ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

ikev2: Properly free DH secret in case of errors during IKE key derivation 

Fixes #437.
This commit is contained in:
Tobias Brunner 2013-11-06 10:20:48 +01:00
parent 2da887da35
commit c49c3f3208
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/libcharon/sa/ikev2/keymat_v2.c
View File

@ -278,6 +278,7 @@ METHOD(keymat_v2_t, derive_ike_keys, bool,
{
DBG1(DBG_IKE, "no %N selected",
transform_type_names, PSEUDO_RANDOM_FUNCTION);
chunk_clear(&secret);
return FALSE;
}
this->prf_alg = alg;
@ -287,6 +288,7 @@ METHOD(keymat_v2_t, derive_ike_keys, bool,
DBG1(DBG_IKE, "%N %N not supported!",
transform_type_names, PSEUDO_RANDOM_FUNCTION,
pseudo_random_function_names, alg);
chunk_clear(&secret);
return FALSE;
}
DBG4(DBG_IKE, "shared Diffie Hellman secret %B", &secret);
@ -339,6 +341,7 @@ METHOD(keymat_v2_t, derive_ike_keys, bool,
{
DBG1(DBG_IKE, "PRF of old SA %N not supported!",
pseudo_random_function_names, rekey_function);
chunk_clear(&secret);
chunk_free(&full_nonce);
chunk_free(&fixed_nonce);
chunk_clear(&prf_plus_seed);