From: Dave Hart <hart@ntp.org>
Date: Thu, 25 Mar 2010 03:54:17 +0000 (+0000)
Subject: ssl_init.c:
X-Git-Tag: NTP_4_2_7P22~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a441bbfa068e0109e49581c4a58476c1d84e8a0c;p=thirdparty%2Fntp.git

ssl_init.c:
  MAX_MAC_LEN will always be > sizeof(keyid_t) so make max_digest_len
    const u_long instead of u_long, initialize unconditionally.

bk: 4baade69qFdmemd-W2zjEPHt99fobQ
---

diff --git a/libntp/ssl_init.c b/libntp/ssl_init.c
index 7cbe4e4b9..38a0e6dac 100644
--- a/libntp/ssl_init.c
+++ b/libntp/ssl_init.c
@@ -37,7 +37,7 @@ ssl_check_version(void)
 {
 	if ((SSLeay() ^ OPENSSL_VERSION_NUMBER) & ~0xff0L) {
 		msyslog(LOG_WARNING,
-		    "OpenSSL version mismatch. Built against %lx, you have %lx",
+		    "OpenSSL version mismatch. Built against %lx, you have %lx\n",
 		    OPENSSL_VERSION_NUMBER, SSLeay());
 		fprintf(stderr,
 		    "OpenSSL version mismatch. Built against %lx, you have %lx\n",
@@ -61,6 +61,7 @@ keytype_from_text(
 	size_t *pdigest_len
 	)
 {
+	const u_long	max_digest_len = MAX_MAC_LEN - sizeof(keyid_t);
 	int		key_type;
 	u_int		digest_len;
 #ifdef OPENSSL
@@ -93,19 +94,17 @@ keytype_from_text(
 
 	if (NULL != pdigest_len) {
 #ifdef OPENSSL
-		u_long max_digest_len = 0;
-		if (MAX_MAC_LEN > sizeof(keyid_t))
-			max_digest_len = MAX_MAC_LEN - sizeof(keyid_t);
-
 		EVP_DigestInit(&ctx, EVP_get_digestbynid(key_type));
 		EVP_DigestFinal(&ctx, digest, &digest_len);
 		if (digest_len > max_digest_len) {
 			fprintf(stderr,
 				"key type %s %u octet digests are too big, max %lu\n",
-				keytype_name(key_type), digest_len, max_digest_len);
+				keytype_name(key_type), digest_len,
+				max_digest_len);
 			msyslog(LOG_ERR,
-				"key type %s %u octet digests are too big, max %lu",
-				keytype_name(key_type), digest_len, max_digest_len);
+				"key type %s %u octet digests are too big, max %lu\n",
+				keytype_name(key_type), digest_len,
+				max_digest_len);
 			return 0;
 		}
 #else