[openssl] master update

Richard Levitte levitte at openssl.org
Tue Jun 4 15:34:34 UTC 2019 

The branch master has been updated
       via  98475995e1835f20ac4f4b83ec90a3e36fdb0861 (commit)
      from  f308fa2573b0320236cd2c2d73db37c49e3eb779 (commit)


- Log -----------------------------------------------------------------
commit 98475995e1835f20ac4f4b83ec90a3e36fdb0861
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Jun 4 16:15:46 2019 +0200

    EVP_DigestInit_ex(): drop previous context engine earlier
    
    If a EVP_MD_CTX holds a reference to a previously given engine, and
    the type of its digest isn't the same as the one given in the new
    call, drop that engine reference, allowing providers or other engines
    to provide the new algorithm on an equal basis.
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/9077)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/digest.c | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 89cd5c1..faa6ccf 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -129,6 +129,16 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
         (type == NULL || (type->type == ctx->digest->type)))
         goto skip_to_init;
 
+    if (type != NULL) {
+        /*
+         * Ensure an ENGINE left lying around from last time is cleared (the
+         * previous check attempted to avoid this if the same ENGINE and
+         * EVP_MD could be used).
+         */
+        ENGINE_finish(ctx->engine);
+        ctx->engine = NULL;
+    }
+
     if (type != NULL && impl == NULL)
         tmpimpl = ENGINE_get_digest_engine(type->type);
 #endif
@@ -202,12 +212,6 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
 
 #if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODE)
     if (type) {
-        /*
-         * Ensure an ENGINE left lying around from last time is cleared (the
-         * previous check attempted to avoid this if the same ENGINE and
-         * EVP_MD could be used).
-         */
-        ENGINE_finish(ctx->engine);
         if (impl != NULL) {
             if (!ENGINE_init(impl)) {
                 EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR);

More information about the openssl-commits mailing list