]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f1e139b)
Initialize HMAC context in rlm_otp
authorNikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
Fri, 18 Nov 2016 18:08:54 +0000 (20:08 +0200)
committerNikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
Wed, 7 Dec 2016 12:44:05 +0000 (14:44 +0200)
Add the missing mandatory HMAC context initialization to rlm_otp's
otp_gen_state. Otherwise the outcome of the following HMAC operations is
undefined.

src/modules/rlm_otp/otp_radstate.c patch | blob | blame | history

diff --git a/src/modules/rlm_otp/otp_radstate.c b/src/modules/rlm_otp/otp_radstate.c
index a70393918fd393c990cf05fe1c8933e288b966c3..868be6aea623a895075bb1b05cca0f3bec3f401c 100644 (file)
--- a/src/modules/rlm_otp/otp_radstate.c
+++ b/src/modules/rlm_otp/otp_radstate.c
@@ -120,6 +120,7 @@ size_t otp_gen_state(char state[OTP_MAX_RADSTATE_LEN],
         *      having to collect the data to be signed into one
         *      contiguous piece.
         */
+       HMAC_CTX_init(&hmac_ctx);
        HMAC_Init(&hmac_ctx, key, sizeof(key[0]) * 16, EVP_md5());
        HMAC_Update(&hmac_ctx, (uint8_t const *) challenge, clen);
        HMAC_Update(&hmac_ctx, (uint8_t *) &flags, 4);
Mirror of https://github.com/FreeRADIUS/freeradius-server.git