ospfd: invalid MD5 auth_key?
This looks fishy in ospf_make_md5_digest()
if (list_isempty (OSPF_IF_PARAM (oi, auth_crypt)))
auth_key = (const u_int8_t *) "";
...
MD5Update(&ctx, auth_key, OSPF_AUTH_MD5_SIZE);
auth_key points to a "" string of len 1 which is a lot
smaller that OSPF_AUTH_MD5_SIZE. Is this intentional to
get some random data or just a plain bug?
Anyone using MD5 should have a closer look and decide
what to do.
Acked-by: Feng Lu <lu.feng@6wind.com>
(cherry picked from commit
ea2a598411cc7bd20456849e56bbc9e93c9916e7)
projects / mirror / frr.git / commit