]> git.proxmox.com Git - mirror_kronosnet.git/commitdiff
projects / mirror_kronosnet.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5d9f5a2)
[nss] make sure that any crypto config requires a proper hashing value
authorFabio M. Di Nitto <fdinitto@redhat.com>
Wed, 23 Jul 2014 12:05:21 +0000 (14:05 +0200)
committerFabio M. Di Nitto <fdinitto@redhat.com>
Wed, 23 Jul 2014 12:05:21 +0000 (14:05 +0200)
this is mandatory to avoid some collision checks when random junk
is received over the network socket

Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
libknet/nsscrypto.c patch | blob | blame | history

diff --git a/libknet/nsscrypto.c b/libknet/nsscrypto.c
index 8ae7cadba0ec4895e1ca34f22b3835dc5659eb10..196ea64ddc9f4c1834479f4f5011fef61e404dd4 100644 (file)
--- a/libknet/nsscrypto.c
+++ b/libknet/nsscrypto.c
@@ -602,6 +602,12 @@ int nsscrypto_init(
        nsscrypto_instance->private_key = knet_handle_crypto_cfg->private_key;
        nsscrypto_instance->private_key_len = knet_handle_crypto_cfg->private_key_len;
 
+       if ((nsscrypto_instance->crypto_cipher_type > 0) &&
+           (nsscrypto_instance->crypto_hash_type == 0)) {
+               log_err(knet_h, KNET_SUB_NSSCRYPTO, "crypto communication requires hash specified");
+               goto out_err;
+       }
+
        if ((nsscrypto_instance->crypto_cipher_type > 0) ||
            (nsscrypto_instance->crypto_hash_type > 0)) {
                if ((!nsscrypto_instance->private_key) ||
kronosnet mirror