fb3c611275
With PR 5170, I added logic that requires a EVP_CTRL_GCM_SET_IV_FIXED command be issued before a EVP_CTRL_GCM_IV_GEN command. This matches OpenSSL's behavior. However, OpenSSL also clears the flag enabling EVP_CTRL_GCM_IV_GEN after EVP_CTRL_GCM_SET_IV_FIXED if EVP_CipherInit is called with a NULL key. Otherwise, the flag retains its value. We didn't mirror this logic, and that caused problems in OpenSSH unit testing. This commit aligns our logic with OpenSSL's and adds a regression test to test_evp_cipher_aes_gcm for this case.
Before creating any new configure files (.conf) read the CONF_FILES_README.md