|
 |
afd354 |
From e22f3e2439903aa05321ca339be6a12067b2c4db Mon Sep 17 00:00:00 2001
|
|
|
afd354 |
From: Robbie Harwood <rharwood@redhat.com>
|
|
|
afd354 |
Date: Mon, 6 May 2019 15:14:49 -0400
|
|
|
afd354 |
Subject: [PATCH] Avoid alignment warnings in openssl rc4.c
|
|
|
afd354 |
|
|
|
afd354 |
Add a comment to k5_arcfour_init_state() explaining how we stretch the
|
|
|
afd354 |
krb5_data cipher state contract. Use void * casts when interpreting
|
|
|
afd354 |
the data pointer to avoid alignment warnings.
|
|
|
afd354 |
|
|
|
afd354 |
[ghudson@mit.edu: moved and expanded comment; rewrote commit message]
|
|
|
afd354 |
|
|
|
afd354 |
(cherry picked from commit 1cd41d76c12fc1cea0a8bf0d6a40f34623c60d6d)
|
|
|
afd354 |
---
|
|
|
afd354 |
src/lib/crypto/openssl/enc_provider/rc4.c | 15 ++++++++++++---
|
|
|
afd354 |
1 file changed, 12 insertions(+), 3 deletions(-)
|
|
|
afd354 |
|
|
|
afd354 |
diff --git a/src/lib/crypto/openssl/enc_provider/rc4.c b/src/lib/crypto/openssl/enc_provider/rc4.c
|
|
|
afd354 |
index 7f3c086ed..a65d57b7a 100644
|
|
|
afd354 |
--- a/src/lib/crypto/openssl/enc_provider/rc4.c
|
|
|
afd354 |
+++ b/src/lib/crypto/openssl/enc_provider/rc4.c
|
|
|
afd354 |
@@ -57,7 +57,7 @@ struct arcfour_state {
|
|
|
afd354 |
|
|
|
afd354 |
/* In-place IOV crypto */
|
|
|
afd354 |
static krb5_error_code
|
|
|
afd354 |
-k5_arcfour_docrypt(krb5_key key,const krb5_data *state, krb5_crypto_iov *data,
|
|
|
afd354 |
+k5_arcfour_docrypt(krb5_key key, const krb5_data *state, krb5_crypto_iov *data,
|
|
|
afd354 |
size_t num_data)
|
|
|
afd354 |
{
|
|
|
afd354 |
size_t i;
|
|
|
afd354 |
@@ -66,7 +66,7 @@ k5_arcfour_docrypt(krb5_key key,const krb5_data *state, krb5_crypto_iov *data,
|
|
|
afd354 |
EVP_CIPHER_CTX *ctx = NULL;
|
|
|
afd354 |
struct arcfour_state *arcstate;
|
|
|
afd354 |
|
|
|
afd354 |
- arcstate = (state != NULL) ? (struct arcfour_state *) state->data : NULL;
|
|
|
afd354 |
+ arcstate = (state != NULL) ? (void *)state->data : NULL;
|
|
|
afd354 |
if (arcstate != NULL) {
|
|
|
afd354 |
ctx = arcstate->ctx;
|
|
|
afd354 |
if (arcstate->loopback != arcstate)
|
|
|
afd354 |
@@ -113,7 +113,7 @@ k5_arcfour_docrypt(krb5_key key,const krb5_data *state, krb5_crypto_iov *data,
|
|
|
afd354 |
static void
|
|
|
afd354 |
k5_arcfour_free_state(krb5_data *state)
|
|
|
afd354 |
{
|
|
|
afd354 |
- struct arcfour_state *arcstate = (struct arcfour_state *) state->data;
|
|
|
afd354 |
+ struct arcfour_state *arcstate = (void *)state->data;
|
|
|
afd354 |
|
|
|
afd354 |
EVP_CIPHER_CTX_free(arcstate->ctx);
|
|
|
afd354 |
free(arcstate);
|
|
|
afd354 |
@@ -125,6 +125,15 @@ k5_arcfour_init_state(const krb5_keyblock *key,
|
|
|
afd354 |
{
|
|
|
afd354 |
struct arcfour_state *arcstate;
|
|
|
afd354 |
|
|
|
afd354 |
+ /*
|
|
|
afd354 |
+ * The cipher state here is a saved pointer to a struct arcfour_state
|
|
|
afd354 |
+ * object, rather than a flat byte array as in most enc providers. The
|
|
|
afd354 |
+ * object includes a loopback pointer to detect if if the caller made a
|
|
|
afd354 |
+ * copy of the krb5_data value or otherwise assumed it was a simple byte
|
|
|
afd354 |
+ * array. When we cast the data pointer back, we need to go through void *
|
|
|
afd354 |
+ * to avoid increased alignment warnings.
|
|
|
afd354 |
+ */
|
|
|
afd354 |
+
|
|
|
afd354 |
/* Create a state structure with an uninitialized context. */
|
|
|
afd354 |
arcstate = calloc(1, sizeof(*arcstate));
|
|
|
afd354 |
if (arcstate == NULL)
|