~mdw
/
secnet
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
site, transform: Do not initiate rekey when packets too much out of order
[secnet]
/
transform.c
diff --git
a/transform.c
b/transform.c
index
b13c2dd
..
f1da564
100644
(file)
--- a/
transform.c
+++ b/
transform.c
@@
-72,8
+72,8
@@
static void transform_delkey(void *sst)
{
struct transform_inst *ti=sst;
{
struct transform_inst *ti=sst;
-
memset(&ti->cryptkey,0,sizeof(ti->cryptkey)
);
-
memset(&ti->mackey,0,sizeof(ti->mackey)
);
+
FILLZERO(ti->cryptkey
);
+
FILLZERO(ti->mackey
);
ti->keyed=False;
}
ti->keyed=False;
}
@@
-171,6
+171,10
@@
static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
return 1;
}
return 1;
}
+ if (buf->size < 4 + 16 + 16) {
+ *errmsg="msg too short";
+ return 1;
+ }
/* CBC */
memset(iv,0,16);
/* CBC */
memset(iv,0,16);
@@
-181,6
+185,7
@@
static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
/* Assert bufsize is multiple of blocksize */
if (buf->size&0xf) {
*errmsg="msg not multiple of cipher blocksize";
/* Assert bufsize is multiple of blocksize */
if (buf->size&0xf) {
*errmsg="msg not multiple of cipher blocksize";
+ return 1;
}
serpent_encrypt(&ti->cryptkey,iv,iv);
for (n=buf->start; n<buf->start+buf->size; n+=16)
}
serpent_encrypt(&ti->cryptkey,iv,iv);
for (n=buf->start; n<buf->start+buf->size; n+=16)
@@
-242,7
+247,7
@@
static uint32_t transform_reverse(void *sst, struct buffer_if *buf,
} else {
/* Too much skew */
*errmsg="seqnum: too much skew";
} else {
/* Too much skew */
*errmsg="seqnum: too much skew";
- return
1
;
+ return
2
;
}
return 0;
}
return 0;
@@
-252,7
+257,7
@@
static void transform_destroy(void *sst)
{
struct transform_inst *st=sst;
{
struct transform_inst *st=sst;
-
memset(st,0,sizeof(*st)
); /* Destroy key material */
+
FILLZERO(*st
); /* Destroy key material */
free(st);
}
free(st);
}