Blame SOURCES/openssl-pkcs11-0.4.8-error-handling-evp-pkey-set1-engine.patch
|
 |
61e0f4 |
From f41dba3102f4257fe366adf4cd8f0a0088c9b3f1 Mon Sep 17 00:00:00 2001
|
|
|
61e0f4 |
From: =?UTF-8?q?Micha=C5=82=20Trojnara?= <Michal.Trojnara@stunnel.org>
|
|
|
61e0f4 |
Date: Thu, 23 Aug 2018 22:27:55 +0200
|
|
|
61e0f4 |
Subject: [PATCH 04/23] Error handling for EVP_PKEY_set1_engine()
|
|
|
61e0f4 |
|
|
|
61e0f4 |
---
|
|
|
61e0f4 |
src/eng_front.c | 8 ++++++--
|
|
|
61e0f4 |
1 file changed, 6 insertions(+), 2 deletions(-)
|
|
|
61e0f4 |
|
|
|
61e0f4 |
diff --git a/src/eng_front.c b/src/eng_front.c
|
|
|
61e0f4 |
index 853fa5a..5fe8f55 100644
|
|
|
61e0f4 |
--- a/src/eng_front.c
|
|
|
61e0f4 |
+++ b/src/eng_front.c
|
|
|
61e0f4 |
@@ -233,8 +233,12 @@ static EVP_PKEY *load_privkey(ENGINE *engine, const char *s_key_id,
|
|
|
61e0f4 |
#ifdef EVP_F_EVP_PKEY_SET1_ENGINE
|
|
|
61e0f4 |
/* EVP_PKEY_set1_engine() is required for OpenSSL 1.1.x,
|
|
|
61e0f4 |
* but otherwise setting pkey->engine breaks OpenSSL 1.0.2 */
|
|
|
61e0f4 |
- if (pkey)
|
|
|
61e0f4 |
- EVP_PKEY_set1_engine(pkey, engine);
|
|
|
61e0f4 |
+ if (pkey) {
|
|
|
61e0f4 |
+ if (!EVP_PKEY_set1_engine(pkey, engine)) {
|
|
|
61e0f4 |
+ EVP_PKEY_free(pkey);
|
|
|
61e0f4 |
+ return NULL;
|
|
|
61e0f4 |
+ }
|
|
|
61e0f4 |
+ }
|
|
|
61e0f4 |
#endif /* EVP_F_EVP_PKEY_SET1_ENGINE */
|
|
|
61e0f4 |
return pkey;
|
|
|
61e0f4 |
}
|
|
|
61e0f4 |
--
|
|
|
61e0f4 |
2.17.1
|
|
|
61e0f4 |
|