diff options
| author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2014-03-22 15:23:38 +0000 |
|---|---|---|
| committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2014-03-22 15:23:38 +0000 |
| commit | 0c79dacc8a8d4de2455d61c51724866f667ba53c (patch) | |
| tree | 5186034782b608fd13a7408b5852ad248f6bdc35 /hostfile.c | |
| parent | 02d4c2ac3daa0f36264392972709ccd7676ab3e8 (diff) | |
| download | src-0c79dacc8a8d4de2455d61c51724866f667ba53c.tar.gz src-0c79dacc8a8d4de2455d61c51724866f667ba53c.zip | |
Vendor import of OpenSSH 6.6p1.vendor/openssh/6.6p1
Notes
Notes:
svn path=/vendor-crypto/openssh/dist/; revision=263635
svn path=/vendor-crypto/openssh/6.6p1/; revision=263636; tag=vendor/openssh/6.6p1
Diffstat (limited to 'hostfile.c')
| -rw-r--r-- | hostfile.c | 33 |
1 files changed, 16 insertions, 17 deletions
diff --git a/hostfile.c b/hostfile.c index 2778fb5df208..8bc9540b71de 100644 --- a/hostfile.c +++ b/hostfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.c,v 1.53 2014/01/09 23:20:00 djm Exp $ */ +/* $OpenBSD: hostfile.c,v 1.55 2014/01/31 16:39:19 tedu Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -42,9 +42,6 @@ #include <netinet/in.h> -#include <openssl/hmac.h> -#include <openssl/sha.h> - #include <resolv.h> #include <stdarg.h> #include <stdio.h> @@ -58,6 +55,7 @@ #include "log.h" #include "misc.h" #include "digest.h" +#include "hmac.h" struct hostkeys { struct hostkey_entry *entries; @@ -102,9 +100,9 @@ extract_salt(const char *s, u_int l, u_char *salt, size_t salt_len) debug2("extract_salt: salt decode error"); return (-1); } - if (ret != SHA_DIGEST_LENGTH) { - debug2("extract_salt: expected salt len %d, got %d", - SHA_DIGEST_LENGTH, ret); + if (ret != (int)ssh_hmac_bytes(SSH_DIGEST_SHA1)) { + debug2("extract_salt: expected salt len %zd, got %d", + ssh_hmac_bytes(SSH_DIGEST_SHA1), ret); return (-1); } @@ -114,14 +112,13 @@ extract_salt(const char *s, u_int l, u_char *salt, size_t salt_len) char * host_hash(const char *host, const char *name_from_hostfile, u_int src_len) { - const EVP_MD *md = EVP_sha1(); - HMAC_CTX mac_ctx; + struct ssh_hmac_ctx *ctx; u_char salt[256], result[256]; char uu_salt[512], uu_result[512]; static char encoded[1024]; u_int i, len; - len = EVP_MD_size(md); + len = ssh_digest_bytes(SSH_DIGEST_SHA1); if (name_from_hostfile == NULL) { /* Create new salt */ @@ -134,14 +131,16 @@ host_hash(const char *host, const char *name_from_hostfile, u_int src_len) return (NULL); } - HMAC_Init(&mac_ctx, salt, len, md); - HMAC_Update(&mac_ctx, (u_char *)host, strlen(host)); - HMAC_Final(&mac_ctx, result, NULL); - HMAC_cleanup(&mac_ctx); + if ((ctx = ssh_hmac_start(SSH_DIGEST_SHA1)) == NULL || + ssh_hmac_init(ctx, salt, len) < 0 || + ssh_hmac_update(ctx, host, strlen(host)) < 0 || + ssh_hmac_final(ctx, result, sizeof(result))) + fatal("%s: ssh_hmac failed", __func__); + ssh_hmac_free(ctx); if (__b64_ntop(salt, len, uu_salt, sizeof(uu_salt)) == -1 || __b64_ntop(result, len, uu_result, sizeof(uu_result)) == -1) - fatal("host_hash: __b64_ntop failed"); + fatal("%s: __b64_ntop failed", __func__); snprintf(encoded, sizeof(encoded), "%s%s%c%s", HASH_MAGIC, uu_salt, HASH_DELIM, uu_result); @@ -334,10 +333,10 @@ free_hostkeys(struct hostkeys *hostkeys) free(hostkeys->entries[i].host); free(hostkeys->entries[i].file); key_free(hostkeys->entries[i].key); - bzero(hostkeys->entries + i, sizeof(*hostkeys->entries)); + explicit_bzero(hostkeys->entries + i, sizeof(*hostkeys->entries)); } free(hostkeys->entries); - bzero(hostkeys, sizeof(*hostkeys)); + explicit_bzero(hostkeys, sizeof(*hostkeys)); free(hostkeys); } |