public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed
From: Tomas Mraz <tmraz@fedoraproject.org>
To: git-commits@fedoraproject.org
Subject: [rpms/openssl] rebase_40beta: do not break contract on return value when using dsa_builtin_paramgen2()
Date: Tue, 09 Jun 2026 12:43:53 GMT [thread overview]
Message-ID: <178100903347.1.15529954027422880777.rpms-openssl-c7fc8d6daa11@fedoraproject.org> (raw)
A new commit has been pushed.
Repo : rpms/openssl
Branch : rebase_40beta
Commit : c7fc8d6daa1128187f9925215fc03c9c0700a2c9
Author : Tomas Mraz <tmraz@fedoraproject.org>
Date : 2016-10-17T13:06:36+02:00
Stats : +23/-2 in 2 file(s)
URL : https://src.fedoraproject.org/rpms/openssl/c/c7fc8d6daa1128187f9925215fc03c9c0700a2c9?branch=rebase_40beta
Log:
do not break contract on return value when using dsa_builtin_paramgen2()
---
diff --git a/openssl-1.1.0-fips.patch b/openssl-1.1.0-fips.patch
index 215ef87..fac9fbf 100644
--- a/openssl-1.1.0-fips.patch
+++ b/openssl-1.1.0-fips.patch
@@ -388,7 +388,16 @@ diff -up openssl-1.1.0/crypto/dsa/dsa_gen.c.fips openssl-1.1.0/crypto/dsa/dsa_ge
int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
const EVP_MD *evpmd, const unsigned char *seed_in,
-@@ -315,6 +344,20 @@ int dsa_builtin_paramgen2(DSA *ret, size
+@@ -301,7 +330,7 @@ int dsa_builtin_paramgen2(DSA *ret, size
+ int *counter_ret, unsigned long *h_ret,
+ BN_GENCB *cb)
+ {
+- int ok = -1;
++ int ok = 0;
+ unsigned char *seed = NULL, *seed_tmp = NULL;
+ unsigned char md[EVP_MAX_MD_SIZE];
+ int mdsize;
+@@ -318,6 +347,20 @@ int dsa_builtin_paramgen2(DSA *ret, size
if (mctx == NULL)
goto err;
@@ -409,6 +418,15 @@ diff -up openssl-1.1.0/crypto/dsa/dsa_gen.c.fips openssl-1.1.0/crypto/dsa/dsa_ge
if (evpmd == NULL) {
if (N == 160)
evpmd = EVP_sha1();
+@@ -579,7 +622,7 @@ int dsa_builtin_paramgen2(DSA *ret, size
+ BN_free(ret->g);
+ ret->g = BN_dup(g);
+ if (ret->p == NULL || ret->q == NULL || ret->g == NULL) {
+- ok = -1;
++ ok = 0;
+ goto err;
+ }
+ if (counter_ret != NULL)
diff -up openssl-1.1.0/crypto/dsa/dsa_key.c.fips openssl-1.1.0/crypto/dsa/dsa_key.c
--- openssl-1.1.0/crypto/dsa/dsa_key.c.fips 2016-08-25 17:29:20.000000000 +0200
+++ openssl-1.1.0/crypto/dsa/dsa_key.c 2016-09-08 11:37:38.735459940 +0200
diff --git a/openssl.spec b/openssl.spec
index e397c23..48fc0d3 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -22,7 +22,7 @@
Summary: Utilities from the general purpose cryptography library with TLS implementation
Name: openssl
Version: 1.1.0b
-Release: 2%{?dist}
+Release: 3%{?dist}
Epoch: 1
# We have to remove certain patented algorithms from the openssl source
# tarball with the hobble-openssl script which is included below.
@@ -425,6 +425,9 @@ export LD_LIBRARY_PATH
%postun libs -p /sbin/ldconfig
%changelog
+* Wed Oct 12 2016 Tomáš Mráz <tmraz@redhat.com> 1.1.0b-3
+- do not break contract on return value when using dsa_builtin_paramgen2()
+
* Wed Oct 12 2016 Tomáš Mráz <tmraz@redhat.com> 1.1.0b-2
- fix afalg failure on big endian
reply other threads:[~2026-06-09 12:43 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=178100903347.1.15529954027422880777.rpms-openssl-c7fc8d6daa11@fedoraproject.org \
--to=tmraz@fedoraproject.org \
--cc=git-commits@fedoraproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox