summaryrefslogtreecommitdiff
path: root/shared
diff options
context:
space:
mode:
Diffstat (limited to 'shared')
-rw-r--r--shared/nm-utils/nm-io-utils.c4
-rw-r--r--shared/nm-utils/nm-secret-utils.c27
-rw-r--r--shared/nm-utils/nm-secret-utils.h2
-rw-r--r--shared/nm-utils/nm-shared-utils.c2
4 files changed, 33 insertions, 2 deletions
diff --git a/shared/nm-utils/nm-io-utils.c b/shared/nm-utils/nm-io-utils.c
index ce1fee6862..513127480e 100644
--- a/shared/nm-utils/nm-io-utils.c
+++ b/shared/nm-utils/nm-io-utils.c
@@ -268,8 +268,8 @@ nm_utils_fd_get_contents (int fd,
* @flags: %NMUtilsFileGetContentsFlags for reading the file.
* @contents: the output buffer with the file read. It is always
* NUL terminated. The buffer is at most @max_length long, including
- * the NUL byte. That is, it reads only files up to a length of
- * @max_length - 1 bytes.
+ * the NUL byte. That is, it reads only files up to a length of
+ * @max_length - 1 bytes.
* @length: optional output argument of the read file size.
*
* A reimplementation of g_file_get_contents() with a few differences:
diff --git a/shared/nm-utils/nm-secret-utils.c b/shared/nm-utils/nm-secret-utils.c
index 65f99c65d9..ec5cc6b1b3 100644
--- a/shared/nm-utils/nm-secret-utils.c
+++ b/shared/nm-utils/nm-secret-utils.c
@@ -17,6 +17,7 @@
* Boston, MA 02110-1301 USA.
*
* (C) Copyright 2018 Red Hat, Inc.
+ * (C) Copyright 2015 - 2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
*/
#include "nm-default.h"
@@ -132,3 +133,29 @@ nm_secret_buf_to_gbytes_take (NMSecretBuf *secret, gssize actual_len)
_secret_buf_free,
secret);
}
+
+/*****************************************************************************/
+
+/**
+ * nm_utils_memeqzero_secret:
+ * @data: the data pointer to check (may be %NULL if @length is zero).
+ * @length: the number of bytes to check.
+ *
+ * Checks that all bytes are zero. This always takes the same amount
+ * of time to prevent timing attacks.
+ *
+ * Returns: whether all bytes are zero.
+ */
+gboolean
+nm_utils_memeqzero_secret (gconstpointer data, gsize length)
+{
+ const guint8 *const key = data;
+ volatile guint8 acc = 0;
+ gsize i;
+
+ for (i = 0; i < length; i++) {
+ acc |= key[i];
+ asm volatile("" : "=r"(acc) : "0"(acc));
+ }
+ return 1 & ((acc - 1) >> 8);
+}
diff --git a/shared/nm-utils/nm-secret-utils.h b/shared/nm-utils/nm-secret-utils.h
index 1bd518704e..034ef7bd33 100644
--- a/shared/nm-utils/nm-secret-utils.h
+++ b/shared/nm-utils/nm-secret-utils.h
@@ -173,4 +173,6 @@ GBytes *nm_secret_buf_to_gbytes_take (NMSecretBuf *secret, gssize actual_len);
/*****************************************************************************/
+gboolean nm_utils_memeqzero_secret (gconstpointer data, gsize length);
+
#endif /* __NM_SECRET_UTILS_H__ */
diff --git a/shared/nm-utils/nm-shared-utils.c b/shared/nm-utils/nm-shared-utils.c
index 0e427a24c6..6a43c67063 100644
--- a/shared/nm-utils/nm-shared-utils.c
+++ b/shared/nm-utils/nm-shared-utils.c
@@ -672,6 +672,8 @@ nm_utils_parse_inaddr_prefix_bin (int addr_family,
return FALSE;
if (slash) {
+ /* For IPv4, `ip addr add` supports the prefix-length as a netmask. We don't
+ * do that. */
prefix = _nm_utils_ascii_str_to_int64 (slash + 1, 10,
0,
addr_family == AF_INET ? 32 : 128,
View Lorry Controller Status