closes bpo-41235: Fix the error handling in SSLContext.load_dh_params() (GH-21385)

author Zackery Spytz <zspytz@gmail.com>

Wed, 8 Jul 2020 04:21:58 +0000 (22:21 -0600)

committer GitHub <noreply@github.com>

Wed, 8 Jul 2020 04:21:58 +0000 (23:21 -0500)
author Zackery Spytz <zspytz@gmail.com>
Wed, 8 Jul 2020 04:21:58 +0000 (22:21 -0600)
committer GitHub <noreply@github.com>
Wed, 8 Jul 2020 04:21:58 +0000 (23:21 -0500)
diff --git a/Misc/NEWS.d/next/Library/2020-07-07-21-56-26.bpo-41235.H2csMU.rst b/Misc/NEWS.d/next/Library/2020-07-07-21-56-26.bpo-41235.H2csMU.rst

new file mode 100644 (file)

index 0000000..c55275b
--- /dev/null
+++ b/Misc/NEWS.d/next/Library/2020-07-07-21-56-26.bpo-41235.H2csMU.rst
@@ -0,0 +1 @@
+Fix the error handling in :meth:`ssl.SSLContext.load_dh_params`.
diff --git a/Modules/_ssl.c b/Modules/_ssl.c

index 5e82fe41a76ec294be1b9a22fc2ad74abc019e70..58064178a1a343d0de20c3c1519c7ceb8483ed3b 100644 (file)
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -4309,8 +4309,10 @@ _ssl__SSLContext_load_dh_params(PySSLContext *self, PyObject *filepath)
          }
          return NULL;
      }
-    if (SSL_CTX_set_tmp_dh(self->ctx, dh) == 0)
-        _setSSLError(NULL, 0, __FILE__, __LINE__);
+    if (!SSL_CTX_set_tmp_dh(self->ctx, dh)) {
+        DH_free(dh);
+        return _setSSLError(NULL, 0, __FILE__, __LINE__);
+    }
      DH_free(dh);
      Py_RETURN_NONE;
  }
author	Zackery Spytz <zspytz@gmail.com>
	Wed, 8 Jul 2020 04:21:58 +0000 (22:21 -0600)
committer	GitHub <noreply@github.com>
	Wed, 8 Jul 2020 04:21:58 +0000 (23:21 -0500)
Misc/NEWS.d/next/Library/2020-07-07-21-56-26.bpo-41235.H2csMU.rst	[new file with mode: 0644]	patch \| blob
Modules/_ssl.c		patch \| blob \| blame \| history