headers
Matthias Koenig | 30 Jun 10:19

[PATCH] srptool, fix problem where passwords never match

Hi,

this fixes a problem in srptool, where the passwords never match
(--verify check) on some architectures (I think I have observed
this only on i386). It is for 1.6.1, but still applies to 2.4.0.

Matthias

Index: gnutls-1.6.1/src/crypt.c
===================================================================
--- gnutls-1.6.1.orig/src/crypt.c
+++ gnutls-1.6.1/src/crypt.c
@@ -220,6 +220,7 @@ _verify_passwd_int (const char *username

   /* encode the verifier into _salt */
   salt_size = sizeof (_salt);
+  memset(_salt, '\0', salt_size);
   if (gnutls_srp_base64_encode (&new_verifier, _salt, &salt_size) < 0)
     {
       fprintf (stderr, "Encoding error\n");
Permalink | Reply |
headers
Nikos Mavrogiannopoulos | 30 Jun 19:42

Re: [PATCH] srptool, fix problem where passwords never match

Matthias Koenig wrote:
> Hi,
> 
> this fixes a problem in srptool, where the passwords never match
> (--verify check) on some architectures (I think I have observed
> this only on i386). It is for 1.6.1, but still applies to 2.4.0.

Applied. Thank you.

regards,
Nikos
Permalink | Reply |

Gmane