On 12/12/2016 07:18 AM, Michael Paquier wrote:
On Fri, Dec 9, 2016 at 10:22 AM, Michael Paquier
<michael.paqu...@gmail.com> wrote:
Thanks for looking at the patch. Looking forward to hearing more!


Here is an updated patch based on which reviews should be done. I have
fixed the issue you have reported, and upon additional lookup I have
noticed that returning -1 when failing on EVP_CIPHER_CTX_new() in
px_find_cipher() is dead wrong. The error code should be
PXE_CIPHER_INIT.

@@ -307,17 +360,18 @@ gen_ossl_decrypt(PX_Cipher *c, const uint8 *data, 
unsigned dlen,

        if (!od->init)
        {
-               EVP_CIPHER_CTX_init(&od->evp_ctx);
-               if (!EVP_DecryptInit_ex(&od->evp_ctx, od->evp_ciph, NULL, NULL, 
NULL))
+               if (!EVP_CIPHER_CTX_cleanup(od->evp_ctx))
+                       return PXE_CIPHER_INIT;
+               if (!EVP_DecryptInit_ex(od->evp_ctx, od->evp_ciph, NULL, NULL, 
NULL))
                        return PXE_CIPHER_INIT;
-               if (!EVP_CIPHER_CTX_set_key_length(&od->evp_ctx, od->klen))
+               if (!EVP_CIPHER_CTX_set_key_length(od->evp_ctx, od->klen))
                        return PXE_CIPHER_INIT;
-               if (!EVP_DecryptInit_ex(&od->evp_ctx, NULL, NULL, od->key, 
od->iv))
+               if (!EVP_DecryptInit_ex(od->evp_ctx, NULL, NULL, od->key, 
od->iv))
                        return PXE_CIPHER_INIT;
                od->init = true;
        }

The EVP_CIPHER_CTX_cleanup() call seems superfluous. We know that the context isn't initialized yet, so no need to clean it up.

Removed that, did some further cosmetic changes, and pushed. I renamed a bunch variables and structs, so that they are more consistent with the similar digest stuff.

Thanks!

- Heikki



--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Reply via email to