While OpenBSD's crypto/ framework has sha1 and md5 implementations that

can cope with a result buffer of NULL in the "Final" function, we cannot. Thus pass in a temporary buffer long enough for either md5 or sha1 results so that we do not panic. PR: bin/126468 MFC after: 1 week
author: bz <bz@FreeBSD.org> 2009-01-28 15:31:16 +0000
committer: bz <bz@FreeBSD.org> 2009-01-28 15:31:16 +0000
commit: f33b8c1e8d66f959f124331aaf2cefe68682139a (patch)
tree: e7eab185f21e7118bd37ffe1bba9b834c5777b4c /sys/opencrypto
parent: 21c0a98c4fa321ec51db923719f3990c2dd399e9 (diff)
download: FreeBSD-src-f33b8c1e8d66f959f124331aaf2cefe68682139a.zip
FreeBSD-src-f33b8c1e8d66f959f124331aaf2cefe68682139a.tar.gz
1 files changed, 6 insertions, 1 deletions
diff --git a/sys/opencrypto/cryptosoft.c b/sys/opencrypto/cryptosoft.c
index 6a802a1..6067465 100644
--- a/sys/opencrypto/cryptosoft.c
+++ b/sys/opencrypto/cryptosoft.c
@@ -433,12 +433,17 @@ swcr_authprepare(struct auth_hash *axf, struct swcr_data *sw, u_char *key,
 		break;
 	case CRYPTO_MD5_KPDK:
 	case CRYPTO_SHA1_KPDK:
+	{
+		/* We need a buffer that can hold an md5 and a sha1 result. */
+		u_char buf[SHA1_RESULTLEN];
+
 		sw->sw_klen = klen;
 		bcopy(key, sw->sw_octx, klen);
 		axf->Init(sw->sw_ictx);
 		axf->Update(sw->sw_ictx, key, klen);
-		axf->Final(NULL, sw->sw_ictx);
+		axf->Final(buf, sw->sw_ictx);
 		break;
+	}
 	default:
 		printf("%s: CRD_F_KEY_EXPLICIT flag given, but algorithm %d "
 		    "doesn't use keys.\n", __func__, axf->type);
author	bz <bz@FreeBSD.org>	2009-01-28 15:31:16 +0000
committer	bz <bz@FreeBSD.org>	2009-01-28 15:31:16 +0000
commit	f33b8c1e8d66f959f124331aaf2cefe68682139a (patch)
tree	e7eab185f21e7118bd37ffe1bba9b834c5777b4c /sys/opencrypto
parent	21c0a98c4fa321ec51db923719f3990c2dd399e9 (diff)
download	FreeBSD-src-f33b8c1e8d66f959f124331aaf2cefe68682139a.zip FreeBSD-src-f33b8c1e8d66f959f124331aaf2cefe68682139a.tar.gz