Index: /trunk/include/samhain.h =================================================================== --- /trunk/include/samhain.h (revision 132) +++ /trunk/include/samhain.h (revision 133) @@ -62,4 +62,5 @@ #define KEY_LEN 48 #define KEY_BLOCK 24 +#define KEYBUF_SIZE (KEY_LEN+1) /* The length of the compiled-in password. Index: /trunk/include/sh_pthread.h =================================================================== --- /trunk/include/sh_pthread.h (revision 132) +++ /trunk/include/sh_pthread.h (revision 133) @@ -26,4 +26,9 @@ #define SH_MUTEX_UNLOCK_UNSAFE(M) pthread_mutex_unlock(&(M)) +/* + * ---- Global mutexes ---- + */ +SH_MUTEX_EXTERN(mutex_skey); + #else Index: /trunk/include/sh_srp.h =================================================================== --- /trunk/include/sh_srp.h (revision 132) +++ /trunk/include/sh_srp.h (revision 133) @@ -21,5 +21,5 @@ void sh_srp_x (char * salt, char * password); int sh_srp_make_a (void); -char * sh_srp_M (char * x1, char * x2, char * x3); +char * sh_srp_M (char * x1, char * x2, char * x3, char * buf, size_t size); char * sh_srp_verifier (void); Index: /trunk/include/sh_tiger.h =================================================================== --- /trunk/include/sh_tiger.h (revision 132) +++ /trunk/include/sh_tiger.h (revision 133) @@ -7,4 +7,10 @@ #include "samhain.h" +typedef long int TigerType; + +#define TIGER_FILE -1; +#define TIGER_DATA -2; + +/**************** typedef enum { TIGER_FILE, @@ -12,13 +18,12 @@ TIGER_DATA } TigerType; +*****************/ #define TIGER_NOLIM ((UINT64)-1) - -extern SL_TICKET tiger_fd; /* the checksum function */ /*@owned@*/ char * sh_tiger_hash (const char * filename, TigerType what, - UINT64 Length); + UINT64 Length, char * out, size_t len); /* NEW Thu Oct 18 19:59:08 CEST 2001 @@ -26,9 +31,10 @@ int sh_tiger_hashtype (const char * c); char * sh_tiger_generic_hash (char * filename, TigerType what, - UINT64 Length, int timeout); + UINT64 Length, int timeout, + char * out, size_t len); UINT32 * sh_tiger_hash_uint32 (char * filename, TigerType what, - UINT64 Length); + UINT64 Length, UINT32 * out, size_t len); /* get the type of hash function used @@ -37,5 +43,5 @@ int sh_tiger_get_hashtype (); -/* GnuPG-like format +/* GnuPG-like format, returns allocated memory */ /*@owned@*/ char * sh_tiger_hash_gpg (const char * filename, TigerType what, Index: /trunk/src/cutest_sh_tiger0.c =================================================================== --- /trunk/src/cutest_sh_tiger0.c (revision 132) +++ /trunk/src/cutest_sh_tiger0.c (revision 133) @@ -67,47 +67,48 @@ char * actual; char * expected; + char hashbuf[KEYBUF_SIZE]; input = ""; - actual = sh_tiger_hash(input, TIGER_DATA, strlen(input)); + actual = sh_tiger_hash(input, TIGER_DATA, strlen(input), hashbuf, sizeof(hashbuf)); expected = "24F0130C63AC933216166E76B1BB925FF373DE2D49584E7A"; CuAssertStrEquals(tc, expected, actual); input = "abc"; - actual = sh_tiger_hash(input, TIGER_DATA, strlen(input)); + actual = sh_tiger_hash(input, TIGER_DATA, strlen(input), hashbuf, sizeof(hashbuf)); expected = "F258C1E88414AB2A527AB541FFC5B8BF935F7B951C132951"; CuAssertStrEquals(tc, expected, actual); input = "Tiger"; - actual = sh_tiger_hash(input, TIGER_DATA, strlen(input)); + actual = sh_tiger_hash(input, TIGER_DATA, strlen(input), hashbuf, sizeof(hashbuf)); expected = "9F00F599072300DD276ABB38C8EB6DEC37790C116F9D2BDF"; CuAssertStrEquals(tc, expected, actual); input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-"; - actual = sh_tiger_hash(input, TIGER_DATA, strlen(input)); + actual = sh_tiger_hash(input, TIGER_DATA, strlen(input), hashbuf, sizeof(hashbuf)); expected = "87FB2A9083851CF7470D2CF810E6DF9EB586445034A5A386"; CuAssertStrEquals(tc, expected, actual); input = "ABCDEFGHIJKLMNOPQRSTUVWXYZ=abcdefghijklmnopqrstuvwxyz+0123456789"; - actual = sh_tiger_hash(input, TIGER_DATA, strlen(input)); + actual = sh_tiger_hash(input, TIGER_DATA, strlen(input), hashbuf, sizeof(hashbuf)); expected = "467DB80863EBCE488DF1CD1261655DE957896565975F9197"; CuAssertStrEquals(tc, expected, actual); input = "Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham"; - actual = sh_tiger_hash(input, TIGER_DATA, strlen(input)); + actual = sh_tiger_hash(input, TIGER_DATA, strlen(input), hashbuf, sizeof(hashbuf)); expected = "0C410A042968868A1671DA5A3FD29A725EC1E457D3CDB303"; CuAssertStrEquals(tc, expected, actual); input = "Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham, proceedings of Fast Software Encryption 3, Cambridge."; - actual = sh_tiger_hash(input, TIGER_DATA, strlen(input)); + actual = sh_tiger_hash(input, TIGER_DATA, strlen(input), hashbuf, sizeof(hashbuf)); expected = "EBF591D5AFA655CE7F22894FF87F54AC89C811B6B0DA3193"; CuAssertStrEquals(tc, expected, actual); input = "Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham, proceedings of Fast Software Encryption 3, Cambridge, 1996."; - actual = sh_tiger_hash(input, TIGER_DATA, strlen(input)); + actual = sh_tiger_hash(input, TIGER_DATA, strlen(input), hashbuf, sizeof(hashbuf)); expected = "3D9AEB03D1BD1A6357B2774DFD6D5B24DD68151D503974FC"; CuAssertStrEquals(tc, expected, actual); input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-"; - actual = sh_tiger_hash(input, TIGER_DATA, strlen(input)); + actual = sh_tiger_hash(input, TIGER_DATA, strlen(input), hashbuf, sizeof(hashbuf)); expected = "00B83EB4E53440C576AC6AAEE0A7485825FD15E70A59FFE4"; CuAssertStrEquals(tc, expected, actual); @@ -121,4 +122,5 @@ char * actual; char * expected; + char hashbuf[KEYBUF_SIZE]; init(); @@ -139,5 +141,5 @@ /* same result as GnuPG 1.0.6 (gpg --load-extension tiger --print-md TIGER192) */ - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, TIGER_NOLIM, 0); + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, TIGER_NOLIM, 0, hashbuf, sizeof(hashbuf)); expected = "0E9321614C966A33608C2A15F156E0435CACFD1213B9F095"; CuAssertStrEquals(tc, expected, actual); @@ -145,7 +147,6 @@ rval_open = sl_open_fastread ("cutest_foo", SL_YESPRIV); CuAssertTrue(tc, rval_open >= 0); - tiger_fd = rval_open; - - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FD, TIGER_NOLIM, 0); + + actual = sh_tiger_generic_hash("cutest_foo", rval_open, TIGER_NOLIM, 0, hashbuf, sizeof(hashbuf)); expected = "0E9321614C966A33608C2A15F156E0435CACFD1213B9F095"; CuAssertStrEquals(tc, expected, actual); @@ -159,9 +160,8 @@ rval_open = sl_open_fastread ("cutest_foo", SL_YESPRIV); CuAssertTrue(tc, rval_open >= 0); - tiger_fd = rval_open; /* same result as GNU md5sum */ - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FD, TIGER_NOLIM, 0); + actual = sh_tiger_generic_hash("cutest_foo", rval_open, TIGER_NOLIM, 0, hashbuf, sizeof(hashbuf)); expected = "AEEC4DDA496BCFBA691F4E8863BA84C00000000000000000"; CuAssertStrEquals(tc, expected, actual); @@ -175,9 +175,8 @@ rval_open = sl_open_fastread ("cutest_foo", SL_YESPRIV); CuAssertTrue(tc, rval_open >= 0); - tiger_fd = rval_open; /* same result as gpg --print-md SHA1 */ - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FD, TIGER_NOLIM, 0); + actual = sh_tiger_generic_hash("cutest_foo", rval_open, TIGER_NOLIM, 0, hashbuf, sizeof(hashbuf)); expected = "2FE65D1D995B8F8BC8B13F798C07E7E935A787ED00000000"; CuAssertStrEquals(tc, expected, actual); @@ -205,5 +204,5 @@ /* same result as GnuPG 1.0.6 (gpg --load-extension tiger --print-md TIGER192) */ - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, TIGER_NOLIM, 0); + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, TIGER_NOLIM, 0, hashbuf, sizeof(hashbuf)); expected = "F987845A0EA784367BF9E4DB09014995810F27C99C891734"; CuAssertStrEquals(tc, expected, actual); @@ -228,5 +227,5 @@ /* same result as GnuPG 1.0.6 (gpg --load-extension tiger --print-md TIGER192) */ - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, TIGER_NOLIM, 0); + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, TIGER_NOLIM, 0, hashbuf, sizeof(hashbuf)); expected = "75B98A7AE257A230189828A40792E30B4038D286479CC7B8"; CuAssertStrEquals(tc, expected, actual); @@ -246,4 +245,5 @@ char * actual; char * expected; + char hashbuf[KEYBUF_SIZE]; char * teststring = "Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham, proceedings of Fast Software Encryption 3, Cambridge, 1996.\n"; @@ -268,17 +268,17 @@ /* same as GnuPG 1.0.6 (gpg --load-extension tiger --print-md TIGER192) */ - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, 0, 0); + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, 0, 0, hashbuf, sizeof(hashbuf)); expected = "24F0130C63AC933216166E76B1BB925FF373DE2D49584E7A"; CuAssertStrEquals(tc, expected, actual); - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, testlen, 0); + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, testlen, 0, hashbuf, sizeof(hashbuf)); expected = "75B98A7AE257A230189828A40792E30B4038D286479CC7B8"; CuAssertStrEquals(tc, expected, actual); - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, 2*testlen, 0); + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, 2*testlen, 0, hashbuf, sizeof(hashbuf)); expected = "B5B4FB97B01ADB58794D87A6A01B2368852FA764BD93AB90"; CuAssertStrEquals(tc, expected, actual); - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, TIGER_NOLIM, 0); + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, TIGER_NOLIM, 0, hashbuf, sizeof(hashbuf)); expected = "B5B4FB97B01ADB58794D87A6A01B2368852FA764BD93AB90"; CuAssertStrEquals(tc, expected, actual); @@ -291,21 +291,21 @@ CuAssertTrue(tc, result == 0); - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, testlen, 0); + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, testlen, 0, hashbuf, sizeof(hashbuf)); expected = "75B98A7AE257A230189828A40792E30B4038D286479CC7B8"; CuAssertStrEquals(tc, expected, actual); - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, 2*testlen, 0); + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, 2*testlen, 0, hashbuf, sizeof(hashbuf)); expected = "B5B4FB97B01ADB58794D87A6A01B2368852FA764BD93AB90"; CuAssertStrEquals(tc, expected, actual); - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, 3*testlen, 0); + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, 3*testlen, 0, hashbuf, sizeof(hashbuf)); expected = "D0EE1A9956CAB22D84B51A5E0C093B724828C6A1F9CBDB7F"; CuAssertStrEquals(tc, expected, actual); - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, TIGER_NOLIM, 0); + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, TIGER_NOLIM, 0, hashbuf, sizeof(hashbuf)); expected = "D0EE1A9956CAB22D84B51A5E0C093B724828C6A1F9CBDB7F"; CuAssertStrEquals(tc, expected, actual); - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, 5, 0); + actual = sh_tiger_generic_hash("cutest_foo", TIGER_FILE, 5, 0, hashbuf, sizeof(hashbuf)); expected = "9F00F599072300DD276ABB38C8EB6DEC37790C116F9D2BDF"; CuAssertStrEquals(tc, expected, actual); @@ -318,7 +318,6 @@ rval_open = sl_open_fastread ("cutest_foo", SL_YESPRIV); CuAssertTrue(tc, rval_open >= 0); - tiger_fd = rval_open; - - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FD, testlen, 0); + + actual = sh_tiger_generic_hash("cutest_foo", rval_open, testlen, 0, hashbuf, sizeof(hashbuf)); expected = "11E7E7EA486136273606BEE57C71F34B0000000000000000"; CuAssertStrEquals(tc, expected, actual); @@ -327,5 +326,5 @@ CuAssertTrue(tc, rval_open >= 0); - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FD, 2*testlen, 0); + actual = sh_tiger_generic_hash("cutest_foo", rval_open, 2*testlen, 0, hashbuf, sizeof(hashbuf)); expected = "D49DAD474095D467E2E5EFCB2DC23A770000000000000000"; CuAssertStrEquals(tc, expected, actual); @@ -334,5 +333,5 @@ CuAssertTrue(tc, rval_open >= 0); - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FD, 3*testlen, 0); + actual = sh_tiger_generic_hash("cutest_foo", rval_open, 3*testlen, 0, hashbuf, sizeof(hashbuf)); expected = "00A1F1C5EDDCCFC430D3862FDA94593E0000000000000000"; CuAssertStrEquals(tc, expected, actual); @@ -341,5 +340,5 @@ CuAssertTrue(tc, rval_open >= 0); - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FD, TIGER_NOLIM, 0); + actual = sh_tiger_generic_hash("cutest_foo", rval_open, TIGER_NOLIM, 0, hashbuf, sizeof(hashbuf)); expected = "00A1F1C5EDDCCFC430D3862FDA94593E0000000000000000"; CuAssertStrEquals(tc, expected, actual); @@ -354,5 +353,5 @@ CuAssertTrue(tc, rval_open >= 0); - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FD, testlen, 0); + actual = sh_tiger_generic_hash("cutest_foo", rval_open, testlen, 0, hashbuf, sizeof(hashbuf)); expected = "F37DB4344CCD140EE315179E9A27512FB4704F0F00000000"; CuAssertStrEquals(tc, expected, actual); @@ -361,5 +360,5 @@ CuAssertTrue(tc, rval_open >= 0); - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FD, 2*testlen, 0); + actual = sh_tiger_generic_hash("cutest_foo", rval_open, 2*testlen, 0, hashbuf, sizeof(hashbuf)); expected = "D2AD5FC366452D81400BAC31F96269DEEF314BC200000000"; CuAssertStrEquals(tc, expected, actual); @@ -368,5 +367,5 @@ CuAssertTrue(tc, rval_open >= 0); - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FD, 3*testlen, 0); + actual = sh_tiger_generic_hash("cutest_foo", rval_open, 3*testlen, 0, hashbuf, sizeof(hashbuf)); expected = "FAA937EF3389C7E786EB0F1006D049D7AEA7B7B600000000"; CuAssertStrEquals(tc, expected, actual); @@ -375,5 +374,5 @@ CuAssertTrue(tc, rval_open >= 0); - actual = sh_tiger_generic_hash("cutest_foo", TIGER_FD, TIGER_NOLIM, 0); + actual = sh_tiger_generic_hash("cutest_foo", rval_open, TIGER_NOLIM, 0, hashbuf, sizeof(hashbuf)); expected = "FAA937EF3389C7E786EB0F1006D049D7AEA7B7B600000000"; CuAssertStrEquals(tc, expected, actual); Index: /trunk/src/samhain.c =================================================================== --- /trunk/src/samhain.c (revision 132) +++ /trunk/src/samhain.c (revision 133) @@ -1411,7 +1411,9 @@ if (0 != sl_strcmp(file_path('D', 'R'), _("REQ_FROM_SERVER"))) { + char hashbuf[KEYBUF_SIZE]; (void) sl_strlcpy(sh.data.hash, sh_tiger_hash (file_path('D', 'R'), - TIGER_FILE, 0), + TIGER_FILE, 0, + hashbuf, sizeof(hashbuf)), KEY_LEN+1); } Index: /trunk/src/sh_entropy.c =================================================================== --- /trunk/src/sh_entropy.c (revision 132) +++ /trunk/src/sh_entropy.c (revision 133) @@ -315,4 +315,5 @@ int i, m_count = 0; char * keybuf; + UINT32 kbuf[KEY_BYT/sizeof(UINT32)]; char addbuf[2 * KEY_BYT]; @@ -366,5 +367,6 @@ addbuf[i+KEY_BYT] = skey->poolv[i]; keybuf = (char *) sh_tiger_hash_uint32 (addbuf, - TIGER_DATA, 2 * KEY_BYT); + TIGER_DATA, 2 * KEY_BYT, + kbuf, KEY_BYT/sizeof(UINT32)); memset(addbuf, '\0', sizeof(addbuf)); @@ -701,4 +703,5 @@ char * keybuf; + UINT32 kbuf[KEY_BYT/sizeof(UINT32)]; char addbuf[2 * KEY_BYT]; @@ -885,5 +888,6 @@ { keybuf = (char *) sh_tiger_hash_uint32 (buffer, - TIGER_DATA, sl_strlen(buffer)); + TIGER_DATA, sl_strlen(buffer), + kbuf, KEY_BYT/sizeof(UINT32)); /* add previous entropy into the new pool @@ -896,5 +900,6 @@ } keybuf = (char *) sh_tiger_hash_uint32 (addbuf, - TIGER_DATA, sizeof(addbuf)); + TIGER_DATA, sizeof(addbuf), + kbuf, KEY_BYT/sizeof(UINT32)); memset(addbuf, '\0', sizeof(addbuf)); Index: /trunk/src/sh_err_log.c =================================================================== --- /trunk/src/sh_err_log.c (revision 132) +++ /trunk/src/sh_err_log.c (revision 133) @@ -145,4 +145,5 @@ char c_cont; int chk_mode = CHK_KEY; + char hashbuf[KEYBUF_SIZE]; sh_error_logoff(); @@ -383,5 +384,6 @@ { (void) sl_strlcpy(key, - sh_tiger_hash(NULL, TIGER_DATA, 0), + sh_tiger_hash(NULL, TIGER_DATA, 0, + hashbuf, sizeof(hashbuf)), KEY_LEN+1); chk_mode = CHK_NON; @@ -428,5 +430,6 @@ */ (void) sl_strlcpy (key, - sh_tiger_hash (key, TIGER_DATA, KEY_LEN), + sh_tiger_hash (key, TIGER_DATA, KEY_LEN, + hashbuf, sizeof(hashbuf)), KEY_LEN+1); } @@ -440,5 +443,6 @@ status = sl_strncmp (signature, sh_tiger_hash (buf, TIGER_DATA, - (unsigned long) sl_strlen(buf)), + (unsigned long) sl_strlen(buf), + hashbuf, sizeof(hashbuf)), KEY_LEN); @@ -861,4 +865,6 @@ if (current->log_start == S_TRUE) { + char hashbuf[KEYBUF_SIZE]; + if (sh.real.user[0] == '\0') (void) sh_unix_getUser(); @@ -871,5 +877,6 @@ */ (void) sl_strlcpy(sigkey_new, - sh_tiger_hash (sigkey_old, TIGER_DATA, KEY_LEN), + sh_tiger_hash (sigkey_old, TIGER_DATA, KEY_LEN, + hashbuf, sizeof(hashbuf)), KEY_LEN+1); Index: /trunk/src/sh_error.c =================================================================== --- /trunk/src/sh_error.c (revision 132) +++ /trunk/src/sh_error.c (revision 133) @@ -124,4 +124,5 @@ { char * foo; + char hashbuf[KEYBUF_SIZE]; if (s[0] == '/') @@ -135,5 +136,7 @@ fprintf (stdout, _("string=<%s>, hash=<%s>\n"), s, sh_tiger_hash (s, TIGER_DATA, - (unsigned long) sl_strlen(s))); + (unsigned long) sl_strlen(s), + hashbuf, sizeof(hashbuf)) + ); } (void) fflush(stdout); Index: /trunk/src/sh_extern.c =================================================================== --- /trunk/src/sh_extern.c (revision 132) +++ /trunk/src/sh_extern.c (revision 133) @@ -184,7 +184,10 @@ if (task->checksum[0] != '\0') { + char hashbuf[KEYBUF_SIZE]; PDBG_S("checksum test"); if (0 != sl_strcmp(task->checksum, - sh_tiger_hash (task->command, TIGER_FILE, 0)) + sh_tiger_hash (task->command, TIGER_FILE, 0, + hashbuf, sizeof(hashbuf)) + ) ) { @@ -354,11 +357,13 @@ else { + char hashbuf[KEYBUF_SIZE]; + fd = sl_open_read(task->command, task->privileged==0 ? SL_NOPRIV : SL_YESPRIV); - tiger_fd = fd; + if (0 != sl_strcmp(task->checksum, sh_tiger_hash (task->command, - TIGER_FD, 0))) + fd, 0, hashbuf, sizeof(hashbuf)))) { PDBGC_S("fexecve: checksum mismatch"); Index: /trunk/src/sh_forward.c =================================================================== --- /trunk/src/sh_forward.c (revision 132) +++ /trunk/src/sh_forward.c (revision 133) @@ -890,4 +890,6 @@ static time_t timeout_val = 1; + char hashbuf[KEYBUF_SIZE]; + char sigbuf[KEYBUF_SIZE]; SL_ENTER(_("sh_forward_try_impl")); @@ -1016,5 +1018,6 @@ sh_tiger_hash((char *) &ticks, TIGER_DATA, - (unsigned long)sizeof(UINT32)), + (unsigned long)sizeof(UINT32), + hashbuf, sizeof(hashbuf)), KEY_LEN+1); @@ -1026,5 +1029,6 @@ sh_tiger_hash(temp, TIGER_DATA, - (unsigned long)sl_strlen(temp)), + (unsigned long)sl_strlen(temp), + hashbuf, sizeof(hashbuf)), KEY_LEN+1); sh_passwd (temp, NULL, NULL, foo_M1); @@ -1163,5 +1167,6 @@ else /* if (0 != sh_srp_check_zero (answer)) */ { - sl_strlcpy(u_real, sh_tiger_hash(head_u, TIGER_DATA, 4), + sl_strlcpy(u_real, sh_tiger_hash(head_u, TIGER_DATA, 4, + hashbuf, sizeof(hashbuf)), SH_CHALLENGE_SIZE); foo_Sc = sh_srp_S_c (u_real, answer); @@ -1176,11 +1181,12 @@ if (foo_Sc != NULL) { - sl_strlcpy(foo_M1, - sh_srp_M(foo_A, - answer, - sh_tiger_hash(foo_Sc, - TIGER_DATA, - sl_strlen(foo_Sc))), - KEY_LEN+1); + sh_srp_M(foo_A, + answer, + sh_tiger_hash(foo_Sc, + TIGER_DATA, + sl_strlen(foo_Sc), + hashbuf, sizeof(hashbuf)), + foo_M1, KEY_LEN+1); + TPT(( 0, FIL__, __LINE__, _("msg=\n"), @@ -1213,8 +1219,12 @@ /* ------ verify M2 = H(A, M1, K) -------- */ + char M_buf[KEY_LEN+1]; M = sh_srp_M (foo_A, foo_M1, sh_tiger_hash(foo_Sc, TIGER_DATA, - sl_strlen(foo_Sc))); + sl_strlen(foo_Sc), + hashbuf, sizeof(hashbuf)), + M_buf, sizeof(M_buf) + ); if (M != NULL && 0 == sl_strncmp (answer, M, KEY_LEN+1)) @@ -1223,5 +1233,6 @@ sh_tiger_hash(foo_Sc, TIGER_DATA, - sl_strlen(foo_Sc)), + sl_strlen(foo_Sc), + hashbuf, sizeof(hashbuf)), KEY_LEN+1); TPT(( 0, FIL__, __LINE__, @@ -1301,5 +1312,6 @@ (void) sl_strlcpy (answer, sh_util_siggen(skey->session, sh.host.name, - sl_strlen(sh.host.name)), + sl_strlen(sh.host.name), + sigbuf, sizeof(sigbuf)), KEY_LEN+1); TPT((0, FIL__, __LINE__, _("msg=\n"), sh.host.name)); @@ -1373,9 +1385,10 @@ sh_util_siggen (skey->session, buffer, - sl_strlen(buffer)), + sl_strlen(buffer), + sigbuf, sizeof(sigbuf)), KEY_LEN+1); TPT((0, FIL__, __LINE__, _("msg=\n"), sh_util_siggen(skey->session, buffer, - sl_strlen(buffer)))); + sl_strlen(buffer), sigbuf, sizeof(sigbuf)))); (void) sl_strlcpy(buffer, errmsg, len); @@ -1439,9 +1452,10 @@ sh_util_siggen(skey->session, buffer, - sl_strlen(buffer)), + sl_strlen(buffer), + sigbuf, sizeof(sigbuf)), KEY_LEN); TPT((0, FIL__, __LINE__, _("msg=\n"), sh_util_siggen(skey->session, buffer, - sl_strlen(buffer)))); + sl_strlen(buffer), sigbuf, sizeof(sigbuf)))); if (flag_err != 0) @@ -1473,5 +1487,6 @@ sh_util_siggen(skey->session, buffer, - pos), + pos, + sigbuf, sizeof(sigbuf)), KEY_LEN); @@ -1583,5 +1598,6 @@ sh_tiger_hash((char *) &ticks, TIGER_DATA, - (unsigned long)sizeof(UINT32)), + (unsigned long)sizeof(UINT32), + hashbuf, sizeof(hashbuf)), KEY_LEN+1); @@ -1592,5 +1608,6 @@ (void)sl_strlcpy(foo_M1, sh_tiger_hash(buffer, TIGER_DATA, - (unsigned long)sl_strlen(buffer)), + (unsigned long)sl_strlen(buffer), + hashbuf, sizeof(hashbuf)), KEY_LEN+1); memset (buffer, 0, sl_strlen(buffer)); @@ -1773,4 +1790,5 @@ unsigned char in[PW_LEN+1]; int i = 0, j, k, l = 0; + char hashbuf[KEYBUF_SIZE]; if (sl_strlen(str) != (PW_LEN * 2)) @@ -1800,5 +1818,6 @@ sl_strlcpy ((char *)key, - sh_tiger_hash ((char*)in, TIGER_DATA, PW_LEN), + sh_tiger_hash ((char*)in, TIGER_DATA, PW_LEN, + hashbuf, sizeof(hashbuf)), KEY_LEN+1); key[KEY_LEN] = '\0'; @@ -1822,4 +1841,5 @@ char in[PW_LEN]; int i = 0, j, k, l = 0; + char hashbuf[KEYBUF_SIZE]; if (sl_strlen(str) != (PW_LEN*2)) @@ -1851,5 +1871,7 @@ { sh_util_keyinit(key, KEY_LEN); - sl_strlcpy(salt, sh_tiger_hash(key, TIGER_DATA, KEY_LEN), 17); + sl_strlcpy(salt, sh_tiger_hash(key, TIGER_DATA, KEY_LEN, + hashbuf, sizeof(hashbuf)), + 17); sh_srp_x (salt, in); foo_v = sh_srp_verifier (); @@ -1873,4 +1895,5 @@ UINT32 val[2]; char output[KEY_LEN+1]; + char hashbuf[KEYBUF_SIZE]; val[0] = taus_get (&(skey->rng0[0]), &(skey->rng0[1]), &(skey->rng0[2])); @@ -1878,5 +1901,6 @@ sl_strlcpy (output, - sh_tiger_hash((char *)(&val[0]), TIGER_DATA, 2*sizeof(UINT32)), + sh_tiger_hash((char *)(&val[0]), TIGER_DATA, 2*sizeof(UINT32), + hashbuf, sizeof(hashbuf)), KEY_LEN); @@ -2817,4 +2841,6 @@ char * foo_Ss; #endif + char hashbuf[KEYBUF_SIZE]; + char sigbuf[KEYBUF_SIZE]; SL_ENTER(_("check_protocol")); @@ -2908,5 +2934,6 @@ sh_util_siggen(this_client->session_key, &(conn->buf[KEY_LEN]), - sl_strlen(&(conn->buf[KEY_LEN]))), + sl_strlen(&(conn->buf[KEY_LEN])), + sigbuf, sizeof(sigbuf)), KEY_LEN+1); TPT((0, FIL__, __LINE__, _("msg=\n"), @@ -2917,5 +2944,6 @@ sh_util_siggen(this_client->session_key, &(conn->buf[KEY_LEN]), - sl_strlen(&(conn->buf[KEY_LEN]))))); + sl_strlen(&(conn->buf[KEY_LEN])), + sigbuf, sizeof(sigbuf)))); if (0 != sl_strncmp(conn->K, conn->buf, KEY_LEN)) @@ -2953,5 +2981,6 @@ sl_strlcpy (conn->K, sh_tiger_hash ((char *) &ticks, - TIGER_DATA, sizeof(UINT32)), + TIGER_DATA, sizeof(UINT32), + hashbuf, sizeof(hashbuf)), KEY_LEN+1); @@ -2985,5 +3014,6 @@ sl_strlcat(conn->A, conn->client_entry->session_key, 3*KEY_LEN+1); - sl_strlcpy (conn->K, sh_tiger_hash(conn->A,TIGER_DATA,3*KEY_LEN), + sl_strlcpy (conn->K, sh_tiger_hash(conn->A,TIGER_DATA,3*KEY_LEN, + hashbuf, sizeof(hashbuf)), KEY_LEN+1); SH_FREE(conn->A); @@ -3368,5 +3398,6 @@ sh_util_siggen(this_client->session_key, &(conn->buf[KEY_LEN]), - sl_strlen(&(conn->buf[KEY_LEN]))), + sl_strlen(&(conn->buf[KEY_LEN])), + sigbuf, sizeof(sigbuf)), KEY_LEN+1); TPT((0, FIL__, __LINE__, _("msg=\n"), @@ -3484,10 +3515,12 @@ sh_util_siggen(conn->client_entry->session_key, buffer, - sl_strlen(buffer)), + sl_strlen(buffer), + sigbuf, sizeof(sigbuf)), KEY_LEN); TPT((0, FIL__, __LINE__, _("msg=\n"), sh_util_siggen(conn->client_entry->session_key, buffer, - sl_strlen(buffer)))); + sl_strlen(buffer), + sigbuf, sizeof(sigbuf)))); @@ -3601,5 +3634,6 @@ sh_util_siggen ( conn->client_entry->session_key, buffer, - sl_strlen(buffer)), + sl_strlen(buffer), + sigbuf, sizeof(sigbuf)), KEY_LEN+1); @@ -3615,5 +3649,6 @@ sh_util_siggen ( conn->client_entry->session_key, &hash[KEY_LEN], - sl_strlen(&hash[KEY_LEN])), + sl_strlen(&hash[KEY_LEN]), + sigbuf, sizeof(sigbuf)), SH_MAXMSGLEN+KEY_LEN+1); @@ -3631,5 +3666,6 @@ sh_util_siggen(conn->client_entry->session_key, buffer, - sl_strlen(buffer)))); + sl_strlen(buffer), + sigbuf, sizeof(sigbuf)))); #ifdef SH_ENCRYPT @@ -3767,5 +3803,6 @@ sl_strlcpy(conn->A, sh_tiger_hash((char *) &ticks, - TIGER_DATA, sizeof(UINT32)), + TIGER_DATA, sizeof(UINT32), + hashbuf, sizeof(hashbuf)), KEY_LEN+1); u[0] = 'I'; u[1] = 'N'; u[2] = 'I'; u[3] = 'T'; u[4] = '\0'; @@ -3849,5 +3886,7 @@ sl_strlcpy(hash, sh_tiger_hash (conn->M1, TIGER_DATA, - sl_strlen(conn->M1)), KEY_LEN+1); + sl_strlen(conn->M1), + hashbuf, sizeof(hashbuf)), + KEY_LEN+1); sh_passwd (hash, conn->client_entry->verifier, NULL, conn->M1); @@ -4084,5 +4123,5 @@ u[4] = '\0'; sl_strlcpy(conn->challenge, - sh_tiger_hash(u, TIGER_DATA, 4), + sh_tiger_hash(u, TIGER_DATA, 4, hashbuf, sizeof(hashbuf)), SH_CHALLENGE_SIZE); @@ -4116,5 +4155,6 @@ sl_strlcpy(conn->K, sh_tiger_hash(foo_Ss, TIGER_DATA, - sl_strlen(foo_Ss)), + sl_strlen(foo_Ss), + hashbuf, sizeof(hashbuf)), KEY_LEN+1); @@ -4125,7 +4165,5 @@ } conn->M1 = SH_ALLOC(KEY_LEN+1); - sl_strlcpy(conn->M1, - sh_srp_M (conn->A, foo_B, conn->K), - KEY_LEN+1); + sh_srp_M (conn->A, foo_B, conn->K, conn->M1, KEY_LEN+1); TPT((0, FIL__, __LINE__, _("msg=\n"), foo_Ss)); @@ -4196,6 +4234,8 @@ * send M2 */ + char M_buf[KEY_LEN+1]; sh_forward_prep_send (conn, - sh_srp_M (conn->A, conn->M1, conn->K), + sh_srp_M (conn->A, conn->M1, conn->K, + M_buf, sizeof(M_buf)), KEY_LEN+1, _("PARP"), Index: /trunk/src/sh_gpg.c =================================================================== --- /trunk/src/sh_gpg.c (revision 132) +++ /trunk/src/sh_gpg.c (revision 133) @@ -128,9 +128,8 @@ SL_ENTER(_("sh_gpg_checksum")); - tiger_fd = checkfd; #if defined(WITH_PGP) - test_gpg = sh_tiger_hash_gpg (DEFAULT_PGP_PATH, TIGER_FD, 0); -#else - test_gpg = sh_tiger_hash_gpg (DEFAULT_GPG_PATH, TIGER_FD, 0); + test_gpg = sh_tiger_hash_gpg (DEFAULT_PGP_PATH, checkfd, 0); +#else + test_gpg = sh_tiger_hash_gpg (DEFAULT_GPG_PATH, checkfd, 0); #endif Index: /trunk/src/sh_hash.c =================================================================== --- /trunk/src/sh_hash.c (revision 132) +++ /trunk/src/sh_hash.c (revision 133) @@ -430,4 +430,5 @@ file_type * theFile; char * str; + char hashbuf[KEYBUF_SIZE]; /* -------- find the entry for the file ---------------- */ @@ -438,5 +439,6 @@ p = hashsearch( sh_tiger_hash(fullpath, TIGER_DATA, - sl_strlen(fullpath)) + sl_strlen(fullpath), + hashbuf, sizeof(hashbuf)) ); if (p == NULL) @@ -1116,4 +1118,5 @@ SL_TICKET open_tmp (void); #endif + char hashbuf[KEYBUF_SIZE]; SL_ENTER(_("sh_hash_init")); @@ -1144,8 +1147,7 @@ sl_rewind (fd); - tiger_fd = fd; sl_strlcpy (sh.data.hash, sh_tiger_hash (file_path('C', 'R'), /*irrelevant, TIGER_FD*/ - TIGER_FD, 0), + fd, 0, hashbuf, sizeof(hashbuf)), KEY_LEN+1); sl_rewind (fd); @@ -1173,7 +1175,7 @@ file_path('D', 'R'))); - tiger_fd = fd; if (0 != sl_strncmp(sh.data.hash, - sh_tiger_hash (file_path('D', 'R'), TIGER_FD, 0), + sh_tiger_hash (file_path('D', 'R'), fd, 0, + hashbuf, sizeof(hashbuf)), KEY_LEN) && sh.flag.checkSum != SH_CHECK_INIT) @@ -1550,7 +1552,10 @@ else { + char hashbuf[KEYBUF_SIZE]; + sl_strlcpy(fullpath, sh_tiger_hash (buf->fullpath, - TIGER_DATA, old_len), + TIGER_DATA, old_len, + hashbuf, sizeof(hashbuf)), KEY_LEN+1); } @@ -1587,7 +1592,9 @@ else { + char hashbuf[KEYBUF_SIZE]; sl_strlcpy(linkpath, sh_tiger_hash (buf->linkpath, - TIGER_DATA, old_len), + TIGER_DATA, old_len, + hashbuf, sizeof(hashbuf)), KEY_LEN+1); } @@ -1828,4 +1835,5 @@ { sh_file_t * p; + char hashbuf[KEYBUF_SIZE]; SL_ENTER(_("sh_hash_have_it_int")); @@ -1839,5 +1847,6 @@ p = hashsearch(newname); else - p = hashsearch ( sh_tiger_hash(newname, TIGER_DATA, sl_strlen(newname)) ); + p = hashsearch ( sh_tiger_hash(newname, TIGER_DATA, sl_strlen(newname), + hashbuf, sizeof(hashbuf)) ); if (p == NULL) SL_RETURN( (NULL), _("sh_hash_have_it_int")); @@ -1919,4 +1928,5 @@ { sh_file_t * p; + char hashbuf[KEYBUF_SIZE]; SL_ENTER(_("sh_hash_set_visited_int")); @@ -1930,5 +1940,6 @@ p = hashsearch(newname); else - p = hashsearch (sh_tiger_hash(newname, TIGER_DATA, sl_strlen(newname))); + p = hashsearch (sh_tiger_hash(newname, TIGER_DATA, sl_strlen(newname), + hashbuf, sizeof(hashbuf))); if (p == NULL) @@ -2120,4 +2131,5 @@ char * linkpath; char * attr_string = NULL; + char hashbuf[KEYBUF_SIZE]; SL_ENTER(_("sh_hash_push_int")); @@ -2170,5 +2182,6 @@ fullpath = SH_ALLOC(KEY_LEN + 1); sl_strlcpy(fullpath, - sh_tiger_hash (buf->fullpath, TIGER_DATA, len), + sh_tiger_hash (buf->fullpath, TIGER_DATA, len, + hashbuf, sizeof(hashbuf)), KEY_LEN+1); } @@ -2187,5 +2200,6 @@ linkpath = SH_ALLOC(KEY_LEN + 1); sl_strlcpy(linkpath, - sh_tiger_hash (buf->linkpath, TIGER_DATA, len), + sh_tiger_hash (buf->linkpath, TIGER_DATA, len, + hashbuf, sizeof(hashbuf)), KEY_LEN+1); } @@ -2616,4 +2630,5 @@ char log_policy[32]; int log_severity; + char hashbuf[KEYBUF_SIZE]; SL_ENTER(_("sh_hash_compdata")); @@ -2636,5 +2651,6 @@ p = hashsearch( sh_tiger_hash(theFile->fullpath, TIGER_DATA, - sl_strlen(theFile->fullpath)) + sl_strlen(theFile->fullpath), + hashbuf, sizeof(hashbuf)) ); @@ -2739,5 +2755,6 @@ sh_tiger_hash(theFile->linkpath, TIGER_DATA, - sl_strlen(theFile->linkpath)), + sl_strlen(theFile->linkpath), + hashbuf, sizeof(hashbuf)), MAX_PATH_STORE+1); maxcomp = MAX_PATH_STORE; Index: /trunk/src/sh_mail.c =================================================================== --- /trunk/src/sh_mail.c (revision 132) +++ /trunk/src/sh_mail.c (revision 133) @@ -223,4 +223,6 @@ else { + char sigbuf[KEYBUF_SIZE]; + /* iterate key */ @@ -228,11 +230,13 @@ for (i = 0; i < numsig; ++i) { + char hashbuf[KEYBUF_SIZE]; (void) sl_strlcpy (key2, - sh_tiger_hash (key2, TIGER_DATA, KEY_LEN), + sh_tiger_hash (key2, TIGER_DATA, KEY_LEN, + hashbuf, sizeof(hashbuf)), KEY_LEN+1); } - theSig = sh_util_siggen (key2, bufc, sl_strlen(bufc)); + theSig = sh_util_siggen (key2, bufc, sl_strlen(bufc), sigbuf, sizeof(sigbuf)); if (sl_strncmp (key, theSig, @@ -811,4 +815,5 @@ size_t combufsize = SH_MAILBUF; char timebuf[81]; + char hashbuf[KEYBUF_SIZE]; SL_ENTER(_("sh_mail_msg")); @@ -1004,13 +1009,17 @@ */ (void) sl_strlcpy(skey->mailkey_new, - sh_tiger_hash (skey->mailkey_old, TIGER_DATA, KEY_LEN), + sh_tiger_hash (skey->mailkey_old, TIGER_DATA, KEY_LEN, + hashbuf, sizeof(hashbuf)), KEY_LEN+1); if (isfirst == 0) { + char sigbuf[KEYBUF_SIZE]; + /* Sign the message with the signature key. */ theSig = sh_util_siggen (skey->mailkey_new, - bufcompress, sl_strlen(bufcompress)); + bufcompress, sl_strlen(bufcompress), + sigbuf, sizeof(sigbuf)); (void) sl_strlcat (mailMsg, theSig, Index: /trunk/src/sh_prelink.c =================================================================== --- /trunk/src/sh_prelink.c (revision 132) +++ /trunk/src/sh_prelink.c (revision 133) @@ -112,4 +112,5 @@ SL_TICKET ticket; char * tmp; + char hashbuf[KEYBUF_SIZE]; if (task->com_ti != (-1)) @@ -128,8 +129,8 @@ return; } - tiger_fd = ticket; + if (*(task->checksum) == '\0' || 0 == sl_strcmp(task->checksum, - sh_tiger_hash (task->command, TIGER_FD, 0))) + sh_tiger_hash (task->command, ticket, 0, hashbuf, sizeof(hashbuf)))) { task->com_fd = get_the_fd(ticket); @@ -256,11 +257,13 @@ /* read from pipe */ - tiger_fd = task.pipeTI; - sl_read_timeout_prep (task.pipeTI); - sl_strlcpy(file_hash, - sh_tiger_generic_hash (path, TIGER_FD, TIGER_NOLIM, alert_timeout), - KEY_LEN+1); + { + char hashbuf[KEYBUF_SIZE]; + sl_strlcpy(file_hash, + sh_tiger_generic_hash (path, task.pipeTI, TIGER_NOLIM, alert_timeout, + hashbuf, sizeof(hashbuf)), + KEY_LEN+1); + } /* restore old signal handler Index: /trunk/src/sh_readconf.c =================================================================== --- /trunk/src/sh_readconf.c (revision 132) +++ /trunk/src/sh_readconf.c (revision 133) @@ -191,4 +191,5 @@ #endif uid_t euid; + char hashbuf[KEYBUF_SIZE]; SL_ENTER(_("sh_readconf_read")); @@ -251,7 +252,6 @@ /* Compute the checksum of the open file. */ - tiger_fd = fd; sl_strlcpy(sh.conf.hash, - sh_tiger_hash(file_path('C',local_flag),TIGER_FD, 0), + sh_tiger_hash(file_path('C',local_flag), fd, 0, hashbuf, sizeof(hashbuf)), KEY_LEN+1); sl_rewind (fd); Index: /trunk/src/sh_srp.c =================================================================== --- /trunk/src/sh_srp.c (revision 132) +++ /trunk/src/sh_srp.c (revision 133) @@ -200,4 +200,5 @@ register int i; unsigned char * dez = NULL; + char hashbuf[KEYBUF_SIZE]; SL_ENTER(_("sh_srp_x")); @@ -218,5 +219,7 @@ (void) sl_strlcpy (skey->vernam, - sh_tiger_hash(skey->vernam, TIGER_DATA, PW_LEN), KEY_LEN); + sh_tiger_hash(skey->vernam, TIGER_DATA, PW_LEN, + hashbuf, sizeof(hashbuf)), + KEY_LEN); skey->vernam[KEY_LEN] = '\0'; @@ -233,5 +236,6 @@ (void) sl_strlcpy (sh_srp.x, sh_tiger_hash(combi, TIGER_DATA, - (unsigned long) sl_strlen(combi)), + (unsigned long) sl_strlen(combi), + hashbuf, sizeof(hashbuf)), KEY_LEN+1); SH_FREE (combi); @@ -240,9 +244,8 @@ } -char * sh_srp_M (char * x1, char * x2, char * x3) +char * sh_srp_M (char * x1, char * x2, char * x3, char * hash, size_t size) { char *combi; size_t len, l2, l3; - static char hash[KEY_LEN+1]; SL_ENTER(_("sh_srp_M")); @@ -266,7 +269,6 @@ (void) sl_strlcat (combi, x2, len); (void) sl_strlcat (combi, x3, len); - (void) sl_strlcpy (hash, - sh_tiger_hash(combi, TIGER_DATA, (unsigned long) (len-1)), - KEY_LEN+1); + (void) sh_tiger_hash(combi, TIGER_DATA, (unsigned long) (len-1), + hash, size); SH_FREE (combi); Index: /trunk/src/sh_tiger0.c =================================================================== --- /trunk/src/sh_tiger0.c (revision 132) +++ /trunk/src/sh_tiger0.c (revision 133) @@ -99,5 +99,4 @@ * implementation */ -SL_TICKET tiger_fd = (-1); static sh_byte buffer[PRIV_MAX + 72]; @@ -106,9 +105,9 @@ static word64 * sh_tiger_hash_val (const char * filename, TigerType what, - UINT64 Length, int timeout) + UINT64 Length, int timeout, word64 * res) #else static sh_word32 * sh_tiger_hash_val (const char * filename, TigerType what, - UINT64 Length, int timeout) + UINT64 Length, int timeout, sh_word32 * res) #endif { @@ -138,5 +137,5 @@ #if defined(TIGER_64_BIT) #define TIGER_CAST (word64*) - static word64 res[3]; + /* word64 res[3]; */ res[0]= (word64) 0x0123456789ABCDEFLL; res[1]= (word64) 0xFEDCBA9876543210LL; @@ -144,5 +143,5 @@ #else #define TIGER_CAST (sh_word32*) - static sh_word32 res[6]; + /* sh_word32 res[6]; */ res[0]= (sh_word32) 0x89ABCDEF; res[1]= (sh_word32) 0x01234567; @@ -155,10 +154,10 @@ SL_ENTER(_("sh_tiger_hash_val")); - if (what == TIGER_FD || what == TIGER_FILE) + if (what >= TIGER_FILE) { - if (what == TIGER_FD) + if (what > TIGER_FD) { - fd = tiger_fd; - TPT((0,FIL__, __LINE__, _("msg=, fd=<%ld>\n"), tiger_fd)); + fd = what; + TPT((0,FIL__, __LINE__, _("msg=, fd=<%ld>\n"), fd)); } else @@ -171,5 +170,5 @@ if (SL_ISERROR (fd)) { - TPT((0, FIL__, __LINE__, _("msg=\n"), tiger_fd)); + TPT((0, FIL__, __LINE__, _("msg=\n"), fd)); tmp = sh_util_safe_name (filename); (void) sl_get_euid(&euid); @@ -179,5 +178,6 @@ SL_RETURN( NULL, _("sh_tiger_hash_val")); } - + + SH_MUTEX_LOCK(mutex_skey); #if defined(HAVE_MLOCK) && !defined(HAVE_BROKEN_MLOCK) if ((lockflag == SL_FALSE) && (skey->mlock_failed == SL_FALSE)) @@ -196,4 +196,5 @@ } #endif + SH_MUTEX_UNLOCK(mutex_skey); #ifdef TIGER_DBG @@ -254,4 +255,5 @@ nblocks += blk; + /* MAY_LOCK */ sh.statistics.bytes_hashed += tt; @@ -331,4 +333,5 @@ bbuf[j++] = (sh_byte) 0; tiger_t(TIGER_CAST bbuf, 64, res); + /* MAY_LOCK */ sh.statistics.bytes_hashed += 64; ++nblocks; ncount = 0; @@ -361,6 +364,4 @@ if (what == TIGER_FILE) (void) sl_close (fd); - else - tiger_fd = (-1); SL_RETURN( res, _("sh_tiger_hash_val")); @@ -807,5 +808,5 @@ beginning at RESBLOCK. */ static int md5_stream(char * filename, void *resblock, - UINT64 Length, int timeout) + UINT64 Length, int timeout, SL_TICKET fd) { /* Important: BLOCKSIZE must be a multiple of 64. */ @@ -830,9 +831,7 @@ (void) md5Reset (&ctx); - fd = tiger_fd; - if (SL_ISERROR (fd)) { - TPT((0, FIL__, __LINE__, _("msg=\n"), tiger_fd)); + TPT((0, FIL__, __LINE__, _("msg=\n"), fd)); tmp = sh_util_safe_name (filename); (void) sl_get_euid(&euid); @@ -932,30 +931,22 @@ static char * sh_tiger_md5_hash (char * filename, TigerType what, - UINT64 Length, int timeout) + UINT64 Length, int timeout, char * out, size_t len) { int cnt; - static char out[KEY_LEN+1]; + char outbuf[KEY_LEN+1]; unsigned char md5buffer[16]; - if (what != TIGER_FD) - { - sh_error_handle (ShDFLevel[SH_ERR_T_FILE], FIL__, __LINE__, 0, - MSG_E_SUBGEN, _("Not TIGER_FD"), - _("sh_tiger_md5_hash")); - out[0] = '\0'; - return out; - } - - (void) md5_stream (filename, md5buffer, Length, timeout); + (void) md5_stream (filename, md5buffer, Length, timeout, what); /*@-bufferoverflowhigh -usedef@*/ for (cnt = 0; cnt < 16; ++cnt) - sprintf (&out[cnt*2], _("%02X"), /* known to fit */ + sprintf (&outbuf[cnt*2], _("%02X"), /* known to fit */ (unsigned int) md5buffer[cnt]); /*@+bufferoverflowhigh +usedef@*/ for (cnt = 32; cnt < KEY_LEN; ++cnt) - out[cnt] = '0'; - out[KEY_LEN] = '\0'; - + outbuf[cnt] = '0'; + outbuf[KEY_LEN] = '\0'; + + sl_strlcpy(out, outbuf, len); return out; } @@ -1328,5 +1319,5 @@ beginning at RESBLOCK. */ static int sha1_stream(char * filename, void *resblock, - UINT64 Length, int timeout) + UINT64 Length, int timeout, SL_TICKET fd) { /* Important: BLOCKSIZE must be a multiple of 64. */ @@ -1350,9 +1341,7 @@ (void) sha_init(&ctx); - fd = tiger_fd; - if (SL_ISERROR (fd)) { - TPT((0, FIL__, __LINE__, _("msg=\n"), tiger_fd)); + TPT((0, FIL__, __LINE__, _("msg=\n"), fd)); tmp = sh_util_safe_name (filename); (void) sl_get_euid(&euid); @@ -1457,30 +1446,23 @@ static char * sh_tiger_sha1_hash (char * filename, TigerType what, - UINT64 Length, int timeout) + UINT64 Length, int timeout, + char * out, size_t len) { int cnt = (int) Length; /* fix compiler warning */ - static char out[KEY_LEN+1]; + char outbuf[KEY_LEN+1]; unsigned char sha1buffer[20]; - if (what != TIGER_FD) - { - sh_error_handle (ShDFLevel[SH_ERR_T_FILE], FIL__, __LINE__, 0, - MSG_E_SUBGEN, _("Not TIGER_FD"), - _("sh_tiger_sha1_hash")); - out[0] = '\0'; - return out; - } - - (void) sha1_stream (filename, sha1buffer, Length, timeout); + (void) sha1_stream (filename, sha1buffer, Length, timeout, what); /*@-bufferoverflowhigh -usedef@*/ for (cnt = 0; cnt < 20; ++cnt) - sprintf (&out[cnt*2], _("%02X"), /* known to fit */ + sprintf (&outbuf[cnt*2], _("%02X"), /* known to fit */ (unsigned int) sha1buffer[cnt]); /*@+bufferoverflowhigh +usedef@*/ for (cnt = 40; cnt < KEY_LEN; ++cnt) - out[cnt] = '0'; - out[KEY_LEN] = '\0'; - + outbuf[cnt] = '0'; + outbuf[KEY_LEN] = '\0'; + + sl_strlcpy(out, outbuf, len); return out; } @@ -1523,24 +1505,26 @@ static char * sh_tiger_hash_internal (const char * filename, TigerType what, - UINT64 Length, int timeout); + UINT64 Length, int timeout, + char * out, size_t len); char * sh_tiger_hash (const char * filename, TigerType what, - UINT64 Length) -{ - return sh_tiger_hash_internal (filename, what, Length, 0); + UINT64 Length, char * out, size_t len) +{ + return sh_tiger_hash_internal (filename, what, Length, 0, out,len); } char * sh_tiger_generic_hash (char * filename, TigerType what, - UINT64 Length, int timeout) + UINT64 Length, int timeout, + char * out, size_t len) { #ifdef USE_SHA1 if (hash_type == 1) - return sh_tiger_sha1_hash (filename, what, Length, timeout); + return sh_tiger_sha1_hash (filename, what, Length, timeout, out, len); #endif #ifdef USE_MD5 if (hash_type == 2) - return sh_tiger_md5_hash (filename, what, Length, timeout); -#endif - return sh_tiger_hash_internal (filename, what, Length, timeout); + return sh_tiger_md5_hash (filename, what, Length, timeout, out, len); +#endif + return sh_tiger_hash_internal (filename, what, Length, timeout, out, len); } @@ -1549,22 +1533,21 @@ static char * sh_tiger_hash_internal (const char * filename, TigerType what, - UINT64 Length, int timeout) + UINT64 Length, int timeout, + char * out, size_t len) { #if defined(TIGER_64_BIT) - word64 * res; + word64 res[3]; #else - sh_word32 * res; -#endif - static char out[KEY_LEN+1]; + sh_word32 res[6]; +#endif SL_ENTER( _("sh_tiger_hash_internal")); - res = sh_tiger_hash_val (filename, what, Length, timeout); - - if (res != NULL) + SH_VALIDATE_GE(len, (KEY_LEN+1)); + + if (NULL != sh_tiger_hash_val (filename, what, Length, timeout, res)) { #if defined(TIGER_64_BIT) - sl_snprintf(out, - sizeof(out), + sl_snprintf(out, len, MYFORMAT, (sh_word32)(res[0]>>32), @@ -1575,6 +1558,5 @@ (sh_word32)(res[2]) ); #else - sl_snprintf(out, - sizeof(out), + sl_snprintf(out, len, MYFORMAT, (sh_word32)(res[1]), @@ -1585,5 +1567,5 @@ (sh_word32)(res[4]) ); #endif - out[sizeof(out)-1] = '\0'; + out[len-1] = '\0'; SL_RETURN( out, _("sh_tiger_hash_internal")); @@ -1600,13 +1582,12 @@ char outhash[48+6+1]; #if defined(TIGER_64_BIT) - word64 * res; + word64 res[3]; #else - sh_word32 * res; + sh_word32 res[6]; #endif SL_ENTER(_("sh_tiger_hash_gpg")); - res = sh_tiger_hash_val (filename, what, Length, 0); - if (res != NULL) + if (NULL != sh_tiger_hash_val (filename, what, Length, 0, res)) { #if defined(TIGER_64_BIT) @@ -1663,22 +1644,20 @@ UINT32 * sh_tiger_hash_uint32 (char * filename, TigerType what, - UINT64 Length) + UINT64 Length, UINT32 * out, size_t len) { #if defined(TIGER_64_BIT) - word64 * res; + word64 res[3]; #else - sh_word32 * res; -#endif - - static UINT32 out[6]; + sh_word32 res[6]; +#endif SL_ENTER(_("sh_tiger_hash_uint32")); + + SH_VALIDATE_GE(len, 6); out[0] = 0; out[1] = 0; out[2] = 0; out[3] = 0; out[4] = 0; out[5] = 0; - res = sh_tiger_hash_val (filename, what, Length, 0); - - if (res != NULL) + if (NULL != sh_tiger_hash_val (filename, what, Length, 0, res)) { #if defined(TIGER_64_BIT) Index: /trunk/src/sh_tools.c =================================================================== --- /trunk/src/sh_tools.c (revision 132) +++ /trunk/src/sh_tools.c (revision 133) @@ -1344,8 +1344,9 @@ { char * theSig; + char sigbuf[KEYBUF_SIZE]; SL_ENTER(_("sh_tools_hash_add")); - theSig = sh_util_siggen (key, buf, buflen); + theSig = sh_util_siggen (key, buf, buflen, sigbuf, sizeof(sigbuf)); sl_strlcat(buf, theSig, buflen + KEY_LEN + 1); @@ -1361,8 +1362,9 @@ register int i; char * theSig; + char sigbuf[KEYBUF_SIZE]; SL_ENTER(_("sh_tools_hash_vfy")); - theSig = sh_util_siggen (key, buf, buflen); + theSig = sh_util_siggen (key, buf, buflen, sigbuf, sizeof(sigbuf)); sl_strlcpy(hash, theSig, KEY_LEN+1); @@ -1389,4 +1391,5 @@ int total = 0; char * theSig; + char sigbuf[KEYBUF_SIZE]; @@ -1402,5 +1405,5 @@ ASSERT_RET((buflen >= 0), _("buflen >= 0"), (NULL)); - theSig = sh_util_siggen (key, buf, buflen); + theSig = sh_util_siggen (key, buf, buflen, sigbuf, sizeof(sigbuf)); sl_strlcpy(hash, theSig, KEY_LEN+1); @@ -1437,4 +1440,5 @@ register int i; char * theSig; + char sigbuf[KEYBUF_SIZE]; SL_ENTER(_("hash_check")); @@ -1444,5 +1448,6 @@ (key == NULL) ? "NULL" : key, buflen); #endif - theSig = sh_util_siggen (key, &buf[KEY_LEN], buflen-KEY_LEN); + theSig = sh_util_siggen (key, &buf[KEY_LEN], buflen-KEY_LEN, + sigbuf, sizeof(sigbuf)); sl_strlcpy(hash, theSig, KEY_LEN+1); @@ -1597,4 +1602,5 @@ int status = BAD; char * my_tmp_dir; + char hashbuf[KEYBUF_SIZE]; SL_ENTER(_("open_tmp")); @@ -1629,10 +1635,12 @@ if (my_tmp_dir[0] == '/' && my_tmp_dir[1] == '\0') file = sh_util_strconcat (my_tmp_dir, - sh_tiger_hash( (char *) &ticks, TIGER_DATA, 4), + sh_tiger_hash( (char *) &ticks, TIGER_DATA, 4, + hashbuf, sizeof(hashbuf)), NULL); else file = sh_util_strconcat (my_tmp_dir, "/", - sh_tiger_hash( (char *) &ticks, TIGER_DATA, 4), + sh_tiger_hash( (char *) &ticks, TIGER_DATA, 4, + hashbuf, sizeof(hashbuf)), NULL); Index: /trunk/src/sh_unix.c =================================================================== --- /trunk/src/sh_unix.c (revision 132) +++ /trunk/src/sh_unix.c (revision 133) @@ -883,4 +883,5 @@ { char message[512]; + char hashbuf[KEYBUF_SIZE]; SL_ENTER(_("sh_unix_self_hash")); @@ -894,5 +895,5 @@ sl_strlcpy(sh.exec.hash, - sh_tiger_hash (c, TIGER_FILE, 0), + sh_tiger_hash (c, TIGER_FILE, 0, hashbuf, sizeof(hashbuf)), KEY_LEN+1); sl_snprintf(message, 512, _("%s has checksum: %s"), @@ -917,4 +918,5 @@ char newhash[KEY_LEN+1]; char message[512]; + char hashbuf[KEYBUF_SIZE]; SL_ENTER(_("sh_unix_self_check")); @@ -922,5 +924,7 @@ SL_RETURN((0), _("sh_unix_self_check")); - sl_strlcpy(newhash, sh_tiger_hash (sh.exec.path, TIGER_FILE, 0), KEY_LEN+1); + sl_strlcpy(newhash, + sh_tiger_hash (sh.exec.path, TIGER_FILE, 0, hashbuf, sizeof(hashbuf)), + KEY_LEN+1); if (0 == sl_strncmp(sh.exec.hash, newhash, @@ -2357,5 +2361,5 @@ } -SH_MUTEX_STATIC(getUIDname, PTHREAD_MUTEX_INITIALIZER); +SH_MUTEX_STATIC(mutex_getUIDname, PTHREAD_MUTEX_INITIALIZER); char * sh_unix_getUIDname (int level, uid_t uid, char * out, size_t len) @@ -2375,9 +2379,9 @@ if ((uid == old_uid) && (name[0] != '\0')) { out[0] = '\0'; - SH_MUTEX_LOCK_UNSAFE(getUIDname); + SH_MUTEX_LOCK_UNSAFE(mutex_getUIDname); if ((uid == old_uid) && (name[0] != '\0')) { sl_strlcpy(out, name, len); } - SH_MUTEX_UNLOCK_UNSAFE(getUIDname); + SH_MUTEX_UNLOCK_UNSAFE(mutex_getUIDname); if (out[0] != '\0') SL_RETURN( out, _("sh_unix_getUIDname")); @@ -2401,9 +2405,9 @@ if (tempres->pw_name != NULL) { - SH_MUTEX_LOCK_UNSAFE(getUIDname); + SH_MUTEX_LOCK_UNSAFE(mutex_getUIDname); sl_strlcpy(name, tempres->pw_name, sizeof(name)); old_uid = uid; sl_strlcpy(out, name, len); - SH_MUTEX_UNLOCK_UNSAFE(getUIDname); + SH_MUTEX_UNLOCK_UNSAFE(mutex_getUIDname); SL_RETURN( out, _("sh_unix_getUIDname")); } else { @@ -2415,5 +2419,5 @@ } -SH_MUTEX_STATIC(getGIDname, PTHREAD_MUTEX_INITIALIZER); +SH_MUTEX_STATIC(mutex_getGIDname, PTHREAD_MUTEX_INITIALIZER); char * sh_unix_getGIDname (int level, gid_t gid, char * out, size_t len) @@ -2434,9 +2438,9 @@ if ((gid == old_gid) && (name[0] != '\0')) { out[0] = '\0'; - SH_MUTEX_LOCK_UNSAFE(getGIDname); + SH_MUTEX_LOCK_UNSAFE(mutex_getGIDname); if ((gid == old_gid) && (name[0] != '\0')) { sl_strlcpy(out, name, len); } - SH_MUTEX_UNLOCK_UNSAFE(getGIDname); + SH_MUTEX_UNLOCK_UNSAFE(mutex_getGIDname); if (out[0] != '\0') SL_RETURN( out, _("sh_unix_getGIDname")); @@ -2459,11 +2463,10 @@ } - /* FIXME: need to return caller-supplied buffer */ if (tempres->gr_name != NULL) { - SH_MUTEX_LOCK_UNSAFE(getGIDname); + SH_MUTEX_LOCK_UNSAFE(mutex_getGIDname); sl_strlcpy(name, tempres->gr_name, sizeof(name)); old_gid = gid; sl_strlcpy(out, name, len); - SH_MUTEX_UNLOCK_UNSAFE(getGIDname); + SH_MUTEX_UNLOCK_UNSAFE(mutex_getGIDname); SL_RETURN( out, _("sh_unix_getGIDname")); } else { @@ -2993,5 +2996,5 @@ int sh_unix_checksum_size (char * filename, struct stat * fbuf, - char * fileHash, int alert_timeout) + char * fileHash, int alert_timeout, SL_TICKET fd) { file_type tmpFile; @@ -3016,7 +3019,8 @@ if (tmpFile.size < fbuf->st_size) { + char hashbuf[KEYBUF_SIZE]; sl_strlcpy(fileHash, - sh_tiger_generic_hash (filename, TIGER_FD, tmpFile.size, - alert_timeout), + sh_tiger_generic_hash (filename, fd, tmpFile.size, + alert_timeout, hashbuf, sizeof(hashbuf)), KEY_LEN+1); @@ -3355,17 +3359,17 @@ else { - tiger_fd = rval_open; + char hashbuf[KEYBUF_SIZE]; sl_strlcpy(fileHash, sh_tiger_generic_hash (theFile->fullpath, - TIGER_FD, TIGER_NOLIM, - alert_timeout), + rval_open, TIGER_NOLIM, + alert_timeout, + hashbuf, sizeof(hashbuf)), KEY_LEN+1); if ((theFile->check_mask & MODI_SGROW) != 0) { sl_rewind(rval_open); - tiger_fd = rval_open; sh_unix_checksum_size (theFile->fullpath, &fbuf, &fileHash[KEY_LEN + 1], - alert_timeout); + alert_timeout, rval_open); } } @@ -3395,16 +3399,17 @@ else { - tiger_fd = rval_open; + char hashbuf[KEYBUF_SIZE]; sl_strlcpy(fileHash, - sh_tiger_generic_hash (theFile->fullpath, TIGER_FD, TIGER_NOLIM, - alert_timeout), + sh_tiger_generic_hash (theFile->fullpath, rval_open, + TIGER_NOLIM, + alert_timeout, + hashbuf, sizeof(hashbuf)), KEY_LEN + 1); if ((theFile->check_mask & MODI_SGROW) != 0) { sl_rewind(rval_open); - tiger_fd = rval_open; sh_unix_checksum_size (theFile->fullpath, &fbuf, &fileHash[KEY_LEN + 1], - alert_timeout); + alert_timeout, rval_open); } } Index: /trunk/src/sh_utils.c =================================================================== --- /trunk/src/sh_utils.c (revision 132) +++ /trunk/src/sh_utils.c (revision 133) @@ -642,5 +642,6 @@ */ static char * sh_util_hmac_tiger (char * hexkey, - char * text, size_t textlen) + char * text, size_t textlen, + char * res, size_t len) { static char opad[KEY_BLOCK] = { @@ -669,4 +670,7 @@ UINT32 cc[KEY_LEN/4]; char * res; + UINT32 kbuf[KEY_BYT/sizeof(UINT32)]; + char hashbuf[KEYBUF_SIZE]; + size_t i; @@ -677,5 +681,5 @@ if (KEY_BLOCK > (KEY_LEN/2)) { - res = sh_tiger_hash (NULL, TIGER_DATA, 0); + res = sh_tiger_hash (NULL, TIGER_DATA, 0, hashbuf, sizeof(hashbuf)); SL_RETURN(res, _("sh_util_hmac_tiger")); } @@ -685,5 +689,5 @@ if (sh_util_hextobinary (K, hexkey, KEY_LEN) < 0) { - res = sh_tiger_hash (NULL, TIGER_DATA, 0); + res = sh_tiger_hash (NULL, TIGER_DATA, 0, hashbuf, sizeof(hashbuf)); SL_RETURN(res, _("sh_util_hmac_tiger")); } @@ -708,5 +712,5 @@ _("integer overflow"), _("sh_util_hmac_tiger")); - res = sh_tiger_hash (NULL, TIGER_DATA, 0); + res = sh_tiger_hash (NULL, TIGER_DATA, 0, hashbuf, sizeof(hashbuf)); SL_RETURN(res, _("sh_util_hmac_tiger")); } @@ -716,5 +720,6 @@ h1 = sh_tiger_hash_uint32 ( outer, TIGER_DATA, - KEY_BLOCK); + KEY_BLOCK, + kbuf, KEY_BYT/sizeof(UINT32)); for (i = 0; i < (KEY_LEN/8); ++i) { @@ -725,5 +730,6 @@ h2 = sh_tiger_hash_uint32 ( inner, TIGER_DATA, - (unsigned long) KEY_BLOCK+textlen); + (unsigned long) KEY_BLOCK+textlen, + kbuf, KEY_BYT/sizeof(UINT32)); for (i = KEY_LEN/8; i < (KEY_LEN/4); ++i) { @@ -733,24 +739,31 @@ SH_FREE(inner); - res = sh_tiger_hash ((char *) &cc[0], - TIGER_DATA, - (unsigned long) (KEY_LEN/4 * sizeof(UINT32))); - + (void) sh_tiger_hash ((char *) &cc[0], + TIGER_DATA, + (unsigned long) (KEY_LEN/4 * sizeof(UINT32)), + hashbuf, sizeof(hashbuf)); + + sl_strlcpy(res, hashbuf, len); SL_RETURN(res, _("sh_util_hmac_tiger")); } static char * sh_util_hash_tiger ( char * hexkey, - char * text, size_t textlen) -{ - char * res; + char * text, size_t textlen + char * res, size_t len) +{ char h2[2*KEY_LEN+1]; SL_ENTER(_("sh_util_hash_tiger")); (void) sl_strlcpy(h2, hexkey, KEY_LEN+1); - (void) sl_strlcat(h2, sh_tiger_hash(text, TIGER_DATA, - (unsigned long) textlen), 2*KEY_LEN+1); - - res = sh_tiger_hash(h2, TIGER_DATA, 2*KEY_LEN); - + (void) sl_strlcat(h2, + sh_tiger_hash(text, TIGER_DATA, + (unsigned long) textlen, + hashbuf, sizeof(hashbuf)), + 2*KEY_LEN+1, + ); + + (void) sh_tiger_hash(h2, TIGER_DATA, 2*KEY_LEN, hashbuf, sizeof(hashbuf)); + + sl_strlcpy(res, hashbuf, len); SL_RETURN(res, _("sh_util_hash_tiger")); } @@ -780,5 +793,6 @@ char * sh_util_siggen (char * hexkey, - char * text, size_t textlen) + char * text, size_t textlen, + char * res, size_t len) { char * p; @@ -787,8 +801,8 @@ if (sigtype == TYPE_HMAC) p = sh_util_hmac_tiger (hexkey, - text, textlen); + text, textlen, res, len); else p = sh_util_hash_tiger (hexkey, - text, textlen); + text, textlen, res, len); SL_RETURN(p, _("sh_util_siggen")); } @@ -927,4 +941,5 @@ static int res_num = 0; register int i; + UINT32 kbuf[KEY_BYT/sizeof(UINT32)]; if (res_num > 0) @@ -944,5 +959,6 @@ res = sh_tiger_hash_uint32 ( (char *) &taus_svec[0], TIGER_DATA, - (unsigned long)(6 * sizeof(UINT32))); + (unsigned long)(6 * sizeof(UINT32)), + kbuf, KEY_BYT/sizeof(UINT32)); for (i = 1; i < 6; ++i) @@ -1180,7 +1196,10 @@ image[k+7] == new_key[7]) { + UINT32 kbuf[KEY_BYT/sizeof(UINT32)]; + printf(_("old key found\n")); h1 = sh_tiger_hash_uint32 (key, TIGER_DATA, - (unsigned long)strlen(key)); + (unsigned long)strlen(key), + kbuf, KEY_BYT/sizeof(UINT32)); copy_four( (unsigned char *) &(image[k]), h1[0]); copy_four( (unsigned char *) &(image[k+4]), h1[1]); @@ -1229,4 +1248,5 @@ register int i, j, j1 = 0, j2 = 0, j3; char * dez; + char hashbuf[KEYBUF_SIZE]; SL_ENTER(_("sh_util_encode")); @@ -1248,13 +1268,16 @@ (void) sl_strlcpy(skey->vernam, - sh_tiger_hash(skey->vernam, TIGER_DATA, KEY_LEN), + sh_tiger_hash(skey->vernam, TIGER_DATA, KEY_LEN, + hashbuf, sizeof(hashbuf)), KEY_LEN+1); (void) sl_strlcpy(skey->vernam, - sh_util_hmac_tiger (skey->vernam, salt, strlen(salt)), - KEY_LEN+1); + sh_util_hmac_tiger (skey->vernam, salt, strlen(salt), + hashbuf, sizeof(hashbuf)), + KEY_LEN+1); (void) sl_strlcpy(skey->vernam, - sh_util_hmac_tiger (skey->vernam, (char*) new_key, 8), + sh_util_hmac_tiger (skey->vernam, (char*) new_key, 8, + hashbuf, sizeof(hashbuf)), KEY_LEN+1); @@ -1413,4 +1436,5 @@ int status = 0; char * p; + char hashbuf[KEYBUF_SIZE]; SL_ENTER(_("sh_util_keyinit")); @@ -1433,6 +1457,6 @@ p = sh_tiger_hash ((char *) bufy, TIGER_DATA, - (unsigned long)(6*sizeof(UINT32))); - p[size-1] = '\0'; + (unsigned long)(6*sizeof(UINT32)), + hashbuf, sizeof(hashbuf)); i = sl_strlcpy(buf, p, (size_t)size);