From 4795f0ca89a3e907cbcc2d406da27b38f9aed8dd Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Fri, 22 Jun 2018 09:50:10 +1000
Subject: [PATCH] the client cookie was being hashed twice when computing the
 server cookie for sha1 and sha256

---
 lib/ns/client.c | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/lib/ns/client.c b/lib/ns/client.c
index ad5f492d82..e0aa915c7b 100644
--- a/lib/ns/client.c
+++ b/lib/ns/client.c
@@ -1851,8 +1851,6 @@ compute_cookie(ns_client_t *client, isc_uint32_t when, isc_uint32_t nonce,
 			INSIST(0);
 		}
 		isc_hmacsha1_update(&hmacsha1, cp, length);
-		isc_hmacsha1_update(&hmacsha1, client->cookie,
-				    sizeof(client->cookie));
 		isc_hmacsha1_sign(&hmacsha1, digest, sizeof(digest));
 		isc_buffer_putmem(buf, digest, 8);
 		isc_hmacsha1_invalidate(&hmacsha1);
@@ -1888,8 +1886,6 @@ compute_cookie(ns_client_t *client, isc_uint32_t when, isc_uint32_t nonce,
 			INSIST(0);
 		}
 		isc_hmacsha256_update(&hmacsha256, cp, length);
-		isc_hmacsha256_update(&hmacsha256, client->cookie,
-				      sizeof(client->cookie));
 		isc_hmacsha256_sign(&hmacsha256, digest, sizeof(digest));
 		isc_buffer_putmem(buf, digest, 8);
 		isc_hmacsha256_invalidate(&hmacsha256);