[pkg-opensc-commit] [libp11] 186/239: ECDSA reference count issues caused engine_pkcs11 to not shutdown
Eric Dorland
eric at moszumanska.debian.org
Sat Oct 17 06:21:32 UTC 2015
This is an automated email from the git hooks/post-receive script.
eric pushed a commit to branch master
in repository libp11.
commit 9b266fddef6ebf3eef59d5cd71aa098f7c84a37c
Author: Doug Engert <deengert at gmail.com>
Date: Wed May 27 14:17:51 2015 -0500
ECDSA reference count issues caused engine_pkcs11 to not shutdown
The engine_pkcs11 would not shutdown as expected, because
handling of the EC_KEY passed back to engine_pkcs11 was not being
created correctly. This would leave reference counts indicating the structure
was still in use, and the engine would not shutdown.
Now running valgrind has a chance of showing additional leaks.
openssl req was used to test the engine with RSA and ECDSA.
---
src/p11_ec.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/src/p11_ec.c b/src/p11_ec.c
index c5bad4e..87e619c 100644
--- a/src/p11_ec.c
+++ b/src/p11_ec.c
@@ -120,12 +120,13 @@ static int pkcs11_get_ec_private(PKCS11_KEY * key, EVP_PKEY * pk)
prkey = PKCS11_find_key_from_key(key);
}
-
- if (!(ec = EVP_PKEY_get1_EC_KEY(pk))) {
- ERR_clear_error(); /* the above flags an error */
+ if (pk->type == EVP_PKEY_EC) {
+ ec = EVP_PKEY_get1_EC_KEY(pk);
+ } else {
ec = EC_KEY_new();
EVP_PKEY_set1_EC_KEY(pk, ec);
}
+ /* After above ec has ref count incremented. */
if (prkey) {
if (key_getattr(prkey, CKA_SENSITIVE, &sensitive, sizeof(sensitive))
@@ -191,9 +192,12 @@ static int pkcs11_get_ec_private(PKCS11_KEY * key, EVP_PKEY * pk)
if (sensitive || !extractable) {
ECDSA_set_ex_data(ec, 0, key);
+ EC_KEY_free(ec); /* drops our reference to it. */
return 0;
}
+ if (ec)
+ EC_KEY_free(ec);
return -1;
}
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/libp11.git
More information about the pkg-opensc-commit
mailing list