From 17dd9a2c6262c00800301fddd9441a9c590a630e Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Wed, 6 Sep 2023 07:13:26 +0200
Subject: OSSL_STORE: Fix error flag clearing and setting (provider path only)

When the provider's load function returned with an error, the libcrypto
error flag was only set if EOF hadn't been reached.  This is troublesome,
as an error can very well occur during the last load before EOF is reached!

Also, the error flag was never reset, even though documentation specifies
that it should indicate an error in the last load (i.e. not the one before
that).

Fixes #21968

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21976)
---
 crypto/store/store_lib.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'crypto')

diff --git a/crypto/store/store_lib.c b/crypto/store/store_lib.c
index fcacf687e6..0e805062ac 100644
--- a/crypto/store/store_lib.c
+++ b/crypto/store/store_lib.c
@@ -428,14 +428,14 @@ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx)
 
             load_data.v = NULL;
             load_data.ctx = ctx;
+            ctx->error_flag = 0;
 
             if (!ctx->fetched_loader->p_load(ctx->loader_ctx,
                                              ossl_store_handle_load_result,
                                              &load_data,
                                              ossl_pw_passphrase_callback_dec,
                                              &ctx->pwdata)) {
-                if (!OSSL_STORE_eof(ctx))
-                    ctx->error_flag = 1;
+                ctx->error_flag = 1;
                 return NULL;
             }
             v = load_data.v;
-- 
cgit v1.2.3