This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author vstinner
Recipients christian.heimes, vstinner
Date 2019-03-11.16:29:19
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1552321759.27.0.174966917328.issue36263@roundup.psfhosted.org>
In-reply-to
Content 
Oh, the Fedora package of OpenSSL 1.1.1b includes this downstream patch:

https://src.fedoraproject.org/rpms/openssl/blob/master/f/openssl-1.1.1-evp-kdf.patch

Extract of the changelog:

* Thu Feb 28 2019 Tomáš Mráz <tmraz@redhat.com> 1.1.1b-1
- update to the 1.1.1b release
- EVP_KDF API backport from master
- SSH KDF implementation for EVP_KDF API backport from master

The patch changes the behavior for (salt=NULL, saltlen=0). Previously, it was handled as (salt="", saltlen=0), but now the function fails with "missing salt".

The patch has code to handle (pass=NULL, passlen=any value) as (pass="", passlen=0):

https://src.fedoraproject.org/rpms/openssl/blob/master/f/openssl-1.1.1-evp-kdf.patch#_705

+    /* Maintain existing behaviour. */
+    if (pass == NULL) {
+        pass = empty;
+        passlen = 0;
     }
History
Date User Action Args
2019-03-11 16:29:19vstinnersetrecipients: + vstinner, christian.heimes
2019-03-11 16:29:19vstinnersetmessageid: <1552321759.27.0.174966917328.issue36263@roundup.psfhosted.org>
2019-03-11 16:29:19vstinnerlinkissue36263 messages
2019-03-11 16:29:19vstinnercreate