the client cookie was being hashed twice when computing the server cookie for sha1...

(cherry picked from commit 4795f0ca89a3e907cbcc2d406da27b38f9aed8dd)

diff --git a/lib/ns/client.c b/lib/ns/client.c
index 506f5d9ae6f9b0c07ff713405d09df2099639bb1..103ae0623f591f16764c4eacdf7d7e3f5b051b01 100644 (file)
--- a/lib/ns/client.c
+++ b/lib/ns/client.c
@@ -1850,8 +1850,6 @@ compute_cookie(ns_client_t *client, isc_uint32_t when, isc_uint32_t nonce,
                        INSIST(0);
                }
                isc_hmacsha1_update(&hmacsha1, cp, length);
-               isc_hmacsha1_update(&hmacsha1, client->cookie,
-                                   sizeof(client->cookie));
                isc_hmacsha1_sign(&hmacsha1, digest, sizeof(digest));
                isc_buffer_putmem(buf, digest, 8);
                isc_hmacsha1_invalidate(&hmacsha1);
@@ -1887,8 +1885,6 @@ compute_cookie(ns_client_t *client, isc_uint32_t when, isc_uint32_t nonce,
                        INSIST(0);
                }
                isc_hmacsha256_update(&hmacsha256, cp, length);
-               isc_hmacsha256_update(&hmacsha256, client->cookie,
-                                     sizeof(client->cookie));
                isc_hmacsha256_sign(&hmacsha256, digest, sizeof(digest));
                isc_buffer_putmem(buf, digest, 8);
                isc_hmacsha256_invalidate(&hmacsha256);