mirrors/OpenRCT2
1
0
Fork 0
mirror of https://github.com/OpenRCT2/OpenRCT2 synced 2026-01-15 11:03:00 +01:00
Code Issues Releases Wiki Activity

Handle malformed private keys gracefully

Browse Source
This commit is contained in:
Michał Janiszewski
2016-05-21 22:43:59 +02:00
parent 553e1bdf0f
commit 66abc31fee
2 changed files with 16 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/network/NetworkKey.cpp
View File

@@ -110,7 +110,7 @@ bool NetworkKey::LoadPrivate(SDL_RWops * file)
}
RSA * rsa;
rsa = PEM_read_bio_RSAPrivateKey(bio, nullptr, nullptr, nullptr);
if (!RSA_check_key(rsa))
if (rsa == nullptr || !RSA_check_key(rsa))
{
log_error("Loaded RSA key is invalid");
BIO_free_all(bio);

17
src/network/network.cpp
View File

@@ -1875,14 +1875,27 @@ void Network::Client_Handle_TOKEN(NetworkConnection& connection, NetworkPacket&
return;
}
SDL_RWops *privkey = SDL_RWFromFile(keyPath, "rb");
key.LoadPrivate(privkey);
bool ok = key.LoadPrivate(privkey);
SDL_RWclose(privkey);
if (!ok) {
log_error("Failed to load key %s", keyPath);
connection.setLastDisconnectReason(STR_MULTIPLAYER_VERIFICATION_FAILURE);
shutdown(connection.socket, SHUT_RDWR);
return;
}
uint32 challenge_size;
packet >> challenge_size;
const char *challenge = (const char *)packet.Read(challenge_size);
size_t sigsize;
char *signature;
const std::string pubkey = key.PublicKeyString();
bool ok = key.Sign(challenge, challenge_size, &signature, &sigsize);
ok = key.Sign(challenge, challenge_size, &signature, &sigsize);
if (!ok) {
log_error("Failed to sign server's challenge.");
connection.setLastDisconnectReason(STR_MULTIPLAYER_VERIFICATION_FAILURE);
shutdown(connection.socket, SHUT_RDWR);
return;
}
// Don't keep private key in memory. There's no need and it may get leaked
// when process dump gets collected at some point in future.
key.Unload();