[PATCH 3/3] vimeo: do not trust gcrypt to zero-terminate a digest



For some unknown reason, gcrypt does not always zero-terminate the digest it
returns. This means some requests failed because the oauth signature was wrong.

With this commit, #639965[1] should be fixed.

[1] https://bugzilla.gnome.org/show_bug.cgi?id=639965
---
 src/vimeo/gvimeo.c |    5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/vimeo/gvimeo.c b/src/vimeo/gvimeo.c
index 402f8ba..3b7f2fc 100644
--- a/src/vimeo/gvimeo.c
+++ b/src/vimeo/gvimeo.c
@@ -187,6 +187,7 @@ sign_string (gchar *message, gchar *key)
   gchar *signed_message = NULL;
   gcry_md_hd_t digest_obj;
   unsigned char *hmac_digest;
+  guint digest_len;
 
   gcry_md_open(&digest_obj,
 	       GCRY_MD_SHA1,
@@ -196,8 +197,8 @@ sign_string (gchar *message, gchar *key)
   gcry_md_final (digest_obj);
   hmac_digest = gcry_md_read (digest_obj, 0);
 
-  signed_message = g_base64_encode (hmac_digest,
-				    strlen ((gchar *) hmac_digest));
+  digest_len = gcry_md_get_algo_dlen (GCRY_MD_SHA1);
+  signed_message = g_base64_encode (hmac_digest, digest_len);
 
   gcry_md_close (digest_obj);
 
-- 
1.7.1



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]