strongswan.org
Wiki/Project Management
Downloads
Gitweb
projects
/
strongswan.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
fixed typo
[strongswan.git]
/
src
/
charon
/
network
/
receiver.c
diff --git
a/src/charon/network/receiver.c
b/src/charon/network/receiver.c
index
2f3bf6c
..
1654f0e
100644
(file)
--- a/
src/charon/network/receiver.c
+++ b/
src/charon/network/receiver.c
@@
-88,9
+88,9
@@
struct private_receiver_t {
u_int32_t secret_offset;
/**
u_int32_t secret_offset;
/**
- * the
randomizer
to use for secret generation
+ * the
RNG
to use for secret generation
*/
*/
- r
andomizer_t *randomizer
;
+ r
ng_t *rng
;
/**
* hasher to use for cookie calculation
/**
* hasher to use for cookie calculation
@@
-304,8
+304,7
@@
static job_requeue_t receive_packets(private_receiver_t *this)
DBG1(DBG_NET, "generating new cookie secret after %d uses",
this->secret_used);
memcpy(this->secret_old, this->secret, SECRET_LENGTH);
DBG1(DBG_NET, "generating new cookie secret after %d uses",
this->secret_used);
memcpy(this->secret_old, this->secret, SECRET_LENGTH);
- this->randomizer->get_pseudo_random_bytes(this->randomizer,
- SECRET_LENGTH, this->secret);
+ this->rng->get_bytes(this->rng, SECRET_LENGTH, this->secret);
this->secret_switch = now;
this->secret_used = 0;
}
this->secret_switch = now;
this->secret_used = 0;
}
@@
-317,7
+316,7
@@
static job_requeue_t receive_packets(private_receiver_t *this)
if (peer_to_aggressive(this, message))
{
DBG1(DBG_NET, "ignoring IKE_SA setup from %H, "
if (peer_to_aggressive(this, message))
{
DBG1(DBG_NET, "ignoring IKE_SA setup from %H, "
- "peer to aggressive", message->get_source(message));
+ "peer to
o
aggressive", message->get_source(message));
message->destroy(message);
return JOB_REQUEUE_DIRECT;
}
message->destroy(message);
return JOB_REQUEUE_DIRECT;
}
@@
-333,7
+332,7
@@
static job_requeue_t receive_packets(private_receiver_t *this)
static void destroy(private_receiver_t *this)
{
this->job->cancel(this->job);
static void destroy(private_receiver_t *this)
{
this->job->cancel(this->job);
- this->r
andomizer->destroy(this->randomizer
);
+ this->r
ng->destroy(this->rng
);
this->hasher->destroy(this->hasher);
free(this);
}
this->hasher->destroy(this->hasher);
free(this);
}
@@
-355,12
+354,18
@@
receiver_t *receiver_create()
free(this);
return NULL;
}
free(this);
return NULL;
}
- this->randomizer = randomizer_create();
+ this->rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG);
+ if (this->rng == NULL)
+ {
+ DBG1(DBG_NET, "creating cookie RNG failed, no RNG supported");
+ this->hasher->destroy(this->hasher);
+ free(this);
+ return NULL;
+ }
this->secret_switch = now;
this->secret_offset = random() % now;
this->secret_used = 0;
this->secret_switch = now;
this->secret_offset = random() % now;
this->secret_used = 0;
- this->randomizer->get_pseudo_random_bytes(this->randomizer, SECRET_LENGTH,
- this->secret);
+ this->rng->get_bytes(this->rng, SECRET_LENGTH, this->secret);
memcpy(this->secret_old, this->secret, SECRET_LENGTH);
this->job = callback_job_create((callback_job_cb_t)receive_packets,
memcpy(this->secret_old, this->secret, SECRET_LENGTH);
this->job = callback_job_create((callback_job_cb_t)receive_packets,
projects / strongswan.git / blobdiff