Get rid of the artification limitation enforced by
SCTP_AUTH_RANDOM_SIZE_MAX. This was suggested by Andrew Galante. MFC after: 3 days
This commit is contained in:
parent
a9d94d290b
commit
de72f4e54b
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=257804
@ -333,10 +333,6 @@ sctp_generate_random_key(uint32_t keylen)
|
|||||||
{
|
{
|
||||||
sctp_key_t *new_key;
|
sctp_key_t *new_key;
|
||||||
|
|
||||||
/* validate keylen */
|
|
||||||
if (keylen > SCTP_AUTH_RANDOM_SIZE_MAX)
|
|
||||||
keylen = SCTP_AUTH_RANDOM_SIZE_MAX;
|
|
||||||
|
|
||||||
new_key = sctp_alloc_key(keylen);
|
new_key = sctp_alloc_key(keylen);
|
||||||
if (new_key == NULL) {
|
if (new_key == NULL) {
|
||||||
/* out of memory */
|
/* out of memory */
|
||||||
@ -374,7 +370,7 @@ sctp_compare_key(sctp_key_t * key1, sctp_key_t * key2)
|
|||||||
uint32_t i;
|
uint32_t i;
|
||||||
uint32_t key1len, key2len;
|
uint32_t key1len, key2len;
|
||||||
uint8_t *key_1, *key_2;
|
uint8_t *key_1, *key_2;
|
||||||
uint8_t temp[SCTP_AUTH_RANDOM_SIZE_MAX];
|
uint8_t val1, val2;
|
||||||
|
|
||||||
/* sanity/length check */
|
/* sanity/length check */
|
||||||
key1len = sctp_get_keylen(key1);
|
key1len = sctp_get_keylen(key1);
|
||||||
@ -386,38 +382,24 @@ sctp_compare_key(sctp_key_t * key1, sctp_key_t * key2)
|
|||||||
else if (key2len == 0)
|
else if (key2len == 0)
|
||||||
return (1);
|
return (1);
|
||||||
|
|
||||||
if (key1len != key2len) {
|
if (key1len < key2len) {
|
||||||
if (key1len >= key2len)
|
maxlen = key2len;
|
||||||
maxlen = key1len;
|
|
||||||
else
|
|
||||||
maxlen = key2len;
|
|
||||||
bzero(temp, maxlen);
|
|
||||||
if (key1len < maxlen) {
|
|
||||||
/* prepend zeroes to key1 */
|
|
||||||
bcopy(key1->key, temp + (maxlen - key1len), key1len);
|
|
||||||
key_1 = temp;
|
|
||||||
key_2 = key2->key;
|
|
||||||
} else {
|
|
||||||
/* prepend zeroes to key2 */
|
|
||||||
bcopy(key2->key, temp + (maxlen - key2len), key2len);
|
|
||||||
key_1 = key1->key;
|
|
||||||
key_2 = temp;
|
|
||||||
}
|
|
||||||
} else {
|
} else {
|
||||||
maxlen = key1len;
|
maxlen = key1len;
|
||||||
key_1 = key1->key;
|
|
||||||
key_2 = key2->key;
|
|
||||||
}
|
}
|
||||||
|
key_1 = key1->key;
|
||||||
|
key_2 = key2->key;
|
||||||
|
/* check for numeric equality */
|
||||||
for (i = 0; i < maxlen; i++) {
|
for (i = 0; i < maxlen; i++) {
|
||||||
if (*key_1 > *key_2)
|
/* left-pad with zeros */
|
||||||
|
val1 = (i < (maxlen - key1len)) ? 0 : *(key_1++);
|
||||||
|
val2 = (i < (maxlen - key2len)) ? 0 : *(key_2++);
|
||||||
|
if (val1 > val2) {
|
||||||
return (1);
|
return (1);
|
||||||
else if (*key_1 < *key_2)
|
} else if (val1 < val2) {
|
||||||
return (-1);
|
return (-1);
|
||||||
key_1++;
|
}
|
||||||
key_2++;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* keys are equal value, so check lengths */
|
/* keys are equal value, so check lengths */
|
||||||
if (key1len == key2len)
|
if (key1len == key2len)
|
||||||
return (0);
|
return (0);
|
||||||
|
@ -46,7 +46,6 @@ __FBSDID("$FreeBSD$");
|
|||||||
/* random sizes */
|
/* random sizes */
|
||||||
#define SCTP_AUTH_RANDOM_SIZE_DEFAULT 32
|
#define SCTP_AUTH_RANDOM_SIZE_DEFAULT 32
|
||||||
#define SCTP_AUTH_RANDOM_SIZE_REQUIRED 32
|
#define SCTP_AUTH_RANDOM_SIZE_REQUIRED 32
|
||||||
#define SCTP_AUTH_RANDOM_SIZE_MAX 256
|
|
||||||
|
|
||||||
/* union of all supported HMAC algorithm contexts */
|
/* union of all supported HMAC algorithm contexts */
|
||||||
typedef union sctp_hash_context {
|
typedef union sctp_hash_context {
|
||||||
|
Loading…
Reference in New Issue
Block a user