[openssl] OpenSSL_1_1_1-stable update
bernd.edlinger at hotmail.de
bernd.edlinger at hotmail.de
Mon Sep 9 12:46:43 UTC 2019
The branch OpenSSL_1_1_1-stable has been updated
via 8003138fa9674bb160ced09520de43c3618d3ede (commit)
from 1f9dc86b557dd259b636882836885d8e6714735e (commit)
- Log -----------------------------------------------------------------
commit 8003138fa9674bb160ced09520de43c3618d3ede
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date: Sat Sep 7 00:58:31 2019 +0200
DH_check_pub_key_ex was accidentally calling DH_check,
so results were undefined.
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9796)
(cherry picked from commit 2b95e8efcf8b99892106070d9ac745a0a369f503)
-----------------------------------------------------------------------
Summary of changes:
crypto/dh/dh_check.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c
index 6d81101e9d..d13d8206ce 100644
--- a/crypto/dh/dh_check.c
+++ b/crypto/dh/dh_check.c
@@ -164,7 +164,8 @@ int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key)
{
int errflags = 0;
- (void)DH_check(dh, &errflags);
+ if (!DH_check_pub_key(dh, pub_key, &errflags))
+ return 0;
if ((errflags & DH_CHECK_PUBKEY_TOO_SMALL) != 0)
DHerr(DH_F_DH_CHECK_PUB_KEY_EX, DH_R_CHECK_PUBKEY_TOO_SMALL);
More information about the openssl-commits
mailing list