Date: Wed, 28 Jan 2009 15:31:16 +0000 (UTC) From: "Bjoern A. Zeeb" <bz@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r187826 - head/sys/opencrypto Message-ID: <200901281531.n0SFVGvi024257@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: bz Date: Wed Jan 28 15:31:16 2009 New Revision: 187826 URL: http://svn.freebsd.org/changeset/base/187826 Log: While OpenBSD's crypto/ framework has sha1 and md5 implementations that can cope with a result buffer of NULL in the "Final" function, we cannot. Thus pass in a temporary buffer long enough for either md5 or sha1 results so that we do not panic. PR: bin/126468 MFC after: 1 week Modified: head/sys/opencrypto/cryptosoft.c Modified: head/sys/opencrypto/cryptosoft.c ============================================================================== --- head/sys/opencrypto/cryptosoft.c Wed Jan 28 15:22:44 2009 (r187825) +++ head/sys/opencrypto/cryptosoft.c Wed Jan 28 15:31:16 2009 (r187826) @@ -433,12 +433,17 @@ swcr_authprepare(struct auth_hash *axf, break; case CRYPTO_MD5_KPDK: case CRYPTO_SHA1_KPDK: + { + /* We need a buffer that can hold an md5 and a sha1 result. */ + u_char buf[SHA1_RESULTLEN]; + sw->sw_klen = klen; bcopy(key, sw->sw_octx, klen); axf->Init(sw->sw_ictx); axf->Update(sw->sw_ictx, key, klen); - axf->Final(NULL, sw->sw_ictx); + axf->Final(buf, sw->sw_ictx); break; + } default: printf("%s: CRD_F_KEY_EXPLICIT flag given, but algorithm %d " "doesn't use keys.\n", __func__, axf->type);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200901281531.n0SFVGvi024257>