_Bool ok;
/* Generate the shared key */
+ assert(!st->sharedsecret);
+ st->sharedsecret = safe_malloc(st->dh->shared_len, "site:sharedsecret");
if (!st->dh->makeshared(st->dh->st,st->dhsecret,st->dh->secret_len,
pk, st->sharedsecret,st->dh->shared_len))
return False;
return True;
}
+static void generate_dhsecret(struct site *st)
+{
+ assert(!st->dhsecret);
+ st->dhsecret = safe_malloc(st->dh->secret_len, "site:dhsecret");
+ st->random->generate(st->random->st, st->dh->secret_len,st->dhsecret);
+}
+
static bool_t generate_msg3(struct site *st)
{
/* Now we have our nonce and their nonce. Think of a secret key,
and create message number 3. */
- st->random->generate(st->random->st,st->dh->secret_len,st->dhsecret);
+ generate_dhsecret(st);
return generate_msg(st,
(st->remote_capabilities & CAPAB_TRANSFORM_MASK)
? LABEL_MSG3BIS
/* Terminate their DH public key with a '0' */
m.pk[m.pklen]=0;
/* Invent our DH secret key */
- st->random->generate(st->random->st,st->dh->secret_len,st->dhsecret);
+ generate_dhsecret(st);
/* Generate the shared key and set up the transform */
if (!set_new_transform(st,m.pk)) return False;
FILLZERO(st->localN);
FILLZERO(st->remoteN);
dispose_transform(&st->new_transform);
- memset(st->dhsecret,0,st->dh->secret_len);
- memset(st->sharedsecret,0,st->dh->shared_len);
+ if (st->dhsecret) {
+ memset(st->dhsecret, 0, st->dh->secret_len);
+ free(st->dhsecret);
+ st->dhsecret = 0;
+ }
+ if (st->sharedsecret) {
+ memset(st->sharedsecret, 0, st->dh->shared_len);
+ free(st->sharedsecret);
+ st->sharedsecret = 0;
+ }
set_link_quality(st);
if (st->keepalive && !current_valid(st))
st->auxiliary_key.key_timeout=0;
transport_peers_clear(st,&st->peers);
transport_peers_clear(st,&st->setup_peers);
- /* XXX mlock these */
- st->dhsecret=safe_malloc(st->dh->secret_len,"site:dhsecret");
- st->sharedsecret=safe_malloc(st->dh->shared_len, "site:sharedsecret");
+ st->dhsecret=0;
+ st->sharedsecret=0;
#define SET_CAPBIT(bit) do { \
uint32_t capflag = 1UL << (bit); \