Imported Upstream version 5.0.1

2 files changed, 48 insertions, 36 deletions

diff --git a/src/libstrongswan/plugins/ccm/Makefile.in b/src/libstrongswan/plugins/ccm/Makefile.in
index 2ffe6194b..bb094f04c 100644
--- a/src/libstrongswan/plugins/ccm/Makefile.in
+++ b/src/libstrongswan/plugins/ccm/Makefile.in
@@ -49,6 +49,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
 mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
 am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
@@ -82,7 +83,7 @@ libstrongswan_ccm_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
 	$(libstrongswan_ccm_la_LDFLAGS) $(LDFLAGS) -o $@
 @MONOLITHIC_FALSE@am_libstrongswan_ccm_la_rpath = -rpath $(plugindir)
 @MONOLITHIC_TRUE@am_libstrongswan_ccm_la_rpath =
-DEFAULT_INCLUDES = -I.@am__isrc@
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
 depcomp = $(SHELL) $(top_srcdir)/depcomp
 am__depfiles_maybe = depfiles
 am__mv = mv -f
@@ -108,6 +109,7 @@ AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
 AUTOMAKE = @AUTOMAKE@
 AWK = @AWK@
+BFDLIB = @BFDLIB@
 BTLIB = @BTLIB@
 CC = @CC@
 CCDEPMODE = @CCDEPMODE@
@@ -202,11 +204,14 @@ build_os = @build_os@
 build_vendor = @build_vendor@
 builddir = @builddir@
 c_plugins = @c_plugins@
+charon_natt_port = @charon_natt_port@
+charon_plugins = @charon_plugins@
+charon_udp_port = @charon_udp_port@
 clearsilver_LIBS = @clearsilver_LIBS@
 datadir = @datadir@
 datarootdir = @datarootdir@
 dbusservicedir = @dbusservicedir@
-default_pkcs11 = @default_pkcs11@
+dev_headers = @dev_headers@
 docdir = @docdir@
 dvidir = @dvidir@
 exec_prefix = @exec_prefix@
@@ -223,11 +228,12 @@ imcvdir = @imcvdir@
 includedir = @includedir@
 infodir = @infodir@
 install_sh = @install_sh@
+ipsec_script = @ipsec_script@
+ipsec_script_upper = @ipsec_script_upper@
 ipsecdir = @ipsecdir@
 ipsecgroup = @ipsecgroup@
 ipseclibdir = @ipseclibdir@
 ipsecuser = @ipsecuser@
-libcharon_plugins = @libcharon_plugins@
 libdir = @libdir@
 libexecdir = @libexecdir@
 linux_headers = @linux_headers@
@@ -243,6 +249,7 @@ mkdir_p = @mkdir_p@
 nm_CFLAGS = @nm_CFLAGS@
 nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
+nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
 openac_plugins = @openac_plugins@
 p_plugins = @p_plugins@
@@ -252,7 +259,6 @@ pdfdir = @pdfdir@
 piddir = @piddir@
 pki_plugins = @pki_plugins@
 plugindir = @plugindir@
-pluto_plugins = @pluto_plugins@
 pool_plugins = @pool_plugins@
 prefix = @prefix@
 program_transform_name = @program_transform_name@
diff --git a/src/libstrongswan/plugins/ccm/ccm_aead.c b/src/libstrongswan/plugins/ccm/ccm_aead.c
index 0d2a56a49..0e2f9b75f 100644
--- a/src/libstrongswan/plugins/ccm/ccm_aead.c
+++ b/src/libstrongswan/plugins/ccm/ccm_aead.c
@@ -126,7 +126,7 @@ static void build_ctr(private_ccm_aead_t *this, u_int32_t i, chunk_t iv,
 /**
  * En-/Decrypt data
  */
-static void crypt_data(private_ccm_aead_t *this, chunk_t iv,
+static bool crypt_data(private_ccm_aead_t *this, chunk_t iv,
 					   chunk_t in, chunk_t out)
 {
 	char ctr[BLOCK_SIZE];
@@ -139,8 +139,11 @@ static void crypt_data(private_ccm_aead_t *this, chunk_t iv,
 	while (in.len > 0)
 	{
 		memcpy(block, ctr, BLOCK_SIZE);
-		this->crypter->encrypt(this->crypter, chunk_from_thing(block),
-							   chunk_from_thing(zero), NULL);
+		if (!this->crypter->encrypt(this->crypter, chunk_from_thing(block),
+									chunk_from_thing(zero), NULL))
+		{
+			return FALSE;
+		}
 		chunk_increment(chunk_from_thing(ctr));
 
 		if (in.ptr != out.ptr)
@@ -151,12 +154,13 @@ static void crypt_data(private_ccm_aead_t *this, chunk_t iv,
 		in = chunk_skip(in, BLOCK_SIZE);
 		out = chunk_skip(out, BLOCK_SIZE);
 	}
+	return TRUE;
 }
 
 /**
  * En-/Decrypt the ICV
  */
-static void crypt_icv(private_ccm_aead_t *this, chunk_t iv, char *icv)
+static bool crypt_icv(private_ccm_aead_t *this, chunk_t iv, char *icv)
 {
 	char ctr[BLOCK_SIZE];
 	char zero[BLOCK_SIZE];
@@ -164,15 +168,19 @@ static void crypt_icv(private_ccm_aead_t *this, chunk_t iv, char *icv)
 	build_ctr(this, 0, iv, ctr);
 	memset(zero, 0, BLOCK_SIZE);
 
-	this->crypter->encrypt(this->crypter, chunk_from_thing(ctr),
-						   chunk_from_thing(zero), NULL);
+	if (!this->crypter->encrypt(this->crypter, chunk_from_thing(ctr),
+								chunk_from_thing(zero), NULL))
+	{
+		return FALSE;
+	}
 	memxor(icv, ctr, this->icv_size);
+	return TRUE;
 }
 
 /**
  * Create the ICV
  */
-static void create_icv(private_ccm_aead_t *this, chunk_t plain, chunk_t assoc,
+static bool create_icv(private_ccm_aead_t *this, chunk_t plain, chunk_t assoc,
 					   chunk_t iv, char *icv)
 {
 	char zero[BLOCK_SIZE];
@@ -217,14 +225,19 @@ static void create_icv(private_ccm_aead_t *this, chunk_t plain, chunk_t assoc,
 	memset(pos, 0, len);
 
 	/* encrypt inline with CBC, zero IV */
-	this->crypter->encrypt(this->crypter, chunk, chunk_from_thing(zero), NULL);
+	if (!this->crypter->encrypt(this->crypter, chunk,
+								chunk_from_thing(zero), NULL))
+	{
+		free(chunk.ptr);
+		return FALSE;
+	}
 	/* copy last icv_size bytes as ICV to output */
 	memcpy(icv, chunk.ptr + chunk.len - BLOCK_SIZE, this->icv_size);
 
-	/* encrypt the ICV value */
-	crypt_icv(this, iv, icv);
-
 	free(chunk.ptr);
+
+	/* encrypt the ICV value */
+	return crypt_icv(this, iv, icv);
 }
 
 /**
@@ -235,26 +248,22 @@ static bool verify_icv(private_ccm_aead_t *this, chunk_t plain, chunk_t assoc,
 {
 	char buf[this->icv_size];
 
-	create_icv(this, plain, assoc, iv, buf);
-
-	return memeq(buf, icv, this->icv_size);
+	return create_icv(this, plain, assoc, iv, buf) &&
+		   memeq(buf, icv, this->icv_size);
 }
 
-METHOD(aead_t, encrypt, void,
+METHOD(aead_t, encrypt, bool,
 	private_ccm_aead_t *this, chunk_t plain, chunk_t assoc, chunk_t iv,
 	chunk_t *encrypted)
 {
 	if (encrypted)
 	{
 		*encrypted = chunk_alloc(plain.len + this->icv_size);
-		create_icv(this, plain, assoc, iv, encrypted->ptr + plain.len);
-		crypt_data(this, iv, plain, *encrypted);
-	}
-	else
-	{
-		create_icv(this, plain, assoc, iv, plain.ptr + plain.len);
-		crypt_data(this, iv, plain, plain);
+		return create_icv(this, plain, assoc, iv, encrypted->ptr + plain.len) &&
+			   crypt_data(this, iv, plain, *encrypted);
 	}
+	return create_icv(this, plain, assoc, iv, plain.ptr + plain.len) &&
+		   crypt_data(this, iv, plain, plain);
 }
 
 METHOD(aead_t, decrypt, bool,
@@ -269,16 +278,13 @@ METHOD(aead_t, decrypt, bool,
 	if (plain)
 	{
 		*plain = chunk_alloc(encrypted.len);
-		crypt_data(this, iv, encrypted, *plain);
-		return verify_icv(this, *plain, assoc, iv,
-						  encrypted.ptr + encrypted.len);
-	}
-	else
-	{
-		crypt_data(this, iv, encrypted, encrypted);
-		return verify_icv(this, encrypted, assoc, iv,
+		return crypt_data(this, iv, encrypted, *plain) &&
+			   verify_icv(this, *plain, assoc, iv,
 						  encrypted.ptr + encrypted.len);
 	}
+	return crypt_data(this, iv, encrypted, encrypted) &&
+		   verify_icv(this, encrypted, assoc, iv,
+					  encrypted.ptr + encrypted.len);
 }
 
 METHOD(aead_t, get_block_size, size_t,
@@ -305,12 +311,12 @@ METHOD(aead_t, get_key_size, size_t,
 	return this->crypter->get_key_size(this->crypter) + SALT_SIZE;
 }
 
-METHOD(aead_t, set_key, void,
+METHOD(aead_t, set_key, bool,
 	private_ccm_aead_t *this, chunk_t key)
 {
 	memcpy(this->salt, key.ptr + key.len - SALT_SIZE, SALT_SIZE);
 	key.len -= SALT_SIZE;
-	this->crypter->set_key(this->crypter, key);
+	return this->crypter->set_key(this->crypter, key);
 }
 
 METHOD(aead_t, destroy, void,