site.c, dh.c, secnet.h: Allow the dh `makeshared' method to fail.

The only current implementation still can't, and won't, but change the
interface to acknowledge the possibility, and fix callers to propagate
failures.

Signed-off-by: Mark Wooding <mdw@distorted.org.uk>

diff --git a/dh.c b/dh.c
index 0616a43..6860bfa 100644 (file)
--- a/dh.c
+++ b/dh.c
@@ -62,9 +62,9 @@ static string_t dh_makepublic(void *sst, uint8_t *secret, int32_t secretlen)
 }
 
 static dh_makeshared_fn dh_makeshared;
-static void dh_makeshared(void *sst, uint8_t *secret, int32_t secretlen,
-                         cstring_t rempublic, uint8_t *sharedsecret,
-                         int32_t buflen)
+static bool_t dh_makeshared(void *sst, uint8_t *secret, int32_t secretlen,
+                           cstring_t rempublic, uint8_t *sharedsecret,
+                           int32_t buflen)
 {
     struct dh *st=sst;
     MP_INT a, b, c;
@@ -83,6 +83,8 @@ static void dh_makeshared(void *sst, uint8_t *secret, int32_t secretlen,
     mpz_clear(&a);
     mpz_clear(&b);
     mpz_clear(&c);
+
+    return True;
 }
 
 static list_t *dh_apply(closure_t *self, struct cloc loc, dict_t *context,

diff --git a/secnet.h b/secnet.h
index c93a279..b23ffa8 100644 (file)
--- a/secnet.h
+++ b/secnet.h
@@ -616,9 +616,9 @@ struct netlink_if {
 typedef string_t dh_makepublic_fn(void *st, uint8_t *secret,
                                  int32_t secretlen);
 /* Fills buffer (up to buflen) with shared secret */
-typedef void dh_makeshared_fn(void *st, uint8_t *secret,
-                             int32_t secretlen, cstring_t rempublic,
-                             uint8_t *sharedsecret, int32_t buflen);
+typedef bool_t dh_makeshared_fn(void *st, uint8_t *secret,
+                               int32_t secretlen, cstring_t rempublic,
+                               uint8_t *sharedsecret, int32_t buflen);
 struct dh_if {
     void *st;
     int32_t len; /* Approximate size of modulus in bytes */

diff --git a/site.c b/site.c
index 3b8f34d..4ac0bab 100644 (file)
--- a/site.c
+++ b/site.c
@@ -561,8 +561,9 @@ static _Bool set_new_transform(struct site *st, char *pk)
     }
 
     /* Generate the shared key */
-    st->dh->makeshared(st->dh->st,st->dhsecret,st->dh->len,pk,
-                      st->sharedsecret,st->sharedsecretlen);
+    if (!st->dh->makeshared(st->dh->st,st->dhsecret,st->dh->len,pk,
+                           st->sharedsecret,st->sharedsecretlen))
+       return False;
 
     /* Set up the transform */
     struct transform_if *generator=st->chosen_transform;