[openssl] master update
shane.lontis at oracle.com
shane.lontis at oracle.com
Tue Jun 1 05:31:37 UTC 2021
The branch master has been updated
via 3c15d677054b952c707aeaf781aec42b86a54ebb (commit)
from 9ff4b7b0c7b445bcc9b98fde9107fa9520d17f04 (commit)
- Log -----------------------------------------------------------------
commit 3c15d677054b952c707aeaf781aec42b86a54ebb
Author: Shane Lontis <shane.lontis at oracle.com>
Date: Sat May 29 17:16:22 2021 +1000
Fix error stack for some fetch calls.
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15532)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/evp_pbe.c | 7 ++++++-
crypto/evp/p5_crpt2.c | 3 +++
crypto/evp/p_lib.c | 9 +++++++--
3 files changed, 16 insertions(+), 3 deletions(-)
diff --git a/crypto/evp/evp_pbe.c b/crypto/evp/evp_pbe.c
index 6347a0635f..129888f2f7 100644
--- a/crypto/evp/evp_pbe.c
+++ b/crypto/evp/evp_pbe.c
@@ -117,28 +117,33 @@ int EVP_PBE_CipherInit_ex(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
passlen = strlen(pass);
if (cipher_nid != -1) {
+ (void)ERR_set_mark();
cipher = cipher_fetch = EVP_CIPHER_fetch(libctx, OBJ_nid2sn(cipher_nid), propq);
/* Fallback to legacy method */
if (cipher == NULL)
cipher = EVP_get_cipherbynid(cipher_nid);
-
if (cipher == NULL) {
+ (void)ERR_clear_last_mark();
ERR_raise_data(ERR_LIB_EVP, EVP_R_UNKNOWN_CIPHER,
OBJ_nid2sn(cipher_nid));
goto err;
}
+ (void)ERR_pop_to_mark();
}
if (md_nid != -1) {
+ (void)ERR_set_mark();
md = md_fetch = EVP_MD_fetch(libctx, OBJ_nid2sn(md_nid), propq);
/* Fallback to legacy method */
if (md == NULL)
EVP_get_digestbynid(md_nid);
if (md == NULL) {
+ (void)ERR_clear_last_mark();
ERR_raise(ERR_LIB_EVP, EVP_R_UNKNOWN_DIGEST);
goto err;
}
+ (void)ERR_pop_to_mark();
}
/* Try extended keygen with libctx/propq first, fall back to legacy keygen */
diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c
index e7a2b51091..54773304fd 100644
--- a/crypto/evp/p5_crpt2.c
+++ b/crypto/evp/p5_crpt2.c
@@ -141,15 +141,18 @@ int PKCS5_v2_PBE_keyivgen_ex(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
goto err;
}
+ (void)ERR_set_mark();
cipher = cipher_fetch = EVP_CIPHER_fetch(libctx, ciph_name, propq);
/* Fallback to legacy method */
if (cipher == NULL)
cipher = EVP_get_cipherbyname(ciph_name);
if (cipher == NULL) {
+ (void)ERR_clear_last_mark();
ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_CIPHER);
goto err;
}
+ (void)ERR_pop_to_mark();
/* Fixup cipher based on AlgorithmIdentifier */
if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de))
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index 9b31c58288..d2c871179e 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -1268,10 +1268,15 @@ static int legacy_asn1_ctrl_to_param(EVP_PKEY *pkey, int op,
int mdnum;
OSSL_LIB_CTX *libctx = ossl_provider_libctx(pkey->keymgmt->prov);
/* Make sure the MD is in the namemap if available */
- EVP_MD *md = EVP_MD_fetch(libctx, mdname, NULL);
- OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
+ EVP_MD *md;
+ OSSL_NAMEMAP *namemap;
int nid = NID_undef;
+ (void)ERR_set_mark();
+ md = EVP_MD_fetch(libctx, mdname, NULL);
+ (void)ERR_pop_to_mark();
+ namemap = ossl_namemap_stored(libctx);
+
/*
* The only reason to fetch the MD was to make sure it is in the
* namemap. We can immediately free it.
More information about the openssl-commits
mailing list