From: Mark Wooding <mdw@distorted.org.uk>
Date: Sun, 22 Sep 2019 09:24:31 +0000 (+0100)
Subject: server/bulkcrypto.c: Fix segfault in `aead' algorithm setup.
X-Git-Tag: 1.5.1~10
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/tripe/commitdiff_plain/d5cdcb8a4f5f6f30d2e6f2f5d16d438a430e3cb6

server/bulkcrypto.c: Fix segfault in `aead' algorithm setup.

I think I must have completely failed to test this prior to release.
Brown paper bag time.  Add a new keyring to test this sort-of properly.
---

diff --git a/server/bulkcrypto.c b/server/bulkcrypto.c
index 6b175ddd..9af4bb8c 100644
--- a/server/bulkcrypto.c
+++ b/server/bulkcrypto.c
@@ -889,11 +889,10 @@ static bulkalgs *aead_getalgs(const algswitch *asw, dstr *e,
   p = key_getattr(kf, k, "tagsz");
   if (!p) {
     p = key_getattr(kf, k, "mac");
-    if (strncmp(p, "aead", 4) != 0 || (p[4] && p[4] != '/')) {
-      a_format(e, "unknown-mac", "%s", p, A_END);
-      goto fail;
-    }
-    if (p[4] == '/') p += 5;
+    if (!p) ;
+    else if (strncmp(p, "aead", 4) != 0 || (p[4] && p[4] != '/'))
+      { a_format(e, "unknown-mac", "%s", p, A_END); goto fail; }
+    else if (p[4] == '/') p += 5;
     else p = 0;
   }
   if (!p)
diff --git a/server/tests.at b/server/tests.at
index 08bfb135..3fd2e47b 100644
--- a/server/tests.at
+++ b/server/tests.at
@@ -758,7 +758,7 @@ AT_SETUP([server knock])
 AT_KEYWORDS([knock])
 export TRIPE_SLIPIF=USLIP
 
-for i in alice bob; do (mkdir $i; cd $i; SETUPDIR([alpha])); done
+for i in alice bob; do (mkdir $i; cd $i; SETUPDIR([gamma])); done
 
 WITH_2TRIPES([alice], [bob], [-nslip], [-talice], [-tbob], [
   WITH_MITM([alice], [5311], [bob], [5312], [
diff --git a/t/Makefile.am b/t/Makefile.am
index 75752e3e..c5304024 100644
--- a/t/Makefile.am
+++ b/t/Makefile.am
@@ -39,6 +39,8 @@ autotest_TESTS		+= $(top_srcdir)/keys/tests.at
 ### Test files.
 
 ## Keyring files.
-EXTRA_DIST		+= keyring-alpha keyring-beta keyring-beta-new
+EXTRA_DIST		+= keyring-alpha
+EXTRA_DIST		+= keyring-beta keyring-beta-new
+EXTRA_DIST		+= keyring-gamma
 
 ###----- That's all, folks --------------------------------------------------
diff --git a/t/keyring-gamma b/t/keyring-gamma
new file mode 100644
index 00000000..8121094e
--- /dev/null
+++ b/t/keyring-gamma
@@ -0,0 +1,4 @@
+ad1a94b3:tripe-param:param string,shared:%2e forever forever kx-group=x448&cipher=twofish-ocb3&bulk=aead
+5a4c1e54:tripe:carol struct:[pub=binary,public:N3xC4xLieyQ5p758JjKuhEwAYr4Nq98H2kFWtI6OLk13b7NJmSi4GW3aHGfYdKGhcxR+rpHwVm0=,private=struct:[priv=binary,private,burn:rlXbkcoD7+iqckBj1MAXkSjoU4b6wOQq+xjQda1kD3m5/MTVDm/dFFPLtGdANGtDkiDwVFO/DBs=]] forever forever kx-group=x448&cipher=twofish-ocb3&bulk=aead
+69941be8:tripe:alice struct:[pub=binary,public:1pQP3OAelcLeFY5GHD5k9NBI7Y7a8t5N/LuY0VEd3rKBKBpX08zMMBtp3Okdveqfjgp7tzRHVY4=,private=struct:[priv=binary,private,burn:kYKn5Qskt1B4JKvAY48mP5i+l/HiRuQQwFL8p6oeZXd3gYCWRUJRHFieuA5sCU6fuzst+3DHAc0=]] forever forever kx-group=x448&cipher=twofish-ocb3&bulk=aead
+a8e18348:tripe:bob struct:[pub=binary,public:krXa8TLVt7496UeDHm30NaNuNKxTrAnt2PvLZ5DjzcI16cbjS5WGdDd2jsycfnr7+5CylvsUlkE=,private=struct:[priv=binary,private,burn:XAN4vEA4zC6K9OgeidUwAQIOEcq+YxNo59NlxKJlEb14dAAy6RPmaBobDxaeNuxplKvazq728ZU=]] forever forever kx-group=x448&cipher=twofish-ocb3&bulk=aead