mirror of https://github.com/getdnsapi/getdns.git
Abstract maximum digest length.
This commit is contained in:
parent
0cdede21df
commit
af962228fc
|
@ -34,6 +34,7 @@
|
|||
#ifndef _GETDNS_TLS_INTERNAL_H
|
||||
#define _GETDNS_TLS_INTERNAL_H
|
||||
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/hmac.h>
|
||||
#include <openssl/ssl.h>
|
||||
#include <openssl/x509.h>
|
||||
|
@ -51,6 +52,8 @@
|
|||
#define HAVE_TLS_CONN_CURVES_LIST (HAVE_DECL_SSL_SET1_CURVES_LIST)
|
||||
#endif
|
||||
|
||||
#define GETDNS_TLS_MAX_DIGEST_LENGTH (EVP_MAX_MD_SIZE)
|
||||
|
||||
typedef struct _getdns_tls_context {
|
||||
SSL_CTX* ssl;
|
||||
} _getdns_tls_context;
|
||||
|
|
|
@ -653,7 +653,7 @@ unsigned char* _getdns_tls_hmac_hash(struct mem_funcs* mfs, int algorithm, const
|
|||
default : return NULL;
|
||||
}
|
||||
|
||||
res = (unsigned char*) GETDNS_XMALLOC(*mfs, unsigned char, EVP_MAX_MD_SIZE);
|
||||
res = (unsigned char*) GETDNS_XMALLOC(*mfs, unsigned char, GETDNS_TLS_MAX_DIGEST_LENGTH);
|
||||
if (!res)
|
||||
return NULL;
|
||||
|
||||
|
|
|
@ -44,6 +44,7 @@
|
|||
#include "debug.h"
|
||||
#include "convert.h"
|
||||
#include "general.h"
|
||||
#include "tls.h"
|
||||
|
||||
/* MAXIMUM_TSIG_SPACE = TSIG name (dname) : 256
|
||||
* TSIG type (uint16_t) : 2
|
||||
|
@ -54,15 +55,15 @@
|
|||
* Time Signed (uint48_t) : 6
|
||||
* Fudge (uint16_t) : 2
|
||||
* Mac Size (uint16_t) : 2
|
||||
* Mac (variable) : EVP_MAX_MD_SIZE
|
||||
* Mac (variable) : GETDNS_TLS_MAX_DIGEST_LENGTH
|
||||
* Original Id (uint16_t) : 2
|
||||
* Error (uint16_t) : 2
|
||||
* Other Len (uint16_t) : 2
|
||||
* Other Data (nothing) : 0
|
||||
* ---- +
|
||||
* 538 + EVP_MAX_MD_SIZE
|
||||
* 538 + GETDNS_TLS_MAX_DIGEST_LENGTH
|
||||
*/
|
||||
#define MAXIMUM_TSIG_SPACE (538 + EVP_MAX_MD_SIZE)
|
||||
#define MAXIMUM_TSIG_SPACE (538 + GETDNS_TLS_MAX_DIGEST_LENGTH)
|
||||
|
||||
getdns_dict dnssec_ok_checking_disabled_spc = {
|
||||
{ RBTREE_NULL, 0, (int (*)(const void *, const void *)) strcmp },
|
||||
|
|
Loading…
Reference in New Issue