summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFranck Bui <fbui@suse.com>2016-09-23 13:33:01 +0200
committerFranck Bui <fbui@suse.com>2016-09-23 14:59:51 +0200
commit33685a5a3a98c6ded64d0cc25e37d0180ceb0a6a (patch)
treee02807ff1130ab0b41d50398695b088a6a6e7181
parent43cd8794839548a6f332875e8bee8bed2652bf2c (diff)
journal: fix HMAC calculation when appending a data object
Since commit 5996c7c295e073ce21d41305169132c8aa993ad0 (v190 !), the calculation of the HMAC is broken because the hash for a data object including a field is done in the wrong order: the field object is hashed before the data object is. However during verification, the hash is done in the opposite order as objects are scanned sequentially.
-rw-r--r--src/journal/journal-file.c12
1 files changed, 6 insertions, 6 deletions
diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c
index f6f58a1ae3..349ef74e81 100644
--- a/src/journal/journal-file.c
+++ b/src/journal/journal-file.c
@@ -1374,6 +1374,12 @@ static int journal_file_append_data(
if (r < 0)
return r;
+#ifdef HAVE_GCRYPT
+ r = journal_file_hmac_put_object(f, OBJECT_DATA, o, p);
+ if (r < 0)
+ return r;
+#endif
+
/* The linking might have altered the window, so let's
* refresh our pointer */
r = journal_file_move_to_object(f, OBJECT_DATA, p, &o);
@@ -1398,12 +1404,6 @@ static int journal_file_append_data(
fo->field.head_data_offset = le64toh(p);
}
-#ifdef HAVE_GCRYPT
- r = journal_file_hmac_put_object(f, OBJECT_DATA, o, p);
- if (r < 0)
- return r;
-#endif
-
if (ret)
*ret = o;