mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-29 10:08:59 +00:00
d868d0a5d7
This version fixes 3 low-severity vulnerabilities: - CVE-2019-1547: ECDSA remote timing attack - CVE-2019-1549: Fork Protection - CVE-2019-1563: Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey Patches were refreshed. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
27 lines
1.0 KiB
Diff
27 lines
1.0 KiB
Diff
From b6b2744f06f64922b449b3cb4bf0ad3df3efba71 Mon Sep 17 00:00:00 2001
|
|
From: Eneas U de Queiroz <cote2004-github@yahoo.com>
|
|
Date: Mon, 11 Mar 2019 10:15:14 -0300
|
|
Subject: e_devcrypto: ignore error when closing session
|
|
|
|
In cipher_init, ignore an eventual error when closing the previous
|
|
session. It may have been closed by another process after a fork.
|
|
|
|
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
|
|
|
|
diff --git a/engines/e_devcrypto.c b/engines/e_devcrypto.c
|
|
index 7741138b82..2480bdbd57 100644
|
|
--- a/engines/e_devcrypto.c
|
|
+++ b/engines/e_devcrypto.c
|
|
@@ -197,9 +197,8 @@ static int cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
|
|
get_cipher_data(EVP_CIPHER_CTX_nid(ctx));
|
|
|
|
/* cleanup a previous session */
|
|
- if (cipher_ctx->sess.ses != 0 &&
|
|
- clean_devcrypto_session(&cipher_ctx->sess) == 0)
|
|
- return 0;
|
|
+ if (cipher_ctx->sess.ses != 0)
|
|
+ clean_devcrypto_session(&cipher_ctx->sess);
|
|
|
|
cipher_ctx->sess.cipher = cipher_d->devcryptoid;
|
|
cipher_ctx->sess.keylen = cipher_d->keylen;
|