From e0b8c84240037a592c5bd5f18fc382a98a323bea Mon Sep 17 00:00:00 2001 From: Eric Wong Date: Fri, 1 Sep 2023 02:09:28 +0000 Subject: treewide: fix various bugs w/ OpenSSL 3+ EVP API The OpenSSL 3+ EVP API for SHA-* cannot support our prior use cases supported by other SHA-* implementations. It has the following differences: 1. ->init_fn is required before all use 2. struct assignments don't work and requires ->clone_fn 3. can't support ->update_fn after ->final_*fn While fixing cases 1 and 2 is merely the matter of calling ->init_fn and ->clone_fn as appropriate, fixing case 3 requires calling ->final_*fn on a temporary context that's cloned from the primary context. Reported-by: Bagas Sanjaya Link: https://lore.kernel.org/ZPCL11k38PXTkFga@debian.me/ Helped-by: brian m. carlson Fixes: 3e440ea0aba0 ("sha256: avoid functions deprecated in OpenSSL 3+") Fixes: bda9c12073e7 ("avoid SHA-1 functions deprecated in OpenSSL 3+") Signed-off-by: Eric Wong Signed-off-by: Junio C Hamano --- builtin/unpack-objects.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'builtin/unpack-objects.c') diff --git a/builtin/unpack-objects.c b/builtin/unpack-objects.c index 2c52c3a741..b16d38af13 100644 --- a/builtin/unpack-objects.c +++ b/builtin/unpack-objects.c @@ -608,6 +608,7 @@ int cmd_unpack_objects(int argc, const char **argv, const char *prefix UNUSED) { int i; struct object_id oid; + git_hash_ctx tmp_ctx; read_replace_refs = 0; @@ -668,7 +669,9 @@ int cmd_unpack_objects(int argc, const char **argv, const char *prefix UNUSED) the_hash_algo->init_fn(&ctx); unpack_all(); the_hash_algo->update_fn(&ctx, buffer, offset); - the_hash_algo->final_oid_fn(&oid, &ctx); + the_hash_algo->init_fn(&tmp_ctx); + the_hash_algo->clone_fn(&tmp_ctx, &ctx); + the_hash_algo->final_oid_fn(&oid, &tmp_ctx); if (strict) { write_rest(); if (fsck_finish(&fsck_options)) -- cgit v1.2.3