[dovecot-cvs] dovecot/src/auth mech-cram-md5.c, 1.28, 1.29 password-scheme-cram-md5.c, 1.4, 1.5

tss at dovecot.org tss at dovecot.org
Sun May 13 13:18:53 EEST 2007 

Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv7370/auth

Modified Files:
	mech-cram-md5.c password-scheme-cram-md5.c 
Log Message:
hmac-md5 API cleanups. Use arrays with MD5_RESULTLEN and CRAM_MD5_CONTEXTLEN
sizes instead of pointers. hmac_md5_set_cram_context() takes a const array
now.



Index: mech-cram-md5.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/mech-cram-md5.c,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -d -r1.28 -r1.29
--- mech-cram-md5.c	13 May 2007 08:24:06 -0000	1.28
+++ mech-cram-md5.c	13 May 2007 10:18:51 -0000	1.29
@@ -50,7 +50,8 @@
 			       const char *credentials)
 {
 	
-	unsigned char digest[16], context_digest[32];
+	unsigned char digest[MD5_RESULTLEN];
+	unsigned char context_digest[CRAM_MD5_CONTEXTLEN];
         struct hmac_md5_context ctx;
 	buffer_t *context_digest_buf;
 	const char *response_hex;
@@ -69,9 +70,9 @@
 	hmac_md5_update(&ctx, request->challenge, strlen(request->challenge));
 	hmac_md5_final(&ctx, digest);
 
-	response_hex = binary_to_hex(digest, 16);
+	response_hex = binary_to_hex(digest, sizeof(digest));
 
-	if (memcmp(response_hex, request->response, 32) != 0) {
+	if (memcmp(response_hex, request->response, sizeof(digest)*2) != 0) {
 		auth_request_log_info(&request->auth_request, "cram-md5",
 				      "password mismatch");
 		return FALSE;

Index: password-scheme-cram-md5.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/password-scheme-cram-md5.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- password-scheme-cram-md5.c	15 Sep 2004 13:23:22 -0000	1.4
+++ password-scheme-cram-md5.c	13 May 2007 10:18:51 -0000	1.5
@@ -8,7 +8,7 @@
 const char *password_generate_cram_md5(const char *plaintext)
 {
 	struct hmac_md5_context ctx;
-	unsigned char context_digest[32];
+	unsigned char context_digest[CRAM_MD5_CONTEXTLEN];
 
 	hmac_md5_init(&ctx, (const unsigned char *)plaintext,
 		      strlen(plaintext));

More information about the dovecot-cvs mailing list