Add a return value to crypter_t.decrypt()

author: Martin Willi <martin@revosec.ch> 2012-07-06 16:11:15 +0200
committer: Martin Willi <martin@revosec.ch> 2012-07-16 14:53:38 +0200
commit: 3b96189a2afa4949e1d9cdf7c9fa8244d8d817f0 (patch)
tree: 16564618b94304c2bca7e925fc9e6693b6226161 /src/libtls/tls_protection.c
parent: e35abbe588636c5ca73d8aaa9082314289346bd9 (diff)
download: strongswan-3b96189a2afa4949e1d9cdf7c9fa8244d8d817f0.tar.bz2
strongswan-3b96189a2afa4949e1d9cdf7c9fa8244d8d817f0.tar.xz
1 files changed, 6 insertions, 1 deletions
diff --git a/src/libtls/tls_protection.c b/src/libtls/tls_protection.c
index abcc42064..8263728bb 100644
--- a/src/libtls/tls_protection.c
+++ b/src/libtls/tls_protection.c
@@ -150,7 +150,12 @@ METHOD(tls_protection_t, process, status_t,
 				return NEED_MORE;
 			}
 		}
-		this->crypter_in->decrypt(this->crypter_in, data, iv, NULL);
+		if (!this->crypter_in->decrypt(this->crypter_in, data, iv, NULL))
+		{
+			free(next_iv.ptr);
+			this->alert->add(this->alert, TLS_FATAL, TLS_BAD_RECORD_MAC);
+			return NEED_MORE;
+		}
 
 		if (next_iv.len)
 		{	/* next record IV is last ciphertext block of this record */
author	Martin Willi <martin@revosec.ch>	2012-07-06 16:11:15 +0200
committer	Martin Willi <martin@revosec.ch>	2012-07-16 14:53:38 +0200
commit	3b96189a2afa4949e1d9cdf7c9fa8244d8d817f0 (patch)
tree	16564618b94304c2bca7e925fc9e6693b6226161 /src/libtls/tls_protection.c
parent	e35abbe588636c5ca73d8aaa9082314289346bd9 (diff)
download	strongswan-3b96189a2afa4949e1d9cdf7c9fa8244d8d817f0.tar.bz2 strongswan-3b96189a2afa4949e1d9cdf7c9fa8244d8d817f0.tar.xz