diff options
author | Kevin Coffman <kwc@citi.umich.edu> | 2008-04-30 12:46:08 -0400 |
---|---|---|
committer | J. Bruce Fields <bfields@citi.umich.edu> | 2008-06-23 13:47:38 -0400 |
commit | 863a24882ed0a57ff25daaf39885f3a47b706e4b (patch) | |
tree | d36d3829550ba8289a2b3b75cceb187cdb4600b5 /net/sunrpc | |
parent | db8add57898751b9c0ff93ead25f20d21da5ddd0 (diff) | |
download | kernel-crypto-863a24882ed0a57ff25daaf39885f3a47b706e4b.tar.gz kernel-crypto-863a24882ed0a57ff25daaf39885f3a47b706e4b.tar.xz kernel-crypto-863a24882ed0a57ff25daaf39885f3a47b706e4b.zip |
gss_krb5: Use random value to initialize confounder
Initialize the value used for the confounder to a random value
rather than starting from zero.
Allow for confounders of length 8 or 16 (which will be needed for AES).
Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Diffstat (limited to 'net/sunrpc')
-rw-r--r-- | net/sunrpc/auth_gss/gss_krb5_wrap.c | 22 |
1 files changed, 18 insertions, 4 deletions
diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c b/net/sunrpc/auth_gss/gss_krb5_wrap.c index 283cb25c623..ae8e69b59c4 100644 --- a/net/sunrpc/auth_gss/gss_krb5_wrap.c +++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c @@ -87,8 +87,8 @@ out: return 0; } -static inline void -make_confounder(char *p, int blocksize) +static void +make_confounder(char *p, u32 conflen) { static u64 i = 0; u64 *q = (u64 *)p; @@ -102,8 +102,22 @@ make_confounder(char *p, int blocksize) * uniqueness would mean worrying about atomicity and rollover, and I * don't care enough. */ - BUG_ON(blocksize != 8); - *q = i++; + /* initialize to random value */ + if (i == 0) { + i = random32(); + i = (i << 32) | random32(); + } + + switch (conflen) { + case 16: + *q++ = i++; + /* fall through */ + case 8: + *q++ = i++; + break; + default: + BUG(); + } } /* Assumptions: the head and tail of inbuf are ours to play with. |