From: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
Date: Thu, 23 Dec 2021 01:46:43 +0000 (-0600)
Subject: maybe OpenSSL 3.0.1 started caring about the output buffer length?
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1fc2c29fef04b0835d0813026154bfd82481b31e;p=thirdparty%2Ffreeradius-server.git

maybe OpenSSL 3.0.1 started caring about the output buffer length?
---

diff --git a/src/lib/util/hmac_md5.c b/src/lib/util/hmac_md5.c
index 913bceeaa3..61e3d40870 100644
--- a/src/lib/util/hmac_md5.c
+++ b/src/lib/util/hmac_md5.c
@@ -92,7 +92,7 @@ int fr_hmac_md5(uint8_t digest[MD5_DIGEST_LENGTH], uint8_t const *in, size_t inl
 	/*
 	 *	OpenSSL <= 1.1.1 requires a non-null pointer for len
 	 */
-	if (unlikely(EVP_DigestSignFinal(ctx, digest, &(size_t){ 0 }) != 1)) {
+	if (unlikely(EVP_DigestSignFinal(ctx, digest, &(size_t){ MD5_DIGEST_LENGTH }) != 1)) {
 		fr_strerror_const("Failed finalising HMAC-MD5");
 		goto error;
 	}
diff --git a/src/lib/util/hmac_sha1.c b/src/lib/util/hmac_sha1.c
index 698d8f63df..f6566abb06 100644
--- a/src/lib/util/hmac_sha1.c
+++ b/src/lib/util/hmac_sha1.c
@@ -97,7 +97,7 @@ int fr_hmac_sha1(uint8_t digest[SHA1_DIGEST_LENGTH], uint8_t const *in, size_t i
 	/*
 	 *	OpenSSL <= 1.1.1 requires a non-null pointer for len
 	 */
-	if (unlikely(EVP_DigestSignFinal(ctx, digest, &(size_t){ 0 }) != 1)) {
+	if (unlikely(EVP_DigestSignFinal(ctx, digest, &(size_t){ SHA1_DIGEST_LENGTH }) != 1)) {
 		fr_strerror_const("Failed finalising HMAC-SHA1");
 		goto error;
 	}