From 9c7c654cb2d5ac6ac536f603cd5a9372416e91da Mon Sep 17 00:00:00 2001
From: Steven Barth <steven@midlink.org>
Date: Tue, 11 Mar 2014 09:18:32 +0100
Subject: [PATCH] Fix HMAC-MD5 verify in reconfigure

---
 src/dhcpv6.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/dhcpv6.c b/src/dhcpv6.c
index ec42b32..bf62b29 100644
--- a/src/dhcpv6.c
+++ b/src/dhcpv6.c
@@ -657,10 +657,12 @@ static bool dhcpv6_response_is_valid(const void *buf, ssize_t len,
 				continue;
 
 			md5_ctx_t md5;
-			uint8_t serverhash[16], secretbytes[16], hash[16];
+			uint8_t serverhash[16], secretbytes[64], hash[16];
 			memcpy(serverhash, r->key, sizeof(serverhash));
 			memset(r->key, 0, sizeof(r->key));
-			memcpy(secretbytes, reconf_key, sizeof(secretbytes));
+
+			memset(secretbytes, 0, sizeof(secretbytes));
+			memcpy(secretbytes, reconf_key, sizeof(reconf_key));
 
 			for (size_t i = 0; i < sizeof(secretbytes); ++i)
 				secretbytes[i] ^= 0x36;
-- 
2.39.2