[pkg-opensc-commit] [libp11] 73/86: Revert "Restored "const" EVP_PKEY objects"
Eric Dorland
eric at moszumanska.debian.org
Sun Jul 24 21:40:24 UTC 2016
This is an automated email from the git hooks/post-receive script.
eric pushed a commit to branch master
in repository libp11.
commit 96f7d5b32a3f66f3602b478bf3867a916e6bd0c9
Author: Michał Trojnara <Michal.Trojnara at stunnel.org>
Date: Fri Mar 18 12:41:24 2016 +0100
Revert "Restored "const" EVP_PKEY objects"
This reverts commit 88d357cf72bef79c1200f09a25ce3a0dcbdfbce7.
---
NEWS | 1 +
src/libp11.h | 4 ----
src/p11_key.c | 5 +++++
tests/fork-test.c | 6 ------
4 files changed, 6 insertions(+), 10 deletions(-)
diff --git a/NEWS b/NEWS
index ad5a2cb..abb92b2 100644
--- a/NEWS
+++ b/NEWS
@@ -14,6 +14,7 @@ New in 0.4.0; unreleased;
* Fixed deadlocks in keys and certificates listing (Brian Hinz)
* Use PKCS11_MODULE_PATH environment variable (Doug Engert)
* Added support for building against OpenSSL 1.1.0-dev (Doug Engert)
+* Returned EVP_PKEY objects are no longer "const" (Michał Trojnara)
* Fixed building against OpenSSL 0.9.8 (Michał Trojnara)
* Removed support for OpenSSL 0.9.7 (Michał Trojnara)
diff --git a/src/libp11.h b/src/libp11.h
index c4b5767..068cb83 100644
--- a/src/libp11.h
+++ b/src/libp11.h
@@ -256,8 +256,6 @@ extern int PKCS11_get_key_type(PKCS11_KEY *);
*
* @param key PKCS11_KEY object
* @retval !=NULL reference to EVP_PKEY object.
- * The returned EVP_PKEY object should be treated as const
- * and must not be freed.
* @retval NULL error
*/
extern EVP_PKEY *PKCS11_get_private_key(PKCS11_KEY *key);
@@ -267,8 +265,6 @@ extern EVP_PKEY *PKCS11_get_private_key(PKCS11_KEY *key);
*
* @param key PKCS11_KEY object
* @retval !=NULL reference to EVP_PKEY object.
- * The returned EVP_PKEY object should be treated as const
- * and must not be freed.
* @retval NULL error
*/
extern EVP_PKEY *PKCS11_get_public_key(PKCS11_KEY *key);
diff --git a/src/p11_key.c b/src/p11_key.c
index 5247cab..05538b9 100644
--- a/src/p11_key.c
+++ b/src/p11_key.c
@@ -298,6 +298,11 @@ EVP_PKEY *pkcs11_get_key(PKCS11_KEY *key, int isPrivate)
fprintf(stderr, "Missing CKA_ALWAYS_AUTHENTICATE attribute\n");
}
}
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ EVP_PKEY_up_ref(key->evp_key);
+#else
+ CRYPTO_add(&key->evp_key->references, 1, CRYPTO_LOCK_EVP_PKEY);
+#endif
return key->evp_key;
}
diff --git a/tests/fork-test.c b/tests/fork-test.c
index 17b6664..dd8e2ea 100644
--- a/tests/fork-test.c
+++ b/tests/fork-test.c
@@ -184,12 +184,6 @@ loggedin:
fprintf(stderr, "Could not extract the private key\n");
goto failed;
}
- /* allow the EVP_PKEY object to be freed normally */
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
- EVP_PKEY_up_ref(privkey);
-#else
- CRYPTO_add(&privkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
-#endif
/* sign on the PKCS#11 device */
md_ctx = EVP_MD_CTX_create();
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/libp11.git
More information about the pkg-opensc-commit
mailing list