From: Mark Andrews Date: Thu, 21 Jun 2018 23:50:10 +0000 (+1000) Subject: the client cookie was being hashed twice when computing the server cookie for sha1... X-Git-Tag: v9.13.2~24^2~1 X-Git-Url: http://git.ipfire.org/gitweb/index.cgi?a=commitdiff_plain;h=4795f0ca89a3e907cbcc2d406da27b38f9aed8dd;p=thirdparty%2Fbind9.git the client cookie was being hashed twice when computing the server cookie for sha1 and sha256 --- diff --git a/lib/ns/client.c b/lib/ns/client.c index ad5f492d82d..e0aa915c7b6 100644 --- a/lib/ns/client.c +++ b/lib/ns/client.c @@ -1851,8 +1851,6 @@ compute_cookie(ns_client_t *client, isc_uint32_t when, isc_uint32_t nonce, INSIST(0); } isc_hmacsha1_update(&hmacsha1, cp, length); - isc_hmacsha1_update(&hmacsha1, client->cookie, - sizeof(client->cookie)); isc_hmacsha1_sign(&hmacsha1, digest, sizeof(digest)); isc_buffer_putmem(buf, digest, 8); isc_hmacsha1_invalidate(&hmacsha1); @@ -1888,8 +1886,6 @@ compute_cookie(ns_client_t *client, isc_uint32_t when, isc_uint32_t nonce, INSIST(0); } isc_hmacsha256_update(&hmacsha256, cp, length); - isc_hmacsha256_update(&hmacsha256, client->cookie, - sizeof(client->cookie)); isc_hmacsha256_sign(&hmacsha256, digest, sizeof(digest)); isc_buffer_putmem(buf, digest, 8); isc_hmacsha256_invalidate(&hmacsha256);