Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 587487 Details for
Bug 823446
Review Request: libradius - This is a library to generate RADIUS authentication request
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
Add support for using NSS for MD5 hashes
0001-Add-support-for-using-NSS-for-MD5-hashes.patch (text/plain), 5.08 KB, created by
Stephen Gallagher
on 2012-05-29 19:01:40 UTC
(
hide
)
Description:
Add support for using NSS for MD5 hashes
Filename:
MIME Type:
Creator:
Stephen Gallagher
Created:
2012-05-29 19:01:40 UTC
Size:
5.08 KB
patch
obsolete
>From c5552215ce8bc8c68094e4b45de682916e38e978 Mon Sep 17 00:00:00 2001 >From: Stephen Gallagher <sgallagh@redhat.com> >Date: Tue, 29 May 2012 14:59:13 -0400 >Subject: [PATCH] Add support for using NSS for MD5 hashes > >--- > Makefile | 10 +++++++--- > radlib.c | 55 +++++++++++++++++++++++++++++++++++-------------------- > 2 files changed, 42 insertions(+), 23 deletions(-) > >diff --git a/Makefile b/Makefile >index 0ce03eadc285e5c79b2bba4d3d3c4d73d458b705..f4e856bde265a3accf455216e4bd1b2e93378046 100644 >--- a/Makefile >+++ b/Makefile >@@ -29,10 +29,13 @@ PREFIX= /usr/local > RM= rm -f > LN= ln > CC= cc >-CFLAGS= -O2 -fPIC >+CFLAGS= -O2 -fPIC -I/usr/include/nss3 -I/usr/include/nspr4 > > # linux -L$(PREFIX)/lib -lmd >-LIBMD= -L$(PREFIX)/$(LIBD) -lmd >+#LIBMD= -L$(PREFIX)/$(LIBD) -lmd >+ >+# Linux NSS >+LIBMD = -L$(PREFIX)/$(LIBD) -lnss3 -lnspr4 > > # netbsd - it's in libc > #LIBMD= -L/usr/lib -lc >@@ -50,7 +53,7 @@ all: libradius.so.0.0 > > libradius.so.0.0: radlib.c > $(CC) $(CFLAGS) -c radlib.c -o radlib_r.o >- $(CC) -shared -Wl,-soname,libradius.so.0.0 -o libradius.so.0.0 *.o -lc -lmd >+ $(CC) -shared -Wl,-soname,libradius.so.0.0 -o libradius.so.0.0 *.o $(LIBMD) > > #radlib.o: radlib.c > # $(CC) $(CFLAGS) -c radlib.c -o radlib_r.o >@@ -60,6 +63,7 @@ libradius.so.0.0: radlib.c > > clean: > $(RM) *.o >+ $(RM) *.so* > > clobber: clean > $(RM) lib$(LIB).a >diff --git a/radlib.c b/radlib.c >index c02a2fe78da873db95e15f1f90e4a3bc20559741..2c02a34c0610d91f7ac0934f65bece89510627e3 100644 >--- a/radlib.c >+++ b/radlib.c >@@ -33,7 +33,7 @@ > #include <arpa/inet.h> > > #include <errno.h> >-#include <md5.h> >+#include <sechash.h> > #include <netdb.h> > #include <stdarg.h> > #include <stddef.h> >@@ -44,8 +44,10 @@ > > #include "radlib_private.h" > #if defined(__linux__) >+#ifndef MSG_WAITALL > #define MSG_WAITALL 0 > #endif >+#endif > #if !defined(__printflike) > #define __printflike(fmtarg, firstvararg) \ > __attribute__((__format__ (__printf__, fmtarg, firstvararg))) >@@ -100,24 +102,27 @@ generr(struct rad_handle *h, const char *format, ...) > static void > insert_scrambled_password(struct rad_handle *h, int srv) > { >- MD5_CTX ctx; >+ HASHContext *md5_ctx; > unsigned char md5[16]; > const struct rad_server *srvp; > int padded_len; > int pos; >+ unsigned int len; > > srvp = &h->servers[srv]; > padded_len = h->pass_len == 0 ? 16 : (h->pass_len+15) & ~0xf; > >+ md5_ctx = HASH_Create(HASH_AlgMD5); >+ > memcpy(md5, &h->request[POS_AUTH], LEN_AUTH); > for (pos = 0; pos < padded_len; pos += 16) { > int i; > > /* Calculate the new scrambler */ >- MD5Init(&ctx); >- MD5Update(&ctx, srvp->secret, strlen(srvp->secret)); >- MD5Update(&ctx, md5, 16); >- MD5Final(md5, &ctx); >+ HASH_Begin(md5_ctx); >+ HASH_Update(md5_ctx, srvp->secret, strlen(srvp->secret)); >+ HASH_Update(md5_ctx, md5, 16); >+ HASH_End(md5_ctx, md5, &len, sizeof(md5)); > > /* > * Mix in the current chunk of the password, and copy >@@ -129,23 +134,28 @@ insert_scrambled_password(struct rad_handle *h, int srv) > h->request[h->pass_pos + pos + i] = > md5[i] ^= h->pass[pos + i]; > } >+ >+ HASH_Destroy(md5_ctx); > } > > static void > insert_request_authenticator(struct rad_handle *h, int srv) > { >- MD5_CTX ctx; >+ HASHContext *md5_ctx; > const struct rad_server *srvp; >+ unsigned int len; > > srvp = &h->servers[srv]; > > /* Create the request authenticator */ >- MD5Init(&ctx); >- MD5Update(&ctx, &h->request[POS_CODE], POS_AUTH - POS_CODE); >- MD5Update(&ctx, memset(&h->request[POS_AUTH], 0, LEN_AUTH), LEN_AUTH); >- MD5Update(&ctx, &h->request[POS_ATTRS], h->req_len - POS_ATTRS); >- MD5Update(&ctx, srvp->secret, strlen(srvp->secret)); >- MD5Final(&h->request[POS_AUTH], &ctx); >+ md5_ctx = HASH_Create(HASH_AlgMD5); >+ >+ HASH_Begin(md5_ctx); >+ HASH_Update(md5_ctx, &h->request[POS_CODE], POS_AUTH - POS_CODE); >+ HASH_Update(md5_ctx, memset(&h->request[POS_AUTH], 0, LEN_AUTH), LEN_AUTH); >+ HASH_Update(md5_ctx, &h->request[POS_ATTRS], h->req_len - POS_ATTRS); >+ HASH_Update(md5_ctx, srvp->secret, strlen(srvp->secret)); >+ HASH_End(md5_ctx, &h->request[POS_AUTH], &len, sizeof(h->request[POS_AUTH])); > } > > /* >@@ -156,7 +166,7 @@ static int > is_valid_response(struct rad_handle *h, int srv, > const struct sockaddr_in *from) > { >- MD5_CTX ctx; >+ HASHContext *md5_ctx; > unsigned char md5[16]; > const struct rad_server *srvp; > int len; >@@ -177,12 +187,17 @@ is_valid_response(struct rad_handle *h, int srv, > return 0; > > /* Check the response authenticator */ >- MD5Init(&ctx); >- MD5Update(&ctx, &h->response[POS_CODE], POS_AUTH - POS_CODE); >- MD5Update(&ctx, &h->request[POS_AUTH], LEN_AUTH); >- MD5Update(&ctx, &h->response[POS_ATTRS], len - POS_ATTRS); >- MD5Update(&ctx, srvp->secret, strlen(srvp->secret)); >- MD5Final(md5, &ctx); >+ md5_ctx = HASH_Create(HASH_AlgMD5); >+ >+ HASH_Begin(md5_ctx); >+ HASH_Update(md5_ctx, &h->response[POS_CODE], POS_AUTH - POS_CODE); >+ HASH_Update(md5_ctx, &h->request[POS_AUTH], LEN_AUTH); >+ HASH_Update(md5_ctx, &h->response[POS_ATTRS], len - POS_ATTRS); >+ HASH_Update(md5_ctx, srvp->secret, strlen(srvp->secret)); >+ HASH_End(md5_ctx, md5, &len, sizeof(md5)); >+ >+ HASH_Destroy(md5_ctx); >+ > if (memcmp(&h->response[POS_AUTH], md5, sizeof md5) != 0) > return 0; > >-- >1.7.10.2 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Flags:
negativo17
: review+
Actions:
View
|
Diff
Attachments on
bug 823446
: 587487