diff options
author | Damien Miller <djm@mindrot.org> | 2016-10-28 14:34:07 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2016-10-28 14:34:56 +1100 |
commit | 315d2a4e674d0b7115574645cb51f968420ebb34 (patch) | |
tree | d7c716d0cf80232062f3db237fe2d380f3b16e03 /cipher.c | |
parent | a9ff3950b8e80ff971b4d44bbce96df27aed28af (diff) |
Unbreak AES-CTR ciphers on old (~0.9.8) OpenSSL
ok dtucker@
Diffstat (limited to 'cipher.c')
-rw-r--r-- | cipher.c | 8 |
1 files changed, 7 insertions, 1 deletions
@@ -617,7 +617,7 @@ cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len) | |||
617 | return SSH_ERR_INVALID_ARGUMENT; | 617 | return SSH_ERR_INVALID_ARGUMENT; |
618 | #ifndef OPENSSL_HAVE_EVPCTR | 618 | #ifndef OPENSSL_HAVE_EVPCTR |
619 | if (c->evptype == evp_aes_128_ctr) | 619 | if (c->evptype == evp_aes_128_ctr) |
620 | ssh_aes_ctr_iv(&cc->evp, 0, iv, len); | 620 | ssh_aes_ctr_iv(cc->evp, 0, iv, len); |
621 | else | 621 | else |
622 | #endif | 622 | #endif |
623 | if (cipher_authlen(c)) { | 623 | if (cipher_authlen(c)) { |
@@ -659,6 +659,12 @@ cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv) | |||
659 | evplen = EVP_CIPHER_CTX_iv_length(cc->evp); | 659 | evplen = EVP_CIPHER_CTX_iv_length(cc->evp); |
660 | if (evplen <= 0) | 660 | if (evplen <= 0) |
661 | return SSH_ERR_LIBCRYPTO_ERROR; | 661 | return SSH_ERR_LIBCRYPTO_ERROR; |
662 | #ifndef OPENSSL_HAVE_EVPCTR | ||
663 | /* XXX iv arg is const, but ssh_aes_ctr_iv isn't */ | ||
664 | if (c->evptype == evp_aes_128_ctr) | ||
665 | ssh_aes_ctr_iv(cc->evp, 1, (u_char *)iv, evplen); | ||
666 | else | ||
667 | #endif | ||
662 | if (cipher_authlen(c)) { | 668 | if (cipher_authlen(c)) { |
663 | /* XXX iv arg is const, but EVP_CIPHER_CTX_ctrl isn't */ | 669 | /* XXX iv arg is const, but EVP_CIPHER_CTX_ctrl isn't */ |
664 | if (!EVP_CIPHER_CTX_ctrl(cc->evp, | 670 | if (!EVP_CIPHER_CTX_ctrl(cc->evp, |