Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

OpenSSL: Fix OpenSSL 1.1.0 DH operation

Commit 49fe2ada20d5fd53c0388442d23e7f03086f4d57 ('OpenSSL: Support
OpenSSL 1.1.0 DH opacity') started using the new accessor functions, but
used incorrect success check for the DH_set0_key() call. This resulted
in dh5_init_fixed() failures and double-free on error path if the build
was linked against OpenSSL 1.1.0. Fix this by checking DH_set0_key()
return value to be 1 for the success case.

Signed-off-by: Jouni Malinen <j@w1.fi>
Jouni Malinen 8 years ago
parent
ec9812e7e7
commit
460e5cdf43
1 changed files with 1 additions and 1 deletions
Split View Show Diff Stats
  1. 1 1
      src/crypto/crypto_openssl.c

+ 1 - 1
src/crypto/crypto_openssl.c
View File 

@@ -754,7 +754,7 @@ err:
 
 
 	priv_key = BN_bin2bn(wpabuf_head(priv), wpabuf_len(priv), NULL);
 
 	pub_key = BN_bin2bn(wpabuf_head(publ), wpabuf_len(publ), NULL);
 
-	if (!priv_key || !pub_key || DH_set0_key(dh, pub_key, priv_key) != 0)
 
+	if (!priv_key || !pub_key || DH_set0_key(dh, pub_key, priv_key) != 1)
 
 		goto err;
 
 	pub_key = NULL;
 
 	priv_key = NULL;