char *sig;
};
-static void set_new_transform(struct site *st, char *pk)
+static _Bool set_new_transform(struct site *st, char *pk)
{
+ _Bool ok;
+
/* Make room for the shared key */
st->sharedsecretlen=st->chosen_transform->keylen?:st->dh->ceil_len;
assert(st->sharedsecretlen);
/* Set up the transform */
struct transform_if *generator=st->chosen_transform;
struct transform_inst_if *generated=generator->create(generator->st);
- generated->setkey(generated->st,st->sharedsecret,
- st->sharedsecretlen,st->setup_priority);
+ ok = generated->setkey(generated->st,st->sharedsecret,
+ st->sharedsecretlen,st->setup_priority);
+
dispose_transform(&st->new_transform);
+ if (!ok) return False;
st->new_transform=generated;
slog(st,LOG_SETUP_INIT,"key exchange negotiated transform"
" %d (capabilities ours=%#"PRIx32" theirs=%#"PRIx32")",
st->chosen_transform->capab_transformnum,
st->local_capabilities, st->remote_capabilities);
+ return True;
}
struct xinfoadd {
st->random->generate(st->random->st,st->dh->len,st->dhsecret);
/* Generate the shared key and set up the transform */
- set_new_transform(st,m.pk);
+ if (!set_new_transform(st,m.pk)) return False;
return True;
}
m.pk[m.pklen]=0;
/* Generate the shared key and set up the transform */
- set_new_transform(st,m.pk);
+ if (!set_new_transform(st,m.pk)) return False;
return True;
}
~mdw / secnet / commitdiff