1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
$NetBSD: patch-nsec3checks.c,v 1.1 2021/04/10 08:16:09 nia Exp $
Fix building with OpenSSL 1.1. From FreeBSD Ports.
--- nsec3checks.c.orig 2014-02-11 20:46:07.000000000 +0000
+++ nsec3checks.c
@@ -28,7 +28,7 @@
static struct binary_data name2hash(char *name, struct rr *param)
{
struct rr_nsec3param *p = (struct rr_nsec3param *)param;
- EVP_MD_CTX ctx;
+ EVP_MD_CTX *ctx;
unsigned char md0[EVP_MAX_MD_SIZE];
unsigned char md1[EVP_MAX_MD_SIZE];
unsigned char *md[2];
@@ -45,26 +45,28 @@ static struct binary_data name2hash(char
/* XXX Maybe use Init_ex and Final_ex for speed? */
- EVP_MD_CTX_init(&ctx);
- if (EVP_DigestInit(&ctx, EVP_sha1()) != 1)
- return r;
- digest_size = EVP_MD_CTX_size(&ctx);
- EVP_DigestUpdate(&ctx, wire_name.data, wire_name.length);
- EVP_DigestUpdate(&ctx, p->salt.data, p->salt.length);
- EVP_DigestFinal(&ctx, md[mdi], NULL);
+ ctx = EVP_MD_CTX_create();
+ if (EVP_DigestInit(ctx, EVP_sha1()) != 1)
+ goto out;
+ digest_size = EVP_MD_CTX_size(ctx);
+ EVP_DigestUpdate(ctx, wire_name.data, wire_name.length);
+ EVP_DigestUpdate(ctx, p->salt.data, p->salt.length);
+ EVP_DigestFinal(ctx, md[mdi], NULL);
for (i = 0; i < p->iterations; i++) {
- if (EVP_DigestInit(&ctx, EVP_sha1()) != 1)
- return r;
- EVP_DigestUpdate(&ctx, md[mdi], digest_size);
+ if (EVP_DigestInit(ctx, EVP_sha1()) != 1)
+ goto out;
+ EVP_DigestUpdate(ctx, md[mdi], digest_size);
mdi = (mdi + 1) % 2;
- EVP_DigestUpdate(&ctx, p->salt.data, p->salt.length);
- EVP_DigestFinal(&ctx, md[mdi], NULL);
+ EVP_DigestUpdate(ctx, p->salt.data, p->salt.length);
+ EVP_DigestFinal(ctx, md[mdi], NULL);
}
r.length = digest_size;
r.data = getmem(digest_size);
memcpy(r.data, md[mdi], digest_size);
+ out:
+ EVP_MD_CTX_destroy(ctx);
return r;
}
|
