From: Kevin Coffman Date: Wed, 30 Apr 2008 16:46:08 +0000 (-0400) Subject: gss_krb5: Use random value to initialize confounder X-Git-Tag: firefly_0821_release~19556^2~23 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=863a24882ed0a57ff25daaf39885f3a47b706e4b;p=firefly-linux-kernel-4.4.55.git gss_krb5: Use random value to initialize confounder Initialize the value used for the confounder to a random value rather than starting from zero. Allow for confounders of length 8 or 16 (which will be needed for AES). Signed-off-by: Kevin Coffman Signed-off-by: J. Bruce Fields --- diff --git a/net/sunrpc/auth_gss/gss_krb5_wrap.c b/net/sunrpc/auth_gss/gss_krb5_wrap.c index 283cb25c6237..ae8e69b59c4c 100644 --- a/net/sunrpc/auth_gss/gss_krb5_wrap.c +++ b/net/sunrpc/auth_gss/gss_krb5_wrap.c @@ -87,8 +87,8 @@ out: return 0; } -static inline void -make_confounder(char *p, int blocksize) +static void +make_confounder(char *p, u32 conflen) { static u64 i = 0; u64 *q = (u64 *)p; @@ -102,8 +102,22 @@ make_confounder(char *p, int blocksize) * uniqueness would mean worrying about atomicity and rollover, and I * don't care enough. */ - BUG_ON(blocksize != 8); - *q = i++; + /* initialize to random value */ + if (i == 0) { + i = random32(); + i = (i << 32) | random32(); + } + + switch (conflen) { + case 16: + *q++ = i++; + /* fall through */ + case 8: + *q++ = i++; + break; + default: + BUG(); + } } /* Assumptions: the head and tail of inbuf are ours to play with.