don't transform errors in hmac_sign

The change from DST_R_OPENSSLFAILURE to ISC_R_CRYPTOFAILURE seems to be
benign. Furthermore it should a bug to rely on the exacts crypto failure
code.

diff --git a/lib/dns/hmac_link.c b/lib/dns/hmac_link.c
index aa3d5d7141dd69dcd02d6fb10cb09d55bc1ceb8b..41913095f23ca4ce3d39fd1f10e01847082e690c 100644 (file)
--- a/lib/dns/hmac_link.c
+++ b/lib/dns/hmac_link.c
@@ -199,18 +199,10 @@ hmac_adddata(const dst_context_t *dctx, const isc_region_t *data) {
 static isc_result_t
 hmac_sign(const dst_context_t *dctx, isc_buffer_t *sig) {
        isc_hmac_t *ctx = dctx->ctxdata.hmac_ctx;
-       isc_result_t r;
 
        REQUIRE(ctx != NULL);
 
-       r = isc_hmac_final(ctx, sig);
-
-       /* Turn CRYPTOFAILURE into OPENSSLFAILURE */
-       if (r == ISC_R_CRYPTOFAILURE) {
-               r = DST_R_OPENSSLFAILURE;
-       }
-
-       return r;
+       return isc_hmac_final(ctx, sig);
 }
 
 static isc_result_t