From: Matt Mackall <mpm@selenic.com>


Signed-off-by: Andrew Morton <akpm@osdl.org>
---

 25-akpm/lib/sha1.c |    6 +++++-
 1 files changed, 5 insertions(+), 1 deletion(-)

diff -puN lib/sha1.c~random-pt4-replace-sha-with-faster-version-fix-fix lib/sha1.c
--- 25/lib/sha1.c~random-pt4-replace-sha-with-faster-version-fix-fix	2005-01-25 22:07:13.539066912 -0800
+++ 25-akpm/lib/sha1.c	2005-01-25 22:07:13.542066456 -0800
@@ -25,11 +25,15 @@
  *
  * @digest: 160 bit digest to update
  * @data:   512 bits of data to hash
- * @W:      80 words of workspace, caller should clear
+ * @W:      80 words of workspace (see note)
  *
  * This function generates a SHA1 digest for a single. Be warned, it
  * does not handle padding and message digest, do not confuse it with
  * the full FIPS 180-1 digest algorithm for variable length messages.
+ *
+ * Note: If the hash is security sensitive, the caller should be sure
+ * to clear the workspace. This is left to the caller to avoid
+ * unnecessary clears between chained hashing operations.
  */
 void sha_transform(__u32 *digest, const char *in, __u32 *W)
 {
_