Check RAND_bytes() return value, fail when getting random fails.

[tinc] / src / protocol_auth.c

diff --git a/src/protocol_auth.c b/src/protocol_auth.c
index 0ef5468..87ba30a 100644 (file)
--- a/src/protocol_auth.c
+++ b/src/protocol_auth.c
@@ -1,7 +1,7 @@
 /*
     protocol_auth.c -- handle the meta-protocol, authentication
     Copyright (C) 1999-2005 Ivo Timmermans,
-                  2000-2012 Guus Sliepen <guus@tinc-vpn.org>
+                  2000-2013 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -126,7 +126,7 @@ static bool send_proxyrequest(connection_t *c) {
 }
 
 bool send_id(connection_t *c) {
-       if(proxytype)
+       if(proxytype && c->outgoing)
                if(!send_proxyrequest(c))
                        return false;
 
@@ -215,7 +215,12 @@ bool send_metakey(connection_t *c) {
 
        /* Copy random data to the buffer */
 
-       RAND_pseudo_bytes((unsigned char *)c->outkey, len);
+       if (1 != RAND_bytes((unsigned char *)c->outkey, len)) {
+               int err = ERR_get_error();
+               logger(LOG_ERR, "Failed to generate meta key (%s)", "SEND_METAKEY", ERR_error_string(err, NULL));
+               return false;
+       }
+
 
        /* The message we send must be smaller than the modulus of the RSA key.
           By definition, for a key of k bits, the following formula holds:
@@ -308,7 +313,10 @@ bool metakey_h(connection_t *c) {
 
        /* Convert the challenge from hexadecimal back to binary */
 
-       hex2bin(buffer, buffer, len);
+       if(!hex2bin(buffer, buffer, len)) {
+               logger(LOG_ERR, "Got bad %s from %s(%s): %s", "METAKEY", c->name, c->hostname, "invalid key");
+               return false;
+       }
 
        /* Decrypt the meta key */
 
@@ -388,7 +396,11 @@ bool send_challenge(connection_t *c) {
 
        /* Copy random data to the buffer */
 
-       RAND_pseudo_bytes((unsigned char *)c->hischallenge, len);
+       if (1 != RAND_bytes((unsigned char *)c->hischallenge, len)) {
+               int err = ERR_get_error();
+               logger(LOG_ERR, "Failed to generate challenge (%s)", "SEND_CHALLENGE", ERR_error_string(err, NULL));
+               return false; // Do not send predictable challenges, let connection attempt fail.
+       }
 
        /* Convert to hex */
 
@@ -426,7 +438,10 @@ bool challenge_h(connection_t *c) {
 
        /* Convert the challenge from hexadecimal back to binary */
 
-       hex2bin(buffer, c->mychallenge, len);
+       if(!hex2bin(buffer, c->mychallenge, len)) {
+               logger(LOG_ERR, "Got bad %s from %s(%s): %s", "CHALLENGE", c->name, c->hostname, "invalid challenge");
+               return false;
+       }
 
        c->allow_request = CHAL_REPLY;
 
@@ -480,7 +495,10 @@ bool chal_reply_h(connection_t *c) {
 
        /* Convert the hash to binary format */
 
-       hex2bin(hishash, hishash, c->outdigest->md_size);
+       if(!hex2bin(hishash, hishash, c->outdigest->md_size)) {
+               logger(LOG_ERR, "Got bad %s from %s(%s): %s", "CHAL_REPLY", c->name, c->hostname, "invalid hash");
+               return false;
+       }
 
        /* Calculate the hash from the challenge we sent */