Nevermind, there is another error to fix. New patch will follow.
Fabio On 9/1/2014 10:00 PM, Fabio M. Di Nitto wrote: > From: "Fabio M. Di Nitto" <[email protected]> > > libnss is "weird" in this respect as some block sizes are > hardcoded, others need to be determined dynamically. > > For AES we need to use the values we know since GetBlockSize would > return errors, for 3des (that hopefully nobody is using) the value > returned by GetBlockSize is 8, but let's use the call into libnss > to avoid possible conflicts with distro patching or older > versions. > > Signed-off-by: Fabio M. Di Nitto <[email protected]> --- > exec/totemcrypto.c | 15 ++++++++++++++- 1 file changed, 14 > insertions(+), 1 deletion(-) > > diff --git a/exec/totemcrypto.c b/exec/totemcrypto.c index > 69818b8..362ea82 100644 --- a/exec/totemcrypto.c +++ > b/exec/totemcrypto.c @@ -666,6 +666,7 @@ size_t > crypto_sec_header_size( int crypto_cipher = > string_to_crypto_cipher_type(crypto_cipher_type); int crypto_hash = > string_to_crypto_hash_type(crypto_hash_type); size_t hdr_size = 0; > + int block_size = 0; > > hdr_size = sizeof(struct crypto_config_header); > > @@ -675,7 +676,19 @@ size_t crypto_sec_header_size( > > if (crypto_cipher) { hdr_size += SALT_SIZE; - hdr_size += > cypher_block_len[crypto_cipher]; + if > (cypher_block_len[crypto_cipher]) { + block_size = > cypher_block_len[crypto_cipher]; + } else { + > block_size = > PK11_GetBlockSize(crypto_cipher, NULL); + if (block_size > < 0) { + > /* + * failsafe. we can potentially lose up to 63 + > * byte > per packet, but better than fragmenting + */ + > block_size = > 64; + } + } + hdr_size += block_size; > } > > return hdr_size; > _______________________________________________ discuss mailing list [email protected] http://lists.corosync.org/mailman/listinfo/discuss
