checkKey: handle NULL error string from OpenSSL more gracefully

author Peter van Dijk <peter.van.dijk@powerdns.com>

Tue, 10 Aug 2021 11:56:25 +0000 (13:56 +0200)

committer Peter van Dijk <peter.van.dijk@powerdns.com>

Tue, 10 Aug 2021 11:56:31 +0000 (13:56 +0200)
author Peter van Dijk <peter.van.dijk@powerdns.com>
Tue, 10 Aug 2021 11:56:25 +0000 (13:56 +0200)
committer Peter van Dijk <peter.van.dijk@powerdns.com>
Tue, 10 Aug 2021 11:56:31 +0000 (13:56 +0200)
diff --git a/pdns/opensslsigners.cc b/pdns/opensslsigners.cc

index cee5e6069ada7800e1257109a7725b0129e19f7e..0f5396cea225e2f03a95eeadd1d0e5b723ab83c0 100644 (file)
--- a/pdns/opensslsigners.cc
+++ b/pdns/opensslsigners.cc
@@ -491,7 +491,11 @@ bool OpenSSLRSADNSCryptoKeyEngine::checkKey(vector<string> *errorMessages) const
    if (RSA_check_key(d_key.get()) != 1) {
      retval = false;
      if (errorMessages != nullptr) {
-      errorMessages->push_back(ERR_reason_error_string(ERR_get_error()));
+      auto errmsg = ERR_reason_error_string(ERR_get_error());
+      if (errmsg == nullptr) {
+        errmsg = "Unknown OpenSSL error";
+      }
+      errorMessages->push_back(errmsg);
      }
    }
    return retval;
@@ -802,7 +806,11 @@ bool OpenSSLECDSADNSCryptoKeyEngine::checkKey(vector<string> *errorMessages) con
    if (EC_KEY_check_key(d_eckey.get()) != 1) {
      retval = false;
      if (errorMessages != nullptr) {
-      errorMessages->push_back(ERR_reason_error_string(ERR_get_error()));
+      auto errmsg = ERR_reason_error_string(ERR_get_error());
+      if (errmsg == nullptr) {
+        errmsg = "Unknown OpenSSL error";
+      }
+      errorMessages->push_back(errmsg);
      }
    }
    return retval;
author	Peter van Dijk <peter.van.dijk@powerdns.com>
	Tue, 10 Aug 2021 11:56:25 +0000 (13:56 +0200)
committer	Peter van Dijk <peter.van.dijk@powerdns.com>
	Tue, 10 Aug 2021 11:56:31 +0000 (13:56 +0200)