From ff76fe6c8f1e3b34c5571437612a038077f29860 Mon Sep 17 00:00:00 2001 From: dartraiden Date: Fri, 24 May 2024 23:43:03 +0300 Subject: libcurl: update to 8.8.0 --- libs/libcurl/src/curl_sha512_256.c | 52 +++++++++++++++++++++----------------- 1 file changed, 29 insertions(+), 23 deletions(-) (limited to 'libs/libcurl/src/curl_sha512_256.c') diff --git a/libs/libcurl/src/curl_sha512_256.c b/libs/libcurl/src/curl_sha512_256.c index e1d6c4bc99..bd96af1c4e 100644 --- a/libs/libcurl/src/curl_sha512_256.c +++ b/libs/libcurl/src/curl_sha512_256.c @@ -44,7 +44,7 @@ # include # if (!defined(LIBRESSL_VERSION_NUMBER) && \ defined(OPENSSL_VERSION_NUMBER) && \ - (OPENSSL_VERSION_NUMBER >= 0x10100010L)) || \ + (OPENSSL_VERSION_NUMBER >= 0x10101000L)) || \ (defined(LIBRESSL_VERSION_NUMBER) && \ (LIBRESSL_VERSION_NUMBER >= 0x3080000fL)) # include @@ -52,6 +52,27 @@ # include # define USE_OPENSSL_SHA512_256 1 # define HAS_SHA512_256_IMPLEMENTATION 1 +# ifdef __NetBSD__ +/* Some NetBSD versions has a bug in SHA-512/256. + * See https://gnats.netbsd.org/cgi-bin/query-pr-single.pl?number=58039 + * The problematic versions: + * - NetBSD before 9.4 + * - NetBSD 9 all development versions (9.99.x) + * - NetBSD 10 development versions (10.99.x) before 10.99.11 + * The bug was fixed in NetBSD 9.4 release, NetBSD 10.0 release, + * NetBSD 10.99.11 development. + * It is safe to apply the workaround even if the bug is not present, as + * the workaround just reduces performance slightly. */ +# include +# if __NetBSD_Version__ < 904000000 || \ + (__NetBSD_Version__ >= 999000000 && \ + __NetBSD_Version__ < 1000000000) || \ + (__NetBSD_Version__ >= 1099000000 && \ + __NetBSD_Version__ < 1099001100) +# define NEED_NETBSD_SHA512_256_WORKAROUND 1 +# include +# endif +# endif # endif # endif #endif /* USE_OPENSSL */ @@ -153,7 +174,7 @@ Curl_sha512_256_finish(unsigned char *digest, CURLcode ret; Curl_sha512_256_ctx *const ctx = (Curl_sha512_256_ctx *)context; -#ifdef __NetBSD__ +#ifdef NEED_NETBSD_SHA512_256_WORKAROUND /* Use a larger buffer to work around a bug in NetBSD: https://gnats.netbsd.org/cgi-bin/query-pr-single.pl?number=58039 */ unsigned char tmp_digest[SHA512_256_DIGEST_SIZE * 2]; @@ -161,9 +182,10 @@ Curl_sha512_256_finish(unsigned char *digest, tmp_digest, NULL) ? CURLE_OK : CURLE_SSL_CIPHER; if(ret == CURLE_OK) memcpy(digest, tmp_digest, SHA512_256_DIGEST_SIZE); -#else /* ! __NetBSD__ */ + explicit_memset(tmp_digest, 0, sizeof(tmp_digest)); +#else /* ! NEED_NETBSD_SHA512_256_WORKAROUND */ ret = EVP_DigestFinal_ex(*ctx, digest, NULL) ? CURLE_OK : CURLE_SSL_CIPHER; -#endif /* ! __NetBSD__ */ +#endif /* ! NEED_NETBSD_SHA512_256_WORKAROUND */ EVP_MD_CTX_destroy(*ctx); *ctx = NULL; @@ -264,29 +286,13 @@ Curl_sha512_256_finish(unsigned char *digest, defined(_MSC_VER) && !defined(__GNUC__) && !defined(__clang__) # if _MSC_VER >= 1400 # define MHDX_INLINE __forceinline -# else -# define MHDX_INLINE /* empty */ # endif #endif #if !defined(MHDX_INLINE) -# if defined(inline) - /* Assume that 'inline' macro was already defined correctly by - * the build system. */ -# define MHDX_INLINE inline -# elif defined(__cplusplus) - /* The code is compiled with C++ compiler. - * C++ always supports 'inline'. */ -# define MHDX_INLINE inline -# elif defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901 - /* C99 (and later) supports 'inline' keyword */ -# define MHDX_INLINE inline -# elif defined(__GNUC__) && __GNUC__ >= 3 - /* GCC supports '__inline__' as an extension */ -# define MHDX_INLINE __inline__ -# else -# define MHDX_INLINE /* empty */ -# endif + /* Assume that 'inline' keyword works or the + * macro was already defined correctly. */ +# define MHDX_INLINE inline #endif /* Bits manipulation macros and functions. -- cgit v1.2.3