From 5da387853b38965628531c9e0d1f571ecb850439 Mon Sep 17 00:00:00 2001
From: Donald Sharp <sharpd@cumulusnetworks.com>
Date: Wed, 10 May 2017 19:45:40 -0400
Subject: [PATCH] eigrpd: Fix a md5 digest issue

Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
---
 eigrpd/eigrp_packet.c | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/eigrpd/eigrp_packet.c b/eigrpd/eigrp_packet.c
index f20ec0ad12..5242b7c27b 100644
--- a/eigrpd/eigrp_packet.c
+++ b/eigrpd/eigrp_packet.c
@@ -161,6 +161,7 @@ int eigrp_check_md5_digest(struct stream *s,
 {
 	MD5_CTX ctx;
 	unsigned char digest[EIGRP_AUTH_TYPE_MD5_LEN];
+	unsigned char orig[EIGRP_AUTH_TYPE_MD5_LEN];
 	struct key *key = NULL;
 	struct keychain *keychain;
 	u_char *ibuf;
@@ -181,7 +182,9 @@ int eigrp_check_md5_digest(struct stream *s,
 
 	auth_TLV = (struct TLV_MD5_Authentication_Type *)(s->data
 							  + EIGRP_HEADER_LEN);
-	memset(auth_TLV->digest, 0, sizeof(auth_TLV->digest));
+	memcpy(orig, auth_TLV->digest, EIGRP_AUTH_TYPE_MD5_LEN);
+	memset(digest, 0, EIGRP_AUTH_TYPE_MD5_LEN);
+	memset(auth_TLV->digest, 0, EIGRP_AUTH_TYPE_MD5_LEN);
 
 	ibuf = s->data;
 	backup_end = s->endp;
@@ -219,16 +222,15 @@ int eigrp_check_md5_digest(struct stream *s,
 	MD5Final(digest, &ctx);
 
 	/* compare the two */
-	if (memcmp(authTLV->digest, digest, EIGRP_AUTH_TYPE_MD5_LEN) == 0) {
-		zlog_debug("VSETKO OK");
-	} else {
+	if (memcmp(orig, digest, EIGRP_AUTH_TYPE_MD5_LEN) != 0) {
 		zlog_warn("interface %s: eigrp_check_md5 checksum mismatch",
 			  IF_NAME(nbr->ei));
 		return 0;
 	}
 
 	/* save neighbor's crypt_seqnum */
-	nbr->crypt_seqnum = authTLV->key_sequence;
+	if (nbr)
+		nbr->crypt_seqnum = authTLV->key_sequence;
 
 	return 1;
 }
-- 
2.39.5