From: Brian Inglis <bwi@ntp.org>
Date: Mon, 29 May 2017 18:23:32 +0000 (+0100)
Subject: libntp/a_md5encrypt.c(MD5authencrypt): force CMAC AES 128 key size
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fbdccc1d6afbd08c53e25fb8becacb2736208ff1;p=thirdparty%2Fntp.git

libntp/a_md5encrypt.c(MD5authencrypt): force CMAC AES 128 key size

bk: 592c6724jI5OcEZlBdFm84qc9i6jnA
---

diff --git a/libntp/a_md5encrypt.c b/libntp/a_md5encrypt.c
index 01956b3f8..81320a980 100644
--- a/libntp/a_md5encrypt.c
+++ b/libntp/a_md5encrypt.c
@@ -14,7 +14,8 @@
 
 #ifdef OPENSSL
 # include "openssl/cmac.h"
-# define  CMAC		"AES128CMAC"
+# define  CMAC			"AES128CMAC"
+# define  AES_128_KEY_SIZE	16
 #endif
 
 /*
@@ -55,7 +56,7 @@ MD5authencrypt(
 		msyslog(LOG_ERR, "MAC encrypt: CMAC %s CTX new failed.",   CMAC);
 		len = 0;
 	    } else
-	    if (!CMAC_Init(ctx, key, (u_int)cache_secretsize,
+	    if (!CMAC_Init(ctx, key, (u_int)AES_128_KEY_SIZE,
 						EVP_aes_128_cbc(), NULL)) {
 		fprintf(stderr,  "MAC encrypt: CMAC %s Init failed.\n",    CMAC);
 		msyslog(LOG_ERR, "MAC encrypt: CMAC %s Init failed.",      CMAC);