Better invalid SNI name error handling

[openssl.git] / crypto / cms / cms_asn1.c

diff --git a/crypto/cms/cms_asn1.c b/crypto/cms/cms_asn1.c
index 7aafc8dab07ca00de7e5bbfa5d3221d295e0a2ee..017f55c5899ac699731d3a0b00aa81b7662fcccc 100644 (file)
--- a/crypto/cms/cms_asn1.c
+++ b/crypto/cms/cms_asn1.c
@@ -95,7 +95,7 @@ static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
         CMS_SignerInfo *si = (CMS_SignerInfo *)*pval;
         EVP_PKEY_free(si->pkey);
         X509_free(si->signer);
-        EVP_MD_CTX_destroy(si->mctx);
+        EVP_MD_CTX_free(si->mctx);
     }
     return 1;
 }
@@ -194,12 +194,14 @@ static int cms_kari_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
 {
     CMS_KeyAgreeRecipientInfo *kari = (CMS_KeyAgreeRecipientInfo *)*pval;
     if (operation == ASN1_OP_NEW_POST) {
-        EVP_CIPHER_CTX_init(&kari->ctx);
-        EVP_CIPHER_CTX_set_flags(&kari->ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
+        kari->ctx = EVP_CIPHER_CTX_new();
+        if (kari->ctx == NULL)
+            return 0;
+        EVP_CIPHER_CTX_set_flags(kari->ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
         kari->pctx = NULL;
     } else if (operation == ASN1_OP_FREE_POST) {
         EVP_PKEY_CTX_free(kari->pctx);
-        EVP_CIPHER_CTX_cleanup(&kari->ctx);
+        EVP_CIPHER_CTX_free(kari->ctx);
     }
     return 1;
 }