www.libssh2.org | Daily snapshots | Mailing list archive | Docs | Examples | github

Archive Index This month's Index

Subject: [libssh2] #279: libssh2 core dumps with FIPS openssl libraries

[libssh2] #279: libssh2 core dumps with FIPS openssl libraries

From: libssh2 Trac <trac_at_libssh2.stuge.se>
Date: Wed, 13 Nov 2013 00:35:06 -0000

#279: libssh2 core dumps with FIPS openssl libraries
----------------------------+--------------------
 Reporter: Mark_McPherson | Owner:
     Type: defect | Status: new
 Priority: high | Milestone: 1.4.3
Component: crypto | Version: 1.4.2
 Keywords: FIPS OpenSSL | Blocked By:
   Blocks: |
----------------------------+--------------------
 Using:
 libssh2 - 1.4.3
 OpenSSL - 1.0.1e
 OpenSSL FIPS module - 2.0.5

 When using the OpenSSL libraries in FIPS mode, the function call
 EVP_DigestInit() is actually #defined to FIPS_digestinit().
 Unfortunately wheres EVP_DigestInit() initialises the context and then
 calls EVP_DigestInit_ex(), this function assumes that the context has been
 pre-initialised and crashes when it isn't.

 The fix is to pre-initialise the context using EVP_MD_CTX_init() before
 calling EVP_DigestInit.

 I attach a patch to openssl.h/.c to fix this problem.

-- 
Ticket URL: <https://trac.libssh2.org/ticket/279>
libssh2 <https://trac.libssh2.org/>
C library for writing portable SSH2 clients
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2013-11-13

the libssh2 team