Don't set pubkey if eckey already has public key

The 'ecdsa_check()' function tries to correctly set the public key
on the eckey, but this should be skipped if the public key is
retrieved via the private key.

(cherry picked from commit 06b972415296a397d7eca7be01432e87f531fae5)

diff --git a/lib/dns/opensslecdsa_link.c b/lib/dns/opensslecdsa_link.c
index e7cfcf2d0762ee44f84f6fe189d7d7ab7d8ec981..814b0f6a0a04acc0c905dccaef7d10ed3555419b 100644 (file)
--- a/lib/dns/opensslecdsa_link.c
+++ b/lib/dns/opensslecdsa_link.c
@@ -563,17 +563,21 @@ static isc_result_t
 ecdsa_check(EC_KEY *eckey, EC_KEY *pubeckey) {
        const EC_POINT *pubkey;
 
-       pubkey = EC_KEY_get0_public_key(pubeckey);
-       if (pubkey == NULL) {
-               return (ISC_R_SUCCESS);
-       }
-       if (EC_KEY_set_public_key(eckey, pubkey) != 1) {
+       pubkey = EC_KEY_get0_public_key(eckey);
+       if (pubkey != NULL) {
                return (ISC_R_SUCCESS);
+       } else if (pubeckey != NULL) {
+               pubkey = EC_KEY_get0_public_key(pubeckey);
+               if (pubkey == NULL) {
+                       return (ISC_R_SUCCESS);
+               }
+               if (EC_KEY_set_public_key(eckey, pubkey) != 1) {
+                       return (ISC_R_SUCCESS);
+               }
        }
        if (EC_KEY_check_key(eckey) == 1) {
                return (ISC_R_SUCCESS);
        }
-
        return (ISC_R_FAILURE);
 }