Abstract maximum digest length.

This commit is contained in:
Jim Hague 2018-11-27 15:31:05 +00:00
parent 0cdede21df
commit af962228fc
3 changed files with 8 additions and 4 deletions

View File

@ -34,6 +34,7 @@
#ifndef _GETDNS_TLS_INTERNAL_H
#define _GETDNS_TLS_INTERNAL_H
#include <openssl/evp.h>
#include <openssl/hmac.h>
#include <openssl/ssl.h>
#include <openssl/x509.h>
@ -51,6 +52,8 @@
#define HAVE_TLS_CONN_CURVES_LIST (HAVE_DECL_SSL_SET1_CURVES_LIST)
#endif
#define GETDNS_TLS_MAX_DIGEST_LENGTH (EVP_MAX_MD_SIZE)
typedef struct _getdns_tls_context {
SSL_CTX* ssl;
} _getdns_tls_context;

View File

@ -653,7 +653,7 @@ unsigned char* _getdns_tls_hmac_hash(struct mem_funcs* mfs, int algorithm, const
default : return NULL;
}
res = (unsigned char*) GETDNS_XMALLOC(*mfs, unsigned char, EVP_MAX_MD_SIZE);
res = (unsigned char*) GETDNS_XMALLOC(*mfs, unsigned char, GETDNS_TLS_MAX_DIGEST_LENGTH);
if (!res)
return NULL;

View File

@ -44,6 +44,7 @@
#include "debug.h"
#include "convert.h"
#include "general.h"
#include "tls.h"
/* MAXIMUM_TSIG_SPACE = TSIG name (dname) : 256
* TSIG type (uint16_t) : 2
@ -54,15 +55,15 @@
* Time Signed (uint48_t) : 6
* Fudge (uint16_t) : 2
* Mac Size (uint16_t) : 2
* Mac (variable) : EVP_MAX_MD_SIZE
* Mac (variable) : GETDNS_TLS_MAX_DIGEST_LENGTH
* Original Id (uint16_t) : 2
* Error (uint16_t) : 2
* Other Len (uint16_t) : 2
* Other Data (nothing) : 0
* ---- +
* 538 + EVP_MAX_MD_SIZE
* 538 + GETDNS_TLS_MAX_DIGEST_LENGTH
*/
#define MAXIMUM_TSIG_SPACE (538 + EVP_MAX_MD_SIZE)
#define MAXIMUM_TSIG_SPACE (538 + GETDNS_TLS_MAX_DIGEST_LENGTH)
getdns_dict dnssec_ok_checking_disabled_spc = {
{ RBTREE_NULL, 0, (int (*)(const void *, const void *)) strcmp },