]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff
projects / thirdparty / bind9.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 86b0436)
Clear OpenSSL errors on EVP_PKEY_new failures
authorMark Andrews <marka@isc.org>
Tue, 11 Jul 2023 03:25:47 +0000 (13:25 +1000)
committerMark Andrews <marka@isc.org>
Fri, 1 Sep 2023 02:01:19 +0000 (12:01 +1000)
bin/tests/system/rsabigexponent/bigkey.c patch | blob | blame | history
lib/dns/opensslecdsa_link.c patch | blob | blame | history
lib/isc/hmac.c patch | blob | blame | history

diff --git a/bin/tests/system/rsabigexponent/bigkey.c b/bin/tests/system/rsabigexponent/bigkey.c
index d3cdc97bd6f8a9244005c70ef1ce2cdd3c43c483..8b42b0b564f032b6d187d788382cf312618599b6 100644 (file)
--- a/bin/tests/system/rsabigexponent/bigkey.c
+++ b/bin/tests/system/rsabigexponent/bigkey.c
@@ -83,6 +83,7 @@ main(int argc, char **argv) {
            !EVP_PKEY_set1_RSA(pkey, rsa))
        {
                fprintf(stderr, "fatal error: basic OpenSSL failure\n");
+               ERR_clear_error();
                exit(1);
        }
 
@@ -98,6 +99,7 @@ main(int argc, char **argv) {
                        "fatal error: RSA_generate_key_ex() fails "
                        "at file %s line %d\n",
                        __FILE__, __LINE__);
+               ERR_clear_error();
                exit(1);
        }
 
diff --git a/lib/dns/opensslecdsa_link.c b/lib/dns/opensslecdsa_link.c
index 19596dbd131497d9600ce0f6c75f498c8c7fa028..a2239e265140041016661e8b3e83aa6b434ebb2e 100644 (file)
--- a/lib/dns/opensslecdsa_link.c
+++ b/lib/dns/opensslecdsa_link.c
@@ -323,7 +323,7 @@ opensslecdsa_create_pkey_legacy(unsigned int key_alg, bool private,
 
        pkey = EVP_PKEY_new();
        if (pkey == NULL) {
-               DST_RET(ISC_R_NOMEMORY);
+               DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY));
        }
        if (!EVP_PKEY_set1_EC_KEY(pkey, eckey)) {
                DST_RET(dst__openssl_toresult(ISC_R_FAILURE));
@@ -515,7 +515,7 @@ opensslecdsa_generate_pkey(unsigned int key_alg, EVP_PKEY **retkey) {
 
        pkey = EVP_PKEY_new();
        if (pkey == NULL) {
-               DST_RET(ISC_R_NOMEMORY);
+               DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY));
        }
        if (EVP_PKEY_set1_EC_KEY(pkey, eckey) != 1) {
                DST_RET(dst__openssl_toresult2("EVP_PKEY_set1_EC_KEY",
diff --git a/lib/isc/hmac.c b/lib/isc/hmac.c
index 8fce30bda907e14228234fc60d1cd4c3dd23e50a..15a217f218ea25082e99e66e20ffbc1646639ca0 100644 (file)
--- a/lib/isc/hmac.c
+++ b/lib/isc/hmac.c
@@ -55,6 +55,7 @@ isc_hmac_init(isc_hmac_t *hmac, const void *key, const size_t keylen,
 
        pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, key, keylen);
        if (pkey == NULL) {
+               ERR_clear_error();
                return (ISC_R_CRYPTOFAILURE);
        }
 
Mirror of https://gitlab.isc.org/isc-projects/bind9.git