-
-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Proto_IkePacket.c: fix MD5, SHA-256, SHA-384 and SHA-512 implementation #694
Proto_IkePacket.c: fix MD5, SHA-256, SHA-384 and SHA-512 implementation #694
Conversation
6dd20d2
to
91f1d7e
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for tracking this down.
src/Cedar/Proto_IkePacket.c
Outdated
// Validate arguments | ||
if (h == NULL || dst == NULL || (key == NULL && key_size != 0) || (data == NULL && data_size != 0)) | ||
{ | ||
return; | ||
} | ||
|
||
switch (h->HashId) | ||
{ | ||
switch(h->HashId) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No idea if the coding style guidelines changed, but let’s keep the existing coding style for consistency?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
shall we add .clang-format with "BreakBeforeBraces: Stroustrup" ? (or any other value, I do not care personally)
and make travis-ci check the format
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No idea if the coding style guidelines changed, but let’s keep the existing coding style for consistency?
Thank you, I wrote it like this by mistake.
shall we add .clang-format with "BreakBeforeBraces: Stroustrup" ? (or any other value, I do not care personally)
and make travis-ci check the format
I think that we should create the clang-format
configuration according to the current code style, as even moving the brackets would require a lot of changes throughout the code.
src/Cedar/Proto_IkePacket.c
Outdated
return; | ||
} | ||
else if (h->HashId == IKE_HASH_MD5_ID) | ||
if (md == NULL) | ||
{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can a debug message be printed?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
Pull request SoftEtherVPN#294 added SHA-256, SHA-384, and SHA-512 support to the protocol, but part of it was removed in faee11f, because it caused a buffer over-read crash. It also broke the MD5 implementation because the switch-case block didn't handle the type anymore. This pull request fixes all the implementations and improves the IkeHMac() function by using the dedicated hashing functions.
91f1d7e
to
32082eb
Compare
Hi. It seems that it doesn't work again on windows xp. Build 9744 |
Fixes #552.
#294 added SHA-256, SHA-384, and SHA-512 support to the protocol, but part of it was removed in faee11f, because it caused a buffer over-read crash.
It also broke the MD5 implementation because the switch-case block doesn't handle the type anymore:
SoftEtherVPN/src/Cedar/Proto_IkePacket.c
Lines 2982 to 2996 in 8fdd224
This pull request fixes all the implementations and improves the
IkeHMac()
function by using the dedicated hashing functions.SoftEther VPN Patch Acceptance Policy:
http://www.softether.org/5-download/src/9.patch
I choose option 1.