While OpenBSD's crypto/ framework has sha1 and md5 implementations that
can cope with a result buffer of NULL in the "Final" function, we cannot. Thus pass in a temporary buffer long enough for either md5 or sha1 results so that we do not panic. PR: bin/126468 MFC after: 1 week
This commit is contained in:
Bjoern A. Zeeb
parent
2ea9e54539
commit
1f4990a6b5
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=187826
@ -433,12 +433,17 @@ swcr_authprepare(struct auth_hash *axf, struct swcr_data *sw, u_char *key,
|
||||
break;
|
||||
case CRYPTO_MD5_KPDK:
|
||||
case CRYPTO_SHA1_KPDK:
|
||||
{
|
||||
/* We need a buffer that can hold an md5 and a sha1 result. */
|
||||
u_char buf[SHA1_RESULTLEN];
|
||||
|
||||
sw->sw_klen = klen;
|
||||
bcopy(key, sw->sw_octx, klen);
|
||||
axf->Init(sw->sw_ictx);
|
||||
axf->Update(sw->sw_ictx, key, klen);
|
||||
axf->Final(NULL, sw->sw_ictx);
|
||||
axf->Final(buf, sw->sw_ictx);
|
||||
break;
|
||||
}
|
||||
default:
|
||||
printf("%s: CRD_F_KEY_EXPLICIT flag given, but algorithm %d "
|
||||
"doesn't use keys.\n", __func__, axf->type);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user