From 7c98e2b345b91d8ef3fb1f7a1bcf74194d54c966 Mon Sep 17 00:00:00 2001
From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com>
Date: Sun, 12 Mar 2023 12:14:41 +0100
Subject: Use default OPENSSL sha functions if available

---
 lib/utils_base.c | 27 +++++++++++++++++++--------
 lib/utils_base.h |  4 +++-
 2 files changed, 22 insertions(+), 9 deletions(-)

(limited to 'lib')

diff --git a/lib/utils_base.c b/lib/utils_base.c
index eb1823bb..39032cbd 100644
--- a/lib/utils_base.c
+++ b/lib/utils_base.c
@@ -402,26 +402,37 @@ int mp_translate_state (char *state_text) {
  * parse of argv, so that uniqueness in parameters are reflected there.
  */
 char *_np_state_generate_key() {
-	struct sha256_ctx ctx;
 	int i;
 	char **argv = this_monitoring_plugin->argv;
 	unsigned char result[20];
 	char keyname[41];
 	char *p=NULL;
+#ifdef USE_OPENSSL
+	/*
+	 * This code path is chosen if openssl is available (which should be the most common
+	 * scenario). Alternatively, the gnulib implementation/
+	 *
+	 */
+	EVP_MD_CTX *ctx = EVP_MD_CTX_new();
+
+	EVP_DigestInit(ctx, EVP_sha256());
+
+	for(i=0; i<this_monitoring_plugin->argc; i++) {
+		EVP_DigestUpdate(ctx, argv[i], strlen(argv[i]));
+	}
+
+	EVP_DigestFinalXOF(ctx, &result, 20);
+#else
+	struct sha256_ctx ctx;
 
-	sha256_init_ctx(&ctx);
-	
 	for(i=0; i<this_monitoring_plugin->argc; i++) {
 		sha256_process_bytes(argv[i], strlen(argv[i]), &ctx);
 	}
 
 	sha256_finish_ctx(&ctx, &result);
-	
-	for (i=0; i<20; ++i) {
-		sprintf(&keyname[2*i], "%02x", result[i]);
-	}
+#endif // FOUNDOPENSSL
 	keyname[40]='\0';
-	
+
 	p = strdup(keyname);
 	if(p==NULL) {
 		die(STATE_UNKNOWN, _("Cannot execute strdup: %s"), strerror(errno));
diff --git a/lib/utils_base.h b/lib/utils_base.h
index 59065504..9cb42767 100644
--- a/lib/utils_base.h
+++ b/lib/utils_base.h
@@ -2,7 +2,9 @@
 #define _UTILS_BASE_
 /* Header file for Monitoring Plugins utils_base.c */
 
-#include "sha256.h"
+#ifndef USE_OPENSSL
+# include "sha256.h"
+#endif
 
 /* This file holds header information for thresholds - use this in preference to 
    individual plugin logic */
-- 
cgit v1.2.3-74-g34f1


From f6f2ba34c713b5bc65936af836be24ebc74faf46 Mon Sep 17 00:00:00 2001
From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com>
Date: Sun, 12 Mar 2023 13:58:25 +0100
Subject: Fix hash creation

---
 lib/utils_base.c | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

(limited to 'lib')

diff --git a/lib/utils_base.c b/lib/utils_base.c
index 39032cbd..105ff44e 100644
--- a/lib/utils_base.c
+++ b/lib/utils_base.c
@@ -404,9 +404,15 @@ int mp_translate_state (char *state_text) {
 char *_np_state_generate_key() {
 	int i;
 	char **argv = this_monitoring_plugin->argv;
-	unsigned char result[20];
 	char keyname[41];
 	char *p=NULL;
+
+	unsigned char *result = malloc(256 * sizeof(unsigned char));
+
+	if (result == NULL) {
+		die(STATE_UNKNOWN, _("Failed to allocate memory for hashes: %s"), strerror(errno));
+	}
+
 #ifdef USE_OPENSSL
 	/*
 	 * This code path is chosen if openssl is available (which should be the most common
@@ -421,16 +427,22 @@ char *_np_state_generate_key() {
 		EVP_DigestUpdate(ctx, argv[i], strlen(argv[i]));
 	}
 
-	EVP_DigestFinalXOF(ctx, &result, 20);
+	EVP_DigestFinal(ctx, result, NULL);
 #else
+
 	struct sha256_ctx ctx;
 
 	for(i=0; i<this_monitoring_plugin->argc; i++) {
 		sha256_process_bytes(argv[i], strlen(argv[i]), &ctx);
 	}
 
-	sha256_finish_ctx(&ctx, &result);
+	sha256_finish_ctx(&ctx, result);
 #endif // FOUNDOPENSSL
+
+	for (i=0; i<20; ++i) {
+		sprintf(&keyname[2*i], "%02x", result[i]);
+	}
+
 	keyname[40]='\0';
 
 	p = strdup(keyname);
-- 
cgit v1.2.3-74-g34f1


From c5e90822d7db1db504e19007a7078d1fa09267f2 Mon Sep 17 00:00:00 2001
From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com>
Date: Sun, 23 Jul 2023 22:07:33 +0200
Subject: Use memory on stack instead of heap for temporary variables

---
 lib/utils_base.c | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

(limited to 'lib')

diff --git a/lib/utils_base.c b/lib/utils_base.c
index 176fa850..0f521263 100644
--- a/lib/utils_base.c
+++ b/lib/utils_base.c
@@ -407,11 +407,7 @@ char *_np_state_generate_key() {
 	char keyname[41];
 	char *p=NULL;
 
-	unsigned char *result = malloc(256 * sizeof(unsigned char));
-
-	if (result == NULL) {
-		die(STATE_UNKNOWN, _("Failed to allocate memory for hashes: %s"), strerror(errno));
-	}
+	unsigned char result[256];
 
 #ifdef USE_OPENSSL
 	/*
-- 
cgit v1.2.3-74-g34f1