mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-27 05:21:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

Improve diagnostics on setting groups

Browse Source 
- If keymgmmt is not available, it's not an error but the error message
  persists in stack
- when setting groups, it's worth saying which group is not available
Fixes #18585

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18591)
This commit is contained in:
Dmitry Belyavskiy 2022-06-17 10:08:22 +02:00 committed by Pauli
parent 386ab7f1fe
commit ce8822b7e5
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ssl/t1_lib.c
View File

@ -343,6 +343,7 @@ static int add_provider_groups(const OSSL_PARAM params[], void *data)
* it.
*/
ret = 1;
ERR_set_mark();
keymgmt = EVP_KEYMGMT_fetch(ctx->libctx, ginf->algorithm, ctx->propq);
if (keymgmt != NULL) {
/*
@ -364,6 +365,7 @@ static int add_provider_groups(const OSSL_PARAM params[], void *data)
}
EVP_KEYMGMT_free(keymgmt);
}
ERR_pop_to_mark();
err:
if (ginf != NULL) {
OPENSSL_free(ginf->tlsname);
@ -766,8 +768,11 @@ static int gid_cb(const char *elem, int len, void *arg)
etmp[len] = 0;
gid = tls1_group_name2id(garg->ctx, etmp);
if (gid == 0)
if (gid == 0) {
ERR_raise_data(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT,
"group '%s' cannot be set", etmp);
return 0;
}
for (i = 0; i < garg->gidcnt; i++)
if (garg->gid_arr[i] == gid)
return 0;