Small cleanups for pgcrypto. Marko Kreen

contrib/pgcrypto/fortuna.c

@@ -26,7 +26,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $PostgreSQL: pgsql/contrib/pgcrypto/fortuna.c,v 1.2 2005/07/11 15:07:59 tgl Exp $
+ * $PostgreSQL: pgsql/contrib/pgcrypto/fortuna.c,v 1.3 2005/07/18 17:09:01 tgl Exp $
  */
 
 #include "postgres.h"
@@ -174,8 +174,8 @@ static void init_state(FState *st)
 }
 
 /*
- * Must not reseed more ofter than RESEED_PER_SEC
- * times per second.
+ * The time between reseed must be at least RESEED_INTERVAL
+ * microseconds.
  */
 static int too_often(FState *st)
 {
@@ -241,7 +241,6 @@ static void reseed(FState *st)
 
 	memset(&key_md, 0, sizeof(key_md));
 	memset(buf, 0, BLOCK);
-	n = k = 0;
 }
 
 /*

contrib/pgcrypto/internal.c

@@ -26,7 +26,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $PostgreSQL: pgsql/contrib/pgcrypto/internal.c,v 1.20 2005/07/11 15:07:59 tgl Exp $
+ * $PostgreSQL: pgsql/contrib/pgcrypto/internal.c,v 1.21 2005/07/18 17:09:01 tgl Exp $
  */
 
 #include "postgres.h"
@@ -127,6 +127,7 @@ int_md5_free(PX_MD * h)
 {
 	MD5_CTX    *ctx = (MD5_CTX *) h->p.ptr;
 
+	memset(ctx, 0, sizeof(*ctx));
 	px_free(ctx);
 	px_free(h);
 }
@@ -174,6 +175,7 @@ int_sha1_free(PX_MD * h)
 {
 	SHA1_CTX   *ctx = (SHA1_CTX *) h->p.ptr;
 
+	memset(ctx, 0, sizeof(*ctx));
 	px_free(ctx);
 	px_free(h);
 }
@@ -221,6 +223,7 @@ int_sha256_free(PX_MD * h)
 {
 	SHA256_CTX   *ctx = (SHA256_CTX *) h->p.ptr;
 
+	memset(ctx, 0, sizeof(*ctx));
 	px_free(ctx);
 	px_free(h);
 }
@@ -267,6 +270,7 @@ int_sha384_free(PX_MD * h)
 {
 	SHA384_CTX   *ctx = (SHA384_CTX *) h->p.ptr;
 
+	memset(ctx, 0, sizeof(*ctx));
 	px_free(ctx);
 	px_free(h);
 }
@@ -314,6 +318,7 @@ int_sha512_free(PX_MD * h)
 {
 	SHA512_CTX   *ctx = (SHA512_CTX *) h->p.ptr;
 
+	memset(ctx, 0, sizeof(*ctx));
 	px_free(ctx);
 	px_free(h);
 }
@@ -326,6 +331,7 @@ init_md5(PX_MD * md)
 	MD5_CTX    *ctx;
 
 	ctx = px_alloc(sizeof(*ctx));
+	memset(ctx, 0, sizeof(*ctx));
 
 	md->p.ptr = ctx;
 
@@ -345,6 +351,7 @@ init_sha1(PX_MD * md)
 	SHA1_CTX   *ctx;
 
 	ctx = px_alloc(sizeof(*ctx));
+	memset(ctx, 0, sizeof(*ctx));
 
 	md->p.ptr = ctx;
 
@@ -364,6 +371,7 @@ init_sha256(PX_MD * md)
 	SHA256_CTX   *ctx;
 
 	ctx = px_alloc(sizeof(*ctx));
+	memset(ctx, 0, sizeof(*ctx));
 
 	md->p.ptr = ctx;
 
@@ -383,6 +391,7 @@ init_sha384(PX_MD * md)
 	SHA384_CTX   *ctx;
 
 	ctx = px_alloc(sizeof(*ctx));
+	memset(ctx, 0, sizeof(*ctx));
 
 	md->p.ptr = ctx;
 
@@ -402,6 +411,7 @@ init_sha512(PX_MD * md)
 	SHA512_CTX   *ctx;
 
 	ctx = px_alloc(sizeof(*ctx));
+	memset(ctx, 0, sizeof(*ctx));
 
 	md->p.ptr = ctx;
 
@@ -829,6 +839,7 @@ static void system_reseed(void)
 		fortuna_add_entropy(SYSTEM_ENTROPY, buf, n);
 
 	seed_time = t;
+	memset(buf, 0, sizeof(buf));
 }
 
 int

contrib/pgcrypto/pgp-compress.c

@@ -26,7 +26,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $PostgreSQL: pgsql/contrib/pgcrypto/pgp-compress.c,v 1.3 2005/07/18 16:35:06 tgl Exp $
+ * $PostgreSQL: pgsql/contrib/pgcrypto/pgp-compress.c,v 1.4 2005/07/18 17:09:01 tgl Exp $
  */
 
 #include "postgres.h"
@@ -270,7 +270,11 @@ restart:
 	dec->stream.avail_out = dec->buf_len;
 	dec->pos = dec->buf;
 
-	/* Z_NO_FLUSH, Z_SYNC_FLUSH */
+	/*
+	 * Z_SYNC_FLUSH is tell zlib to output as much as possible.
+	 * It should do it anyway (Z_NO_FLUSH), but seems to reserve
+	 * the right not to.  So lets follow the API.
+	 */
 	flush = dec->stream.avail_in ? Z_SYNC_FLUSH : Z_FINISH;
 	res = inflate(&dec->stream, flush);
 	if (res != Z_OK && res != Z_STREAM_END)

contrib/pgcrypto/pgp-decrypt.c

@@ -26,7 +26,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $PostgreSQL: pgsql/contrib/pgcrypto/pgp-decrypt.c,v 1.3 2005/07/18 16:35:06 tgl Exp $
+ * $PostgreSQL: pgsql/contrib/pgcrypto/pgp-decrypt.c,v 1.4 2005/07/18 17:09:01 tgl Exp $
  */
 
 #include "postgres.h"
@@ -339,7 +339,6 @@ static void mdc_free(void *priv)
 	ctx->mdc_ctx = NULL;
 }
 
-/* fixme: clarify */
 static int mdc_finish(PGP_Context *ctx, PullFilter *src,
 		int len, uint8 **data_p)
 {
@@ -364,6 +363,7 @@ static int mdc_finish(PGP_Context *ctx, PullFilter *src,
 		return 0;
 	}
 	
+	/* safety check */
 	if (ctx->in_mdc_pkt > 1)
 	{
 		px_debug("mdc_finish: several times here?");
@@ -371,6 +371,7 @@ static int mdc_finish(PGP_Context *ctx, PullFilter *src,
 	}
 	ctx->in_mdc_pkt++;
 	
+	/* is the packet sane? */
 	if (res != 20)
 	{
 		px_debug("mdc_finish: read failed, res=%d", res);

contrib/pgcrypto/pgp.h

@@ -26,7 +26,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $PostgreSQL: pgsql/contrib/pgcrypto/pgp.h,v 1.1 2005/07/10 13:46:29 momjian Exp $
+ * $PostgreSQL: pgsql/contrib/pgcrypto/pgp.h,v 1.2 2005/07/18 17:09:01 tgl Exp $
  */
 
 enum
@@ -238,8 +238,6 @@ unsigned	pgp_armor_dec_len(unsigned len);
 int pgp_compress_filter(PushFilter **res, PGP_Context *ctx, PushFilter *dst);
 int pgp_decompress_filter(PullFilter **res, PGP_Context *ctx, PullFilter *src);
 
-extern void (*pgp_packet_debug) (int tag, uint8 *buf, int len);
-
 int pgp_key_alloc(PGP_PubKey **pk_p);
 void pgp_key_free(PGP_PubKey *pk);
 int _pgp_read_public_key(PullFilter *pkt, PGP_PubKey *pk);

contrib/pgcrypto/random.c

@@ -26,7 +26,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $PostgreSQL: pgsql/contrib/pgcrypto/random.c,v 1.14 2005/07/11 19:06:46 tgl Exp $
+ * $PostgreSQL: pgsql/contrib/pgcrypto/random.c,v 1.15 2005/07/18 17:09:01 tgl Exp $
  */
 
 #include "postgres.h"
@@ -44,7 +44,9 @@
  */
 #if defined(__linux__) || defined(__FreeBSD__) || defined(__OpenBSD__) \
 	|| defined(__NetBSD__) || defined(__DragonFly__) \
-	|| defined(__darwin__) || defined(__SOLARIS__)
+	|| defined(__darwin__) || defined(__SOLARIS__) \
+	|| defined(__hpux) || defined(__HPUX__) \
+	|| defined(__CYGWIN__) || defined(_AIX)
 
 #define TRY_DEV_RANDOM