Some builds (depends on crypto engine support?) of OpenSSL

0.9.7x have EVP_DigestFinal function which which clears all of
EVP_MD_CTX.  This makes pgcrypto crash in functions which
re-use one digest context several times: hmac() and crypt()
with md5 algorithm.

Following patch fixes it by carring the digest info around
EVP_DigestFinal and re-initializing cipher.

Marko Kreen.

diff --git a/contrib/pgcrypto/openssl.c b/contrib/pgcrypto/openssl.c
index c44eea5a53469de239d782fae9eaf11cbb58442f..8d4e36215cdb1e304a42632764877bcfdf25e824 100644 (file)
--- a/contrib/pgcrypto/openssl.c
+++ b/contrib/pgcrypto/openssl.c
@@ -73,8 +73,15 @@ static void
 digest_finish(PX_MD * h, uint8 *dst)
 {
        EVP_MD_CTX *ctx = (EVP_MD_CTX *) h->p.ptr;
+       const EVP_MD *md = EVP_MD_CTX_md(ctx);
 
        EVP_DigestFinal(ctx, dst, NULL);
+
+       /*
+        * Some builds of 0.9.7x clear all of ctx in EVP_DigestFinal.
+        * Fix it by reinitializing ctx.
+        */
+       EVP_DigestInit(ctx, md);
 }
 
 static void