From: Neil Conway <neilc@samurai.com>
Date: Sun, 13 Mar 2005 23:46:27 +0000 (+0000)
Subject: Some builds (depends on crypto engine support?) of OpenSSL
X-Git-Tag: REL7_2_8~10
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=826f14f6d319d02f1de8dd4cbcaa7112a6e9d2ff;p=postgresql

Some builds (depends on crypto engine support?) of OpenSSL
0.9.7x have EVP_DigestFinal function which which clears all of
EVP_MD_CTX.  This makes pgcrypto crash in functions which
re-use one digest context several times: hmac() and crypt()
with md5 algorithm.

Following patch fixes it by carring the digest info around
EVP_DigestFinal and re-initializing cipher.

Marko Kreen.
---

diff --git a/contrib/pgcrypto/openssl.c b/contrib/pgcrypto/openssl.c
index 689b150e81..51b57bbf30 100644
--- a/contrib/pgcrypto/openssl.c
+++ b/contrib/pgcrypto/openssl.c
@@ -26,7 +26,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $Id: openssl.c,v 1.10.2.1 2005/03/13 23:42:07 neilc Exp $
+ * $Id: openssl.c,v 1.10.2.2 2005/03/13 23:46:27 neilc Exp $
  */
 
 #include <postgres.h>
@@ -73,8 +73,15 @@ static void
 digest_finish(PX_MD * h, uint8 *dst)
 {
 	EVP_MD_CTX *ctx = (EVP_MD_CTX *) h->p.ptr;
+	const EVP_MD *md = EVP_MD_CTX_md(ctx);
 
 	EVP_DigestFinal(ctx, dst, NULL);
+
+	/*
+	 * Some builds of 0.9.7x clear all of ctx in EVP_DigestFinal.
+	 * Fix it by reinitializing ctx.
+	 */
+	EVP_DigestInit(ctx, md);
 }
 
 static void