DELETE: - if (__delpair(hashp, rbufp, ndx)) + if (dbm_delpair(hashp, rbufp, ndx)) return (DBM_ERROR); break; default: @@ -933,7 +933,7 @@ hash_seq( for (bucket = hashp->cbucket; bucket <= (uint32)hashp->MAX_BUCKET; bucket++, hashp->cndx = 1) { - bufp = __get_buf(hashp, bucket, NULL, 0); + bufp = dbm_get_buf(hashp, bucket, NULL, 0); if (!bufp) return (DBM_ERROR); hashp->cpage = bufp; @@ -955,7 +955,7 @@ hash_seq( #endif while (bp[hashp->cndx + 1] == OVFLPAGE) { bufp = hashp->cpage = - __get_buf(hashp, bp[hashp->cndx], bufp, 0); + dbm_get_buf(hashp, bp[hashp->cndx], bufp, 0); if (!bufp) return (DBM_ERROR); bp = (uint16 *)(bufp->page); @@ -968,7 +968,7 @@ hash_seq( } ndx = hashp->cndx; if (bp[ndx + 1] < REAL_KEY) { - if (__big_keydata(hashp, bufp, key, data, 1)) + if (dbm_big_keydata(hashp, bufp, key, data, 1)) return (DBM_ERROR); } else { key->data = (uint8 *)hashp->cpage->page + bp[ndx]; @@ -994,7 +994,7 @@ hash_seq( * -1 ==> Error */ extern int -__expand_table(HTAB *hashp) +dbm_expand_table(HTAB *hashp) { uint32 old_bucket, new_bucket; int new_segnum, spare_ndx; @@ -1029,7 +1029,7 @@ __expand_table(HTAB *hashp) * * increases), we need to copy the current contents of the spare * split bucket to the next bucket. */ - spare_ndx = __log2((uint32)(hashp->MAX_BUCKET + 1)); + spare_ndx = dbm_log2((uint32)(hashp->MAX_BUCKET + 1)); if (spare_ndx > hashp->OVFL_POINT) { hashp->SPARES[spare_ndx] = hashp->SPARES[hashp->OVFL_POINT]; hashp->OVFL_POINT = spare_ndx; @@ -1041,7 +1041,7 @@ __expand_table(HTAB *hashp) hashp->HIGH_MASK = new_bucket | hashp->LOW_MASK; } /* Relocate records to the new bucket */ - return (__split_page(hashp, old_bucket, new_bucket)); + return (dbm_split_page(hashp, old_bucket, new_bucket)); } /* @@ -1065,7 +1065,7 @@ hash_realloc( } extern uint32 -__call_hash(HTAB *hashp, char *k, size_t len) +dbm_call_hash(HTAB *hashp, char *k, size_t len) { uint32 n, bucket; @@ -1168,4 +1168,5 @@ swap_header(HTAB *hashp) M_16_SWAP(hdrp->bitmaps[i]); } } + #endif diff --git a/security/nss/lib/dbm/src/hash_buf.c b/security/nss/lib/dbm/src/hash_buf.c index a7cd2d076..02deb81c5 100644 --- a/security/nss/lib/dbm/src/hash_buf.c +++ b/security/nss/lib/dbm/src/hash_buf.c @@ -104,7 +104,7 @@ static BUFHEAD *newbuf(HTAB *, uint32, BUFHEAD *); * address you are seeking. */ extern BUFHEAD * -__get_buf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp, int newpage) +dbm_get_buf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp, int newpage) /* If prev_bp set, indicates a new overflow page. */ { register BUFHEAD *bp; @@ -124,7 +124,7 @@ __get_buf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp, int newpage) /* Grab buffer out of directory */ segment_ndx = addr & (hashp->SGSIZE - 1); - /* valid segment ensured by __call_hash() */ + /* valid segment ensured by dbm_call_hash() */ segp = hashp->dir[addr >> hashp->SSHIFT]; #ifdef DEBUG assert(segp != NULL); @@ -140,7 +140,7 @@ __get_buf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp, int newpage) bp = newbuf(hashp, addr, prev_bp); if (!bp) return (NULL); - if (__get_page(hashp, bp->page, addr, !prev_bp, is_disk, 0)) { + if (dbm_get_page(hashp, bp->page, addr, !prev_bp, is_disk, 0)) { /* free bp and its page */ if (prev_bp) { /* if prev_bp is set then the new page that @@ -242,8 +242,8 @@ newbuf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp) } oaddr = shortp[shortp[0] - 1]; } - if ((bp->flags & BUF_MOD) && __put_page(hashp, bp->page, - bp->addr, (int)IS_BUCKET(bp->flags), 0)) + if ((bp->flags & BUF_MOD) && dbm_put_page(hashp, bp->page, + bp->addr, (int)IS_BUCKET(bp->flags), 0)) return (NULL); /* * Update the pointer to this page (i.e. invalidate it). @@ -298,8 +298,8 @@ newbuf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp) /* set before __put_page */ oaddr = shortp[shortp[0] - 1]; } - if ((xbp->flags & BUF_MOD) && __put_page(hashp, - xbp->page, xbp->addr, 0, 0)) + if ((xbp->flags & BUF_MOD) && dbm_put_page(hashp, + xbp->page, xbp->addr, 0, 0)) return (NULL); xbp->addr = 0; xbp->flags = 0; @@ -335,7 +335,7 @@ newbuf(HTAB *hashp, uint32 addr, BUFHEAD *prev_bp) } extern void -__buf_init(HTAB *hashp, int32 nbytes) +dbm_buf_init(HTAB *hashp, int32 nbytes) { BUFHEAD *bfp; int npages; @@ -358,7 +358,7 @@ __buf_init(HTAB *hashp, int32 nbytes) } extern int -__buf_free(HTAB *hashp, int do_free, int to_disk) +dbm_buf_free(HTAB *hashp, int do_free, int to_disk) { BUFHEAD *bp; int status = -1; @@ -370,8 +370,8 @@ __buf_free(HTAB *hashp, int do_free, int to_disk) /* Check that the buffer is valid */ if (bp->addr || IS_BUCKET(bp->flags)) { if (to_disk && (bp->flags & BUF_MOD) && - (status = __put_page(hashp, bp->page, - bp->addr, IS_BUCKET(bp->flags), 0))) { + (status = dbm_put_page(hashp, bp->page, + bp->addr, IS_BUCKET(bp->flags), 0))) { if (do_free) { if (bp->page) @@ -397,11 +397,12 @@ __buf_free(HTAB *hashp, int do_free, int to_disk) } extern void -__reclaim_buf(HTAB *hashp, BUFHEAD *bp) +dbm_reclaim_buf(HTAB *hashp, BUFHEAD *bp) { bp->ovfl = 0; bp->addr = 0; bp->flags = 0; BUF_REMOVE(bp); LRU_INSERT(bp); + } diff --git a/security/nss/lib/freebl/chacha20poly1305.c b/security/nss/lib/freebl/chacha20poly1305.c index 302f0db9e..8fdaf3fec 100644 --- a/security/nss/lib/freebl/chacha20poly1305.c +++ b/security/nss/lib/freebl/chacha20poly1305.c @@ -234,6 +234,11 @@ ChaCha20Poly1305_Open(const ChaCha20Poly1305Context *ctx, unsigned char *output, PORT_SetError(SEC_ERROR_OUTPUT_LEN); return SECFailure; } + // ChaCha has a 64 octet block, with a 32-bit block counter. + if (inputLen >= (1ULL << (6 + 32)) + ctx->tagLen) { + PORT_SetError(SEC_ERROR_INPUT_LEN); + return SECFailure; + } PORT_Memset(block, 0, sizeof(block)); // Generate a block of keystream. The first 32 bytes will be the poly1305 diff --git a/security/nss/lib/freebl/ctr.c b/security/nss/lib/freebl/ctr.c index d7652c060..4d26a5b06 100644 --- a/security/nss/lib/freebl/ctr.c +++ b/security/nss/lib/freebl/ctr.c @@ -128,6 +128,12 @@ CTR_Update(CTRContext *ctr, unsigned char *outbuf, unsigned int tmp; SECStatus rv; + // Limit block count to 2^counterBits - 2 + if (ctr->counterBits < (sizeof(unsigned int) * 8) && + inlen > ((1 << ctr->counterBits) - 2) * AES_BLOCK_SIZE) { + PORT_SetError(SEC_ERROR_INPUT_LEN); + return SECFailure; + } if (maxout < inlen) { *outlen = inlen; PORT_SetError(SEC_ERROR_OUTPUT_LEN); @@ -199,6 +205,12 @@ CTR_Update_HW_AES(CTRContext *ctr, unsigned char *outbuf, unsigned int tmp; SECStatus rv; + // Limit block count to 2^counterBits - 2 + if (ctr->counterBits < (sizeof(unsigned int) * 8) && + inlen > ((1 << ctr->counterBits) - 2) * AES_BLOCK_SIZE) { + PORT_SetError(SEC_ERROR_INPUT_LEN); + return SECFailure; + } if (maxout < inlen) { *outlen = inlen; PORT_SetError(SEC_ERROR_OUTPUT_LEN); diff --git a/security/nss/lib/freebl/gcm.c b/security/nss/lib/freebl/gcm.c index f1e16da78..e93970b88 100644 --- a/security/nss/lib/freebl/gcm.c +++ b/security/nss/lib/freebl/gcm.c @@ -469,6 +469,12 @@ gcmHash_Reset(gcmHashContext *ghash, const unsigned char *AAD, { SECStatus rv; + // Limit AADLen in accordance with SP800-38D + if (sizeof(AADLen) >= 8 && AADLen > (1ULL << 61) - 1) { + PORT_SetError(SEC_ERROR_INPUT_LEN); + return SECFailure; + } + ghash->cLen = 0; PORT_Memset(ghash->counterBuf, 0, GCM_HASH_LEN_LEN * 2); ghash->bufLen = 0; diff --git a/security/nss/lib/freebl/intel-gcm-wrap.c b/security/nss/lib/freebl/intel-gcm-wrap.c index 37a1af765..f69bc7c7a 100644 --- a/security/nss/lib/freebl/intel-gcm-wrap.c +++ b/security/nss/lib/freebl/intel-gcm-wrap.c @@ -62,6 +62,12 @@ intel_AES_GCM_CreateContext(void *context, PORT_SetError(SEC_ERROR_INVALID_ARGS); return NULL; } + // Limit AADLen in accordance with SP800-38D + if (sizeof(AAD_whole_len) >= 8 && AAD_whole_len > (1ULL << 61) - 1) { + PORT_SetError(SEC_ERROR_INPUT_LEN); + return NULL; + } + gcm = PORT_ZNew(intel_AES_GCMContext); if (gcm == NULL) { return NULL; @@ -159,6 +165,14 @@ intel_AES_GCM_EncryptUpdate(intel_AES_GCMContext *gcm, unsigned char T[AES_BLOCK_SIZE]; unsigned int j; + // GCM has a 16 octet block, with a 32-bit block counter + // Limit in accordance with SP800-38D + if (sizeof(inlen) > 4 && + inlen >= ((1ULL << 32) - 2) * AES_BLOCK_SIZE) { + PORT_SetError(SEC_ERROR_INPUT_LEN); + return SECFailure; + } + tagBytes = (gcm->tagBits + (PR_BITS_PER_BYTE - 1)) / PR_BITS_PER_BYTE; if (UINT_MAX - inlen < tagBytes) { PORT_SetError(SEC_ERROR_INPUT_LEN); @@ -216,6 +230,14 @@ intel_AES_GCM_DecryptUpdate(intel_AES_GCMContext *gcm, inlen -= tagBytes; intag = inbuf + inlen; + // GCM has a 16 octet block, with a 32-bit block counter + // Limit in accordance with SP800-38D + if (sizeof(inlen) > 4 && + inlen >= ((1ULL << 32) - 2) * AES_BLOCK_SIZE) { + PORT_SetError(SEC_ERROR_INPUT_LEN); + return SECFailure; + } + if (maxout < inlen) { *outlen = inlen; PORT_SetError(SEC_ERROR_OUTPUT_LEN); diff --git a/security/nss/lib/freebl/rsapkcs.c b/security/nss/lib/freebl/rsapkcs.c index 875e4e28d..6f94770ad 100644 --- a/security/nss/lib/freebl/rsapkcs.c +++ b/security/nss/lib/freebl/rsapkcs.c @@ -115,7 +115,7 @@ rsa_FormatOneBlock(unsigned modulusLen, { unsigned char *block; unsigned char *bp; - int padLen; + unsigned int padLen; int i, j; SECStatus rv; @@ -135,14 +135,14 @@ rsa_FormatOneBlock(unsigned modulusLen, switch (blockType) { /* - * Blocks intended for private-key operation. - */ + * Blocks intended for private-key operation. + */ case RSA_BlockPrivate: /* preferred method */ /* - * 0x00 || BT || Pad || 0x00 || ActualData - * 1 1 padLen 1 data->len - * Pad is either all 0x00 or all 0xff bytes, depending on blockType. - */ + * 0x00 || BT || Pad || 0x00 || ActualData + * 1 1 padLen 1 data->len + * Pad is either all 0x00 or all 0xff bytes, depending on blockType. + */ padLen = modulusLen - data->len - 3; PORT_Assert(padLen >= RSA_BLOCK_MIN_PAD_LEN); if (padLen < RSA_BLOCK_MIN_PAD_LEN) { @@ -162,7 +162,7 @@ rsa_FormatOneBlock(unsigned modulusLen, /* * 0x00 || BT || Pad || 0x00 || ActualData * 1 1 padLen 1 data->len - * Pad is all non-zero random bytes. + * Pad is 8 or more non-zero random bytes. * * Build the block left to right. * Fill the entire block from Pad to the end with random bytes. @@ -236,7 +236,9 @@ rsa_FormatBlock(SECItem *result, * The "3" below is the first octet + the second octet + the 0x00 * octet that always comes just before the ActualData. */ - PORT_Assert(data->len <= (modulusLen - (3 + RSA_BLOCK_MIN_PAD_LEN))); + if (data->len > (modulusLen - (3 + RSA_BLOCK_MIN_PAD_LEN))) { + return SECFailure; + } result->data = rsa_FormatOneBlock(modulusLen, blockType, data); if (result->data == NULL) { diff --git a/security/nss/lib/nss/nss.h b/security/nss/lib/nss/nss.h index ea54ce0cd..f6b83a01c 100644 --- a/security/nss/lib/nss/nss.h +++ b/security/nss/lib/nss/nss.h @@ -22,10 +22,10 @@ * The format of the version string should be * "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]" */ -#define NSS_VERSION "3.41.2" _NSS_CUSTOMIZED +#define NSS_VERSION "3.41.3" _NSS_CUSTOMIZED #define NSS_VMAJOR 3 #define NSS_VMINOR 41 -#define NSS_VPATCH 2 +#define NSS_VPATCH 3 #define NSS_VBUILD 0 #define NSS_BETA PR_FALSE diff --git a/security/nss/lib/softoken/pkcs11c.c b/security/nss/lib/softoken/pkcs11c.c index 884702cc1..327a67d5c 100644 --- a/security/nss/lib/softoken/pkcs11c.c +++ b/security/nss/lib/softoken/pkcs11c.c @@ -7668,9 +7668,11 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession, const SECHashObject *rawHash; unsigned hashLen; CK_BYTE hashbuf[HASH_LENGTH_MAX]; - CK_BYTE *prk; /* psuedo-random key */ + CK_BYTE *prk; /* psuedo-random key */ CK_ULONG prkLen; - CK_BYTE *okm; /* output keying material */ + CK_BYTE *okm; /* output keying material */ + unsigned allocated_space = 0; /* If we need more work space, track it */ + unsigned char *key_buf = &key_block[0]; rawHash = HASH_GetRawHashObject(hashType); if (rawHash == NULL || rawHash->length > sizeof(hashbuf)) { @@ -7686,7 +7688,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession, crv = CKR_MECHANISM_PARAM_INVALID; break; } - if (keySize == 0 || keySize > sizeof key_block || + if (keySize == 0 || (!params->bExpand && keySize > hashLen) || (params->bExpand && keySize > 255 * hashLen)) { crv = CKR_TEMPLATE_INCONSISTENT; @@ -7736,34 +7738,49 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession, /* T(1) = HMAC-Hash(prk, "" | info | 0x01) * T(n) = HMAC-Hash(prk, T(n-1) | info | n * key material = T(1) | ... | T(n) + * + * If the requested output length does not fit + * within |key_block|, allocate space for expansion. */ HMACContext *hmac; CK_BYTE bi; - unsigned iterations = PR_ROUNDUP(keySize, hashLen) / hashLen; + unsigned n_bytes = PR_ROUNDUP(keySize, hashLen); + unsigned iterations = n_bytes / hashLen; hmac = HMAC_Create(rawHash, prk, prkLen, isFIPS); if (hmac == NULL) { crv = CKR_HOST_MEMORY; break; } - for (bi = 1; bi <= iterations; ++bi) { + if (n_bytes > sizeof(key_block)) { + key_buf = PORT_Alloc(n_bytes); + if (key_buf == NULL) { + crv = CKR_HOST_MEMORY; + break; + } + allocated_space = n_bytes; + } + for (bi = 1; bi <= iterations && bi > 0; ++bi) { unsigned len; HMAC_Begin(hmac); if (bi > 1) { - HMAC_Update(hmac, key_block + ((bi - 2) * hashLen), hashLen); + HMAC_Update(hmac, key_buf + ((bi - 2) * hashLen), hashLen); } if (params->ulInfoLen != 0) { HMAC_Update(hmac, params->pInfo, params->ulInfoLen); } HMAC_Update(hmac, &bi, 1); - HMAC_Finish(hmac, key_block + ((bi - 1) * hashLen), &len, + HMAC_Finish(hmac, key_buf + ((bi - 1) * hashLen), &len, hashLen); PORT_Assert(len == hashLen); } HMAC_Destroy(hmac, PR_TRUE); - okm = key_block; + okm = key_buf; } /* key material = prk */ crv = sftk_forceAttribute(key, CKA_VALUE, okm, keySize); + if (allocated_space) { + PORT_ZFree(key_buf, allocated_space); + } break; } /* end of CKM_NSS_HKDF_* */ diff --git a/security/nss/lib/softoken/softkver.h b/security/nss/lib/softoken/softkver.h index 73a38b010..ab2e91018 100644 --- a/security/nss/lib/softoken/softkver.h +++ b/security/nss/lib/softoken/softkver.h @@ -17,10 +17,10 @@ * The format of the version string should be * "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]" */ -#define SOFTOKEN_VERSION "3.41.2" SOFTOKEN_ECC_STRING +#define SOFTOKEN_VERSION "3.41.3" SOFTOKEN_ECC_STRING #define SOFTOKEN_VMAJOR 3 #define SOFTOKEN_VMINOR 41 -#define SOFTOKEN_VPATCH 2 +#define SOFTOKEN_VPATCH 3 #define SOFTOKEN_VBUILD 0 #define SOFTOKEN_BETA PR_FALSE diff --git a/security/nss/lib/util/nssutil.h b/security/nss/lib/util/nssutil.h index a2be260b0..f880fb55e 100644 --- a/security/nss/lib/util/nssutil.h +++ b/security/nss/lib/util/nssutil.h @@ -19,10 +19,10 @@ * The format of the version string should be * "<major version>.<minor version>[.<patch level>[.<build number>]][ <Beta>]" */ -#define NSSUTIL_VERSION "3.41.2" +#define NSSUTIL_VERSION "3.41.3" #define NSSUTIL_VMAJOR 3 #define NSSUTIL_VMINOR 41 -#define NSSUTIL_VPATCH 2 +#define NSSUTIL_VPATCH 3 #define NSSUTIL_VBUILD 0 #define NSSUTIL_BETA PR_FALSE |