Merge branch 'master' into next

[paraslash.git] / client_common.c

diff --git a/client_common.c b/client_common.c
index fe8234f98fe90f6ce74ea5e22699fbfc0059a042..396fd88c894cda20e4f55a7955a9a4fe77e9633d 100644 (file)
--- a/client_common.c
+++ b/client_common.c
@@ -324,7 +324,7 @@ static int client_post_monitor(struct sched *s, void *context)
                 */
                {
                /* decrypted challenge/session key buffer */
-               unsigned char crypt_buf[1024];
+               unsigned char *crypt_buf;
                struct sb_buffer sbb;
 
                ret = recv_sb(ct, &sbb);
@@ -337,11 +337,16 @@ static int client_post_monitor(struct sched *s, void *context)
                }
                n = sbb.iov.iov_len;
                PARA_INFO_LOG("<-- [challenge] (%zu bytes)\n", n);
-               ret = apc_priv_decrypt(ct->key_file, crypt_buf,
+               ret = apc_priv_decrypt(ct->key_file, &crypt_buf,
                        sbb.iov.iov_base, n);
                free(sbb.iov.iov_base);
                if (ret < 0)
                        goto out;
+               if (ret != APC_CHALLENGE_SIZE + 2 * SESSION_KEY_LEN) {
+                       free(crypt_buf);
+                       ret = -E_DECRYPT;
+                       goto out;
+               }
                ct->challenge_hash = alloc(HASH2_SIZE);
                if (has_feature("sha256", ct)) {
                        hash2_function((char *)crypt_buf, APC_CHALLENGE_SIZE,
@@ -356,6 +361,7 @@ static int client_post_monitor(struct sched *s, void *context)
                         SESSION_KEY_LEN);
                ct->scc.recv = sc_new(crypt_buf + APC_CHALLENGE_SIZE
                        + SESSION_KEY_LEN, SESSION_KEY_LEN);
+               free(crypt_buf);
                PARA_INFO_LOG("--> %s\n", buf);
                ct->status = CL_RECEIVED_CHALLENGE;
                return 0;