From: Jouni Malinen <j@w1.fi>
Date: Fri, 15 Jul 2016 08:36:31 +0000 (+0300)
Subject: OpenSSL: Fix OpenSSL 1.1.0 DH operation
X-Git-Tag: hostap_2_6~214
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=460e5cdf430372df3fff366ff7085cfd4afe8818;p=thirdparty%2Fhostap.git

OpenSSL: Fix OpenSSL 1.1.0 DH operation

Commit 49fe2ada20d5fd53c0388442d23e7f03086f4d57 ('OpenSSL: Support
OpenSSL 1.1.0 DH opacity') started using the new accessor functions, but
used incorrect success check for the DH_set0_key() call. This resulted
in dh5_init_fixed() failures and double-free on error path if the build
was linked against OpenSSL 1.1.0. Fix this by checking DH_set0_key()
return value to be 1 for the success case.

Signed-off-by: Jouni Malinen <j@w1.fi>
---

diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
index fde154faf..7f33686f8 100644
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -754,7 +754,7 @@ err:
 
 	priv_key = BN_bin2bn(wpabuf_head(priv), wpabuf_len(priv), NULL);
 	pub_key = BN_bin2bn(wpabuf_head(publ), wpabuf_len(publ), NULL);
-	if (!priv_key || !pub_key || DH_set0_key(dh, pub_key, priv_key) != 0)
+	if (!priv_key || !pub_key || DH_set0_key(dh, pub_key, priv_key) != 1)
 		goto err;
 	pub_key = NULL;
 	priv_key = NULL;