To the Teso crew, if you could try redoing your analysis with the
following patch applied, I would greatly appreciate it. The problem is
that the secret[] isn't array isn't getting properly initialized, and
the crypto hash doesn't work well when the secret is all zero's. Chalk
this up to another example of "why C is inherently an unsafe programming
langauge". (blush)
if (!rekey_time || (tv.tv_sec - rekey_time) > REKEY_INTERVAL) {
rekey_time = tv.tv_sec;
/* First three words are overwritten below. */
- get_random_bytes(&secret+3, sizeof(secret)-12);
+ get_random_bytes(&secret[3], sizeof(secret)-12);
count = (tv.tv_sec/REKEY_INTERVAL) << HASH_BITS;
}
- Ted
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/