gss_krb5: Use random value to initialize confounder
authorKevin Coffman <kwc@citi.umich.edu>
Wed, 30 Apr 2008 16:46:08 +0000 (12:46 -0400)
committerJ. Bruce Fields <bfields@citi.umich.edu>
Mon, 23 Jun 2008 17:47:38 +0000 (13:47 -0400)
Initialize the value used for the confounder to a random value
rather than starting from zero.
Allow for confounders of length 8 or 16 (which will be needed for AES).

Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
net/sunrpc/auth_gss/gss_krb5_wrap.c

index 283cb25c6237c1cbd65729636ae30ff0cd9f9c3d..ae8e69b59c4c35c1eb23f2501174f3ba4d26b85e 100644 (file)
@@ -87,8 +87,8 @@ out:
        return 0;
 }
 
-static inline void
-make_confounder(char *p, int blocksize)
+static void
+make_confounder(char *p, u32 conflen)
 {
        static u64 i = 0;
        u64 *q = (u64 *)p;
@@ -102,8 +102,22 @@ make_confounder(char *p, int blocksize)
         * uniqueness would mean worrying about atomicity and rollover, and I
         * don't care enough. */
 
-       BUG_ON(blocksize != 8);
-       *q = i++;
+       /* initialize to random value */
+       if (i == 0) {
+               i = random32();
+               i = (i << 32) | random32();
+       }
+
+       switch (conflen) {
+       case 16:
+               *q++ = i++;
+               /* fall through */
+       case 8:
+               *q++ = i++;
+               break;
+       default:
+               BUG();
+       }
 }
 
 /* Assumptions: the head and tail of inbuf are ours to play with.