krb5 commit: Don't assume OpenSSL failures are memory errors
Greg Hudson
ghudson at mit.edu
Thu Feb 6 17:24:57 EST 2020
https://github.com/krb5/krb5/commit/bf9b2134ceddd6c727362be894b1c95c297a0f17
commit bf9b2134ceddd6c727362be894b1c95c297a0f17
Author: Robbie Harwood <rharwood at redhat.com>
Date: Wed Feb 5 12:56:00 2020 -0500
Don't assume OpenSSL failures are memory errors
More recent versions of OpenSSL can fail for other reasons. Indicate
a crypto-related error occurred rather than a memory error to aid
debugging.
ticket: 8873 (new)
tags: pullup
target_version: 1.18
target_version: 1.17-next
src/lib/crypto/openssl/hash_provider/hash_evp.c | 2 +-
src/lib/crypto/openssl/sha256.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/lib/crypto/openssl/hash_provider/hash_evp.c b/src/lib/crypto/openssl/hash_provider/hash_evp.c
index 957ed8d..1e0fb8f 100644
--- a/src/lib/crypto/openssl/hash_provider/hash_evp.c
+++ b/src/lib/crypto/openssl/hash_provider/hash_evp.c
@@ -58,7 +58,7 @@ hash_evp(const EVP_MD *type, const krb5_crypto_iov *data, size_t num_data,
}
ok = ok && EVP_DigestFinal_ex(ctx, (uint8_t *)output->data, NULL);
EVP_MD_CTX_free(ctx);
- return ok ? 0 : ENOMEM;
+ return ok ? 0 : KRB5_CRYPTO_INTERNAL;
}
static krb5_error_code
diff --git a/src/lib/crypto/openssl/sha256.c b/src/lib/crypto/openssl/sha256.c
index 0edd8b7..f9dfc85 100644
--- a/src/lib/crypto/openssl/sha256.c
+++ b/src/lib/crypto/openssl/sha256.c
@@ -48,5 +48,5 @@ k5_sha256(const krb5_data *in, size_t n, uint8_t out[K5_SHA256_HASHLEN])
ok = ok && EVP_DigestUpdate(ctx, in[i].data, in[i].length);
ok = ok && EVP_DigestFinal_ex(ctx, out, NULL);
EVP_MD_CTX_free(ctx);
- return ok ? 0 : ENOMEM;
+ return ok ? 0 : KRB5_CRYPTO_INTERNAL;
}
More information about the cvs-krb5
mailing list