krb5 commit: Restore OpenSSL 1.0 compatibility in softpkcs11
Greg Hudson
ghudson at mit.edu
Mon Sep 20 14:44:15 EDT 2021
https://github.com/krb5/krb5/commit/036ce5ef478679ca31a27d3e83f9c603f205dc90
commit 036ce5ef478679ca31a27d3e83f9c603f205dc90
Author: Greg Hudson <ghudson at mit.edu>
Date: Mon Sep 20 11:14:29 2021 -0400
Restore OpenSSL 1.0 compatibility in softpkcs11
Commit 00de1aad7b3647b91017c7009b0bc65cd0c8b2e0 used
OPENSSL_clear_free(), which was added in OpenSSL 1.1. Use
OPENSSL_cleanse() and OPENSSL_free() instead.
src/tests/softpkcs11/main.c | 9 ++++++---
1 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/src/tests/softpkcs11/main.c b/src/tests/softpkcs11/main.c
index 86b4ef7..82b05ff 100644
--- a/src/tests/softpkcs11/main.c
+++ b/src/tests/softpkcs11/main.c
@@ -1590,7 +1590,8 @@ C_Encrypt(CK_SESSION_HANDLE hSession,
ret = CKR_OK;
out:
- OPENSSL_clear_free(buffer, buffer_len);
+ OPENSSL_cleanse(buffer, buffer_len);
+ OPENSSL_free(buffer);
EVP_PKEY_CTX_free(ctx);
return ret;
}
@@ -1732,7 +1733,8 @@ C_Decrypt(CK_SESSION_HANDLE hSession,
ret = CKR_OK;
out:
- OPENSSL_clear_free(buffer, buffer_len);
+ OPENSSL_cleanse(buffer, buffer_len);
+ OPENSSL_free(buffer);
EVP_PKEY_CTX_free(ctx);
return ret;
}
@@ -1879,7 +1881,8 @@ C_Sign(CK_SESSION_HANDLE hSession,
ret = CKR_OK;
out:
- OPENSSL_clear_free(buffer, buffer_len);
+ OPENSSL_cleanse(buffer, buffer_len);
+ OPENSSL_free(buffer);
EVP_PKEY_CTX_free(ctx);
return ret;
}
More information about the cvs-krb5
mailing list