From: Dr. Stephen Henson <steve@openssl.org>
Date: Tue, 22 Nov 2016 21:59:21 +0000 (+0000)
Subject: Fix ctrl operation for SHA1/MD5SHA1.
X-Git-Tag: OpenSSL_1_1_1-pre1~2963
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=a5abd438f85737ffa56320b67c5ef5525fc495c3;p=oweals%2Fopenssl.git

Fix ctrl operation for SHA1/MD5SHA1.

This makes S/MIME and CMS signing in MIME format for SHA1 work again.

Reviewed-by: Rich Salz <rsalz@openssl.org>
---

diff --git a/crypto/evp/m_md5_sha1.c b/crypto/evp/m_md5_sha1.c
index 1213ff64a6..2d98886ba0 100644
--- a/crypto/evp/m_md5_sha1.c
+++ b/crypto/evp/m_md5_sha1.c
@@ -52,11 +52,16 @@ static int ctrl(EVP_MD_CTX *ctx, int cmd, int mslen, void *ms)
     unsigned char padtmp[48];
     unsigned char md5tmp[MD5_DIGEST_LENGTH];
     unsigned char sha1tmp[SHA_DIGEST_LENGTH];
-    struct md5_sha1_ctx *mctx = EVP_MD_CTX_md_data(ctx);
+    struct md5_sha1_ctx *mctx;
 
     if (cmd != EVP_CTRL_SSL3_MASTER_SECRET)
+        return -2;
+
+    if (ctx == NULL)
         return 0;
 
+    mctx = EVP_MD_CTX_md_data(ctx);
+
     /* SSLv3 client auth handling: see RFC-6101 5.6.8 */
     if (mslen != 48)
         return 0;
diff --git a/crypto/evp/m_sha1.c b/crypto/evp/m_sha1.c
index 4f009560b3..8f30077a4a 100644
--- a/crypto/evp/m_sha1.c
+++ b/crypto/evp/m_sha1.c
@@ -36,11 +36,16 @@ static int ctrl(EVP_MD_CTX *ctx, int cmd, int mslen, void *ms)
     unsigned char padtmp[40];
     unsigned char sha1tmp[SHA_DIGEST_LENGTH];
 
-    SHA_CTX *sha1 = EVP_MD_CTX_md_data(ctx);
+    SHA_CTX *sha1;
 
     if (cmd != EVP_CTRL_SSL3_MASTER_SECRET)
+        return -2;
+
+    if (ctx == NULL)
         return 0;
 
+    sha1 = EVP_MD_CTX_md_data(ctx);
+
     /* SSLv3 client auth handling: see RFC-6101 5.6.8 */
     if (mslen != 48)
         return 0;