aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJon Simons <jon@jonsimons.org>2017-07-10 17:20:33 -0400
committerAndreas Schneider <asn@cryptomilk.org>2018-06-29 17:08:54 +0200
commit1a5b6ac4727f83c7650aa3d527b098175d8f4147 (patch)
tree1caed3b84eb78d5b5fea2fe5315bf1bdb3b80560
parent0dd7a963a9ba7cdb74d6d2d5d439f4f1cfb413a5 (diff)
downloadlibssh-1a5b6ac4727f83c7650aa3d527b098175d8f4147.tar.gz
libssh-1a5b6ac4727f83c7650aa3d527b098175d8f4147.tar.xz
libssh-1a5b6ac4727f83c7650aa3d527b098175d8f4147.zip
libcrypto-compat: fix HMAC_CTX_free for OpenSSL < 1.1.0
On older OpenSSL versions, the EVP_MD_CTX fields within an HMAC_CTX structure are contained inlined (change here [1]): be sure to not try to free those fields on those builds. Found running the `pkd_hello` test with: valgrind ./pkd_hello -i1 -t torture_pkd_openssh_dsa_rsa_default ^ valgrind will cite "Invalid free() ..." errors which are present before this fix and absent after, when building with OpenSSL 1.0.1. [1] https://github.com/openssl/openssl/commit/6e59a892db781658c050e5217127c4147c116ac9 Cherry-picked from 25384e9558c2e79086340a4551d90c08c6efae82 Signed-off-by: Jon Simons <jon@jonsimons.org> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r--src/libcrypto-compat.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/src/libcrypto-compat.c b/src/libcrypto-compat.c
index 1c4da31c..4b1f36a5 100644
--- a/src/libcrypto-compat.c
+++ b/src/libcrypto-compat.c
@@ -302,9 +302,11 @@ void HMAC_CTX_free(HMAC_CTX *ctx)
{
if (ctx != NULL) {
hmac_ctx_cleanup(ctx);
+#if OPENSSL_VERSION_NUMBER > 0x10100000L
EVP_MD_CTX_free(&ctx->i_ctx);
EVP_MD_CTX_free(&ctx->o_ctx);
EVP_MD_CTX_free(&ctx->md_ctx);
+#endif
OPENSSL_free(ctx);
}
}