From 29c2f8186faf13a8fb02fee07e80794b35481cf1 Mon Sep 17 00:00:00 2001 From: Mark Wooding Date: Wed, 26 Apr 2017 11:53:05 +0100 Subject: [PATCH] site.c, dh.c, secnet.h: Allow the dh `makeshared' method to fail. The only current implementation still can't, and won't, but change the interface to acknowledge the possibility, and fix callers to propagate failures. Signed-off-by: Mark Wooding --- dh.c | 8 +++++--- secnet.h | 6 +++--- site.c | 5 +++-- 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/dh.c b/dh.c index 0616a43..6860bfa 100644 --- a/dh.c +++ b/dh.c @@ -62,9 +62,9 @@ static string_t dh_makepublic(void *sst, uint8_t *secret, int32_t secretlen) } static dh_makeshared_fn dh_makeshared; -static void dh_makeshared(void *sst, uint8_t *secret, int32_t secretlen, - cstring_t rempublic, uint8_t *sharedsecret, - int32_t buflen) +static bool_t dh_makeshared(void *sst, uint8_t *secret, int32_t secretlen, + cstring_t rempublic, uint8_t *sharedsecret, + int32_t buflen) { struct dh *st=sst; MP_INT a, b, c; @@ -83,6 +83,8 @@ static void dh_makeshared(void *sst, uint8_t *secret, int32_t secretlen, mpz_clear(&a); mpz_clear(&b); mpz_clear(&c); + + return True; } static list_t *dh_apply(closure_t *self, struct cloc loc, dict_t *context, diff --git a/secnet.h b/secnet.h index c93a279..b23ffa8 100644 --- a/secnet.h +++ b/secnet.h @@ -616,9 +616,9 @@ struct netlink_if { typedef string_t dh_makepublic_fn(void *st, uint8_t *secret, int32_t secretlen); /* Fills buffer (up to buflen) with shared secret */ -typedef void dh_makeshared_fn(void *st, uint8_t *secret, - int32_t secretlen, cstring_t rempublic, - uint8_t *sharedsecret, int32_t buflen); +typedef bool_t dh_makeshared_fn(void *st, uint8_t *secret, + int32_t secretlen, cstring_t rempublic, + uint8_t *sharedsecret, int32_t buflen); struct dh_if { void *st; int32_t len; /* Approximate size of modulus in bytes */ diff --git a/site.c b/site.c index 3b8f34d..4ac0bab 100644 --- a/site.c +++ b/site.c @@ -561,8 +561,9 @@ static _Bool set_new_transform(struct site *st, char *pk) } /* Generate the shared key */ - st->dh->makeshared(st->dh->st,st->dhsecret,st->dh->len,pk, - st->sharedsecret,st->sharedsecretlen); + if (!st->dh->makeshared(st->dh->st,st->dhsecret,st->dh->len,pk, + st->sharedsecret,st->sharedsecretlen)) + return False; /* Set up the transform */ struct transform_if *generator=st->chosen_transform; -- 2.11.0