[svn] Merge of fix for bugs 20341 and 20410.

[wget] / src / ftp-opie.c

diff --git a/src/ftp-opie.c b/src/ftp-opie.c
index 9c4a1ea51e080320dcc51d4e0536427ba7a9ac16..ad315f6824f76c8fdff89ebb7047a43a251ab967 100644 (file)
--- a/src/ftp-opie.c
+++ b/src/ftp-opie.c
@@ -1,11 +1,11 @@
 /* Opie (s/key) support for FTP.
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998-2004 Free Software Foundation, Inc.
 
 This file is part of GNU Wget.
 
 GNU Wget is free software; you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2 of the License, or
+the Free Software Foundation; either version 3 of the License, or
 (at your option) any later version.
 
 GNU Wget is distributed in the hope that it will be useful,
@@ -14,8 +14,7 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU General Public License for more details.
 
 You should have received a copy of the GNU General Public License
-along with Wget; if not, write to the Free Software
-Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+along with Wget.  If not, see <http://www.gnu.org/licenses/>.
 
 In addition, as a special exception, the Free Software Foundation
 gives permission to link the code of its release of Wget with the
@@ -31,11 +30,7 @@ so, delete this exception statement from your version.  */
 
 #include <stdio.h>
 #include <stdlib.h>
-#ifdef HAVE_STRING_H
-# include <string.h>
-#else
-# include <strings.h>
-#endif
+#include <string.h>
 
 #include "wget.h"
 #include "gen-md5.h"
@@ -2165,14 +2160,6 @@ btoe (char *store, const unsigned char *c)
   return store_beg;
 }
 
-/* Calculate the MD5 checksum of SRC in one step.  The MD5 context
-   must be declared as md5_ctx.  */
-#define DO_MD5(src, len, dest) do {                            \
-  gen_md5_init (md5_ctx);                                      \
-  gen_md5_update ((unsigned char *) (src), (len), md5_ctx);    \
-  gen_md5_finish (md5_ctx, (unsigned char *) (dest));          \
-} while (0)
-
 /* Calculate the SKEY response, based on the sequence, seed
    (challenge), and the secret password.  The calculated response is
    used instead of the real password when logging in to SKEY-enabled
@@ -2211,18 +2198,19 @@ skey_response (int sequence, const char *seed, const char *pass)
   ALLOCA_MD5_CONTEXT (md5_ctx);
   uint32_t checksum[4];
 
-  char *feed = (char *) alloca (strlen (seed) + strlen (pass) + 1);
-  strcpy (feed, seed);
-  strcat (feed, pass);
-
-  DO_MD5 (feed, strlen (feed), checksum);
+  gen_md5_init (md5_ctx);
+  gen_md5_update ((const unsigned char *)seed, strlen(seed), md5_ctx);
+  gen_md5_update ((const unsigned char *)pass, strlen(pass), md5_ctx);
+  gen_md5_finish (md5_ctx, (unsigned char *)checksum);
   checksum[0] ^= checksum[2];
   checksum[1] ^= checksum[3];
   memcpy (key, checksum, 8);
 
   while (sequence-- > 0)
     {
-      DO_MD5 (key, 8, checksum);
+      gen_md5_init (md5_ctx);
+      gen_md5_update ((unsigned char *) key, 8, md5_ctx);
+      gen_md5_finish (md5_ctx, (unsigned char *) checksum);
       checksum[0] ^= checksum[2];
       checksum[1] ^= checksum[3];
       memcpy (key, checksum, 8);