fixed some thread safety bugs

author: Christian Pointner <equinox@anytun.org> 2008-05-11 23:39:12 +0000
committer: Christian Pointner <equinox@anytun.org> 2008-05-11 23:39:12 +0000
commit: 4cdfe669de129ee2287d6fa7d4f9e170ca04ab2f (patch)
tree: 8bee684539b40cf2a14660eaab6493b60fcf11ce
parent: same security fix for bsd device (diff)
7 files changed, 52 insertions, 24 deletions
diff --git a/src/PracticalSocket.cpp b/src/PracticalSocket.cpp
index 6f7b51c..8565878 100644
--- a/src/PracticalSocket.cpp
+++ b/src/PracticalSocket.cpp
@@ -80,7 +80,9 @@ SocketException::SocketException(const string &message, bool inclSysMsg)
   throw() : userMessage(message) {
   if (inclSysMsg) {
     userMessage.append(": ");
-    userMessage.append(strerror(errno));
+    char buf[NL_TEXTMAX];
+    strerror_r(errno, buf, NL_TEXTMAX);
+    userMessage.append(buf);
   }
 }
 
diff --git a/src/anytun.cpp b/src/anytun.cpp
index f87628e..64da130 100644
--- a/src/anytun.cpp
+++ b/src/anytun.cpp
@@ -355,14 +355,16 @@ bool initLibGCrypt()
   
   gcry_error_t err = gcry_control (GCRYCTL_DISABLE_SECMEM, 0); 
   if( err ) {
-    std::cout << "initLibGCrypt: Failed to disable secure memory: " << gpg_strerror( err ) << std::endl;
+    char buf[NL_TEXTMAX];
+    std::cout << "initLibGCrypt: Failed to disable secure memory: " << gpg_strerror_r(err, buf, NL_TEXTMAX) << std::endl;
     return false;
   }
     
   // Tell Libgcrypt that initialization has completed.
   err = gcry_control(GCRYCTL_INITIALIZATION_FINISHED);
   if( err ) {
-    std::cout << "initLibGCrypt: Failed to finish the initialization of libgcrypt: " << gpg_strerror( err ) << std::endl;
+    char buf[NL_TEXTMAX];
+    std::cout << "initLibGCrypt: Failed to finish initialization: " << gpg_strerror_r(err, buf, NL_TEXTMAX) << std::endl;
     return false;
   }
 
diff --git a/src/authAlgo.cpp b/src/authAlgo.cpp
index 6b1c9ec..4657ddc 100644
--- a/src/authAlgo.cpp
+++ b/src/authAlgo.cpp
@@ -73,8 +73,10 @@ void Sha1AuthAlgo::setKey(Buffer& key)
     return;
 
   gcry_error_t err = gcry_md_setkey( ctx_, key.getBuf(), key.getLength() );
-  if( err )
-    cLog.msg(Log::PRIO_ERR) << "Sha1AuthAlgo::setKey: Failed to set cipher key: " << gpg_strerror( err );
+  if( err ) {
+    char buf[NL_TEXTMAX];
+    cLog.msg(Log::PRIO_ERR) << "Sha1AuthAlgo::setKey: Failed to set cipher key: " << gpg_strerror_r(err, buf, NL_TEXTMAX);
+  }
 }
 
 void Sha1AuthAlgo::generate(EncryptedPacket& packet)
diff --git a/src/bsd/tunDevice.cpp b/src/bsd/tunDevice.cpp
index 5ad6ea7..e8a2849 100644
--- a/src/bsd/tunDevice.cpp
+++ b/src/bsd/tunDevice.cpp
@@ -90,7 +90,9 @@ TunDevice::TunDevice(const char* dev_name, const char* dev_type, const char* ifc
       msg = "can't open device file (";
       msg.append(device_file);
       msg.append("): ");
-      msg.append(strerror(errno));
+      char buf[NL_TEXTMAX];
+      strerror_r(errno, buf, NL_TEXTMAX);
+      msg.append(buf);
     }
     throw std::runtime_error(msg);
   }
diff --git a/src/cipher.cpp b/src/cipher.cpp
index e98bc3b..6a572b9 100644
--- a/src/cipher.cpp
+++ b/src/cipher.cpp
@@ -78,8 +78,10 @@ AesIcmCipher::AesIcmCipher() : cipher_(NULL)
 {
       // TODO: hardcoded keysize
   gcry_error_t err = gcry_cipher_open( &cipher_, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CTR, 0 );
-  if( err )
-    cLog.msg(Log::PRIO_CRIT) << "AesIcmCipher::AesIcmCipher: Failed to open cipher";
+  if( err ) {
+    char buf[NL_TEXTMAX];
+    cLog.msg(Log::PRIO_CRIT) << "AesIcmCipher::AesIcmCipher: Failed to open cipher" << gpg_strerror_r(err, buf, NL_TEXTMAX);
+  } 
 }
 
 
@@ -95,8 +97,10 @@ void AesIcmCipher::setKey(Buffer& key)
     return;
 
   gcry_error_t err = gcry_cipher_setkey( cipher_, key.getBuf(), key.getLength() );
-  if( err )
-    cLog.msg(Log::PRIO_ERR) << "AesIcmCipher::setKey: Failed to set cipher key: " << gpg_strerror( err );
+  if( err ) {
+    char buf[NL_TEXTMAX];
+    cLog.msg(Log::PRIO_ERR) << "AesIcmCipher::setKey: Failed to set cipher key: " << gpg_strerror_r(err, buf, NL_TEXTMAX);
+  }
 }
 
 void AesIcmCipher::setSalt(Buffer& salt)
@@ -125,7 +129,8 @@ void AesIcmCipher::calc(u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t o
 
   gcry_error_t err = gcry_cipher_reset( cipher_ );
   if( err ) {
-    cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to reset cipher: " << gpg_strerror( err );
+    char buf[NL_TEXTMAX];
+    cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to reset cipher: " << gpg_strerror_r(err, buf, NL_TEXTMAX);
     return;
   }
 
@@ -154,13 +159,15 @@ void AesIcmCipher::calc(u_int8_t* in, u_int32_t ilen, u_int8_t* out, u_int32_t o
   err = gcry_cipher_setctr( cipher_, ctr_buf, written );        // TODO: hardcoded size 
   delete[] ctr_buf;
   if( err ) {
-    cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to set cipher CTR: " << gpg_strerror( err );
+    char buf[NL_TEXTMAX];
+    cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to set cipher CTR: " << gpg_strerror_r(err, buf, NL_TEXTMAX);
     return;
   }
 
   err = gcry_cipher_encrypt( cipher_, out, olen, in, ilen );
   if( err ) {
-    cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to generate cipher bitstream: " << gpg_strerror( err );
+    char buf[NL_TEXTMAX];
+    cLog.msg(Log::PRIO_ERR) << "AesIcmCipher: Failed to generate cipher bitstream: " << gpg_strerror_r(err, buf, NL_TEXTMAX);
     return;
   }
 }
diff --git a/src/keyDerivation.cpp b/src/keyDerivation.cpp
index aafde10..d2baeac 100644
--- a/src/keyDerivation.cpp
+++ b/src/keyDerivation.cpp
@@ -70,8 +70,10 @@ void AesIcmKeyDerivation::updateMasterKey()
     return;
 
   gcry_error_t err = gcry_cipher_setkey( cipher_, master_key_.getBuf(), master_key_.getLength() );
-  if( err )
-    cLog.msg(Log::PRIO_ERR) << "KeyDerivation::updateMasterKey: Failed to set cipher key: " << gpg_strerror( err );
+  if( err ) {
+    char buf[NL_TEXTMAX];
+    cLog.msg(Log::PRIO_ERR) << "KeyDerivation::updateMasterKey: Failed to set cipher key: " << gpg_strerror_r(err, buf, NL_TEXTMAX);
+  }
 }
 
 void AesIcmKeyDerivation::init(Buffer key, Buffer salt)
@@ -83,7 +85,8 @@ void AesIcmKeyDerivation::init(Buffer key, Buffer salt)
   // TODO: hardcoded size
   gcry_error_t err = gcry_cipher_open( &cipher_, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CTR, 0 );
   if( err ) {
-    cLog.msg(Log::PRIO_ERR) << "KeyDerivation::init: Failed to open cipher: " << gpg_strerror( err );
+    char buf[NL_TEXTMAX];
+    cLog.msg(Log::PRIO_ERR) << "KeyDerivation::init: Failed to open cipher: " << gpg_strerror_r(err, buf, NL_TEXTMAX);
     return;
   }
   
@@ -103,8 +106,10 @@ void AesIcmKeyDerivation::generate(satp_prf_label label, seq_nr_t seq_nr, Buffer
   }
 
   gcry_error_t err = gcry_cipher_reset( cipher_ );
-  if( err )
-    cLog.msg(Log::PRIO_ERR) << "KeyDerivation::generate: Failed to reset cipher: " << gpg_strerror( err );
+  if( err ) {
+    char buf[NL_TEXTMAX];
+    cLog.msg(Log::PRIO_ERR) << "KeyDerivation::generate: Failed to reset cipher: " << gpg_strerror_r(err, buf, NL_TEXTMAX);
+  }
 
   // see at: http://tools.ietf.org/html/rfc3711#section-4.3
   // *  Let r = index DIV key_derivation_rate (with DIV as defined above).
@@ -142,12 +147,16 @@ void AesIcmKeyDerivation::generate(satp_prf_label label, seq_nr_t seq_nr, Buffer
   err = gcry_cipher_setctr( cipher_ , ctr_buf, written );
   delete[] ctr_buf;
 
-  if( err )
-    cLog.msg(Log::PRIO_ERR) << "KeyDerivation::generate: Failed to set CTR: " << gpg_strerror( err );
+  if( err ) {
+    char buf[NL_TEXTMAX];
+    cLog.msg(Log::PRIO_ERR) << "KeyDerivation::generate: Failed to set CTR: " << gpg_strerror_r(err, buf, NL_TEXTMAX);
+  }
 
   for(u_int32_t i=0; i < key.getLength(); ++i) key[i] = 0;
   err = gcry_cipher_encrypt( cipher_, key, key.getLength(), NULL, 0);
-  if( err ) 
-    cLog.msg(Log::PRIO_ERR) << "KeyDerivation::generate: Failed to generate cipher bitstream: " << gpg_strerror( err );
+  if( err ) {
+    char buf[NL_TEXTMAX];
+    cLog.msg(Log::PRIO_ERR) << "KeyDerivation::generate: Failed to generate cipher bitstream: " << gpg_strerror_r(err, buf, NL_TEXTMAX);
+  }
 }
 
diff --git a/src/linux/tunDevice.cpp b/src/linux/tunDevice.cpp
index 3c9e180..9f0ad52 100644
--- a/src/linux/tunDevice.cpp
+++ b/src/linux/tunDevice.cpp
@@ -49,7 +49,9 @@ TunDevice::TunDevice(const char* dev_name, const char* dev_type, const char* ifc
     std::string msg("can't open device file (");
     msg.append(DEFAULT_DEVICE);
     msg.append("): ");
-    msg.append(strerror(errno));
+    char buf[NL_TEXTMAX];
+    strerror_r(errno, buf, NL_TEXTMAX);
+    msg.append(buf);
     throw std::runtime_error(msg);
   }
 
@@ -76,7 +78,9 @@ TunDevice::TunDevice(const char* dev_name, const char* dev_type, const char* ifc
 		actual_name_ = ifr.ifr_name;
 	} else {
     std::string msg("tun/tap device ioctl failed: ");
-    msg.append(strerror(errno));
+    char buf[NL_TEXTMAX];
+    strerror_r(errno, buf, NL_TEXTMAX);
+    msg.append(buf);
     throw std::runtime_error(msg);
   }
author	Christian Pointner <equinox@anytun.org>	2008-05-11 23:39:12 +0000
committer	Christian Pointner <equinox@anytun.org>	2008-05-11 23:39:12 +0000
commit	4cdfe669de129ee2287d6fa7d4f9e170ca04ab2f (patch)
tree	8bee684539b40cf2a14660eaab6493b60fcf11ce
parent	same security fix for bsd device (diff)