Description: Quiet libgcrypt run-time warning about not being initialized
Author: Todd C. Miller <Todd.Miller@sudo.ws>
Bug: https://bugs.debian.org/1019428
Forwarded: https://www.sudo.ws/repos/sudo/rev/ebf9a6477d5d
diff -r 5b7ea42ac63b -r ebf9a6477d5d lib/util/digest_gcrypt.c
--- a/lib/util/digest_gcrypt.c	Tue Sep 20 14:35:12 2022 -0600
+++ b/lib/util/digest_gcrypt.c	Tue Sep 20 16:13:31 2022 -0600
@@ -23,6 +23,11 @@
 
 #include <config.h>
 
+#ifdef HAVE_STDBOOL_H
+# include <stdbool.h>
+#else
+# include "compat/stdbool.h"
+#endif
 #include <stdlib.h>
 #include <string.h>
 #include <errno.h>
@@ -33,6 +38,8 @@
 #include "sudo_debug.h"
 #include "sudo_digest.h"
 
+#define SUDO_LIBGCRYPT_VERSION_MIN "1.3.0"
+
 struct sudo_digest {
     int gcry_digest_type;
     unsigned int digest_len;
@@ -61,9 +68,21 @@
 sudo_digest_alloc_v1(int digest_type)
 {
     debug_decl(sudo_digest_alloc, SUDO_DEBUG_UTIL);
+    static bool initialized = false;
     struct sudo_digest *dig;
     int gcry_digest_type;
 
+    if (!initialized) {
+	if (!gcry_check_version(SUDO_LIBGCRYPT_VERSION_MIN)) {
+	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
+		"libgcrypt too old (need %s, have %s)",
+		SUDO_LIBGCRYPT_VERSION_MIN, gcry_check_version(NULL));
+	    debug_return_ptr(NULL);
+	}
+	gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
+	initialized = true;
+    }
+
     gcry_digest_type = sudo_digest_type_to_gcry(digest_type);
     if (gcry_digest_type == -1) {
 	errno = EINVAL;

