From: Pavel TvrdĂ­k Date: Wed, 13 May 2015 08:55:02 +0000 (+0200) Subject: MD5: change interface of md5_final() X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=aa75e6dfe120f9b4e56411a25b5515ee5bfa8ad8;p=thirdparty%2Fbird.git MD5: change interface of md5_final() originally: void md5_final(unsigned char digest[16], struct md5_context *ctx); newly: byte * md5_final(md5_context *ctx); --- diff --git a/conf/conf.h b/conf/conf.h index 6ab53e25c..f4933c386 100644 --- a/conf/conf.h +++ b/conf/conf.h @@ -9,6 +9,8 @@ #ifndef _BIRD_CONF_H_ #define _BIRD_CONF_H_ +#include "sysdep/config.h" +#include "lib/ip.h" #include "lib/resource.h" #include "lib/timer.h" diff --git a/lib/md5.c b/lib/md5.c index 25f39b0b2..e00f92a46 100644 --- a/lib/md5.c +++ b/lib/md5.c @@ -38,7 +38,7 @@ void byteReverse(unsigned char *buf, unsigned longs) * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious * initialization constants. */ -void md5_init(struct md5_context *ctx) +void md5_init(md5_context *ctx) { ctx->buf[0] = 0x67452301; ctx->buf[1] = 0xefcdab89; @@ -53,7 +53,7 @@ void md5_init(struct md5_context *ctx) * Update context to reflect the concatenation of another buffer full * of bytes. */ -void md5_update(struct md5_context *ctx, unsigned char const *buf, unsigned len) +void md5_update(md5_context *ctx, unsigned char const *buf, unsigned len) { u32 t; @@ -101,7 +101,7 @@ void md5_update(struct md5_context *ctx, unsigned char const *buf, unsigned len) * Final wrapup - pad to 64-byte boundary with the bit pattern * 1 0* (64-bit count of bits processed, MSB-first) */ -void md5_final(unsigned char digest[16], struct md5_context *ctx) +byte *md5_final(md5_context *ctx) { unsigned count; unsigned char *p; @@ -138,8 +138,14 @@ void md5_final(unsigned char digest[16], struct md5_context *ctx) md5_transform(ctx->buf, (u32 *) ctx->in); byteReverse((unsigned char *) ctx->buf, 4); - memcpy(digest, ctx->buf, 16); - memset((char *) ctx, 0, sizeof(ctx)); /* In case it's sensitive */ + + return (byte*) ctx->buf; +} + +/* I am a hard paranoid */ +void md5_erase_ctx(md5_context *ctx) +{ + memset((char *) ctx, 0, sizeof(*ctx)); /* In case it's sensitive */ } /* The four core functions - F1 is optimized somewhat */ diff --git a/lib/md5.h b/lib/md5.h index 0553fe902..ef3ebdfc5 100644 --- a/lib/md5.h +++ b/lib/md5.h @@ -15,15 +15,17 @@ #define MD5_HEX_SIZE 33 #define MD5_BLOCK_SIZE 64 -struct md5_context { +typedef struct +{ u32 buf[4]; u32 bits[2]; unsigned char in[64]; } md5_context; -void md5_init(struct md5_context *context); -void md5_update(struct md5_context *context, unsigned char const *buf, unsigned len); -void md5_final(unsigned char digest[16], struct md5_context *context); +void md5_init(md5_context *context); +void md5_update(md5_context *context, unsigned char const *buf, unsigned len); +byte *md5_final(md5_context *context); + void md5_transform(u32 buf[4], u32 const in[16]); diff --git a/lib/md5_test.c b/lib/md5_test.c index 1528424d4..83ce5000f 100644 --- a/lib/md5_test.c +++ b/lib/md5_test.c @@ -16,12 +16,11 @@ static void get_md5(const char *str, char (*out_hash)[MD5_HEX_SIZE]) { - unsigned char hash[MD5_SIZE]; - struct md5_context ctxt; + md5_context ctxt; md5_init(&ctxt); md5_update(&ctxt, str, strlen(str)); - md5_final(hash, &ctxt); + byte *hash = md5_final(&ctxt); int i; for(i = 0; i < MD5_SIZE; i++) diff --git a/lib/resource.h b/lib/resource.h index 1a62d3891..bfa77c93f 100644 --- a/lib/resource.h +++ b/lib/resource.h @@ -9,6 +9,7 @@ #ifndef _BIRD_RESOURCE_H_ #define _BIRD_RESOURCE_H_ +#include #include "lib/lists.h" /* Resource */ diff --git a/proto/ospf/packet.c b/proto/ospf/packet.c index c1a2ca5df..a1dd24540 100644 --- a/proto/ospf/packet.c +++ b/proto/ospf/packet.c @@ -11,6 +11,7 @@ #include "ospf.h" #include "nest/password.h" #include "lib/md5.h" +#include "lib/socket.h" void ospf_pkt_fill_hdr(struct ospf_iface *ifa, void *buf, u8 h_type) @@ -108,11 +109,11 @@ ospf_pkt_finalize(struct ospf_iface *ifa, struct ospf_packet *pkt) char password[OSPF_AUTH_CRYPT_SIZE]; strncpy(password, passwd->password, sizeof(password)); - struct md5_context ctxt; + md5_context ctxt; md5_init(&ctxt); md5_update(&ctxt, (char *) pkt, plen); md5_update(&ctxt, password, OSPF_AUTH_CRYPT_SIZE); - md5_final(tail, &ctxt); + memcpy((byte *) tail, md5_final(&ctxt), MD5_SIZE); break; default: @@ -180,11 +181,11 @@ ospf_pkt_checkauth(struct ospf_neighbor *n, struct ospf_iface *ifa, struct ospf_ strncpy(passwd, pass->password, OSPF_AUTH_CRYPT_SIZE); - struct md5_context ctxt; + md5_context ctxt; md5_init(&ctxt); md5_update(&ctxt, (char *) pkt, plen); md5_update(&ctxt, passwd, OSPF_AUTH_CRYPT_SIZE); - md5_final(md5sum, &ctxt); + memcpy(md5sum, md5_final(&ctxt), MD5_SIZE); if (memcmp(md5sum, tail, OSPF_AUTH_CRYPT_SIZE)) DROP("wrong MD5 digest", pass->id); diff --git a/proto/rip/auth.c b/proto/rip/auth.c index 726247585..ba05cdd53 100644 --- a/proto/rip/auth.c +++ b/proto/rip/auth.c @@ -57,9 +57,9 @@ rip_incoming_authentication( struct proto *p, struct rip_block_auth *block, stru { struct password_item *pass = NULL, *ptmp; struct rip_md5_tail *tail; - struct md5_context ctxt; + md5_context ctxt; char md5sum_packet[16]; - char md5sum_computed[16]; + char *md5sum_computed; struct neighbor *neigh = neigh_find(p, &whotoldme, 0); list *l = P_CF->passwords; @@ -99,7 +99,7 @@ rip_incoming_authentication( struct proto *p, struct rip_block_auth *block, stru md5_init(&ctxt); md5_update(&ctxt, (char *) packet, ntohs(block->packetlen) + sizeof(struct rip_block_auth) ); - md5_final(md5sum_computed, &ctxt); + md5sum_computed = md5_final(&ctxt); if (memcmp(md5sum_packet, md5sum_computed, 16)) return 1; } @@ -136,7 +136,7 @@ rip_outgoing_authentication( struct proto *p, struct rip_block_auth *block, stru case AT_MD5: { struct rip_md5_tail *tail; - struct md5_context ctxt; + md5_context ctxt; static u32 sequence = 0; if (num > PACKET_MD5_MAX) @@ -159,7 +159,7 @@ rip_outgoing_authentication( struct proto *p, struct rip_block_auth *block, stru strncpy(tail->md5, passwd->password, 16); md5_init(&ctxt); md5_update(&ctxt, (char *) packet, PACKETLEN(num) + sizeof(struct rip_md5_tail)); - md5_final(tail->md5, &ctxt); + memcpy(tail->md5, md5_final(&ctxt), MD5_SIZE); return PACKETLEN(num) + block->authlen; } default: