Imported Upstream version 5.0.1

2 files changed, 42 insertions, 37 deletions

diff --git a/src/libstrongswan/plugins/gcm/Makefile.in b/src/libstrongswan/plugins/gcm/Makefile.in
index 8285b5aeb..0c5eea0a7 100644
--- a/src/libstrongswan/plugins/gcm/Makefile.in
+++ b/src/libstrongswan/plugins/gcm/Makefile.in
@@ -49,6 +49,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
 mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
 am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
@@ -82,7 +83,7 @@ libstrongswan_gcm_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
 	$(libstrongswan_gcm_la_LDFLAGS) $(LDFLAGS) -o $@
 @MONOLITHIC_FALSE@am_libstrongswan_gcm_la_rpath = -rpath $(plugindir)
 @MONOLITHIC_TRUE@am_libstrongswan_gcm_la_rpath =
-DEFAULT_INCLUDES = -I.@am__isrc@
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
 depcomp = $(SHELL) $(top_srcdir)/depcomp
 am__depfiles_maybe = depfiles
 am__mv = mv -f
@@ -108,6 +109,7 @@ AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
 AUTOMAKE = @AUTOMAKE@
 AWK = @AWK@
+BFDLIB = @BFDLIB@
 BTLIB = @BTLIB@
 CC = @CC@
 CCDEPMODE = @CCDEPMODE@
@@ -202,11 +204,14 @@ build_os = @build_os@
 build_vendor = @build_vendor@
 builddir = @builddir@
 c_plugins = @c_plugins@
+charon_natt_port = @charon_natt_port@
+charon_plugins = @charon_plugins@
+charon_udp_port = @charon_udp_port@
 clearsilver_LIBS = @clearsilver_LIBS@
 datadir = @datadir@
 datarootdir = @datarootdir@
 dbusservicedir = @dbusservicedir@
-default_pkcs11 = @default_pkcs11@
+dev_headers = @dev_headers@
 docdir = @docdir@
 dvidir = @dvidir@
 exec_prefix = @exec_prefix@
@@ -223,11 +228,12 @@ imcvdir = @imcvdir@
 includedir = @includedir@
 infodir = @infodir@
 install_sh = @install_sh@
+ipsec_script = @ipsec_script@
+ipsec_script_upper = @ipsec_script_upper@
 ipsecdir = @ipsecdir@
 ipsecgroup = @ipsecgroup@
 ipseclibdir = @ipseclibdir@
 ipsecuser = @ipsecuser@
-libcharon_plugins = @libcharon_plugins@
 libdir = @libdir@
 libexecdir = @libexecdir@
 linux_headers = @linux_headers@
@@ -243,6 +249,7 @@ mkdir_p = @mkdir_p@
 nm_CFLAGS = @nm_CFLAGS@
 nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
+nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
 openac_plugins = @openac_plugins@
 p_plugins = @p_plugins@
@@ -252,7 +259,6 @@ pdfdir = @pdfdir@
 piddir = @piddir@
 pki_plugins = @pki_plugins@
 plugindir = @plugindir@
-pluto_plugins = @pluto_plugins@
 pool_plugins = @pool_plugins@
 prefix = @prefix@
 program_transform_name = @program_transform_name@
diff --git a/src/libstrongswan/plugins/gcm/gcm_aead.c b/src/libstrongswan/plugins/gcm/gcm_aead.c
index 0d7d91dbf..79ee65d98 100644
--- a/src/libstrongswan/plugins/gcm/gcm_aead.c
+++ b/src/libstrongswan/plugins/gcm/gcm_aead.c
@@ -149,7 +149,7 @@ static void ghash(private_gcm_aead_t *this, chunk_t x, char *res)
 /**
  * GCTR function, en-/decrypts x inline
  */
-static void gctr(private_gcm_aead_t *this, char *icb, chunk_t x)
+static bool gctr(private_gcm_aead_t *this, char *icb, chunk_t x)
 {
 	char cb[BLOCK_SIZE], iv[BLOCK_SIZE], tmp[BLOCK_SIZE];
 
@@ -159,12 +159,16 @@ static void gctr(private_gcm_aead_t *this, char *icb, chunk_t x)
 	while (x.len)
 	{
 		memcpy(tmp, cb, BLOCK_SIZE);
-		this->crypter->encrypt(this->crypter, chunk_from_thing(tmp),
-							   chunk_from_thing(iv), NULL);
+		if (!this->crypter->encrypt(this->crypter, chunk_from_thing(tmp),
+									chunk_from_thing(iv), NULL))
+		{
+			return FALSE;
+		}
 		memxor(x.ptr, tmp, min(BLOCK_SIZE, x.len));
 		chunk_increment(chunk_from_thing(cb));
 		x = chunk_skip(x, BLOCK_SIZE);
 	}
+	return TRUE;
 }
 
 /**
@@ -180,21 +184,21 @@ static void create_j(private_gcm_aead_t *this, char *iv, char *j)
 /**
  * Create GHASH subkey H
  */
-static void create_h(private_gcm_aead_t *this, char *h)
+static bool create_h(private_gcm_aead_t *this, char *h)
 {
 	char zero[BLOCK_SIZE];
 
 	memset(zero, 0, BLOCK_SIZE);
 	memset(h, 0, BLOCK_SIZE);
 
-	this->crypter->encrypt(this->crypter, chunk_create(h, BLOCK_SIZE),
-						   chunk_from_thing(zero), NULL);
+	return this->crypter->encrypt(this->crypter, chunk_create(h, BLOCK_SIZE),
+								  chunk_from_thing(zero), NULL);
 }
 
 /**
  * Encrypt/decrypt
  */
-static void crypt(private_gcm_aead_t *this, char *j, chunk_t in, chunk_t out)
+static bool crypt(private_gcm_aead_t *this, char *j, chunk_t in, chunk_t out)
 {
 	char icb[BLOCK_SIZE];
 
@@ -206,13 +210,13 @@ static void crypt(private_gcm_aead_t *this, char *j, chunk_t in, chunk_t out)
 	{
 		memcpy(out.ptr, in.ptr, in.len);
 	}
-	gctr(this, icb, out);
+	return gctr(this, icb, out);
 }
 
 /**
  * Create ICV
  */
-static void create_icv(private_gcm_aead_t *this, chunk_t assoc, chunk_t crypt,
+static bool create_icv(private_gcm_aead_t *this, chunk_t assoc, chunk_t crypt,
 					   char *j, char *icv)
 {
 	size_t assoc_pad, crypt_pad;
@@ -249,9 +253,12 @@ static void create_icv(private_gcm_aead_t *this, chunk_t assoc, chunk_t crypt,
 
 	ghash(this, chunk, s);
 	free(chunk.ptr);
-	gctr(this, j, chunk_from_thing(s));
-
+	if (!gctr(this, j, chunk_from_thing(s)))
+	{
+		return FALSE;
+	}
 	memcpy(icv, s, this->icv_size);
+	return TRUE;
 }
 
 /**
@@ -262,12 +269,11 @@ static bool verify_icv(private_gcm_aead_t *this, chunk_t assoc, chunk_t crypt,
 {
 	char tmp[this->icv_size];
 
-	create_icv(this, assoc, crypt, j, tmp);
-
-	return memeq(tmp, icv, this->icv_size);
+	return create_icv(this, assoc, crypt, j, tmp) &&
+		   memeq(tmp, icv, this->icv_size);
 }
 
-METHOD(aead_t, encrypt, void,
+METHOD(aead_t, encrypt, bool,
 	private_gcm_aead_t *this, chunk_t plain, chunk_t assoc, chunk_t iv,
 	chunk_t *encrypted)
 {
@@ -278,16 +284,13 @@ METHOD(aead_t, encrypt, void,
 	if (encrypted)
 	{
 		*encrypted = chunk_alloc(plain.len + this->icv_size);
-		crypt(this, j, plain, *encrypted);
-		create_icv(this, assoc,
-				   chunk_create(encrypted->ptr, encrypted->len - this->icv_size),
-				   j, encrypted->ptr + encrypted->len - this->icv_size);
-	}
-	else
-	{
-		crypt(this, j, plain, plain);
-		create_icv(this, assoc, plain, j, plain.ptr + plain.len);
+		return crypt(this, j, plain, *encrypted) &&
+			   create_icv(this, assoc,
+					chunk_create(encrypted->ptr, encrypted->len - this->icv_size),
+					j, encrypted->ptr + encrypted->len - this->icv_size);
 	}
+	return crypt(this, j, plain, plain) &&
+		   create_icv(this, assoc, plain, j, plain.ptr + plain.len);
 }
 
 METHOD(aead_t, decrypt, bool,
@@ -311,13 +314,9 @@ METHOD(aead_t, decrypt, bool,
 	if (plain)
 	{
 		*plain = chunk_alloc(encrypted.len);
-		crypt(this, j, encrypted, *plain);
+		return crypt(this, j, encrypted, *plain);
 	}
-	else
-	{
-		crypt(this, j, encrypted, encrypted);
-	}
-	return TRUE;
+	return crypt(this, j, encrypted, encrypted);
 }
 
 METHOD(aead_t, get_block_size, size_t,
@@ -344,13 +343,13 @@ METHOD(aead_t, get_key_size, size_t,
 	return this->crypter->get_key_size(this->crypter) + SALT_SIZE;
 }
 
-METHOD(aead_t, set_key, void,
+METHOD(aead_t, set_key, bool,
 	private_gcm_aead_t *this, chunk_t key)
 {
 	memcpy(this->salt, key.ptr + key.len - SALT_SIZE, SALT_SIZE);
 	key.len -= SALT_SIZE;
-	this->crypter->set_key(this->crypter, key);
-	create_h(this, this->h);
+	return this->crypter->set_key(this->crypter, key) &&
+		   create_h(this, this->h);
 }
 
 METHOD(aead_t, destroy, void,