[CritFix] Check NM part of pubkey to match it with rotating keypairs

author: Vsevolod Stakhov <vsevolod@highsecure.ru> 2018-06-29 11:24:43 +0100
committer: Vsevolod Stakhov <vsevolod@highsecure.ru> 2018-06-29 11:24:43 +0100
commit: c4ccac7afb09784d15a38a27ec1b4c167cb031c5 (patch)
tree: 6fed6fb64529498175c57190582c975a63d3ec6d /src/fuzzy_storage.c
parent: 53632b619666d67d14640b1dc0832b2ab6eb8aa8 (diff)
download: rspamd-c4ccac7afb09784d15a38a27ec1b4c167cb031c5.tar.gz
rspamd-c4ccac7afb09784d15a38a27ec1b4c167cb031c5.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/fuzzy_storage.c b/src/fuzzy_storage.c
index 5499fa732..9243e369e 100644
--- a/src/fuzzy_storage.c
+++ b/src/fuzzy_storage.c
@@ -1060,7 +1060,7 @@ rspamd_fuzzy_decrypt_command (struct fuzzy_session *s)
 
 	/* Now decrypt request */
 	if (!rspamd_cryptobox_decrypt_nm_inplace (payload, payload_len, hdr->nonce,
-			rspamd_pubkey_get_nm (rk),
+			rspamd_pubkey_get_nm (rk, key->key),
 			hdr->mac, RSPAMD_CRYPTOBOX_MODE_25519)) {
 		msg_err ("decryption failed");
 		rspamd_pubkey_unref (rk);
@@ -1068,7 +1068,7 @@ rspamd_fuzzy_decrypt_command (struct fuzzy_session *s)
 		return FALSE;
 	}
 
-	memcpy (s->nm, rspamd_pubkey_get_nm (rk), sizeof (s->nm));
+	memcpy (s->nm, rspamd_pubkey_get_nm (rk, key->key), sizeof (s->nm));
 	rspamd_pubkey_unref (rk);
 
 	return TRUE;
author	Vsevolod Stakhov <vsevolod@highsecure.ru>	2018-06-29 11:24:43 +0100
committer	Vsevolod Stakhov <vsevolod@highsecure.ru>	2018-06-29 11:24:43 +0100
commit	c4ccac7afb09784d15a38a27ec1b4c167cb031c5 (patch)
tree	6fed6fb64529498175c57190582c975a63d3ec6d /src/fuzzy_storage.c
parent	53632b619666d67d14640b1dc0832b2ab6eb8aa8 (diff)
download	rspamd-c4ccac7afb09784d15a38a27ec1b4c167cb031c5.tar.gz rspamd-c4ccac7afb09784d15a38a27ec1b4c167cb031c5.zip