diff options
author | Schüller Felix <F.Schueller@infodas.de> | 2016-03-18 19:20:34 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2016-03-19 01:02:02 +0000 |
commit | c6aca19bb5541883cf8233b03d92e9ef6d91357c (patch) | |
tree | f2a8072fc3c2652cb6742411e18c0e91fb98e005 /apps/req.c | |
parent | 769777b0a24c77377c612d84537c40a2b55abfa6 (diff) | |
download | openssl-new-c6aca19bb5541883cf8233b03d92e9ef6d91357c.tar.gz |
Don't free up EVP_MD_CTX.
Don't free up passed EVP_MD_CTX in ASN1_item_sign_ctx(). This
simplifies handling and retains compatiblity with previous behaviour.
PR#4446
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
Diffstat (limited to 'apps/req.c')
-rw-r--r-- | apps/req.c | 18 |
1 files changed, 3 insertions, 15 deletions
diff --git a/apps/req.c b/apps/req.c index b128fa8c3e..edf998ba70 100644 --- a/apps/req.c +++ b/apps/req.c @@ -1523,13 +1523,9 @@ int do_X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md, EVP_MD_CTX *mctx = EVP_MD_CTX_new(); rv = do_sign_init(mctx, pkey, md, sigopts); - /* Note: X509_sign_ctx() calls ASN1_item_sign_ctx(), which destroys - * the EVP_MD_CTX we send it, so only destroy it here if the former - * isn't called */ if (rv > 0) rv = X509_sign_ctx(x, mctx); - else - EVP_MD_CTX_free(mctx); + EVP_MD_CTX_free(mctx); return rv > 0 ? 1 : 0; } @@ -1539,13 +1535,9 @@ int do_X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md, int rv; EVP_MD_CTX *mctx = EVP_MD_CTX_new(); rv = do_sign_init(mctx, pkey, md, sigopts); - /* Note: X509_REQ_sign_ctx() calls ASN1_item_sign_ctx(), which destroys - * the EVP_MD_CTX we send it, so only destroy it here if the former - * isn't called */ if (rv > 0) rv = X509_REQ_sign_ctx(x, mctx); - else - EVP_MD_CTX_free(mctx); + EVP_MD_CTX_free(mctx); return rv > 0 ? 1 : 0; } @@ -1555,12 +1547,8 @@ int do_X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md, int rv; EVP_MD_CTX *mctx = EVP_MD_CTX_new(); rv = do_sign_init(mctx, pkey, md, sigopts); - /* Note: X509_CRL_sign_ctx() calls ASN1_item_sign_ctx(), which destroys - * the EVP_MD_CTX we send it, so only destroy it here if the former - * isn't called */ if (rv > 0) rv = X509_CRL_sign_ctx(x, mctx); - else - EVP_MD_CTX_free(mctx); + EVP_MD_CTX_free(mctx); return rv > 0 ? 1 : 0; } |