From owner-svn-src-head@freebsd.org Wed Nov 15 22:42:22 2017 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 01C4EDE9773; Wed, 15 Nov 2017 22:42:22 +0000 (UTC) (envelope-from cem@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C37817F5E2; Wed, 15 Nov 2017 22:42:21 +0000 (UTC) (envelope-from cem@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id vAFMgKo8010294; Wed, 15 Nov 2017 22:42:20 GMT (envelope-from cem@FreeBSD.org) Received: (from cem@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id vAFMgKGW010293; Wed, 15 Nov 2017 22:42:20 GMT (envelope-from cem@FreeBSD.org) Message-Id: <201711152242.vAFMgKGW010293@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: cem set sender to cem@FreeBSD.org using -f From: Conrad Meyer Date: Wed, 15 Nov 2017 22:42:20 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r325872 - head/sys/netipsec X-SVN-Group: head X-SVN-Commit-Author: cem X-SVN-Commit-Paths: head/sys/netipsec X-SVN-Commit-Revision: 325872 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Nov 2017 22:42:22 -0000 Author: cem Date: Wed Nov 15 22:42:20 2017 New Revision: 325872 URL: https://svnweb.freebsd.org/changeset/base/325872 Log: ipsec: Use the same keysize values for HMAC as prior to r324017 The HMAC construction natively permits any key size between 0 and the input block length. Before r324017, the auth_hash 'keysize' member was the hash output length, which was used by ipsec for key sizes. (Non-ipsec consumers need the ability to use other keysizes, hence, r324017.) The ipsec SADB code blindly uses the auth_hash 'keysize' member for both minimum and maximum key size, which is wrong (from an HMAC perspective). For now, just switch it to 'hashsize', which matches the existing expectations. Instead it should probably use the range [0, keysize]. But there may be other broken code in ipsec that rejects hashes with too small a minimum key size. Reported by: olivier@ Reviewed by: olivier, no objection from ae Sponsored by: Dell EMC Isilon Differential Revision: https://reviews.freebsd.org/D12770 Modified: head/sys/netipsec/key.c Modified: head/sys/netipsec/key.c ============================================================================== --- head/sys/netipsec/key.c Wed Nov 15 22:40:46 2017 (r325871) +++ head/sys/netipsec/key.c Wed Nov 15 22:42:20 2017 (r325872) @@ -6263,7 +6263,7 @@ key_getsizes_ah(const struct auth_hash *ah, int alg, u u_int16_t* max) { - *min = *max = ah->keysize; + *min = *max = ah->hashsize; if (ah->keysize == 0) { /* * Transform takes arbitrary key size but algorithm