Improved handling of key-material

author: Mathias Hall-Andersen <mathias@hall-andersen.dk> 2017-09-01 14:21:53 +0200
committer: Mathias Hall-Andersen <mathias@hall-andersen.dk> 2017-09-01 14:21:53 +0200
commit: 0294a5c0dd753786996e62236b7d8d524201ace4 (patch)
tree: 6e4623154072100ff402b45c2ac26fcff30da0fd /src/send.go
parent: 239d582cb213775d6896908bbcdaad79e143cbd6 (diff)
download: wireguard-go-0294a5c0dd753786996e62236b7d8d524201ace4.tar.gz
wireguard-go-0294a5c0dd753786996e62236b7d8d524201ace4.zip
1 files changed, 13 insertions, 6 deletions
diff --git a/src/send.go b/src/send.go
index 7d4014a..c598ad4 100644
--- a/src/send.go
+++ b/src/send.go
@@ -349,12 +349,19 @@ func (device *Device) RoutineEncryption() {
 		// encrypt content (append to header)
 
 		binary.LittleEndian.PutUint64(nonce[4:], elem.nonce)
-		elem.packet = elem.keyPair.send.Seal(
-			header,
-			nonce[:],
-			elem.packet,
-			nil,
-		)
+		elem.keyPair.send.mutex.RLock()
+		if elem.keyPair.send.aead == nil {
+			// very unlikely (the key was deleted during queuing)
+			elem.Drop()
+		} else {
+			elem.packet = elem.keyPair.send.aead.Seal(
+				header,
+				nonce[:],
+				elem.packet,
+				nil,
+			)
+		}
+		elem.keyPair.send.mutex.RUnlock()
 		elem.mutex.Unlock()
 
 		// refresh key if necessary
author	Mathias Hall-Andersen <mathias@hall-andersen.dk>	2017-09-01 14:21:53 +0200
committer	Mathias Hall-Andersen <mathias@hall-andersen.dk>	2017-09-01 14:21:53 +0200
commit	0294a5c0dd753786996e62236b7d8d524201ace4 (patch)
tree	6e4623154072100ff402b45c2ac26fcff30da0fd /src/send.go
parent	239d582cb213775d6896908bbcdaad79e143cbd6 (diff)
download	wireguard-go-0294a5c0dd753786996e62236b7d8d524201ace4.tar.gz wireguard-go-0294a5c0dd753786996e62236b7d8d524201ace4.zip