- djm@cvs.openbsd.org 2014/03/26 04:55:35

[chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c
     [misc.h poly1305.h ssh-pkcs11.c]
     use __bounded(...) attribute recently added to sys/cdefs.h instead of
     longform __attribute__(__bounded(...));

     for brevity and a warning free compilation with llvm/clang

ChangeLog

@@ -51,6 +51,13 @@
    - markus@cvs.openbsd.org 2014/03/27 23:01:27
      [myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
      disable weak proposals in sshd, but keep them in ssh; ok djm@
+   - djm@cvs.openbsd.org 2014/03/26 04:55:35
+     [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c
+     [misc.h poly1305.h ssh-pkcs11.c]
+     use __bounded(...) attribute recently added to sys/cdefs.h instead of
+     longform __attribute__(__bounded(...));
+     
+     for brevity and a warning free compilation with llvm/clang
 
 20140401
  - (djm) On platforms that support it, use prctl() to prevent sftp-server

chacha.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: chacha.h,v 1.1 2013/11/21 00:45:44 djm Exp $ */
+/* $OpenBSD: chacha.h,v 1.2 2014/03/26 04:55:35 djm Exp $ */
 
 /*
 chacha-merged.c version 20080118
@@ -22,14 +22,14 @@ struct chacha_ctx {
 #define CHACHA_BLOCKLEN		64
 
 void chacha_keysetup(struct chacha_ctx *x, const u_char *k, u_int kbits)
-    __attribute__((__bounded__(__minbytes__, 2, CHACHA_MINKEYLEN)));
+    __bounded((__minbytes__, 2, CHACHA_MINKEYLEN));
 void chacha_ivsetup(struct chacha_ctx *x, const u_char *iv, const u_char *ctr)
-    __attribute__((__bounded__(__minbytes__, 2, CHACHA_NONCELEN)))
+    __bounded((__minbytes__, 2, CHACHA_NONCELEN))
-    __attribute__((__bounded__(__minbytes__, 3, CHACHA_CTRLEN)));
+    __bounded((__minbytes__, 3, CHACHA_CTRLEN));
 void chacha_encrypt_bytes(struct chacha_ctx *x, const u_char *m,
     u_char *c, u_int bytes)
-    __attribute__((__bounded__(__buffer__, 2, 4)))
+    __bounded((__buffer__, 2, 4))
-    __attribute__((__bounded__(__buffer__, 3, 4)));
+    __bounded((__buffer__, 3, 4));
 
 #endif	/* CHACHA_H */
 

cipher-chachapoly.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher-chachapoly.h,v 1.1 2013/11/21 00:45:44 djm Exp $ */
+/* $OpenBSD: cipher-chachapoly.h,v 1.2 2014/03/26 04:55:35 djm Exp $ */
 
 /*
  * Copyright (c) Damien Miller 2013 <djm@mindrot.org>
@@ -30,12 +30,12 @@ struct chachapoly_ctx {
 
 void	chachapoly_init(struct chachapoly_ctx *cpctx,
     const u_char *key, u_int keylen)
-    __attribute__((__bounded__(__buffer__, 2, 3)));
+    __bounded((__buffer__, 2, 3));
 int	chachapoly_crypt(struct chachapoly_ctx *cpctx, u_int seqnr,
     u_char *dest, const u_char *src, u_int len, u_int aadlen, u_int authlen,
     int do_encrypt);
 int	chachapoly_get_length(struct chachapoly_ctx *cpctx,
     u_int *plenp, u_int seqnr, const u_char *cp, u_int len)
-    __attribute__((__bounded__(__buffer__, 4, 5)));
+    __bounded((__buffer__, 4, 5));
 
 #endif /* CHACHA_POLY_AEAD_H */

defines.h

@@ -25,7 +25,7 @@
 #ifndef _DEFINES_H
 #define _DEFINES_H
 
-/* $Id: defines.h,v 1.176 2014/01/17 13:12:38 dtucker Exp $ */
+/* $Id: defines.h,v 1.177 2014/04/20 03:21:23 djm Exp $ */
 
 
 /* Constants */
@@ -826,4 +826,14 @@ struct winsize {
 # define arc4random_stir()
 #endif
 
+/* __bounded macro */
+#ifndef __bounded
+# if __GNUC_PREREQ__(3,3) && !defined(__clang__)
+#  define __bounded(args)	__attribute__ ((__bounded__ args ))
+# else
+#  define __bounded(args)	/* delete */
+# endif /* __GNUC_PREREQ__(3,3) && !defined(__clang__) */
+#endif
+
+
 #endif /* _DEFINES_H */

digest.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: digest.h,v 1.2 2014/01/27 18:58:14 markus Exp $ */
+/* $OpenBSD: digest.h,v 1.3 2014/03/26 04:55:35 djm Exp $ */
 /*
  * Copyright (c) 2013 Damien Miller <djm@mindrot.org>
  *
@@ -45,18 +45,18 @@ int ssh_digest_copy_state(struct ssh_digest_ctx *from,
 /* One-shot API */
 int ssh_digest_memory(int alg, const void *m, size_t mlen,
     u_char *d, size_t dlen)
-	__attribute__((__bounded__(__buffer__, 2, 3)))
+	__bounded((__buffer__, 2, 3))
-	__attribute__((__bounded__(__buffer__, 4, 5)));
+	__bounded((__buffer__, 4, 5));
 int ssh_digest_buffer(int alg, const Buffer *b, u_char *d, size_t dlen)
-	__attribute__((__bounded__(__buffer__, 3, 4)));
+	__bounded((__buffer__, 3, 4));
 
 /* Update API */
 struct ssh_digest_ctx *ssh_digest_start(int alg);
 int ssh_digest_update(struct ssh_digest_ctx *ctx, const void *m, size_t mlen)
-	__attribute__((__bounded__(__buffer__, 2, 3)));
+	__bounded((__buffer__, 2, 3));
 int ssh_digest_update_buffer(struct ssh_digest_ctx *ctx, const Buffer *b);
 int ssh_digest_final(struct ssh_digest_ctx *ctx, u_char *d, size_t dlen)
-	__attribute__((__bounded__(__buffer__, 2, 3)));
+	__bounded((__buffer__, 2, 3));
 void ssh_digest_free(struct ssh_digest_ctx *ctx);
 
 #endif /* _DIGEST_H */

hmac.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: hmac.h,v 1.6 2014/01/27 18:58:14 markus Exp $ */
+/* $OpenBSD: hmac.h,v 1.7 2014/03/26 04:55:35 djm Exp $ */
 /*
  * Copyright (c) 2014 Markus Friedl.  All rights reserved.
  *
@@ -26,12 +26,12 @@ struct ssh_hmac_ctx *ssh_hmac_start(int alg);
 
 /* Sets the state of the HMAC or resets the state if key == NULL */
 int ssh_hmac_init(struct ssh_hmac_ctx *ctx, const void *key, size_t klen)
-	__attribute__((__bounded__(__buffer__, 2, 3)));
+	__bounded((__buffer__, 2, 3));
 int ssh_hmac_update(struct ssh_hmac_ctx *ctx, const void *m, size_t mlen)
-	__attribute__((__bounded__(__buffer__, 2, 3)));
+	__bounded((__buffer__, 2, 3));
 int ssh_hmac_update_buffer(struct ssh_hmac_ctx *ctx, const Buffer *b);
 int ssh_hmac_final(struct ssh_hmac_ctx *ctx, u_char *d, size_t dlen)
-	__attribute__((__bounded__(__buffer__, 2, 3)));
+	__bounded((__buffer__, 2, 3));
 void ssh_hmac_free(struct ssh_hmac_ctx *ctx);
 
 #endif /* _HMAC_H */

kex.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.h,v 1.62 2014/01/27 18:58:14 markus Exp $ */
+/* $OpenBSD: kex.h,v 1.63 2014/03/26 04:55:35 djm Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -187,12 +187,12 @@ kex_c25519_hash(int, char *, char *, char *, int,
 
 #define CURVE25519_SIZE 32
 void	kexc25519_keygen(u_char[CURVE25519_SIZE], u_char[CURVE25519_SIZE])
-	__attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE)))
+	__bounded((__minbytes__, 1, CURVE25519_SIZE))
-	__attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE)));
+	__bounded((__minbytes__, 2, CURVE25519_SIZE));
 void kexc25519_shared_key(const u_char key[CURVE25519_SIZE],
     const u_char pub[CURVE25519_SIZE], Buffer *out)
-	__attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE)))
+	__bounded((__minbytes__, 1, CURVE25519_SIZE))
-	__attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE)));
+	__bounded((__minbytes__, 2, CURVE25519_SIZE));
 
 void
 derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]);

kexc25519.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: kexc25519.c,v 1.5 2014/01/31 16:39:19 tedu Exp $ */
+/* $OpenBSD: kexc25519.c,v 1.6 2014/03/26 04:55:35 djm Exp $ */
 /*
  * Copyright (c) 2001, 2013 Markus Friedl.  All rights reserved.
  * Copyright (c) 2010 Damien Miller.  All rights reserved.
@@ -45,9 +45,9 @@
 
 extern int crypto_scalarmult_curve25519(u_char a[CURVE25519_SIZE],
     const u_char b[CURVE25519_SIZE], const u_char c[CURVE25519_SIZE])
-	__attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE)))
+	__bounded((__minbytes__, 1, CURVE25519_SIZE))
-	__attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE)))
+	__bounded((__minbytes__, 2, CURVE25519_SIZE))
-	__attribute__((__bounded__(__minbytes__, 3, CURVE25519_SIZE)));
+	__bounded((__minbytes__, 3, CURVE25519_SIZE));
 
 void
 kexc25519_keygen(u_char key[CURVE25519_SIZE], u_char pub[CURVE25519_SIZE])

misc.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.h,v 1.50 2013/10/14 23:28:23 djm Exp $ */
+/* $OpenBSD: misc.h,v 1.51 2014/03/26 04:55:35 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -70,17 +70,17 @@ int	 tun_open(int, int);
 
 /* Functions to extract or store big-endian words of various sizes */
 u_int64_t	get_u64(const void *)
-    __attribute__((__bounded__( __minbytes__, 1, 8)));
+    __bounded(( __minbytes__, 1, 8));
 u_int32_t	get_u32(const void *)
-    __attribute__((__bounded__( __minbytes__, 1, 4)));
+    __bounded(( __minbytes__, 1, 4));
 u_int16_t	get_u16(const void *)
-    __attribute__((__bounded__( __minbytes__, 1, 2)));
+    __bounded(( __minbytes__, 1, 2));
 void		put_u64(void *, u_int64_t)
-    __attribute__((__bounded__( __minbytes__, 1, 8)));
+    __bounded(( __minbytes__, 1, 8));
 void		put_u32(void *, u_int32_t)
-    __attribute__((__bounded__( __minbytes__, 1, 4)));
+    __bounded(( __minbytes__, 1, 4));
 void		put_u16(void *, u_int16_t)
-    __attribute__((__bounded__( __minbytes__, 1, 2)));
+    __bounded(( __minbytes__, 1, 2));
 
 struct bwlimit {
 	size_t buflen;

poly1305.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: poly1305.h,v 1.2 2013/12/19 22:57:13 djm Exp $ */
+/* $OpenBSD: poly1305.h,v 1.3 2014/03/26 04:55:35 djm Exp $ */
 
 /* 
  * Public Domain poly1305 from Andrew Moon
@@ -15,8 +15,8 @@
 
 void poly1305_auth(u_char out[POLY1305_TAGLEN], const u_char *m, size_t inlen,
     const u_char key[POLY1305_KEYLEN])
-    __attribute__((__bounded__(__minbytes__, 1, POLY1305_TAGLEN)))
+    __bounded((__minbytes__, 1, POLY1305_TAGLEN))
-    __attribute__((__bounded__(__buffer__, 2, 3)))
+    __bounded((__buffer__, 2, 3))
-    __attribute__((__bounded__(__minbytes__, 4, POLY1305_KEYLEN)));
+    __bounded((__minbytes__, 4, POLY1305_KEYLEN));
 
 #endif	/* POLY1305_H */

ssh-pkcs11.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-pkcs11.c,v 1.11 2013/11/13 13:48:20 markus Exp $ */
+/* $OpenBSD: ssh-pkcs11.c,v 1.12 2014/03/26 04:55:35 djm Exp $ */
 /*
  * Copyright (c) 2010 Markus Friedl.  All rights reserved.
  *
@@ -386,7 +386,7 @@ pkcs11_open_session(struct pkcs11_provider *p, CK_ULONG slotidx, char *pin)
  */
 static int pkcs11_fetch_keys_filter(struct pkcs11_provider *, CK_ULONG,
     CK_ATTRIBUTE [], CK_ATTRIBUTE [3], Key ***, int *)
-	__attribute__((__bounded__(__minbytes__,4, 3 * sizeof(CK_ATTRIBUTE))));
+	__bounded((__minbytes__,4, 3 * sizeof(CK_ATTRIBUTE)));
 
 static int
 pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx,