File chrony-refid-internal-md5.patch of Package chrony.23349

--- util.c.orig
+++ util.c
@@ -32,7 +32,13 @@
 #include "logging.h"
 #include "memory.h"
 #include "util.h"
-#include "hash.h"
+/*
+ * We use the internal MD5 implementation here to avoid trouble with
+ * FIPS. This is OK, because MD5 is only being used for the non-crypto
+ * purpose of hashing 128 bit IPv6 addresses to 32 bit referenc IDs,
+ * as required by RFC 5905.
+ */
+#include "md5.c"
 
 #define NSEC_PER_SEC 1000000000
 
@@ -392,21 +398,17 @@ UTI_IsIPReal(const IPAddr *ip)
 uint32_t
 UTI_IPToRefid(const IPAddr *ip)
 {
-  static int MD5_hash = -1;
-  unsigned char buf[16];
+  MD5_CTX ctx;
+  unsigned char *buf = &ctx.digest;
 
   switch (ip->family) {
     case IPADDR_INET4:
       return ip->addr.in4;
     case IPADDR_INET6:
-      if (MD5_hash < 0)
-        MD5_hash = HSH_GetHashId(HSH_MD5);
-
-      if (MD5_hash < 0 ||
-          HSH_Hash(MD5_hash, (const unsigned char *)ip->addr.in6, sizeof (ip->addr.in6),
-                   NULL, 0, buf, sizeof (buf)) != sizeof (buf))
-        LOG_FATAL("Could not get MD5");
-
+      MD5Init(&ctx);
+      MD5Update(&ctx, (unsigned const char *)ip->addr.in6,
+                     sizeof(ip->addr.in6));
+      MD5Final(&ctx);
       return (uint32_t)buf[0] << 24 | buf[1] << 16 | buf[2] << 8 | buf[3];
   }
   return 0;
Places

File chrony-refid-internal-md5.patch of Package chrony.23349

Places
