diff options
author | Dmitry Belyavskiy <beldmit@gmail.com> | 2022-06-17 10:08:22 +0200 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2022-06-22 16:59:05 +1000 |
commit | ce8822b7e5f4fdf836677faee336a5cf996d4363 (patch) | |
tree | a7a2a8d97f1acf87ed808683098c3423c1feb5bf /ssl/t1_lib.c | |
parent | 386ab7f1fefdd77521e670d9593e9894e2774be0 (diff) |
Improve diagnostics on setting groups
- If keymgmmt is not available, it's not an error but the error message
persists in stack
- when setting groups, it's worth saying which group is not available
Fixes #18585
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18591)
Diffstat (limited to 'ssl/t1_lib.c')
-rw-r--r-- | ssl/t1_lib.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index d73bdffb62..44204de0e6 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -343,6 +343,7 @@ static int add_provider_groups(const OSSL_PARAM params[], void *data) * it. */ ret = 1; + ERR_set_mark(); keymgmt = EVP_KEYMGMT_fetch(ctx->libctx, ginf->algorithm, ctx->propq); if (keymgmt != NULL) { /* @@ -364,6 +365,7 @@ static int add_provider_groups(const OSSL_PARAM params[], void *data) } EVP_KEYMGMT_free(keymgmt); } + ERR_pop_to_mark(); err: if (ginf != NULL) { OPENSSL_free(ginf->tlsname); @@ -766,8 +768,11 @@ static int gid_cb(const char *elem, int len, void *arg) etmp[len] = 0; gid = tls1_group_name2id(garg->ctx, etmp); - if (gid == 0) + if (gid == 0) { + ERR_raise_data(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT, + "group '%s' cannot be set", etmp); return 0; + } for (i = 0; i < garg->gidcnt; i++) if (garg->gid_arr[i] == gid) return 0; |