[CritFix] Fix writing of encrypted HTTP requests

diff --git a/src/libcryptobox/keypair.c b/src/libcryptobox/keypair.c
index 51e0231284c5ad2e7ebafadb17a375587b04c956..355654ffcd7dba8510e0bcc1e3214cbae213bcf4 100644 (file)
--- a/src/libcryptobox/keypair.c
+++ b/src/libcryptobox/keypair.c
@@ -460,6 +460,14 @@ rspamd_pubkey_calculate_nm (struct rspamd_cryptobox_pubkey *p,
        g_assert (kp->type == p->type);
        g_assert (p->type == RSPAMD_KEYPAIR_KEX);
 
+       if (p->nm == NULL) {
+               if (posix_memalign ((void **)&p->nm, 32, sizeof (*p->nm)) != 0) {
+                       abort ();
+               }
+
+               REF_INIT_RETAIN (p->nm, rspamd_cryptobox_nm_dtor);
+       }
+
        if (kp->alg == RSPAMD_CRYPTOBOX_MODE_25519) {
                struct rspamd_cryptobox_pubkey_25519 *rk_25519 =
                                RSPAMD_CRYPTOBOX_PUBKEY_25519(p);

diff --git a/src/libutil/http.c b/src/libutil/http.c
index 8102a26c039b0f5157e201663d45702ac1954201..0536da453ae4be5a3d9780713a41884a959b4e4b 100644 (file)
--- a/src/libutil/http.c
+++ b/src/libutil/http.c
@@ -1495,7 +1495,7 @@ rspamd_http_connection_encrypt_message (
 
        cnt = i;
 
-       if ((nm = rspamd_pubkey_get_nm (peer_key))) {
+       if ((nm = rspamd_pubkey_get_nm (peer_key)) == NULL) {
                nm = rspamd_pubkey_calculate_nm (peer_key, priv->local_key);
        }