mirror of
https://github.com/isc-projects/bind9.git
synced 2026-06-09 00:02:04 -04:00
1235. [func] Report 'out of memory' errors from openssl.
This commit is contained in:
Mark Andrews
parent
b597abd9cc
commit
f76c4ebaf5
7 changed files with 73 additions and 23 deletions
2
CHANGES
2
CHANGES
|
|
@ -1,3 +1,5 @@
|
|||
1235. [func] Report 'out of memory' errors from openssl.
|
||||
|
||||
1234. [bug] contrib/sdb: 'zonetodb' failed to call
|
||||
dns_result_register(). DNS_R_SEENINCLUDE should not
|
||||
be fatal.
|
||||
|
|
|
|||
33
lib/dns/sec/dst/dst_openssl.h
Normal file
33
lib/dns/sec/dst/dst_openssl.h
Normal file
|
|
@ -0,0 +1,33 @@
|
|||
/*
|
||||
* Copyright (C) 2002 Internet Software Consortium.
|
||||
*
|
||||
* Permission to use, copy, modify, and distribute this software for any
|
||||
* purpose with or without fee is hereby granted, provided that the above
|
||||
* copyright notice and this permission notice appear in all copies.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
|
||||
* DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
|
||||
* INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
|
||||
* INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
|
||||
* FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
|
||||
* NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
|
||||
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
/* $Id: dst_openssl.h,v 1.1 2002/03/19 04:30:53 marka Exp $ */
|
||||
|
||||
#ifndef DST_OPENSSL_H
|
||||
#define DST_OPENSSL_H 1
|
||||
|
||||
#include <isc/lang.h>
|
||||
#include <isc/result.h>
|
||||
|
||||
ISC_LANG_BEGINDECLS
|
||||
|
||||
isc_result_t
|
||||
dst__openssl_toresult(isc_result_t fallback);
|
||||
|
||||
ISC_LANG_ENDDECLS
|
||||
|
||||
#endif /* DST_OPENSSL_H */
|
||||
|
|
@ -19,7 +19,7 @@
|
|||
|
||||
/*
|
||||
* Principal Author: Brian Wellington
|
||||
* $Id: openssl_link.c,v 1.49 2001/11/30 01:59:31 gson Exp $
|
||||
* $Id: openssl_link.c,v 1.50 2002/03/19 04:30:53 marka Exp $
|
||||
*/
|
||||
#ifdef OPENSSL
|
||||
|
||||
|
|
@ -34,6 +34,7 @@
|
|||
#include <isc/util.h>
|
||||
|
||||
#include "dst_internal.h"
|
||||
#include "dst_openssl.h"
|
||||
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/rand.h>
|
||||
|
|
@ -188,6 +189,22 @@ dst__openssl_destroy() {
|
|||
mem_free(rm);
|
||||
}
|
||||
|
||||
isc_result_t
|
||||
dst__openssl_toresult(isc_result_t fallback) {
|
||||
isc_result_t result = fallback;
|
||||
int err = ERR_get_error();
|
||||
|
||||
switch (ERR_GET_REASON(err)) {
|
||||
case ERR_R_MALLOC_FAILURE:
|
||||
result = ISC_R_NOMEMORY;
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
ERR_clear_error();
|
||||
return (result);
|
||||
}
|
||||
|
||||
#else /* OPENSSL */
|
||||
|
||||
#include <isc/util.h>
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@
|
|||
|
||||
/*
|
||||
* Principal Author: Brian Wellington
|
||||
* $Id: openssldh_link.c,v 1.47 2002/02/27 22:12:01 bwelling Exp $
|
||||
* $Id: openssldh_link.c,v 1.48 2002/03/19 04:30:55 marka Exp $
|
||||
*/
|
||||
|
||||
#ifdef OPENSSL
|
||||
|
|
@ -35,6 +35,7 @@
|
|||
#include <dst/result.h>
|
||||
|
||||
#include "dst_internal.h"
|
||||
#include "dst_openssl.h"
|
||||
#include "dst_parse.h"
|
||||
|
||||
#include <openssl/dh.h>
|
||||
|
|
@ -83,7 +84,7 @@ openssldh_computesecret(const dst_key_t *pub, const dst_key_t *priv,
|
|||
return (ISC_R_NOSPACE);
|
||||
ret = DH_compute_key(r.base, dhpub->pub_key, dhpriv);
|
||||
if (ret == 0)
|
||||
return (DST_R_COMPUTESECRETFAILURE);
|
||||
return (dst__openssl_toresult(DST_R_COMPUTESECRETFAILURE));
|
||||
isc_buffer_add(secret, len);
|
||||
return (ISC_R_SUCCESS);
|
||||
}
|
||||
|
|
@ -167,11 +168,11 @@ openssldh_generate(dst_key_t *key, int generator) {
|
|||
NULL, NULL);
|
||||
|
||||
if (dh == NULL)
|
||||
return (DST_R_OPENSSLFAILURE);
|
||||
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
|
||||
|
||||
if (DH_generate_key(dh) == 0) {
|
||||
DH_free(dh);
|
||||
return (DST_R_OPENSSLFAILURE);
|
||||
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
|
||||
}
|
||||
dh->flags &= ~DH_FLAG_CACHE_MONT_P;
|
||||
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@
|
|||
* PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
/* $Id: openssldsa_link.c,v 1.10 2002/02/27 22:12:02 bwelling Exp $ */
|
||||
/* $Id: openssldsa_link.c,v 1.11 2002/03/19 04:30:56 marka Exp $ */
|
||||
|
||||
#ifdef OPENSSL
|
||||
|
||||
|
|
@ -33,6 +33,7 @@
|
|||
#include <dst/result.h>
|
||||
|
||||
#include "dst_internal.h"
|
||||
#include "dst_openssl.h"
|
||||
#include "dst_parse.h"
|
||||
|
||||
#include <openssl/dsa.h>
|
||||
|
|
@ -96,7 +97,7 @@ openssldsa_sign(dst_context_t *dctx, isc_buffer_t *sig) {
|
|||
|
||||
dsasig = DSA_do_sign(digest, ISC_SHA1_DIGESTLENGTH, dsa);
|
||||
if (dsasig == NULL)
|
||||
return (DST_R_SIGNFAILURE);
|
||||
return (dst__openssl_toresult(DST_R_SIGNFAILURE));
|
||||
|
||||
*r.base++ = (key->key_size - 512)/64;
|
||||
BN_bn2bin_fixed(dsasig->r, r.base, ISC_SHA1_DIGESTLENGTH);
|
||||
|
|
@ -134,7 +135,7 @@ openssldsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
|
|||
status = DSA_do_verify(digest, ISC_SHA1_DIGESTLENGTH, dsasig, dsa);
|
||||
DSA_SIG_free(dsasig);
|
||||
if (status == 0)
|
||||
return (DST_R_VERIFYFAILURE);
|
||||
return (dst__openssl_toresult(DST_R_VERIFYFAILURE));
|
||||
|
||||
return (ISC_R_SUCCESS);
|
||||
}
|
||||
|
|
@ -187,11 +188,11 @@ openssldsa_generate(dst_key_t *key, int unused) {
|
|||
NULL, NULL);
|
||||
|
||||
if (dsa == NULL)
|
||||
return (DST_R_OPENSSLFAILURE);
|
||||
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
|
||||
|
||||
if (DSA_generate_key(dsa) == 0) {
|
||||
DSA_free(dsa);
|
||||
return (DST_R_OPENSSLFAILURE);
|
||||
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
|
||||
}
|
||||
dsa->flags &= ~DSA_FLAG_CACHE_MONT_P;
|
||||
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@
|
|||
|
||||
/*
|
||||
* Principal Author: Brian Wellington
|
||||
* $Id: opensslrsa_link.c,v 1.22 2002/02/27 22:12:04 bwelling Exp $
|
||||
* $Id: opensslrsa_link.c,v 1.23 2002/03/19 04:30:57 marka Exp $
|
||||
*/
|
||||
#ifdef OPENSSL
|
||||
|
||||
|
|
@ -33,6 +33,7 @@
|
|||
#include <dst/result.h>
|
||||
|
||||
#include "dst_internal.h"
|
||||
#include "dst_openssl.h"
|
||||
#include "dst_parse.h"
|
||||
|
||||
#include <openssl/err.h>
|
||||
|
|
@ -142,10 +143,8 @@ opensslrsa_sign(dst_context_t *dctx, isc_buffer_t *sig) {
|
|||
}
|
||||
|
||||
status = RSA_sign(type, digest, digestlen, r.base, &siglen, rsa);
|
||||
if (status == 0) {
|
||||
ERR_clear_error();
|
||||
return (DST_R_SIGNFAILURE);
|
||||
}
|
||||
if (status == 0)
|
||||
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
|
||||
|
||||
isc_buffer_add(sig, siglen);
|
||||
|
||||
|
|
@ -182,10 +181,8 @@ opensslrsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
|
|||
|
||||
status = RSA_verify(type, digest, digestlen, sig->base,
|
||||
RSA_size(rsa), rsa);
|
||||
if (status == 0) {
|
||||
ERR_clear_error();
|
||||
return (DST_R_VERIFYFAILURE);
|
||||
}
|
||||
if (status == 0)
|
||||
return (dst__openssl_toresult(DST_R_VERIFYFAILURE));
|
||||
|
||||
return (ISC_R_SUCCESS);
|
||||
}
|
||||
|
|
@ -232,10 +229,8 @@ opensslrsa_generate(dst_key_t *key, int exp) {
|
|||
else
|
||||
e = RSA_F4;
|
||||
rsa = RSA_generate_key(key->key_size, e, NULL, NULL);
|
||||
if (rsa == NULL) {
|
||||
ERR_clear_error();
|
||||
return (DST_R_OPENSSLFAILURE);
|
||||
}
|
||||
if (rsa == NULL)
|
||||
return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
|
||||
SET_FLAGS(rsa);
|
||||
key->opaque = rsa;
|
||||
|
||||
|
|
|
|||
|
|
@ -1806,6 +1806,7 @@
|
|||
./lib/dns/sec/dst/dst_api.c C.NAI 1999,2000,2001,2002
|
||||
./lib/dns/sec/dst/dst_internal.h C.NAI 2000,2001
|
||||
./lib/dns/sec/dst/dst_lib.c C 1999,2000,2001
|
||||
./lib/dns/sec/dst/dst_openssl.h C 2002
|
||||
./lib/dns/sec/dst/dst_parse.c C.NAI 1999,2000,2001,2002
|
||||
./lib/dns/sec/dst/dst_parse.h C.NAI 2000,2001
|
||||
./lib/dns/sec/dst/dst_result.c C 1999,2000,2001
|
||||
|
|
|
|||
Loading…
Reference in a new issue