From: Steven Barth Date: Tue, 11 Mar 2014 08:18:32 +0000 (+0100) Subject: Fix HMAC-MD5 verify in reconfigure X-Git-Tag: debian/1.1+git20160131-1~77 X-Git-Url: https://git.decadent.org.uk/gitweb/?p=odhcp6c.git;a=commitdiff_plain;h=9c7c654cb2d5ac6ac536f603cd5a9372416e91da Fix HMAC-MD5 verify in reconfigure --- diff --git a/src/dhcpv6.c b/src/dhcpv6.c index ec42b32..bf62b29 100644 --- a/src/dhcpv6.c +++ b/src/dhcpv6.c @@ -657,10 +657,12 @@ static bool dhcpv6_response_is_valid(const void *buf, ssize_t len, continue; md5_ctx_t md5; - uint8_t serverhash[16], secretbytes[16], hash[16]; + uint8_t serverhash[16], secretbytes[64], hash[16]; memcpy(serverhash, r->key, sizeof(serverhash)); memset(r->key, 0, sizeof(r->key)); - memcpy(secretbytes, reconf_key, sizeof(secretbytes)); + + memset(secretbytes, 0, sizeof(secretbytes)); + memcpy(secretbytes, reconf_key, sizeof(reconf_key)); for (size_t i = 0; i < sizeof(secretbytes); ++i) secretbytes[i] ^= 0x36;