* md5 string
*/
-char *make_apop_string(char *realpass, char *nonce, char *buffer)
+char *make_apop_string(char *realpass, char *nonce, char *buffer, size_t n)
{
struct MD5Context ctx;
u_char rawdigest[MD5_DIGEST_LEN];
int i;
MD5Init(&ctx);
-// printf("MD5@@: Adding nonce: %s\n", nonce);
MD5Update(&ctx, (u_char*)nonce, strlen(nonce));
-// printf("MD5@@: Adding password %s\n", realpass);
MD5Update(&ctx, (u_char*)realpass, strlen(realpass));
MD5Final(rawdigest, &ctx);
for (i=0; i<MD5_DIGEST_LEN; i++)
{
- sprintf(&buffer[i*2], "%02X", (unsigned char) (rawdigest[i] & 0xff));
+ snprintf(&buffer[i*2], n - i*2, "%02X", (unsigned char) (rawdigest[i] & 0xff));
buffer[i*2] = tolower(buffer[i*2]);
buffer[(i*2)+1] = tolower(buffer[(i*2)+1]);
}
-// printf("MD5@@: Result is %s\n", buffer);
return buffer;
}