From dc4ccc70245be870e2ef2e382d16234673bf28cf Mon Sep 17 00:00:00 2001
From: Yuri Penkin <yura.penkin@gmail.com>
Date: Tue, 23 May 2023 23:32:23 +0300
Subject: Ignore the fetch error when a legacy algorithm is found

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/21035)

(cherry picked from commit cb1f87f59d0b290eca9207ec4ef36d8073e6feec)
---
 crypto/evp/p5_crpt2.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'crypto/evp')

diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c
index 33763b18af..d9a81f23b8 100644
--- a/crypto/evp/p5_crpt2.c
+++ b/crypto/evp/p5_crpt2.c
@@ -231,13 +231,16 @@ int PKCS5_v2_PBKDF2_keyivgen_ex(EVP_CIPHER_CTX *ctx, const char *pass,
         goto err;
     }
 
+    (void)ERR_set_mark();
     prfmd = prfmd_fetch = EVP_MD_fetch(libctx, OBJ_nid2sn(hmac_md_nid), propq);
     if (prfmd == NULL)
         prfmd = EVP_get_digestbynid(hmac_md_nid);
     if (prfmd == NULL) {
+        (void)ERR_clear_last_mark();
         ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_PRF);
         goto err;
     }
+    (void)ERR_pop_to_mark();
 
     if (kdf->salt->type != V_ASN1_OCTET_STRING) {
         ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_SALT_TYPE);
-- 
cgit v1.2.3