diff options
| author | David Benjamin <davidben@chromium.org> | 2014-12-15 11:59:02 +0300 |
|---|---|---|
| committer | Adam Langley <agl@google.com> | 2014-12-16 04:51:55 +0300 |
| commit | 4841ce49a015237096e280fbacd1f4e2555df744 (patch) | |
| tree | 82320feb95d9f54bbcd5dddab672b9512687fab0 /ssl/t1_enc.c | |
| parent | ef5885e4101867e2b54135cdb4f6a7e83df35f8a (diff) | |
Fix EVP_Cipher error-handling.
Turns out the EVP_CIPH_FLAG_CUSTOM_CIPHER ciphers (i.e. legacy EVP_CIPHER
AES-GCM) have a completely different return value setup than the normal ones
which are the standard one/zero. (Except that they never return zero; see
TODO.)
Fix checks in ssl/ and remove remnants of EVP_CIPH_FLAG_CUSTOM_CIPHER in ssl/
as we're using EVP_AEAD now.
See CHANGES entry added in upstream's 3da0ca796cae6625bd26418afe0a1dc47bf5a77f.
Change-Id: Ia4d0ff59b03c35fab3a08141c60b9534cb7172e2
Reviewed-on: https://boringssl-review.googlesource.com/2606
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'ssl/t1_enc.c')
| -rw-r--r-- | ssl/t1_enc.c | 7 |
1 files changed, 2 insertions, 5 deletions
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index af8dc831..f5a4b9f6 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -941,11 +941,8 @@ int tls1_enc(SSL *s, int send) return 0; } - i = EVP_Cipher(ds,rec->data,rec->input,l); - if ((EVP_CIPHER_flags(ds->cipher)&EVP_CIPH_FLAG_CUSTOM_CIPHER) - ?(i<0) - :(i==0)) - return -1; /* AEAD can fail to verify MAC */ + if (!EVP_Cipher(ds, rec->data, rec->input, l)) + return -1; ret = 1; if (EVP_MD_CTX_md(s->read_hash) != NULL) |