krb5 commit [krb5-1.17]: Don't assume OpenSSL failures are memory errors
Greg Hudson
ghudson at mit.edu
Mon Feb 10 17:15:48 EST 2020
https://github.com/krb5/krb5/commit/1a8e94f85b5177187a6ca953225d491257a1835d
commit 1a8e94f85b5177187a6ca953225d491257a1835d
Author: Robbie Harwood <rharwood at redhat.com>
Date: Wed Feb 5 12:56:00 2020 -0500
Don't assume OpenSSL failures are memory errors
More recent versions of OpenSSL can fail for other reasons. Indicate
a crypto-related error occurred rather than a memory error to aid
debugging.
(cherry picked from commit bf9b2134ceddd6c727362be894b1c95c297a0f17)
ticket: 8873
version_fixed: 1.17.2
src/lib/crypto/openssl/hash_provider/hash_evp.c | 2 +-
src/lib/crypto/openssl/sha256.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/lib/crypto/openssl/hash_provider/hash_evp.c b/src/lib/crypto/openssl/hash_provider/hash_evp.c
index 957ed8d..1e0fb8f 100644
--- a/src/lib/crypto/openssl/hash_provider/hash_evp.c
+++ b/src/lib/crypto/openssl/hash_provider/hash_evp.c
@@ -58,7 +58,7 @@ hash_evp(const EVP_MD *type, const krb5_crypto_iov *data, size_t num_data,
}
ok = ok && EVP_DigestFinal_ex(ctx, (uint8_t *)output->data, NULL);
EVP_MD_CTX_free(ctx);
- return ok ? 0 : ENOMEM;
+ return ok ? 0 : KRB5_CRYPTO_INTERNAL;
}
static krb5_error_code
diff --git a/src/lib/crypto/openssl/sha256.c b/src/lib/crypto/openssl/sha256.c
index 0edd8b7..f9dfc85 100644
--- a/src/lib/crypto/openssl/sha256.c
+++ b/src/lib/crypto/openssl/sha256.c
@@ -48,5 +48,5 @@ k5_sha256(const krb5_data *in, size_t n, uint8_t out[K5_SHA256_HASHLEN])
ok = ok && EVP_DigestUpdate(ctx, in[i].data, in[i].length);
ok = ok && EVP_DigestFinal_ex(ctx, out, NULL);
EVP_MD_CTX_free(ctx);
- return ok ? 0 : ENOMEM;
+ return ok ? 0 : KRB5_CRYPTO_INTERNAL;
}
More information about the cvs-krb5
mailing list