If we ignore the faliure to copy on an old fips provider, we need to use
ctx_base, rather than ctx
Fixes #22076
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22102)
} else {
TEST_info("Allowing copy fail as an old fips provider is in use.");
}
+ EVP_CIPHER_CTX_free(ctx);
+ ctx = ctx_base;
+ } else {
+ EVP_CIPHER_CTX_free(ctx_base);
+ ctx_base = NULL;
}
/* Likewise for dup */
duped = EVP_CIPHER_CTX_dup(ctx);