You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
48 lines
1.6 KiB
48 lines
1.6 KiB
From 4f36220ccfe40621cd7df3595568278d7bca4f87 Mon Sep 17 00:00:00 2001 |
|
From: Franck Bui <fbui@suse.com> |
|
Date: Fri, 23 Sep 2016 13:33:01 +0200 |
|
Subject: [PATCH] journal: fix HMAC calculation when appending a data object |
|
|
|
Since commit 5996c7c295e073ce21d41305169132c8aa993ad0 (v190 !), the |
|
calculation of the HMAC is broken because the hash for a data object |
|
including a field is done in the wrong order: the field object is |
|
hashed before the data object is. |
|
|
|
However during verification, the hash is done in the opposite order as |
|
objects are scanned sequentially. |
|
|
|
(cherry picked from commit 33685a5a3a98c6ded64d0cc25e37d0180ceb0a6a) |
|
--- |
|
src/journal/journal-file.c | 12 ++++++------ |
|
1 file changed, 6 insertions(+), 6 deletions(-) |
|
|
|
diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c |
|
index 2bb3a9757..586f620e2 100644 |
|
--- a/src/journal/journal-file.c |
|
+++ b/src/journal/journal-file.c |
|
@@ -1099,6 +1099,12 @@ static int journal_file_append_data( |
|
if (r < 0) |
|
return r; |
|
|
|
+#ifdef HAVE_GCRYPT |
|
+ r = journal_file_hmac_put_object(f, OBJECT_DATA, o, p); |
|
+ if (r < 0) |
|
+ return r; |
|
+#endif |
|
+ |
|
/* The linking might have altered the window, so let's |
|
* refresh our pointer */ |
|
r = journal_file_move_to_object(f, OBJECT_DATA, p, &o); |
|
@@ -1123,12 +1129,6 @@ static int journal_file_append_data( |
|
fo->field.head_data_offset = le64toh(p); |
|
} |
|
|
|
-#ifdef HAVE_GCRYPT |
|
- r = journal_file_hmac_put_object(f, OBJECT_DATA, o, p); |
|
- if (r < 0) |
|
- return r; |
|
-#endif |
|
- |
|
if (ret) |
|
*ret = o; |
|
|
|
|