svn commit: r202475 - stable/7/sys/opencrypto
Bjoern A. Zeeb
bz at FreeBSD.org
Sun Jan 17 13:31:48 UTC 2010
Author: bz
Date: Sun Jan 17 13:31:48 2010
New Revision: 202475
URL: http://svn.freebsd.org/changeset/base/202475
Log:
MFC r187826:
While OpenBSD's crypto/ framework has sha1 and md5 implementations that
can cope with a result buffer of NULL in the "Final" function, we cannot.
Thus pass in a temporary buffer long enough for either md5 or sha1 results
so that we do not panic.
PR: bin/126468
Reviewed by: cperciva
Modified:
stable/7/sys/opencrypto/cryptosoft.c
Directory Properties:
stable/7/sys/ (props changed)
stable/7/sys/cddl/contrib/opensolaris/ (props changed)
stable/7/sys/contrib/dev/acpica/ (props changed)
stable/7/sys/contrib/pf/ (props changed)
Modified: stable/7/sys/opencrypto/cryptosoft.c
==============================================================================
--- stable/7/sys/opencrypto/cryptosoft.c Sun Jan 17 13:28:25 2010 (r202474)
+++ stable/7/sys/opencrypto/cryptosoft.c Sun Jan 17 13:31:48 2010 (r202475)
@@ -429,12 +429,17 @@ swcr_authprepare(struct auth_hash *axf,
break;
case CRYPTO_MD5_KPDK:
case CRYPTO_SHA1_KPDK:
+ {
+ /* We need a buffer that can hold an md5 and a sha1 result. */
+ u_char buf[SHA1_RESULTLEN];
+
sw->sw_klen = klen;
bcopy(key, sw->sw_octx, klen);
axf->Init(sw->sw_ictx);
axf->Update(sw->sw_ictx, key, klen);
- axf->Final(NULL, sw->sw_ictx);
+ axf->Final(buf, sw->sw_ictx);
break;
+ }
default:
printf("%s: CRD_F_KEY_EXPLICIT flag given, but algorithm %d "
"doesn't use keys.\n", __func__, axf->type);
More information about the svn-src-stable
mailing list