1 files changed, 12 insertions, 6 deletions

diff --git a/contrib/bind9/lib/dns/openssldh_link.c b/contrib/bind9/lib/dns/openssldh_link.c
index 71b4b12..9fe9bb5 100644
--- a/contrib/bind9/lib/dns/openssldh_link.c
+++ b/contrib/bind9/lib/dns/openssldh_link.c
@@ -1,5 +1,5 @@
 /*
- * Portions Copyright (C) 2004-2009, 2011  Internet Systems Consortium, Inc. ("ISC")
+ * Portions Copyright (C) 2004-2009, 2011, 2012  Internet Systems Consortium, Inc. ("ISC")
  * Portions Copyright (C) 1999-2002  Internet Software Consortium.
  *
  * Permission to use, copy, modify, and/or distribute this software for any
@@ -94,7 +94,8 @@ openssldh_computesecret(const dst_key_t *pub, const dst_key_t *priv,
 		return (ISC_R_NOSPACE);
 	ret = DH_compute_key(r.base, dhpub->pub_key, dhpriv);
 	if (ret == 0)
-		return (dst__openssl_toresult(DST_R_COMPUTESECRETFAILURE));
+		return (dst__openssl_toresult2("DH_compute_key",
+					       DST_R_COMPUTESECRETFAILURE));
 	isc_buffer_add(secret, len);
 	return (ISC_R_SUCCESS);
 }
@@ -204,7 +205,7 @@ openssldh_generate(dst_key_t *key, int generator, void (*callback)(int)) {
 #if OPENSSL_VERSION_NUMBER > 0x00908000L
 		dh = DH_new();
 		if (dh == NULL)
-			return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
+			return (dst__openssl_toresult(ISC_R_NOMEMORY));
 
 		if (callback == NULL) {
 			BN_GENCB_set_old(&cb, NULL, NULL);
@@ -216,7 +217,9 @@ openssldh_generate(dst_key_t *key, int generator, void (*callback)(int)) {
 		if (!DH_generate_parameters_ex(dh, key->key_size, generator,
 					       &cb)) {
 			DH_free(dh);
-			return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
+			return (dst__openssl_toresult2(
+					"DH_generate_parameters_ex",
+					DST_R_OPENSSLFAILURE));
 		}
 #else
 		dh = DH_generate_parameters(key->key_size, generator,
@@ -225,11 +228,13 @@ openssldh_generate(dst_key_t *key, int generator, void (*callback)(int)) {
 	}
 
 	if (dh == NULL)
-		return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
+		return (dst__openssl_toresult2("DH_generate_parameters",
+					       DST_R_OPENSSLFAILURE));
 
 	if (DH_generate_key(dh) == 0) {
 		DH_free(dh);
-		return (dst__openssl_toresult(DST_R_OPENSSLFAILURE));
+		return (dst__openssl_toresult2("DH_generate_key",
+					       DST_R_OPENSSLFAILURE));
 	}
 	dh->flags &= ~DH_FLAG_CACHE_MONT_P;
 
@@ -460,6 +465,7 @@ openssldh_tofile(const dst_key_t *key, const char *directory) {
 
 	dh = key->keydata.dh;
 
+	memset(bufs, 0, sizeof(bufs));
 	for (i = 0; i < 4; i++) {
 		bufs[i] = isc_mem_get(key->mctx, BN_num_bytes(dh->p));
 		if (bufs[i] == NULL) {