On 12/12/2016 07:18 AM, Michael Paquier wrote:
On Fri, Dec 9, 2016 at 10:22 AM, Michael Paquier
Thanks for looking at the patch. Looking forward to hearing more!
Here is an updated patch based on which reviews should be done. I have
fixed the issue you have reported, and upon additional lookup I have
noticed that returning -1 when failing on EVP_CIPHER_CTX_new() in
px_find_cipher() is dead wrong. The error code should be
@@ -307,17 +360,18 @@ gen_ossl_decrypt(PX_Cipher *c, const uint8 *data,
- if (!EVP_DecryptInit_ex(&od->evp_ctx, od->evp_ciph, NULL, NULL,
+ if (!EVP_CIPHER_CTX_cleanup(od->evp_ctx))
+ return PXE_CIPHER_INIT;
+ if (!EVP_DecryptInit_ex(od->evp_ctx, od->evp_ciph, NULL, NULL,
- if (!EVP_CIPHER_CTX_set_key_length(&od->evp_ctx, od->klen))
+ if (!EVP_CIPHER_CTX_set_key_length(od->evp_ctx, od->klen))
- if (!EVP_DecryptInit_ex(&od->evp_ctx, NULL, NULL, od->key,
+ if (!EVP_DecryptInit_ex(od->evp_ctx, NULL, NULL, od->key,
od->init = true;
The EVP_CIPHER_CTX_cleanup() call seems superfluous. We know that the
context isn't initialized yet, so no need to clean it up.
Removed that, did some further cosmetic changes, and pushed. I renamed a
bunch variables and structs, so that they are more consistent with the
similar digest stuff.
Sent via pgsql-hackers mailing list (email@example.com)
To make changes to your subscription: