diff options
author | Matt Caswell <matt@openssl.org> | 2020-03-20 12:00:12 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-03-27 11:12:27 +0000 |
commit | 5fcb97c61e6796b20c8ee1b0daab25151bf65bd0 (patch) | |
tree | 8ae24140b4f7501baf529149b34ae49b8ee78a78 /ssl/ssl_lib.c | |
parent | 6b1e5fa4873ff2f7741f996961f26ab9818ee190 (diff) |
Ignore some fetch failures
Some fetch failurs are ok and should be ignored.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11405)
Diffstat (limited to 'ssl/ssl_lib.c')
-rw-r--r-- | ssl/ssl_lib.c | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index a1c3987962..a08ddb138b 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -5848,6 +5848,8 @@ const EVP_CIPHER *ssl_evp_cipher_fetch(OPENSSL_CTX *libctx, int nid, const char *properties) { + EVP_CIPHER *ciph; + #ifndef OPENSSL_NO_ENGINE ENGINE *eng; @@ -5862,8 +5864,11 @@ const EVP_CIPHER *ssl_evp_cipher_fetch(OPENSSL_CTX *libctx, } #endif - /* Otherwise we do an explicit fetch */ - return EVP_CIPHER_fetch(libctx, OBJ_nid2sn(nid), properties); + /* Otherwise we do an explicit fetch. This may fail and that could be ok */ + ERR_set_mark(); + ciph = EVP_CIPHER_fetch(libctx, OBJ_nid2sn(nid), properties); + ERR_pop_to_mark(); + return ciph; } @@ -5898,6 +5903,8 @@ const EVP_MD *ssl_evp_md_fetch(OPENSSL_CTX *libctx, int nid, const char *properties) { + EVP_MD *md; + #ifndef OPENSSL_NO_ENGINE ENGINE *eng; @@ -5913,7 +5920,10 @@ const EVP_MD *ssl_evp_md_fetch(OPENSSL_CTX *libctx, #endif /* Otherwise we do an explicit fetch */ - return EVP_MD_fetch(libctx, OBJ_nid2sn(nid), properties); + ERR_set_mark(); + md = EVP_MD_fetch(libctx, OBJ_nid2sn(nid), properties); + ERR_pop_to_mark(); + return md; } int ssl_evp_md_up_ref(const EVP_MD *md) |