crypto: Handle EVP changes in OpenSSL 3

OpenSSL 3 changes the padding behavior of EVP_DecryptFinal_ex(), which
causes our decryption to fail.  It is the opnion of the OpenSSL
developers that mod_auth_gssapi's use of this function was incorrect.

Patch suggested by Tomáš Mráz.

Related: openssl/openssl#16351

Signed-off-by: Robbie Harwood <rharwood@redhat.com>

Author: frozencemetery

src/crypto.c

@@ -262,7 +262,7 @@ apr_status_t UNSEAL_BUFFER(apr_pool_t *p, struct seal_key *skey,
 
     totlen += outlen;
     outlen = plain->length - totlen;
-    ret = EVP_DecryptFinal_ex(ctx, plain->value, &outlen);
+    ret = EVP_DecryptFinal_ex(ctx, plain->value + totlen, &outlen);
     if (ret == 0) goto done;
 
     totlen += outlen;