Fix HMAC-MD5 verify in reconfigure

author Steven Barth <steven@midlink.org>

Tue, 11 Mar 2014 08:18:32 +0000 (09:18 +0100)

committer Steven Barth <steven@midlink.org>

Tue, 11 Mar 2014 08:18:32 +0000 (09:18 +0100)
author Steven Barth <steven@midlink.org>
Tue, 11 Mar 2014 08:18:32 +0000 (09:18 +0100)
committer Steven Barth <steven@midlink.org>
Tue, 11 Mar 2014 08:18:32 +0000 (09:18 +0100)
diff --git a/src/dhcpv6.c b/src/dhcpv6.c

index ec42b32c54a430fd9e119e4f34cab600c339463b..bf62b29767233e4dd77b828fa345c26796085b74 100644 (file)
--- a/src/dhcpv6.c
+++ b/src/dhcpv6.c
@@ -657,10 +657,12 @@ static bool dhcpv6_response_is_valid(const void *buf, ssize_t len,
                                 continue;
  
                         md5_ctx_t md5;
-                       uint8_t serverhash[16], secretbytes[16], hash[16];
+                       uint8_t serverhash[16], secretbytes[64], hash[16];
                         memcpy(serverhash, r->key, sizeof(serverhash));
                         memset(r->key, 0, sizeof(r->key));
-                       memcpy(secretbytes, reconf_key, sizeof(secretbytes));
+
+                       memset(secretbytes, 0, sizeof(secretbytes));
+                       memcpy(secretbytes, reconf_key, sizeof(reconf_key));
  
                         for (size_t i = 0; i < sizeof(secretbytes); ++i)
                                 secretbytes[i] ^= 0x36;
author	Steven Barth <steven@midlink.org>
	Tue, 11 Mar 2014 08:18:32 +0000 (09:18 +0100)
committer	Steven Barth <steven@midlink.org>
	Tue, 11 Mar 2014 08:18:32 +0000 (09:18 +0100)