From: Neil Horman <nhorman@openssl.org>
Date: Tue, 12 Sep 2023 21:07:53 +0000 (-0400)
Subject: Fix regression in evp_test for provider compat CI
X-Git-Tag: openssl-3.2.0-alpha2~67
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=bbb6d620f6014274cb00a8186225447a2a114543;p=thirdparty%2Fopenssl.git

Fix regression in evp_test for provider compat CI

If we ignore the faliure to copy on an old fips provider, we need to use
ctx_base, rather than ctx

Fixes #22076

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22102)
---

diff --git a/test/evp_test.c b/test/evp_test.c
index 7447435f060..f15b2c5a173 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -877,6 +877,11 @@ static int cipher_test_enc(EVP_TEST *t, int enc, size_t out_misalign,
         } else {
             TEST_info("Allowing copy fail as an old fips provider is in use.");
         }
+        EVP_CIPHER_CTX_free(ctx);
+        ctx = ctx_base;
+    } else {
+        EVP_CIPHER_CTX_free(ctx_base);
+        ctx_base = NULL;
     }
     /* Likewise for dup */
     duped = EVP_CIPHER_CTX_dup(ctx);