[Swan-dev] Question on get_cookie() code
D. Hugh Redelmeier
hugh at mimosa.com
Thu Jan 7 20:37:27 UTC 2016
| From: Andrew Cagney <andrew.cagney at gmail.com>
| On 5 January 2016 at 18:29, Paul Wouters <paul at nohats.ca> wrote:
| > void get_cookie(bool initiator, u_int8_t *cookie, int length,
| > const ip_address *addr)
| > {
| > u_char buffer[SHA1_DIGEST_SIZE];
| > SHA1_CTX ctx;
| >
| > do {
| > if (initiator) {
| > get_rnd_bytes(cookie, length);
| > } else {
| > /* Responder cookie */
| > /* This looks as good as any way */
| > size_t addr_length;
| > static u_int32_t counter = 0;
| > unsigned char addr_buff[
| > sizeof(union { struct in_addr A;
| > struct in6_addr B;
| > })];
| >
| > addr_length =
| > addrbytesof(addr, addr_buff,
| > sizeof(addr_buff));
| > SHA1Init(&ctx);
| > SHA1Update(&ctx, addr_buff, addr_length);
| > SHA1Update(&ctx, secret_of_the_day,
| > sizeof(secret_of_the_day));
| > counter++;
| > SHA1Update(&ctx, (const void *) &counter,
| > sizeof(counter));
| > SHA1Final(buffer, &ctx);
| > memcpy(cookie, buffer, length);
| > }
| > } while (is_zero_cookie(cookie)); /* probably never loops */
| > }
|
| It seems to be feeding SHA1 crud found on the stack?
I'm not seeing that. Could you be more specific?
More information about the Swan-dev
mailing list