[Git][NTPsec/ntpsec][master] Fix for bugs found by ci
Hal Murray (@hal.murray)
gitlab at mg.gitlab.com
Fri Mar 24 09:47:50 UTC 2023
Hal Murray pushed to branch master at NTPsec / ntpsec
Commits:
addd98fa by Hal Murray at 2023-03-24T02:46:28-07:00
Fix for bugs found by ci
OpenSSL 3.0.2 doesn't support the new use pattern.
- - - - -
1 changed file:
- libntp/macencrypt.c
Changes:
=====================================
libntp/macencrypt.c
=====================================
@@ -86,7 +86,13 @@ cmac_encrypt(
#if OPENSSL_VERSION_NUMBER > 0x20000000L
EVP_MAC_CTX *ctx = auth->mac_ctx;
+#if OPENSSL_VERSION_NUMBER > 0x30000020L
if (0 == EVP_MAC_init(ctx, NULL, 0, NULL)) {
+#else
+// Bug in OpenSSL 3.0.2
+// Need to reload key which is slow. See attic/cmac-timing
+ if (0 == EVP_MAC_init(ctx, auth->key, auth->key_size, NULL)) {
+#endif
unsigned long err = ERR_get_error();
char * str = ERR_error_string(err, NULL);
msyslog(LOG_ERR, "encrypt: EVP_MAC_init() failed: %s.", str);
@@ -141,7 +147,13 @@ cmac_decrypt(
#if OPENSSL_VERSION_NUMBER > 0x20000000L
EVP_MAC_CTX *ctx = auth->mac_ctx;
+#if OPENSSL_VERSION_NUMBER > 0x30000020L
if (0 == EVP_MAC_init(ctx, NULL, 0, NULL)) {
+#else
+// Bug in OpenSSL 3.0.2
+// Need to reload key which is slow. See attic/cmac-timing
+ if (0 == EVP_MAC_init(ctx, auth->key, auth->key_size, NULL)) {
+#endif
unsigned long err = ERR_get_error();
char * str = ERR_error_string(err, NULL);
msyslog(LOG_ERR, "decrypt: EVP_MAC_init() failed: %s.", str);
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/commit/addd98faeb0bd132294aa4294cf80c53afbacd2d
--
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/commit/addd98faeb0bd132294aa4294cf80c53afbacd2d
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20230324/260643da/attachment-0003.htm>
More information about the vc
mailing list