From 0577959ceab4ca2a72a662ed12067da83cdbb3c7 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Mon, 22 Jun 2020 11:18:56 +0100
Subject: Don't forget our provider ctx when resetting

A number of the KDF reset functions were resetting a little too much

Fixes #12225

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12229)
---
 providers/implementations/kdfs/krb5kdf.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'providers/implementations/kdfs/krb5kdf.c')

diff --git a/providers/implementations/kdfs/krb5kdf.c b/providers/implementations/kdfs/krb5kdf.c
index 4ae29a24c4..25462f3c1d 100644
--- a/providers/implementations/kdfs/krb5kdf.c
+++ b/providers/implementations/kdfs/krb5kdf.c
@@ -78,11 +78,13 @@ static void krb5kdf_free(void *vctx)
 static void krb5kdf_reset(void *vctx)
 {
     KRB5KDF_CTX *ctx = (KRB5KDF_CTX *)vctx;
+    void *provctx = ctx->provctx;
 
     ossl_prov_cipher_reset(&ctx->cipher);
     OPENSSL_clear_free(ctx->key, ctx->key_len);
     OPENSSL_clear_free(ctx->constant, ctx->constant_len);
     memset(ctx, 0, sizeof(*ctx));
+    ctx->provctx = provctx;
 }
 
 static int krb5kdf_set_membuf(unsigned char **dst, size_t *dst_len,
-- 
cgit v1.2.3