setting git_hashmd5 with a length parameter make a diffrence (Bingo!)

diff --git a/lib/unidig.c b/lib/unidig.c
index 76c47f3a7651d685eeec6370e44df2afbe4c4c81..2a0c2072c69f788234c23347c8c6722414d782ec 100644 (file)
--- a/lib/unidig.c
+++ b/lib/unidig.c
@@ -202,7 +202,7 @@ return resp;
 /*      an return a 16+1 Bytes.                         */
 /*                                                      */
 /********************************************************/
-PUBLIC MD5TYP *dig_hashmd5(unsigned char *seq)
+PUBLIC MD5TYP *dig_hashmd5(unsigned char *seq,unsigned int length)
 
 {
 #define OPEP    "subdig.c:dig_hashmd5,"
@@ -219,7 +219,7 @@ proceed=true;
 while (proceed==true) {
   switch (phase) {
     case 0      :       //do we hae a sequence?
-      if ((seq==(unsigned char *)0)&&(strlen((const char *)seq)==0)) 
+      if ((seq==(unsigned char *)0)&&(length==0)) 
         phase=999;      //no need to go further
       break;
     case 1      :       //getting md5 context
@@ -230,8 +230,8 @@ while (proceed==true) {
       break;
     case 2      :       //doing hashing
       (void) EVP_DigestInit_ex(mdctx,EVP_md5(),(ENGINE *)0);
-      (void) EVP_DigestUpdate(mdctx,seq,strlen((const char *)seq));
-      (void) rou_alert(0,"%s digestup de  of <%s> '%d' long",OPEP,seq,strlen((const char *)seq));
+      (void) EVP_DigestUpdate(mdctx,seq,length);
+      (void) rou_alert(0,"%s digestup de  of <%s> '%d' long",OPEP,seq,length);
       break;
     case 3      :   {   //assign memory
       unsigned int s;
@@ -416,7 +416,7 @@ while (proceed==true) {
 
       (void) snprintf(seq,sizeof(seq),"%s:%s:%s",resp->username,resp->realm,secret);
       (void) rou_alert(0,"JMDPBG seq1=<%s>",seq);
-      A1=dig_hashmd5((unsigned char *)seq);
+      A1=dig_hashmd5((unsigned char *)seq,strlen(seq));
       //algorithm value is "MD5-sess"
       (void) memset(seq,'\000',sizeof(seq));
       (void) memmove(seq,(char *)A1,sizeof(MD5TYP));
@@ -424,7 +424,7 @@ while (proceed==true) {
       (void) strcat(seq+sizeof(MD5TYP),second);
       (void) rou_alert(0,"JMDPBG seq2=<%s>",seq);
       (void) free(A1);
-      A1=dig_hashmd5((unsigned char *)seq);
+      A1=dig_hashmd5((unsigned char *)seq,sizeof(MD5TYP)+strlen(second));
       HA1=cnv_tohexa((char *)A1,sizeof(MD5TYP));
       (void) free(A1);
       }
@@ -433,7 +433,7 @@ while (proceed==true) {
       MD5TYP *A2;
 
       (void) snprintf(seq,sizeof(seq),"AUTHENTICATE:%s",resp->digesturi);
-      A2=dig_hashmd5((unsigned char *)seq);
+      A2=dig_hashmd5((unsigned char *)seq,strlen(seq));
       HA2=cnv_tohexa((char *)A2,sizeof(MD5TYP));
       (void) free(A2);
       }
@@ -444,7 +444,7 @@ while (proceed==true) {
       (void) snprintf(seq,sizeof(seq),"%s:%s:%08lx:%s:%s:%s",
                                       HA1,resp->nonce,resp->nc,
                                       resp->cnonce,resp->qop,HA2);
-      A3=dig_hashmd5((unsigned char *)seq);
+      A3=dig_hashmd5((unsigned char *)seq,strlen(seq));
       HA3=cnv_tohexa((char *)A3,sizeof(MD5TYP));
       (void) free(A3);
       }

diff --git a/lib/unidig.h b/lib/unidig.h
index cecc3c157f7ebf9bed7aa282cab1edae6222c9a6..8f9766101ad53d3f28fa49f340c0c6c107fa39af 100644 (file)
--- a/lib/unidig.h
+++ b/lib/unidig.h
@@ -8,7 +8,7 @@
 #ifndef        UNIDIG
 #define UNIDIG
 
-#define REALM    APPNAME"-email"
+#define REALM    APPNAME".email"
 
 typedef struct  {       //DIGEST-MD5 challange response structure
         char *username; //username requesting authentication
@@ -34,7 +34,7 @@ extern RSPTYP *dig_parseresp(char *response);
 
 //procedure to convert a string to a 128 Bit sequence
 //as a string
-extern MD5TYP *dig_hashmd5(unsigned char *seq);
+extern MD5TYP *dig_hashmd5(unsigned char *seq,unsigned int length);
 
 //Procedure to crypt a string with MD5 hash function
 extern char *dig_cryptmd5(const void *key,unsigned char *seq);