Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 17 Jan 2010 13:32:14 +0000 (UTC)
From:      "Bjoern A. Zeeb" <bz@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-6@freebsd.org
Subject:   svn commit: r202476 - stable/6/sys/opencrypto
Message-ID:  <201001171332.o0HDWEKn036542@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: bz
Date: Sun Jan 17 13:32:14 2010
New Revision: 202476
URL: http://svn.freebsd.org/changeset/base/202476

Log:
  MFC r187826:
    While OpenBSD's crypto/ framework has sha1 and md5 implementations that
    can cope with a result buffer of NULL in the "Final" function, we cannot.
    Thus pass in a temporary buffer long enough for either md5 or sha1 results
    so that we do not panic.
  
  PR:		bin/126468
  Reviewed by:	cperciva

Modified:
  stable/6/sys/opencrypto/cryptosoft.c
Directory Properties:
  stable/6/sys/   (props changed)
  stable/6/sys/contrib/pf/   (props changed)
  stable/6/sys/dev/cxgb/   (props changed)

Modified: stable/6/sys/opencrypto/cryptosoft.c
==============================================================================
--- stable/6/sys/opencrypto/cryptosoft.c	Sun Jan 17 13:31:48 2010	(r202475)
+++ stable/6/sys/opencrypto/cryptosoft.c	Sun Jan 17 13:32:14 2010	(r202476)
@@ -425,12 +425,17 @@ swcr_authprepare(struct auth_hash *axf, 
 		break;
 	case CRYPTO_MD5_KPDK:
 	case CRYPTO_SHA1_KPDK:
+	{
+		/* We need a buffer that can hold an md5 and a sha1 result. */
+		u_char buf[SHA1_RESULTLEN];
+
 		sw->sw_klen = klen;
 		bcopy(key, sw->sw_octx, klen);
 		axf->Init(sw->sw_ictx);
 		axf->Update(sw->sw_ictx, key, klen);
-		axf->Final(NULL, sw->sw_ictx);
+		axf->Final(buf, sw->sw_ictx);
 		break;
+	}
 	default:
 		printf("%s: CRD_F_KEY_EXPLICIT flag given, but algorithm %d "
 		    "doesn't use keys.\n", __func__, axf->type);



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201001171332.o0HDWEKn036542>