revert use of isc_tsmemcmp in sntp/crypto.c until it is in a more accessible place...

bk: 56a38583qfFu93upBj8LSVQHZ42y9w

diff --git a/sntp/crypto.c b/sntp/crypto.c
index a50c88a44bea499ce79c228da3c935153398d7cd..a534239a31f865a97e4a792082057f8643e035b3 100644 (file)
--- a/sntp/crypto.c
+++ b/sntp/crypto.c
@@ -57,11 +57,16 @@ auth_md5(
        pkt_ptr = pkt_data;
        hash_len = make_mac(pkt_ptr, pkt_size, sizeof(digest), cmp_key,
                            digest);
-       if (!hash_len)
+       if (!hash_len) {
                authentic = FALSE;
-       else
-               authentic = !isc_tsmemcmp(digest, pkt_data + pkt_size + 4,
+       } else {
+               /* isc_tsmemcmp will be better when its easy to link
+                * with.  sntp is a 1-shot program, so snooping for
+                * timing attacks is Harder.
+                */
+               authentic = !memcmp(digest, pkt_data + pkt_size + 4,
                                    hash_len);
+       }
        return authentic;
 }