Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 863a2488 authored by Kevin Coffman's avatar Kevin Coffman Committed by J. Bruce Fields
Browse files

gss_krb5: Use random value to initialize confounder 



Initialize the value used for the confounder to a random value
rather than starting from zero.
Allow for confounders of length 8 or 16 (which will be needed for AES).

Signed-off-by: default avatarKevin Coffman <kwc@citi.umich.edu>
Signed-off-by: default avatarJ. Bruce Fields <bfields@citi.umich.edu>
parent db8add57

net/sunrpc/auth_gss/gss_krb5_wrap.c

+18 −4
Original line number Diff line number Diff line
@@ -87,8 +87,8 @@ gss_krb5_remove_padding(struct xdr_buf *buf, int blocksize) 
	return 0;

}



static inline void

make_confounder(char *p, int blocksize)

static void

make_confounder(char *p, u32 conflen)

{

	static u64 i = 0;

	u64 *q = (u64 *)p;
@@ -102,8 +102,22 @@ make_confounder(char *p, int blocksize) 
	 * uniqueness would mean worrying about atomicity and rollover, and I

	 * don't care enough. */



	BUG_ON(blocksize != 8);

	*q = i++;

	/* initialize to random value */

	if (i == 0) {

		i = random32();

		i = (i << 32) | random32();

	}



	switch (conflen) {

	case 16:

		*q++ = i++;

		/* fall through */

	case 8:

		*q++ = i++;

		break;

	default:

		BUG();

	}

}



/* Assumptions: the head and tail of inbuf are ours to play with.