isc_buffer_putmem(buf, client->cookie, 8);
isc_buffer_putuint32(buf, nonce);
isc_buffer_putuint32(buf, when);
- memcpy(input, cp, 8);
+ memmove(input, cp, 16);
+ isc_aes128_crypt(ns_g_server->secret, input, digest);
+ for (i = 0; i < 8; i++)
+ input[i] = digest[i] ^ digest[i + 8];
isc_netaddr_fromsockaddr(&netaddr, &client->peeraddr);
switch (netaddr.family) {
case AF_INET:
- memcpy(input + 8, (unsigned char *)&netaddr.type.in, 4);
+ memmove(input + 8, (unsigned char *)&netaddr.type.in, 4);
memset(input + 12, 0, 4);
isc_aes128_crypt(ns_g_server->secret, input, digest);
break;
case AF_INET6:
- memcpy(input + 8, (unsigned char *)&netaddr.type.in6, 16);
+ memmove(input + 8, (unsigned char *)&netaddr.type.in6, 16);
isc_aes128_crypt(ns_g_server->secret, input, digest);
for (i = 0; i < 8; i++)
input[i + 8] = digest[i] ^ digest[i + 8];
isc_aes128_crypt(ns_g_server->secret, input + 8, digest);
break;
- default:
- isc_aes128_crypt(ns_g_server->secret, input, digest);
- break;
}
- memcpy(input, client->cookie, 8);
- for (i = 0; i < 8; i++)
- input[i + 8] = digest[i] ^ digest[i + 8];
- isc_aes128_crypt(ns_g_server->secret, input, digest);
for (i = 0; i < 8; i++)
digest[i] ^= digest[i + 8];
isc_buffer_putmem(buf, digest, 8);
isc_hmacsha1_init(&hmacsha1,
ns_g_server->secret,
ISC_SHA1_DIGESTLENGTH);
- isc_hmacsha1_update(&hmacsha1, cp, 8);
+ isc_hmacsha1_update(&hmacsha1, cp, 16);
isc_netaddr_fromsockaddr(&netaddr, &client->peeraddr);
switch (netaddr.family) {
case AF_INET:
isc_hmacsha256_init(&hmacsha256,
ns_g_server->secret,
ISC_SHA256_DIGESTLENGTH);
- isc_hmacsha256_update(&hmacsha256, cp, 8);
+ isc_hmacsha256_update(&hmacsha256, cp, 16);
isc_netaddr_fromsockaddr(&netaddr, &client->peeraddr);
switch (netaddr.family) {
case AF_INET:
* Not our token.
*/
if (optlen >= 8U)
- memcpy(client->cookie, isc_buffer_current(buf), 8);
+ memmove(client->cookie, isc_buffer_current(buf), 8);
else
memset(client->cookie, 0, 8);
isc_buffer_forward(buf, (unsigned int)optlen);
* Process all of the incoming buffer.
*/
old = isc_buffer_current(buf);
- memcpy(client->cookie, old, 8);
+ memmove(client->cookie, old, 8);
isc_buffer_forward(buf, 8);
nonce = isc_buffer_getuint32(buf);
when = isc_buffer_getuint32(buf);
isc_netaddr_fromsockaddr(&netaddr, &query->addrinfo->sockaddr);
switch (netaddr.family) {
case AF_INET:
- memcpy(input, (unsigned char *)&netaddr.type.in, 4);
+ memmove(input, (unsigned char *)&netaddr.type.in, 4);
memset(input + 4, 0, 12);
break;
case AF_INET6:
- memcpy(input, (unsigned char *)&netaddr.type.in6, 16);
+ memmove(input, (unsigned char *)&netaddr.type.in6, 16);
break;
}
isc_aes128_crypt(query->fctx->res->view->secret, input, digest);
for (i = 0; i < 8; i++)
digest[i] ^= digest[i + 8];
- memcpy(sit, digest, 8);
+ memmove(sit, digest, 8);
#endif
#ifdef HMAC_SHA1_SIT
unsigned char digest[ISC_SHA1_DIGESTLENGTH];
break;
}
isc_hmacsha1_sign(&hmacsha1, digest, sizeof(digest));
- memcpy(sit, digest, 8);
+ memmove(sit, digest, 8);
isc_hmacsha1_invalidate(&hmacsha1);
#endif
#ifdef HMAC_SHA256_SIT
break;
}
isc_hmacsha256_sign(&hmacsha256, digest, sizeof(digest));
- memcpy(sit, digest, 8);
+ memmove(sit, digest, 8);
isc_hmacsha256_invalidate(&hmacsha256);
#endif
}
projects / thirdparty / bind9.git / commitdiff
