Fix HMAC-MD5 verify in reconfigure

[odhcp6c.git] / src / dhcpv6.c

diff --git a/src/dhcpv6.c b/src/dhcpv6.c
index ec42b32c54a430fd9e119e4f34cab600c339463b..bf62b29767233e4dd77b828fa345c26796085b74 100644 (file)
--- a/src/dhcpv6.c
+++ b/src/dhcpv6.c
@@ -657,10 +657,12 @@ static bool dhcpv6_response_is_valid(const void *buf, ssize_t len,
                                continue;
 
                        md5_ctx_t md5;
-                       uint8_t serverhash[16], secretbytes[16], hash[16];
+                       uint8_t serverhash[16], secretbytes[64], hash[16];
                        memcpy(serverhash, r->key, sizeof(serverhash));
                        memset(r->key, 0, sizeof(r->key));
-                       memcpy(secretbytes, reconf_key, sizeof(secretbytes));
+
+                       memset(secretbytes, 0, sizeof(secretbytes));
+                       memcpy(secretbytes, reconf_key, sizeof(reconf_key));
 
                        for (size_t i = 0; i < sizeof(secretbytes); ++i)
                                secretbytes[i] ^= 0x36;