[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Mon Jun 13 16:31:08 UTC 2016
The branch master has been updated
via 25b9d11c002e5c71840c2a6733c5009d78f2c9db (commit)
from 74726750ef041ba5fdf0516cbd060a202f7092c1 (commit)
- Log -----------------------------------------------------------------
commit 25b9d11c002e5c71840c2a6733c5009d78f2c9db
Author: Matt Caswell <matt at openssl.org>
Date: Wed Jun 1 23:15:12 2016 +0100
Handle inability to create AFALG socket
Some Linux platforms have a suitably recent kernel to support AFALG, but
apparently you still can't actually create an afalg socket. This extends
the afalg_chk_platform() function to additionally check whether we can
create an AFALG socket. We also amend the afalgtest to not report a
failure to load the engine as a test failure. A failure to load is almost
certainly due to platform environmental issues, and not an OpenSSL problem.
RT 4434
Reviewed-by: Andy Polyakov <appro at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
engines/afalg/e_afalg.c | 9 +++++++++
test/afalgtest.c | 9 +++++++--
2 files changed, 16 insertions(+), 2 deletions(-)
diff --git a/engines/afalg/e_afalg.c b/engines/afalg/e_afalg.c
index 2d6fa58..2e7ce34 100644
--- a/engines/afalg/e_afalg.c
+++ b/engines/afalg/e_afalg.c
@@ -731,6 +731,7 @@ static int afalg_chk_platform(void)
int ret;
int i;
int kver[3] = { -1, -1, -1 };
+ int sock;
char *str;
struct utsname ut;
@@ -758,6 +759,14 @@ static int afalg_chk_platform(void)
return 0;
}
+ /* Test if we can actually create an AF_ALG socket */
+ sock = socket(AF_ALG, SOCK_SEQPACKET, 0);
+ if (sock == -1) {
+ AFALGerr(AFALG_F_AFALG_CHK_PLATFORM, AFALG_R_SOCKET_CREATE_FAILED);
+ return 0;
+ }
+ close(sock);
+
return 1;
}
diff --git a/test/afalgtest.c b/test/afalgtest.c
index 3baced7..7fc03ba 100644
--- a/test/afalgtest.c
+++ b/test/afalgtest.c
@@ -102,8 +102,13 @@ int main(int argc, char **argv)
e = ENGINE_by_id("afalg");
if (e == NULL) {
- fprintf(stderr, "AFALG Test: Failed to load AFALG Engine\n");
- return 1;
+ /*
+ * A failure to load is probably a platform environment problem so we
+ * don't treat this as an OpenSSL test failure, i.e. we return 0
+ */
+ fprintf(stderr,
+ "AFALG Test: Failed to load AFALG Engine - skipping test\n");
+ return 0;
}
if (test_afalg_aes_128_cbc(e) == 0) {
More information about the openssl-commits
mailing list