diff options
| author | Jonathan Gray <jsg@cvs.openbsd.org> | 2014-10-12 15:57:01 +0000 |
|---|---|---|
| committer | Jonathan Gray <jsg@cvs.openbsd.org> | 2014-10-12 15:57:01 +0000 |
| commit | c5ffeef8644bb7246e2ea9a9f35b94f0775ba828 (patch) | |
| tree | e7b8671e933f064e0b7e0c4cbbb31ff0b49e1338 | |
| parent | 8f723f583034fae9d0b8a6c742e1ce000cee9b3a (diff) | |
DH_compute_key() returns -1 on error but this was not
handled by testing the result with a negation.
Ralf Horstmann discovered iked would segfault
when connecting from Strongswan on Android because
of this and supplied the patch to fix the problem.
ok reyk@
| -rw-r--r-- | sbin/iked/dh.c | 4 | ||||
| -rw-r--r-- | sbin/isakmpd/dh.c | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/sbin/iked/dh.c b/sbin/iked/dh.c index 7a26712a2bb..8fe965dfa46 100644 --- a/sbin/iked/dh.c +++ b/sbin/iked/dh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh.c,v 1.14 2014/08/27 10:28:57 reyk Exp $ */ +/* $OpenBSD: dh.c,v 1.15 2014/10/12 15:57:00 jsg Exp $ */ /* * Copyright (c) 2010-2014 Reyk Floeter <reyk@openbsd.org> @@ -472,7 +472,7 @@ modp_create_shared(struct group *group, u_int8_t *secret, u_int8_t *exchange) ret = DH_compute_key(secret, ex, group->dh); BN_clear_free(ex); - if (!ret) + if (ret <= 0) return (-1); /* add zero padding */ diff --git a/sbin/isakmpd/dh.c b/sbin/isakmpd/dh.c index bf94d0e2854..d15856b7210 100644 --- a/sbin/isakmpd/dh.c +++ b/sbin/isakmpd/dh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh.c,v 1.17 2014/08/25 14:42:23 reyk Exp $ */ +/* $OpenBSD: dh.c,v 1.18 2014/10/12 15:57:00 jsg Exp $ */ /* * Copyright (c) 2010-2014 Reyk Floeter <reyk@openbsd.org> @@ -439,7 +439,7 @@ modp_create_shared(struct group *group, u_int8_t *secret, u_int8_t *exchange) ret = DH_compute_key(secret, ex, group->dh); BN_clear_free(ex); - if (!ret) + if (ret <= 0) return (-1); /* add zero padding */ |