[openssl] master update

Matt Caswell matt at openssl.org
Thu Feb 21 09:47:27 UTC 2019


The branch master has been updated
       via  695dd3a332fdd54b873fd0d08f9ae720141f24cd (commit)
      from  4ac5e43da6d9ee828240e6d347c48c8fae6573a2 (commit)


- Log -----------------------------------------------------------------
commit 695dd3a332fdd54b873fd0d08f9ae720141f24cd
Author: Matt Caswell <matt at openssl.org>
Date:   Wed Feb 20 11:11:04 2019 +0000

    Fix dasync engine
    
    The aes128_cbc_hmac_sha1 cipher in the dasync engine is broken. Probably
    by commit e38c2e8535 which removed use of the "enc" variable...but not
    completely.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
    (Merged from https://github.com/openssl/openssl/pull/8291)

-----------------------------------------------------------------------

Summary of changes:
 engines/e_dasync.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/engines/e_dasync.c b/engines/e_dasync.c
index 3d80610..f8a52e9 100644
--- a/engines/e_dasync.c
+++ b/engines/e_dasync.c
@@ -138,7 +138,6 @@ struct dasync_pipeline_ctx {
     unsigned char **inbufs;
     unsigned char **outbufs;
     size_t *lens;
-    int enc;
     unsigned char tlsaad[SSL_MAX_PIPELINES][EVP_AEAD_TLS1_AAD_LEN];
     unsigned int aadctr;
 };
@@ -617,7 +616,7 @@ static int dasync_cipher_ctrl_helper(EVP_CIPHER_CTX *ctx, int type, int arg,
 
             len = p[arg - 2] << 8 | p[arg - 1];
 
-            if (pipe_ctx->enc) {
+            if (EVP_CIPHER_CTX_encrypting(ctx)) {
                 if ((p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) {
                     if (len < AES_BLOCK_SIZE)
                         return 0;


More information about the openssl-commits mailing list