rpms / ntp

Clone
Source Code
GIT

Blame SOURCES/ntp-4.2.6p5-fipsmd5.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta
  1.   57c3819790849f2af2c589d4272211eb94d9cdf5
  2.   SOURCES
  3.   ntp-4.2.6p5-fipsmd5.patch
Blob History Raw
473877 
diff -up ntp-4.2.6p5/libntp/a_md5encrypt.c.fipsmd5 ntp-4.2.6p5/libntp/a_md5encrypt.c
473877 
--- ntp-4.2.6p5/libntp/a_md5encrypt.c.fipsmd5	2011-12-01 03:55:17.000000000 +0100
473877 
+++ ntp-4.2.6p5/libntp/a_md5encrypt.c	2012-10-24 16:24:04.972358878 +0200
473877 
@@ -38,7 +38,11 @@ MD5authencrypt(
473877 
 	 * was creaded.
473877 
 	 */
473877 
 	INIT_SSL();
473877 
-	EVP_DigestInit(&ctx, EVP_get_digestbynid(type));
473877 
+	if (!EVP_DigestInit(&ctx, EVP_get_digestbynid(type))) {
473877 
+		msyslog(LOG_ERR,
473877 
+		    "MAC encrypt: digest init failed");
473877 
+		return (0);
473877 
+	}
473877 
 	EVP_DigestUpdate(&ctx, key, (u_int)cache_keylen);
473877 
 	EVP_DigestUpdate(&ctx, (u_char *)pkt, (u_int)length);
473877 
 	EVP_DigestFinal(&ctx, digest, &len;;
473877 
@@ -71,7 +75,11 @@ MD5authdecrypt(
473877 
 	 * was created.
473877 
 	 */
473877 
 	INIT_SSL();
473877 
-	EVP_DigestInit(&ctx, EVP_get_digestbynid(type));
473877 
+	if (!EVP_DigestInit(&ctx, EVP_get_digestbynid(type))) {
473877 
+		msyslog(LOG_ERR,
473877 
+		    "MAC decrypt: digest init failed");
473877 
+		return (0);
473877 
+	}
473877 
 	EVP_DigestUpdate(&ctx, key, (u_int)cache_keylen);
473877 
 	EVP_DigestUpdate(&ctx, (u_char *)pkt, (u_int)length);
473877 
 	EVP_DigestFinal(&ctx, digest, &len;;
473877 
@@ -101,7 +109,16 @@ addr2refid(sockaddr_u *addr)
473877 
 		return (NSRCADR(addr));
473877
473877 
 	INIT_SSL();
473877 
-	EVP_DigestInit(&ctx, EVP_get_digestbynid(NID_md5));
473877 
+	EVP_MD_CTX_init(&ctx;;
473877 
+#ifdef EVP_MD_CTX_FLAG_NON_FIPS_ALLOW
473877 
+	/* MD5 is not used as a crypto hash here. */
473877 
+	EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
473877 
+#endif
473877 
+	if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL)) {
473877 
+		msyslog(LOG_ERR,
473877 
+		    "MD5 init failed");
473877 
+		exit(1);
473877 
+	}
473877 
 	EVP_DigestUpdate(&ctx, (u_char *)PSOCK_ADDR6(addr),
473877 
 	    sizeof(struct in6_addr));
473877 
 	EVP_DigestFinal(&ctx, digest, &len;;

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation