Don't free ephemeral ECDH keys twice.

[tinc] / src / sptps.c

diff --git a/src/sptps.c b/src/sptps.c
index 1699b97..03a1e9a 100644 (file)
--- a/src/sptps.c
+++ b/src/sptps.c
@@ -98,7 +98,9 @@ static bool send_record_priv_datagram(sptps_t *s, uint8_t type, const char *data
 
        if(s->outstate) {
                // If first handshake has finished, encrypt and HMAC
-               cipher_set_counter(s->outcipher, &seqno, sizeof seqno);
+               if(!cipher_set_counter(s->outcipher, &seqno, sizeof seqno))
+                       return false;
+
                if(!cipher_counter_xor(s->outcipher, buffer + 6, len + 1UL, buffer + 6))
                        return false;
 
@@ -317,6 +319,7 @@ static bool receive_sig(sptps_t *s, const char *data, uint16_t len) {
        char shared[ECDH_SHARED_SIZE];
        if(!ecdh_compute_shared(s->ecdh, s->hiskex + 1 + 32, shared))
                return false;
+       s->ecdh = NULL;
 
        // Generate key material from shared secret.
        if(!generate_key_material(s, shared, sizeof shared))
@@ -490,7 +493,8 @@ static bool sptps_receive_data_datagram(sptps_t *s, const char *data, size_t len
 
        // Decrypt.
        memcpy(&seqno, buffer + 2, 4);
-       cipher_set_counter(s->incipher, &seqno, sizeof seqno);
+       if(!cipher_set_counter(s->incipher, &seqno, sizeof seqno))
+               return false;
        if(!cipher_counter_xor(s->incipher, buffer + 6, len - 4, buffer + 6))
                return false;