upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-28 04:34:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

don't transform errors in hmac_sign

Browse source 
The change from DST_R_OPENSSLFAILURE to ISC_R_CRYPTOFAILURE seems to be
benign. Furthermore it should a bug to rely on the exacts crypto failure
code.
This commit is contained in:
Aydın Mercan 2026-01-14 17:40:24 +03:00
parent 19c9053a6b
commit ecb677658f
No known key found for this signature in database
1 changed files with 1 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
lib/dns/hmac_link.c
View file

@ -199,18 +199,10 @@ hmac_adddata(const dst_context_t *dctx, const isc_region_t *data) {
static isc_result_t
hmac_sign(const dst_context_t *dctx, isc_buffer_t *sig) {
isc_hmac_t *ctx = dctx->ctxdata.hmac_ctx;
isc_result_t r;
REQUIRE(ctx != NULL);
r = isc_hmac_final(ctx, sig);
/* Turn CRYPTOFAILURE into OPENSSLFAILURE */
if (r == ISC_R_CRYPTOFAILURE) {
r = DST_R_OPENSSLFAILURE;
}
return r;
return isc_hmac_final(ctx, sig);
}
static isc_result_t