1 diff -up ntp-4.2.6p5/libntp/a_md5encrypt.c.fipsmd5 ntp-4.2.6p5/libntp/a_md5encrypt.c
2 --- ntp-4.2.6p5/libntp/a_md5encrypt.c.fipsmd5 2011-12-01 03:55:17.000000000 +0100
3 +++ ntp-4.2.6p5/libntp/a_md5encrypt.c 2012-10-24 16:24:04.972358878 +0200
4 @@ -38,7 +38,11 @@ MD5authencrypt(
8 - EVP_DigestInit(&ctx, EVP_get_digestbynid(type));
9 + if (!EVP_DigestInit(&ctx, EVP_get_digestbynid(type))) {
11 + "MAC encrypt: digest init failed");
14 EVP_DigestUpdate(&ctx, key, (u_int)cache_keylen);
15 EVP_DigestUpdate(&ctx, (u_char *)pkt, (u_int)length);
16 EVP_DigestFinal(&ctx, digest, &len);
17 @@ -71,7 +75,11 @@ MD5authdecrypt(
21 - EVP_DigestInit(&ctx, EVP_get_digestbynid(type));
22 + if (!EVP_DigestInit(&ctx, EVP_get_digestbynid(type))) {
24 + "MAC decrypt: digest init failed");
27 EVP_DigestUpdate(&ctx, key, (u_int)cache_keylen);
28 EVP_DigestUpdate(&ctx, (u_char *)pkt, (u_int)length);
29 EVP_DigestFinal(&ctx, digest, &len);
30 @@ -101,7 +109,16 @@ addr2refid(sockaddr_u *addr)
31 return (NSRCADR(addr));
34 - EVP_DigestInit(&ctx, EVP_get_digestbynid(NID_md5));
35 + EVP_MD_CTX_init(&ctx);
36 +#ifdef EVP_MD_CTX_FLAG_NON_FIPS_ALLOW
37 + /* MD5 is not used as a crypto hash here. */
38 + EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
40 + if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL)) {
45 EVP_DigestUpdate(&ctx, (u_char *)PSOCK_ADDR6(addr),
46 sizeof(struct in6_addr));
47 EVP_DigestFinal(&ctx, digest, &len);
projects / people / ms / ipfire-3.x.git / blob