svn commit: r202476 - stable/6/sys/opencrypto
Bjoern A. Zeeb
bz at FreeBSD.org
Sun Jan 17 13:32:15 UTC 2010
Author: bz
Date: Sun Jan 17 13:32:14 2010
New Revision: 202476
URL: http://svn.freebsd.org/changeset/base/202476
Log:
MFC r187826:
While OpenBSD's crypto/ framework has sha1 and md5 implementations that
can cope with a result buffer of NULL in the "Final" function, we cannot.
Thus pass in a temporary buffer long enough for either md5 or sha1 results
so that we do not panic.
PR: bin/126468
Reviewed by: cperciva
Modified:
stable/6/sys/opencrypto/cryptosoft.c
Directory Properties:
stable/6/sys/ (props changed)
stable/6/sys/contrib/pf/ (props changed)
stable/6/sys/dev/cxgb/ (props changed)
Modified: stable/6/sys/opencrypto/cryptosoft.c
==============================================================================
--- stable/6/sys/opencrypto/cryptosoft.c Sun Jan 17 13:31:48 2010 (r202475)
+++ stable/6/sys/opencrypto/cryptosoft.c Sun Jan 17 13:32:14 2010 (r202476)
@@ -425,12 +425,17 @@ swcr_authprepare(struct auth_hash *axf,
break;
case CRYPTO_MD5_KPDK:
case CRYPTO_SHA1_KPDK:
+ {
+ /* We need a buffer that can hold an md5 and a sha1 result. */
+ u_char buf[SHA1_RESULTLEN];
+
sw->sw_klen = klen;
bcopy(key, sw->sw_octx, klen);
axf->Init(sw->sw_ictx);
axf->Update(sw->sw_ictx, key, klen);
- axf->Final(NULL, sw->sw_ictx);
+ axf->Final(buf, sw->sw_ictx);
break;
+ }
default:
printf("%s: CRD_F_KEY_EXPLICIT flag given, but algorithm %d "
"doesn't use keys.\n", __func__, axf->type);
More information about the svn-src-stable-6
mailing list