Commit 863a2488 authored by Kevin Coffman's avatar Kevin Coffman Committed by J. Bruce Fields

gss_krb5: Use random value to initialize confounder

Initialize the value used for the confounder to a random value
rather than starting from zero.
Allow for confounders of length 8 or 16 (which will be needed for AES).
Signed-off-by: default avatarKevin Coffman <kwc@citi.umich.edu>
Signed-off-by: default avatarJ. Bruce Fields <bfields@citi.umich.edu>
parent db8add57
...@@ -87,8 +87,8 @@ gss_krb5_remove_padding(struct xdr_buf *buf, int blocksize) ...@@ -87,8 +87,8 @@ gss_krb5_remove_padding(struct xdr_buf *buf, int blocksize)
return 0; return 0;
} }
static inline void static void
make_confounder(char *p, int blocksize) make_confounder(char *p, u32 conflen)
{ {
static u64 i = 0; static u64 i = 0;
u64 *q = (u64 *)p; u64 *q = (u64 *)p;
...@@ -102,8 +102,22 @@ make_confounder(char *p, int blocksize) ...@@ -102,8 +102,22 @@ make_confounder(char *p, int blocksize)
* uniqueness would mean worrying about atomicity and rollover, and I * uniqueness would mean worrying about atomicity and rollover, and I
* don't care enough. */ * don't care enough. */
BUG_ON(blocksize != 8); /* initialize to random value */
*q = i++; if (i == 0) {
i = random32();
i = (i << 32) | random32();
}
switch (conflen) {
case 16:
*q++ = i++;
/* fall through */
case 8:
*q++ = i++;
break;
default:
BUG();
}
} }
/* Assumptions: the head and tail of inbuf are ours to play with. /* Assumptions: the head and tail of inbuf are ours to play with.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment