| 52 |
|
ilog(LOG_TYPE_IRCD, "SSL error: %s", ERR_error_string(e, 0)); |
| 53 |
|
} |
| 54 |
|
|
| 55 |
< |
static void |
| 56 |
< |
binary_to_hex(unsigned char *bin, char *hex, int length) |
| 55 |
> |
void |
| 56 |
> |
binary_to_hex(const unsigned char *bin, char *hex, unsigned int length) |
| 57 |
|
{ |
| 58 |
|
static const char trans[] = "0123456789ABCDEF"; |
| 59 |
– |
int i; |
| 59 |
|
|
| 60 |
< |
for (i = 0; i < length; ++i) |
| 60 |
> |
for (const unsigned char *end = bin + length; bin < end; ++bin) |
| 61 |
|
{ |
| 62 |
< |
hex[(i << 1) ] = trans[bin[i] >> 4]; |
| 63 |
< |
hex[(i << 1) + 1] = trans[bin[i] & 0xf]; |
| 62 |
> |
*hex++ = trans[*bin >> 4]; |
| 63 |
> |
*hex++ = trans[*bin & 0xf]; |
| 64 |
|
} |
| 65 |
|
|
| 66 |
< |
hex[i << 1] = '\0'; |
| 66 |
> |
*hex = '\0'; |
| 67 |
|
} |
| 68 |
|
|
| 69 |
|
int |
| 70 |
|
get_randomness(unsigned char *buf, int length) |
| 71 |
|
{ |
| 72 |
< |
/* Seed OpenSSL PRNG with EGD enthropy pool -kre */ |
| 74 |
< |
if (ConfigFileEntry.use_egd && |
| 75 |
< |
ConfigFileEntry.egdpool_path) |
| 76 |
< |
if (RAND_egd(ConfigFileEntry.egdpool_path) == -1) |
| 77 |
< |
return -1; |
| 78 |
< |
|
| 79 |
< |
if (RAND_status()) |
| 80 |
< |
return RAND_bytes(buf, length); |
| 81 |
< |
/* XXX - abort? */ |
| 82 |
< |
return RAND_pseudo_bytes(buf, length); |
| 72 |
> |
return RAND_bytes(buf, length); |
| 73 |
|
} |
| 74 |
|
|
| 75 |
|
int |
| 76 |
|
generate_challenge(char **r_challenge, char **r_response, RSA *rsa) |
| 77 |
|
{ |
| 78 |
< |
unsigned char secret[32], *tmp; |
| 79 |
< |
unsigned long length; |
| 78 |
> |
unsigned char secret[32], *tmp = NULL; |
| 79 |
> |
unsigned long length = 0; |
| 80 |
|
int ret = -1; |
| 81 |
|
|
| 82 |
|
if (!rsa) |
| 83 |
|
return -1; |
| 84 |
|
|
| 85 |
< |
get_randomness(secret, 32); |
| 86 |
< |
*r_response = MyMalloc(65); |
| 85 |
> |
if (!get_randomness(secret, 32)) |
| 86 |
> |
{ |
| 87 |
> |
report_crypto_errors(); |
| 88 |
> |
return -1; |
| 89 |
> |
} |
| 90 |
> |
|
| 91 |
> |
*r_response = MyCalloc(65); |
| 92 |
|
binary_to_hex(secret, *r_response, 32); |
| 93 |
|
|
| 94 |
|
length = RSA_size(rsa); |
| 95 |
< |
tmp = MyMalloc(length); |
| 95 |
> |
tmp = MyCalloc(length); |
| 96 |
|
ret = RSA_public_encrypt(32, secret, tmp, rsa, RSA_PKCS1_PADDING); |
| 97 |
|
|
| 98 |
< |
*r_challenge = MyMalloc((length << 1) + 1); |
| 99 |
< |
binary_to_hex( tmp, *r_challenge, length); |
| 105 |
< |
(*r_challenge)[length<<1] = 0; |
| 98 |
> |
*r_challenge = MyCalloc((length << 1) + 1); |
| 99 |
> |
binary_to_hex(tmp, *r_challenge, length); |
| 100 |
|
MyFree(tmp); |
| 101 |
|
|
| 102 |
|
if (ret < 0) |
