diff options
author | Jon Simons <jon@jonsimons.org> | 2017-07-10 17:20:33 -0400 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2017-07-13 19:28:59 +0200 |
commit | 25384e9558c2e79086340a4551d90c08c6efae82 (patch) | |
tree | e02058e76b636656cb0dd5327e021c6c73409a9d /src | |
parent | 0cb2974bd8c64913fe87caa2e3d7c4dc60c7242e (diff) | |
download | libssh-25384e9558c2e79086340a4551d90c08c6efae82.tar.gz libssh-25384e9558c2e79086340a4551d90c08c6efae82.tar.xz libssh-25384e9558c2e79086340a4551d90c08c6efae82.zip |
libcrypto-compat: fix HMAC_CTX_free for OpenSSL < 1.1.0
On older OpenSSL versions, the EVP_MD_CTX fields within an HMAC_CTX
structure are contained inlined (change here [1]): be sure to not
try to free those fields on those builds.
Found running the `pkd_hello` test with:
valgrind ./pkd_hello -i1 -t torture_pkd_openssh_dsa_rsa_default
^ valgrind will cite "Invalid free() ..." errors which are present
before this fix and absent after, when building with OpenSSL 1.0.1.
[1] https://github.com/openssl/openssl/commit/6e59a892db781658c050e5217127c4147c116ac9
Signed-off-by: Jon Simons <jon@jonsimons.org>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/libcrypto-compat.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/libcrypto-compat.c b/src/libcrypto-compat.c index 3e1bc71a..45dffbb4 100644 --- a/src/libcrypto-compat.c +++ b/src/libcrypto-compat.c @@ -304,9 +304,11 @@ void HMAC_CTX_free(HMAC_CTX *ctx) { if (ctx != NULL) { hmac_ctx_cleanup(ctx); +#if OPENSSL_VERSION_NUMBER > 0x10100000L EVP_MD_CTX_free(&ctx->i_ctx); EVP_MD_CTX_free(&ctx->o_ctx); EVP_MD_CTX_free(&ctx->md_ctx); +#endif OPENSSL_free(ctx); } } |