Use legacy MD5 implementation with GNU TLS since at least some Linux vendors are

author Michael R Sweet <michael.r.sweet@gmail.com>

Tue, 3 Sep 2019 14:34:51 +0000 (10:34 -0400)

committer Michael R Sweet <michael.r.sweet@gmail.com>

Tue, 3 Sep 2019 14:34:51 +0000 (10:34 -0400)
author Michael R Sweet <michael.r.sweet@gmail.com>
Tue, 3 Sep 2019 14:34:51 +0000 (10:34 -0400)
committer Michael R Sweet <michael.r.sweet@gmail.com>
Tue, 3 Sep 2019 14:34:51 +0000 (10:34 -0400)
diff --git a/cups/hash.c b/cups/hash.c

index bfec994aabae7ac6ca733dff6ed21eb263888ad9..4fbb443db10cbf2180bb2af6266ed00a177d9a89 100644 (file)
--- a/cups/hash.c
+++ b/cups/hash.c
@@ -16,6 +16,7 @@
  #  include <CommonCrypto/CommonDigest.h>
  #elif defined(HAVE_GNUTLS)
  #  include <gnutls/crypto.h>
+#  include "md5-internal.h"
  #else
  #  include "md5-internal.h"
  #endif /* __APPLE__ */
@@ -187,7 +188,22 @@ cupsHashData(const char    *algorithm,     /* I - Algorithm name */
  
  
    if (!strcmp(algorithm, "md5"))
-    alg = GNUTLS_DIG_MD5;
+  {
+   /*
+    * Some versions of GNU TLS disable MD5 without warning...
+    */
+
+    _cups_md5_state_t  state;          /* MD5 state info */
+
+    if (hashsize < 16)
+      goto too_small;
+
+    _cupsMD5Init(&state);
+    _cupsMD5Append(&state, data, datalen);
+    _cupsMD5Finish(&state, hash);
+
+    return (16);
+  }
    else if (!strcmp(algorithm, "sha"))
      alg = GNUTLS_DIG_SHA1;
    else if (!strcmp(algorithm, "sha2-224"))
@@ -243,6 +259,9 @@ cupsHashData(const char    *algorithm,      /* I - Algorithm name */
    {
      _cups_md5_state_t  state;          /* MD5 state info */
  
+    if (hashsize < 16)
+      goto too_small;
+
      _cupsMD5Init(&state);
      _cupsMD5Append(&state, data, datalen);
      _cupsMD5Finish(&state, hash);
diff --git a/cups/md5.c b/cups/md5.c

index c3b2768dddedba58067926e5f0dab684bdb37612..a94646c727e760f378b517f02ec6620ea2749b2d 100644 (file)
--- a/cups/md5.c
+++ b/cups/md5.c
@@ -43,7 +43,7 @@
  #include "md5-internal.h"
  #include "string-private.h"
  
-#if !defined(__APPLE__) && !defined(HAVE_GNUTLS)
+#if !defined(__APPLE__)
  #  define T1 0xd76aa478
  #  define T2 0xe8c7b756
  #  define T3 0x242070db
@@ -338,4 +338,4 @@ _cupsMD5Finish(_cups_md5_state_t *pms, unsigned char digest[16])
      for (i = 0; i < 16; ++i)
         digest[i] = (unsigned char)(pms->abcd[i >> 2] >> ((i & 3) << 3));
  }
-#endif /* !__APPLE__ && !HAVE_GNUTLS */
+#endif /* !__APPLE__ */
author	Michael R Sweet <michael.r.sweet@gmail.com>
	Tue, 3 Sep 2019 14:34:51 +0000 (10:34 -0400)
committer	Michael R Sweet <michael.r.sweet@gmail.com>
	Tue, 3 Sep 2019 14:34:51 +0000 (10:34 -0400)
cups/hash.c		patch \| blob \| blame \| history
cups/md5.c		patch \| blob \| blame \| history