CVSROOT: /cvs
Module name: src
Changes by: t...@cvs.openbsd.org 2023/08/12 00:14:36
Modified files:
lib/libcrypto/dh: dh_lib.c
lib/libcrypto/dsa: dsa_lib.c
Log message:
Convert {DH,DSA}_new_method() to using calloc()
Due to OPENSSL_NO_ENGINE the engine member of dh and dsa is currently
uninitialized. As a consequence, {DH,DSA}_get0_engine() will return a
garbage pointer, which is particularly bad because the only reason we
kept them in the first place is that they are used by some software...
A side effect of freeing with {DH,DSA}_free() instead of a hand-rolled
version is that we may call ->meth->finish() before ->meth->init() was
called. We need a NULL check for ->meth to be on the safe side in case
we should need to bring ENGINE back.
with nits from djm
ok deraadt djm
