aboutsummaryrefslogtreecommitdiff
path: root/lib/libradius
diff options
context:
space:
mode:
authorJung-uk Kim <jkim@FreeBSD.org>2018-09-19 07:06:20 +0000
committerJung-uk Kim <jkim@FreeBSD.org>2018-09-19 07:06:20 +0000
commit328bbc11c9bd7cef2d88a18692b94dab995654c8 (patch)
tree3cdabe6ed72e2e67330f42118d5c79a9e26b4b7f /lib/libradius
parent07f5430d5c5c9b7d3167153d643f9c86d67e4edb (diff)
downloadsrc-328bbc11c9bd7cef2d88a18692b94dab995654c8.tar.gz
src-328bbc11c9bd7cef2d88a18692b94dab995654c8.zip
Make libradius(3) buildable.
Notes
Notes: svn path=/projects/openssl111/; revision=338781
Diffstat (limited to 'lib/libradius')
-rw-r--r--lib/libradius/radlib.c63
1 files changed, 33 insertions, 30 deletions
diff --git a/lib/libradius/radlib.c b/lib/libradius/radlib.c
index 836111de29ce..3b6460e26f0d 100644
--- a/lib/libradius/radlib.c
+++ b/lib/libradius/radlib.c
@@ -156,22 +156,21 @@ insert_message_authenticator(struct rad_handle *h, int resp)
u_char md[EVP_MAX_MD_SIZE];
u_int md_len;
const struct rad_server *srvp;
- HMAC_CTX ctx;
+ HMAC_CTX *ctx;
srvp = &h->servers[h->srv];
if (h->authentic_pos != 0) {
- HMAC_CTX_init(&ctx);
- HMAC_Init(&ctx, srvp->secret, strlen(srvp->secret), EVP_md5());
- HMAC_Update(&ctx, &h->out[POS_CODE], POS_AUTH - POS_CODE);
+ ctx = HMAC_CTX_new();
+ HMAC_Init_ex(ctx, srvp->secret, strlen(srvp->secret), EVP_md5(), NULL);
+ HMAC_Update(ctx, &h->out[POS_CODE], POS_AUTH - POS_CODE);
if (resp)
- HMAC_Update(&ctx, &h->in[POS_AUTH], LEN_AUTH);
+ HMAC_Update(ctx, &h->in[POS_AUTH], LEN_AUTH);
else
- HMAC_Update(&ctx, &h->out[POS_AUTH], LEN_AUTH);
- HMAC_Update(&ctx, &h->out[POS_ATTRS],
+ HMAC_Update(ctx, &h->out[POS_AUTH], LEN_AUTH);
+ HMAC_Update(ctx, &h->out[POS_ATTRS],
h->out_len - POS_ATTRS);
- HMAC_Final(&ctx, md, &md_len);
- HMAC_CTX_cleanup(&ctx);
- HMAC_cleanup(&ctx);
+ HMAC_Final(ctx, md, &md_len);
+ HMAC_CTX_free(ctx);
memcpy(&h->out[h->authentic_pos + 2], md, md_len);
}
#endif
@@ -190,7 +189,7 @@ is_valid_response(struct rad_handle *h, int srv,
const struct rad_server *srvp;
int len;
#ifdef WITH_SSL
- HMAC_CTX hctx;
+ HMAC_CTX *hctx;
u_char resp[MSGSIZE], md[EVP_MAX_MD_SIZE];
u_int md_len;
int pos;
@@ -232,31 +231,33 @@ is_valid_response(struct rad_handle *h, int srv,
pos = POS_ATTRS;
/* Search and verify the Message-Authenticator */
+ hctx = HMAC_CTX_new();
while (pos < len - 2) {
if (h->in[pos] == RAD_MESSAGE_AUTHENTIC) {
/* zero fill the Message-Authenticator */
memset(&resp[pos + 2], 0, MD5_DIGEST_LENGTH);
- HMAC_CTX_init(&hctx);
- HMAC_Init(&hctx, srvp->secret,
- strlen(srvp->secret), EVP_md5());
- HMAC_Update(&hctx, &h->in[POS_CODE],
+ HMAC_Init_ex(hctx, srvp->secret,
+ strlen(srvp->secret), EVP_md5(), NULL);
+ HMAC_Update(hctx, &h->in[POS_CODE],
POS_AUTH - POS_CODE);
- HMAC_Update(&hctx, &h->out[POS_AUTH],
+ HMAC_Update(hctx, &h->out[POS_AUTH],
LEN_AUTH);
- HMAC_Update(&hctx, &resp[POS_ATTRS],
+ HMAC_Update(hctx, &resp[POS_ATTRS],
h->in_len - POS_ATTRS);
- HMAC_Final(&hctx, md, &md_len);
- HMAC_CTX_cleanup(&hctx);
- HMAC_cleanup(&hctx);
+ HMAC_Final(hctx, md, &md_len);
+ HMAC_CTX_reset(hctx);
if (memcmp(md, &h->in[pos + 2],
- MD5_DIGEST_LENGTH) != 0)
+ MD5_DIGEST_LENGTH) != 0) {
+ HMAC_CTX_free(hctx);
return 0;
+ }
break;
}
pos += h->in[pos + 1];
}
+ HMAC_CTX_free(hctx);
}
#endif
return 1;
@@ -273,7 +274,7 @@ is_valid_request(struct rad_handle *h)
const struct rad_server *srvp;
int len;
#ifdef WITH_SSL
- HMAC_CTX hctx;
+ HMAC_CTX *hctx;
u_char resp[MSGSIZE], md[EVP_MAX_MD_SIZE];
u_int md_len;
int pos;
@@ -304,6 +305,7 @@ is_valid_request(struct rad_handle *h)
#ifdef WITH_SSL
/* Search and verify the Message-Authenticator */
pos = POS_ATTRS;
+ hctx = HMAC_CTX_new();
while (pos < len - 2) {
if (h->in[pos] == RAD_MESSAGE_AUTHENTIC) {
memcpy(resp, h->in, MSGSIZE);
@@ -313,20 +315,21 @@ is_valid_request(struct rad_handle *h)
/* zero fill the Message-Authenticator */
memset(&resp[pos + 2], 0, MD5_DIGEST_LENGTH);
- HMAC_CTX_init(&hctx);
- HMAC_Init(&hctx, srvp->secret,
- strlen(srvp->secret), EVP_md5());
- HMAC_Update(&hctx, resp, h->in_len);
- HMAC_Final(&hctx, md, &md_len);
- HMAC_CTX_cleanup(&hctx);
- HMAC_cleanup(&hctx);
+ HMAC_Init_ex(hctx, srvp->secret,
+ strlen(srvp->secret), EVP_md5(), NULL);
+ HMAC_Update(hctx, resp, h->in_len);
+ HMAC_Final(hctx, md, &md_len);
+ HMAC_CTX_reset(hctx);
if (memcmp(md, &h->in[pos + 2],
- MD5_DIGEST_LENGTH) != 0)
+ MD5_DIGEST_LENGTH) != 0) {
+ HMAC_CTX_free(hctx);
return (0);
+ }
break;
}
pos += h->in[pos + 1];
}
+ HMAC_CTX_free(hctx);
#endif
return (1);
}