- EVP_EncryptUpdate(c->outctx, outbuf, &outlen, buffer, length);
- bufp = outbuf;
- length = outlen;
- } else
- bufp = buffer;
-
- if(write(c->socket, bufp, length) < 0) {
- syslog(LOG_ERR, _("Sending meta data to %s (%s) failed: %s"), c->name,
- c->hostname, strerror(errno));
- return -1;
+ /* Check encryption limits */
+ if((uint64_t)length > c->outbudget) {
+ ifdebug(META) logger(LOG_ERR, "Byte limit exceeded for encryption to %s (%s)", c->name, c->hostname);
+ return false;
+ } else {
+ c->outbudget -= length;
+ }
+
+ result = EVP_EncryptUpdate(c->outctx, (unsigned char *)c->outbuf + c->outbufstart + c->outbuflen,
+ &outlen, (unsigned char *)buffer, length);
+
+ if(!result || outlen < length) {
+ logger(LOG_ERR, "Error while encrypting metadata to %s (%s): %s",
+ c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
+ return false;
+ } else if(outlen > length) {
+ logger(LOG_EMERG, "Encrypted data too long! Heap corrupted!");
+ abort();
+ }
+
+ c->outbuflen += outlen;
+ } else {
+ memcpy(c->outbuf + c->outbufstart + c->outbuflen, buffer, length);
+ c->outbuflen += length;