From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 6 Jul 2012 08:18:00 +0000 (+0200)
Subject: Check rng return value when generating identity in eap-simaka-reauth plugin
X-Git-Tag: 5.0.1~328
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e59f983160ad2461c660a9a4cf8e0a7584f41aae;p=thirdparty%2Fstrongswan.git

Check rng return value when generating identity in eap-simaka-reauth plugin
---

diff --git a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.c b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.c
index ba1a327788..b1a9a7f7c9 100644
--- a/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.c
+++ b/src/libcharon/plugins/eap_simaka_reauth/eap_simaka_reauth_provider.c
@@ -81,7 +81,10 @@ static identification_t *gen_identity(private_eap_simaka_reauth_provider_t *this
 {
 	char buf[8], hex[sizeof(buf) * 2 + 1];
 
-	this->rng->get_bytes(this->rng, sizeof(buf), buf);
+	if (!this->rng->get_bytes(this->rng, sizeof(buf), buf))
+	{
+		return NULL;
+	}
 	chunk_to_hex(chunk_create(buf, sizeof(buf)), hex, FALSE);
 
 	return identification_create_from_string(hex);
@@ -116,7 +119,14 @@ METHOD(simaka_provider_t, gen_reauth, identification_t*,
 	char mk[HASH_SIZE_SHA1])
 {
 	reauth_data_t *data;
-	identification_t *permanent;
+	identification_t *permanent, *new_id;
+
+	new_id = gen_identity(this);
+	if (!new_id)
+	{
+		DBG1(DBG_CFG, "failed to generate identity");
+		return NULL;
+	}
 
 	data = this->reauth->get(this->reauth, id);
 	if (data)
@@ -125,14 +135,18 @@ METHOD(simaka_provider_t, gen_reauth, identification_t*,
 		if (permanent)
 		{
 			data->id->destroy(data->id);
-			data->id = gen_identity(this);
+			data->id = new_id;
 			this->permanent->put(this->permanent, data->id, permanent);
 		}
+		else
+		{
+			new_id->destroy(new_id);
+		}
 	}
 	else
 	{	/* generate new entry */
 		INIT(data,
-			.id = gen_identity(this),
+			.id = new_id,
 		);
 		id = id->clone(id);
 		this->reauth->put(this->reauth, id, data);