Imported Upstream version 5.0.1

4 files changed, 36 insertions, 20 deletions

diff --git a/src/libstrongswan/plugins/gmp/Makefile.in b/src/libstrongswan/plugins/gmp/Makefile.in
index 34a23312b..f1bb28c1f 100644
--- a/src/libstrongswan/plugins/gmp/Makefile.in
+++ b/src/libstrongswan/plugins/gmp/Makefile.in
@@ -49,6 +49,7 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \
 am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
 	$(ACLOCAL_M4)
 mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
 am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
@@ -83,7 +84,7 @@ libstrongswan_gmp_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
 	$(libstrongswan_gmp_la_LDFLAGS) $(LDFLAGS) -o $@
 @MONOLITHIC_FALSE@am_libstrongswan_gmp_la_rpath = -rpath $(plugindir)
 @MONOLITHIC_TRUE@am_libstrongswan_gmp_la_rpath =
-DEFAULT_INCLUDES = -I.@am__isrc@
+DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
 depcomp = $(SHELL) $(top_srcdir)/depcomp
 am__depfiles_maybe = depfiles
 am__mv = mv -f
@@ -109,6 +110,7 @@ AUTOCONF = @AUTOCONF@
 AUTOHEADER = @AUTOHEADER@
 AUTOMAKE = @AUTOMAKE@
 AWK = @AWK@
+BFDLIB = @BFDLIB@
 BTLIB = @BTLIB@
 CC = @CC@
 CCDEPMODE = @CCDEPMODE@
@@ -203,11 +205,14 @@ build_os = @build_os@
 build_vendor = @build_vendor@
 builddir = @builddir@
 c_plugins = @c_plugins@
+charon_natt_port = @charon_natt_port@
+charon_plugins = @charon_plugins@
+charon_udp_port = @charon_udp_port@
 clearsilver_LIBS = @clearsilver_LIBS@
 datadir = @datadir@
 datarootdir = @datarootdir@
 dbusservicedir = @dbusservicedir@
-default_pkcs11 = @default_pkcs11@
+dev_headers = @dev_headers@
 docdir = @docdir@
 dvidir = @dvidir@
 exec_prefix = @exec_prefix@
@@ -224,11 +229,12 @@ imcvdir = @imcvdir@
 includedir = @includedir@
 infodir = @infodir@
 install_sh = @install_sh@
+ipsec_script = @ipsec_script@
+ipsec_script_upper = @ipsec_script_upper@
 ipsecdir = @ipsecdir@
 ipsecgroup = @ipsecgroup@
 ipseclibdir = @ipseclibdir@
 ipsecuser = @ipsecuser@
-libcharon_plugins = @libcharon_plugins@
 libdir = @libdir@
 libexecdir = @libexecdir@
 linux_headers = @linux_headers@
@@ -244,6 +250,7 @@ mkdir_p = @mkdir_p@
 nm_CFLAGS = @nm_CFLAGS@
 nm_LIBS = @nm_LIBS@
 nm_ca_dir = @nm_ca_dir@
+nm_plugins = @nm_plugins@
 oldincludedir = @oldincludedir@
 openac_plugins = @openac_plugins@
 p_plugins = @p_plugins@
@@ -253,7 +260,6 @@ pdfdir = @pdfdir@
 piddir = @piddir@
 pki_plugins = @pki_plugins@
 plugindir = @plugindir@
-pluto_plugins = @pluto_plugins@
 pool_plugins = @pool_plugins@
 prefix = @prefix@
 program_transform_name = @program_transform_name@
diff --git a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
index e99502b27..7d232e4f1 100644
--- a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
+++ b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
@@ -230,8 +230,13 @@ static gmp_diffie_hellman_t *create_generic(diffie_hellman_group_t group,
 		destroy(this);
 		return NULL;
 	}
-
-	rng->allocate_bytes(rng, exp_len, &random);
+	if (!rng->allocate_bytes(rng, exp_len, &random))
+	{
+		DBG1(DBG_LIB, "failed to allocate DH secret");
+		rng->destroy(rng);
+		destroy(this);
+		return NULL;
+	}
 	rng->destroy(rng);
 
 	if (exp_len == this->p_len)
diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
index 1b6c20817..590ab6cb4 100644
--- a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
+++ b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
@@ -149,7 +149,12 @@ static status_t compute_prime(private_gmp_rsa_private_key_t *this,
 	mpz_init(*prime);
 	do
 	{
-		rng->allocate_bytes(rng, prime_size, &random_bytes);
+		if (!rng->allocate_bytes(rng, prime_size, &random_bytes))
+		{
+			DBG1(DBG_LIB, "failed to allocate random prime");
+			rng->destroy(rng);
+			return FAILED;
+		}
 		/* make sure the two most significant bits are set */
 		random_bytes.ptr[0] = random_bytes.ptr[0] | 0xC0;
 
@@ -230,11 +235,11 @@ static bool build_emsa_pkcs1_signature(private_gmp_rsa_private_key_t *this,
 		}
 
 		hasher = lib->crypto->create_hasher(lib->crypto, hash_algorithm);
-		if (hasher == NULL)
+		if (!hasher || !hasher->allocate_hash(hasher, data, &hash))
 		{
+			DESTROY_IF(hasher);
 			return FALSE;
 		}
-		hasher->allocate_hash(hasher, data, &hash);
 		hasher->destroy(hasher);
 
 		/* build DER-encoded digestInfo */
diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
index 898892f5b..2d84f0025 100644
--- a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
+++ b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
@@ -252,7 +252,11 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this,
 					}
 
 					/* build our own hash and compare */
-					hasher->allocate_hash(hasher, data, &hash);
+					if (!hasher->allocate_hash(hasher, data, &hash))
+					{
+						hasher->destroy(hasher);
+						goto end_parser;
+					}
 					hasher->destroy(hasher);
 					success = memeq(object.ptr, hash.ptr, hash.len);
 					free(hash.ptr);
@@ -314,7 +318,7 @@ METHOD(public_key_t, encrypt_, bool,
 {
 	chunk_t em;
 	u_char *pos;
-	int padding, i;
+	int padding;
 	rng_t *rng;
 
 	if (scheme != ENCRYPT_RSA_PKCS1)
@@ -348,16 +352,12 @@ METHOD(public_key_t, encrypt_, bool,
 	*pos++ = 0x02;
 
 	/* fill with pseudo random octets */
-	rng->get_bytes(rng, padding, pos);
-
-	/* replace zero-valued random octets */
-	for (i = 0; i < padding; i++)
+	if (!rng_get_bytes_not_zero(rng, padding, pos, TRUE))
 	{
-		while (*pos == 0)
-		{
-			rng->get_bytes(rng, 1, pos);
-		}
-		pos++;
+		DBG1(DBG_LIB, "failed to allocate padding");
+		chunk_clear(&em);
+		rng->destroy(rng);
+		return FALSE;
 	}
 	rng->destroy(rng);