From: Jean-Marc Pigeon (Delson) Date: Sun, 6 Jul 2025 22:15:36 +0000 (-0400) Subject: setting git_hashmd5 with a length parameter make a diffrence (Bingo!) X-Git-Tag: tag-0.12~13 X-Git-Url: https://jmp-git.ovh.safe.ca/?a=commitdiff_plain;h=ef5f5675648739df1db1fedbf3764c1c6c7a7f22;p=jmp%2Fmailleur setting git_hashmd5 with a length parameter make a diffrence (Bingo!) --- diff --git a/lib/unidig.c b/lib/unidig.c index 76c47f3..2a0c207 100644 --- a/lib/unidig.c +++ b/lib/unidig.c @@ -202,7 +202,7 @@ return resp; /* an return a 16+1 Bytes. */ /* */ /********************************************************/ -PUBLIC MD5TYP *dig_hashmd5(unsigned char *seq) +PUBLIC MD5TYP *dig_hashmd5(unsigned char *seq,unsigned int length) { #define OPEP "subdig.c:dig_hashmd5," @@ -219,7 +219,7 @@ proceed=true; while (proceed==true) { switch (phase) { case 0 : //do we hae a sequence? - if ((seq==(unsigned char *)0)&&(strlen((const char *)seq)==0)) + if ((seq==(unsigned char *)0)&&(length==0)) phase=999; //no need to go further break; case 1 : //getting md5 context @@ -230,8 +230,8 @@ while (proceed==true) { break; case 2 : //doing hashing (void) EVP_DigestInit_ex(mdctx,EVP_md5(),(ENGINE *)0); - (void) EVP_DigestUpdate(mdctx,seq,strlen((const char *)seq)); - (void) rou_alert(0,"%s digestup de of <%s> '%d' long",OPEP,seq,strlen((const char *)seq)); + (void) EVP_DigestUpdate(mdctx,seq,length); + (void) rou_alert(0,"%s digestup de of <%s> '%d' long",OPEP,seq,length); break; case 3 : { //assign memory unsigned int s; @@ -416,7 +416,7 @@ while (proceed==true) { (void) snprintf(seq,sizeof(seq),"%s:%s:%s",resp->username,resp->realm,secret); (void) rou_alert(0,"JMDPBG seq1=<%s>",seq); - A1=dig_hashmd5((unsigned char *)seq); + A1=dig_hashmd5((unsigned char *)seq,strlen(seq)); //algorithm value is "MD5-sess" (void) memset(seq,'\000',sizeof(seq)); (void) memmove(seq,(char *)A1,sizeof(MD5TYP)); @@ -424,7 +424,7 @@ while (proceed==true) { (void) strcat(seq+sizeof(MD5TYP),second); (void) rou_alert(0,"JMDPBG seq2=<%s>",seq); (void) free(A1); - A1=dig_hashmd5((unsigned char *)seq); + A1=dig_hashmd5((unsigned char *)seq,sizeof(MD5TYP)+strlen(second)); HA1=cnv_tohexa((char *)A1,sizeof(MD5TYP)); (void) free(A1); } @@ -433,7 +433,7 @@ while (proceed==true) { MD5TYP *A2; (void) snprintf(seq,sizeof(seq),"AUTHENTICATE:%s",resp->digesturi); - A2=dig_hashmd5((unsigned char *)seq); + A2=dig_hashmd5((unsigned char *)seq,strlen(seq)); HA2=cnv_tohexa((char *)A2,sizeof(MD5TYP)); (void) free(A2); } @@ -444,7 +444,7 @@ while (proceed==true) { (void) snprintf(seq,sizeof(seq),"%s:%s:%08lx:%s:%s:%s", HA1,resp->nonce,resp->nc, resp->cnonce,resp->qop,HA2); - A3=dig_hashmd5((unsigned char *)seq); + A3=dig_hashmd5((unsigned char *)seq,strlen(seq)); HA3=cnv_tohexa((char *)A3,sizeof(MD5TYP)); (void) free(A3); } diff --git a/lib/unidig.h b/lib/unidig.h index cecc3c1..8f97661 100644 --- a/lib/unidig.h +++ b/lib/unidig.h @@ -8,7 +8,7 @@ #ifndef UNIDIG #define UNIDIG -#define REALM APPNAME"-email" +#define REALM APPNAME".email" typedef struct { //DIGEST-MD5 challange response structure char *username; //username requesting authentication @@ -34,7 +34,7 @@ extern RSPTYP *dig_parseresp(char *response); //procedure to convert a string to a 128 Bit sequence //as a string -extern MD5TYP *dig_hashmd5(unsigned char *seq); +extern MD5TYP *dig_hashmd5(unsigned char *seq,unsigned int length); //Procedure to crypt a string with MD5 hash function extern char *dig_cryptmd5(const void *key,unsigned char *seq);