Andrew Sherman wrote:
> Folks,
>
> Has anybody else seen this? I tried to build using the no-engine
> option:
>
> OpenSSL version: 0.9.7a
> Last change: In ssl3_get_record (ssl/s3_pkt.c), minimize
> information...
> Options: no-idea no-rc5 no-engine shared threads
> --prefix=/var/tmp/openssl no-krb5
> OS (uname): Linux piias301 2.4.9-e.8enterprise #1 SMP Fri Jul 19
> 15:27:35 EDT 2002 i686 unknown
> OS (config): i686-whatever-linux2
> Target (default): linux-elf
> Target: linux-elf
> Compiler: gcc version 2.96 20000731 (Red Hat Linux 7.3
> 2.96-112_MSDW_2)
>
> and got code that failed "make test" in the sha1test. These configure
> options check out fine on both Solaris and Irix (using native compilers)
> so the problem is either Linux or GCC. After chasing several red
> herrings, it finally occured to me to try leaving off "no-engine" and I
> got working code.
>
> At this point I'm satisfied, but somebody should find the problem and
> fix it.
The bug is in crypto/evp/digest.c : currently EVP_DigestInit_ex()
will always fail (and consequently no digest algorithm is set) when
when build with the 'no-engine' option (and no digest algorithm
is already set in EVP_MD_CTX). Attached is a small patch to fix
this problem.
Regards,
Nils
PS: PR#515 looks similar.
Index: crypto/evp/digest.c
===================================================================
RCS file: /home/nils/CVSROOT/openssl/crypto/evp/digest.c,v
retrieving revision 1.21.2.4
diff -u -r1.21.2.4 digest.c
--- crypto/evp/digest.c 2003/01/30 17:37:44 1.21.2.4
+++ crypto/evp/digest.c 2003/02/28 17:25:57
@@ -186,13 +186,12 @@
else
ctx->engine = NULL;
}
- else
-#endif
- if(!ctx->digest)
+ else if(!ctx->digest)
{
EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_NO_DIGEST_SET);
return 0;
}
+#endif
if (ctx->digest != type)
{
if (ctx->digest && ctx->digest->ctx_size)
