diff options
| author | Hakan Olsson <ho@cvs.openbsd.org> | 2004-12-06 12:28:22 +0000 |
|---|---|---|
| committer | Hakan Olsson <ho@cvs.openbsd.org> | 2004-12-06 12:28:22 +0000 |
| commit | b528e2efc28e96840ad933398c9d8802737b97a0 (patch) | |
| tree | 1b03d205a3b3ae282ccc28c19c3bff222ca76a2f /sbin/isakmpd/exchange.c | |
| parent | 3fbb045d089ed1e6d9a2fcffac0aac24ca84f009 (diff) | |
RFC2409 mandates min and max nonce lengths. hshoexer@ ok.
Diffstat (limited to 'sbin/isakmpd/exchange.c')
| -rw-r--r-- | sbin/isakmpd/exchange.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/sbin/isakmpd/exchange.c b/sbin/isakmpd/exchange.c index 1c4ef1f18a0..d5b2f5333e3 100644 --- a/sbin/isakmpd/exchange.c +++ b/sbin/isakmpd/exchange.c @@ -1,4 +1,4 @@ -/* $OpenBSD: exchange.c,v 1.104 2004/09/17 13:53:08 ho Exp $ */ +/* $OpenBSD: exchange.c,v 1.105 2004/12/06 12:28:21 ho Exp $ */ /* $EOM: exchange.c,v 1.143 2000/12/04 00:02:25 angelos Exp $ */ /* @@ -1534,6 +1534,18 @@ exchange_nonce(struct exchange *exchange, int peer, size_t nonce_sz, int initiator = exchange->initiator ^ peer; char header[32]; + if (nonce_sz < 8 || nonce_sz > 256) { + /* + * RFC2409, ch 5: The length of nonce payload MUST be + * between 8 and 256 bytes inclusive. + * XXX I'm assuming the generic payload header is not included. + */ + LOG_DBG((LOG_EXCHANGE, 20, + "exchange_nonce: invalid nonce length %lu", + (unsigned long)nonce_sz)); + return -1; + } + nonce = initiator ? &exchange->nonce_i : &exchange->nonce_r; nonce_len = initiator ? &exchange->nonce_i_len : &exchange->nonce_r_len; |