j3d1/tinc
1
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity

Add strict checks to hex to binary conversions.

Browse source 
The main goal is to catch misuse of the obsolete PrivateKey and PublicKey
statements.
This commit is contained in:
Guus Sliepen 2012-09-30 13:45:47 +02:00
parent 3bd810ea79
commit c4940a5c88
5 changed files with 38 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/protocol_key.c
View file

@ -240,10 +240,16 @@ bool ans_key_h(connection_t *c) {
return send_request(to->nexthop->connection, "%s", c->buffer);
}
/* Don't use key material until every check has passed. */
from->status.validkey = false;
/* Update our copy of the origin's packet key */
from->outkey = xrealloc(from->outkey, strlen(key) / 2);
from->outkeylength = strlen(key) / 2;
hex2bin(key, from->outkey, from->outkeylength);
if(!hex2bin(key, from->outkey, from->outkeylength)) {
logger(LOG_ERR, "Got bad %s from %s(%s): %s", "ANS_KEY", from->name, from->hostname, "invalid key");
return true;
}
/* Check and lookup cipher and digest algorithms */