X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/b2552997dd6cfa68abbd01b0fb0b29602f08ce53..9c54c067cca6a1d021a6d5120e0adc05f3252a97:/mac.c

diff --git a/mac.c b/mac.c
index 3ff107c8..2bda5a1b 100644
--- a/mac.c
+++ b/mac.c
@@ -23,7 +23,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: mac.c,v 1.1 2001/02/11 12:59:24 markus Exp $");
+RCSID("$OpenBSD: mac.c,v 1.7 2005/06/17 02:44:32 djm Exp $");
 
 #include <openssl/hmac.h>
 
@@ -36,7 +36,7 @@ RCSID("$OpenBSD: mac.c,v 1.1 2001/02/11 12:59:24 markus Exp $");
 
 struct {
 	char		*name;
-	EVP_MD *	(*mdfunc)(void);
+	const EVP_MD *	(*mdfunc)(void);
 	int		truncatebits;	/* truncate digest if != 0 */
 } macs[] = {
 	{ "hmac-sha1",			EVP_sha1, 0, },
@@ -45,18 +45,21 @@ struct {
 	{ "hmac-md5-96",		EVP_md5, 96 },
 	{ "hmac-ripemd160",		EVP_ripemd160, 0 },
 	{ "hmac-ripemd160@openssh.com",	EVP_ripemd160, 0 },
-        { NULL,				NULL, 0 }
+	{ NULL,				NULL, 0 }
 };
 
 int
 mac_init(Mac *mac, char *name)
 {
-	int i;
+	int i, evp_len;
+
 	for (i = 0; macs[i].name; i++) {
 		if (strcmp(name, macs[i].name) == 0) {
 			if (mac != NULL) {
 				mac->md = (*macs[i].mdfunc)();
-				mac->key_len = mac->mac_len = mac->md->md_size;
+				if ((evp_len = EVP_MD_size(mac->md)) <= 0)
+					fatal("mac %s len %d", name, evp_len);
+				mac->key_len = mac->mac_len = (u_int)evp_len;
 				if (macs[i].truncatebits != 0)
 					mac->mac_len = macs[i].truncatebits/8;
 			}
@@ -99,7 +102,7 @@ mac_valid(const char *names)
 		return (0);
 	maclist = cp = xstrdup(names);
 	for ((p = strsep(&cp, MAC_SEP)); p && *p != '\0';
-	     (p = strsep(&cp, MAC_SEP))) {
+	    (p = strsep(&cp, MAC_SEP))) {
 		if (mac_init(NULL, p) < 0) {
 			debug("bad mac %s [%s]", p, names);
 			xfree(maclist);