summaryrefslogtreecommitdiff
path: root/cipher.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2016-10-28 14:34:07 +1100
committerDamien Miller <djm@mindrot.org>2016-10-28 14:34:56 +1100
commit315d2a4e674d0b7115574645cb51f968420ebb34 (patch)
treed7c716d0cf80232062f3db237fe2d380f3b16e03 /cipher.c
parenta9ff3950b8e80ff971b4d44bbce96df27aed28af (diff)
Unbreak AES-CTR ciphers on old (~0.9.8) OpenSSL
ok dtucker@
Diffstat (limited to 'cipher.c')
-rw-r--r--cipher.c8
1 files changed, 7 insertions, 1 deletions
diff --git a/cipher.c b/cipher.c
index 747b59bf0..2def333b1 100644
--- a/cipher.c
+++ b/cipher.c
@@ -617,7 +617,7 @@ cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len)
617 return SSH_ERR_INVALID_ARGUMENT; 617 return SSH_ERR_INVALID_ARGUMENT;
618#ifndef OPENSSL_HAVE_EVPCTR 618#ifndef OPENSSL_HAVE_EVPCTR
619 if (c->evptype == evp_aes_128_ctr) 619 if (c->evptype == evp_aes_128_ctr)
620 ssh_aes_ctr_iv(&cc->evp, 0, iv, len); 620 ssh_aes_ctr_iv(cc->evp, 0, iv, len);
621 else 621 else
622#endif 622#endif
623 if (cipher_authlen(c)) { 623 if (cipher_authlen(c)) {
@@ -659,6 +659,12 @@ cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv)
659 evplen = EVP_CIPHER_CTX_iv_length(cc->evp); 659 evplen = EVP_CIPHER_CTX_iv_length(cc->evp);
660 if (evplen <= 0) 660 if (evplen <= 0)
661 return SSH_ERR_LIBCRYPTO_ERROR; 661 return SSH_ERR_LIBCRYPTO_ERROR;
662#ifndef OPENSSL_HAVE_EVPCTR
663 /* XXX iv arg is const, but ssh_aes_ctr_iv isn't */
664 if (c->evptype == evp_aes_128_ctr)
665 ssh_aes_ctr_iv(cc->evp, 1, (u_char *)iv, evplen);
666 else
667#endif
662 if (cipher_authlen(c)) { 668 if (cipher_authlen(c)) {
663 /* XXX iv arg is const, but EVP_CIPHER_CTX_ctrl isn't */ 669 /* XXX iv arg is const, but EVP_CIPHER_CTX_ctrl isn't */
664 if (!EVP_CIPHER_CTX_ctrl(cc->evp, 670 if (!EVP_CIPHER_CTX_ctrl(cc->evp,