Skip to content

Commit

Permalink
Check gnutls_hmac() return value
Browse files Browse the repository at this point in the history 
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
  • Loading branch information
David Woodhouse authored and David Woodhouse committed Feb 28, 2015
1 parent fa4ee64 commit cb84498
Showing 1 changed file with 7 additions and 1 deletion.
8 changes: 7 additions & 1 deletion gnutls-esp.c
View file
Expand Up @@ -140,7 +140,13 @@ int decrypt_esp_packet(struct openconnect_info *vpninfo, struct esp *esp, struct
unsigned char hmac_buf[20];
int err;

gnutls_hmac(esp->hmac, &pkt->esp, sizeof(pkt->esp) + pkt->len);
err = gnutls_hmac(esp->hmac, &pkt->esp, sizeof(pkt->esp) + pkt->len);
if (err) {
vpn_progress(vpninfo, PRG_ERR,
_("Failed to calculate HMAC for ESP packet: %s\n"),
gnutls_strerror(err));
return -EIO;
}
gnutls_hmac_output(esp->hmac, hmac_buf);
if (memcmp(hmac_buf, pkt->data + pkt->len, 12)) {
vpn_progress(vpninfo, PRG_DEBUG,
Expand Down

0 comments on commit cb84498

Please sign in to comment.