From: Tobias Brunner <tobias@strongswan.org>
Date: Mon, 25 Jun 2012 14:01:51 +0000 (+0200)
Subject: Check rng return value when generating ME CONNECT_ID and KEY
X-Git-Tag: 5.0.1~345
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f1c78cfee7cb1d7ed2e23ac1935304cf5ae3d815;p=thirdparty%2Fstrongswan.git

Check rng return value when generating ME CONNECT_ID and KEY
---

diff --git a/src/libcharon/sa/ikev2/tasks/ike_me.c b/src/libcharon/sa/ikev2/tasks/ike_me.c
index 333c13635e..e193499717 100644
--- a/src/libcharon/sa/ikev2/tasks/ike_me.c
+++ b/src/libcharon/sa/ikev2/tasks/ike_me.c
@@ -291,9 +291,21 @@ METHOD(task_t, build_i, status_t,
 			{
 				/* only the initiator creates a connect ID. the responder
 				 * returns the connect ID that it received from the initiator */
-				rng->allocate_bytes(rng, ME_CONNECTID_LEN, &this->connect_id);
+				if (!rng->allocate_bytes(rng, ME_CONNECTID_LEN,
+										 &this->connect_id))
+				{
+					DBG1(DBG_IKE, "unable to generate ID for ME_CONNECT");
+					rng->destroy(rng);
+					return FAILED;
+				}
+			}
+			if (!rng->allocate_bytes(rng, ME_CONNECTKEY_LEN,
+									 &this->connect_key))
+			{
+				DBG1(DBG_IKE, "unable to generate connect key for ME_CONNECT");
+				rng->destroy(rng);
+				return FAILED;
 			}
-			rng->allocate_bytes(rng, ME_CONNECTKEY_LEN, &this->connect_key);
 			rng->destroy(rng);
 
 			message->add_notify(message, FALSE, ME_CONNECTID, this->connect_id);