1 From 5a6aeb890bdf18729e45cd08cfa244e3da4ed45b Mon Sep 17 00:00:00 2001
2 From: Lukas Slebodnik <lslebodn@redhat.com>
3 Date: Wed, 19 Oct 2016 16:46:44 +0200
4 Subject: [PATCH 02/39] libcrypto: Check right value of CRYPTO_memcmp
6 sss_decrypt failed even though should pass because
7 we were checking wrong value of CRYPTO_memcmp.
8 Nobody noticed that because there was not a unit test :-)
10 Reviewed-by: Christian Heimes <cheimes@redhat.com>
11 (cherry picked from commit 0c2be9700d3b54db33c1a3dd5d230b34bfaceb50)
12 (cherry picked from commit f4da46bd77f2eed2d04152b75c78bfc561c79354)
14 src/util/crypto/libcrypto/crypto_nite.c | 2 +-
15 1 file changed, 1 insertion(+), 1 deletion(-)
17 diff --git a/src/util/crypto/libcrypto/crypto_nite.c b/src/util/crypto/libcrypto/crypto_nite.c
18 index de562f2d2..e863d3fc9 100644
19 --- a/src/util/crypto/libcrypto/crypto_nite.c
20 +++ b/src/util/crypto/libcrypto/crypto_nite.c
21 @@ -237,7 +237,7 @@ int sss_decrypt(TALLOC_CTX *mem_ctx, enum encmethod enctype,
24 ret = CRYPTO_memcmp(&ciphertext[cipherlen - hmaclen], out, hmaclen);