Fix ctrl operation for SHA1/MD5SHA1.

This makes S/MIME and CMS signing in MIME format for SHA1 work again.
Reviewed-by: NRich Salz <rsalz@openssl.org>

crypto/evp/m_md5_sha1.c

@@ -52,11 +52,16 @@ static int ctrl(EVP_MD_CTX *ctx, int cmd, int mslen, void *ms)
     unsigned char padtmp[48];
     unsigned char md5tmp[MD5_DIGEST_LENGTH];
     unsigned char sha1tmp[SHA_DIGEST_LENGTH];
-    struct md5_sha1_ctx *mctx = EVP_MD_CTX_md_data(ctx);
+    struct md5_sha1_ctx *mctx;
 
     if (cmd != EVP_CTRL_SSL3_MASTER_SECRET)
+        return -2;
+
+    if (ctx == NULL)
         return 0;
 
+    mctx = EVP_MD_CTX_md_data(ctx);
+
     /* SSLv3 client auth handling: see RFC-6101 5.6.8 */
     if (mslen != 48)
         return 0;

crypto/evp/m_sha1.c

@@ -36,11 +36,16 @@ static int ctrl(EVP_MD_CTX *ctx, int cmd, int mslen, void *ms)
     unsigned char padtmp[40];
     unsigned char sha1tmp[SHA_DIGEST_LENGTH];
 
-    SHA_CTX *sha1 = EVP_MD_CTX_md_data(ctx);
+    SHA_CTX *sha1;
 
     if (cmd != EVP_CTRL_SSL3_MASTER_SECRET)
+        return -2;
+
+    if (ctx == NULL)
         return 0;
 
+    sha1 = EVP_MD_CTX_md_data(ctx);
+
     /* SSLv3 client auth handling: see RFC-6101 5.6.8 */
     if (mslen != 48)
         return 0;