From: Matt Caswell <matt@openssl.org>
Date: Tue, 18 Jun 2019 17:36:36 +0000 (+0100)
Subject: Don't create an OPENSSL_CTX twice
X-Git-Tag: openssl-3.0.0-alpha1~1890
X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=03361afb3ca27a32e1215e482236c2185f5df1ac;ds=sidebyside

Don't create an OPENSSL_CTX twice

The fips provider was creating the OPENSSL_CTX twice due to a previous
merge error.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9184)
---

diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index a30ece8e27..61729e5817 100644
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -216,18 +216,7 @@ int OSSL_provider_init(const OSSL_PROVIDER *provider,
                        void **provctx)
 {
     FIPS_GLOBAL *fgbl;
-    OPENSSL_CTX *ctx = OPENSSL_CTX_new();
-
-    if (ctx == NULL)
-        return 0;
-
-    fgbl = openssl_ctx_get_data(ctx, OPENSSL_CTX_FIPS_PROV_INDEX,
-                                &fips_prov_ossl_ctx_method);
-
-    if (fgbl == NULL)
-        goto err;
-
-    fgbl->prov = provider;
+    OPENSSL_CTX *ctx;
 
     for (; in->function_id != 0; in++) {
         switch (in->function_id) {
@@ -256,6 +245,14 @@ int OSSL_provider_init(const OSSL_PROVIDER *provider,
     if (ctx == NULL)
         return 0;
 
+    fgbl = openssl_ctx_get_data(ctx, OPENSSL_CTX_FIPS_PROV_INDEX,
+                                &fips_prov_ossl_ctx_method);
+
+    if (fgbl == NULL)
+        goto err;
+
+    fgbl->prov = provider;
+
     *out = fips_dispatch_table;
     *provctx = ctx;