Don't free ephemeral ECDH keys twice.
authorGuus Sliepen <guus@tinc-vpn.org>
Sat, 11 May 2013 12:13:23 +0000 (14:13 +0200)
committerGuus Sliepen <guus@tinc-vpn.org>
Sat, 11 May 2013 12:14:20 +0000 (14:14 +0200)
ecdh_compute_shared() was changed to immediately delete the ephemeral key after
the shared secret was computed.  Therefore, the pointer to the ecdh_t struct
should be zeroed so it won't be freed again when a struct sptps_t is freed.

src/sptps.c

index 5d0d456..03a1e9a 100644 (file)
@@ -319,6 +319,7 @@ static bool receive_sig(sptps_t *s, const char *data, uint16_t len) {
        char shared[ECDH_SHARED_SIZE];
        if(!ecdh_compute_shared(s->ecdh, s->hiskex + 1 + 32, shared))
                return false;
+       s->ecdh = NULL;
 
        // Generate key material from shared secret.
        if(!generate_key_material(s, shared, sizeof shared))