WARNING! Gitlab maintenance operation scheduled for Thursday, 18 June between 19:00 and 20:00 (CET). During this time window, short service interruptions (less than 5 minutes) may occur. Thank you in advance for your understanding.

Commit ebf7bd7f authored Feb 20, 2019 by Matt Caswell

Fix dasync engine



The aes128_cbc_hmac_sha1 cipher in the dasync engine is broken. Probably
by commit e38c2e85 which removed use of the "enc" variable...but not
completely.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/8291)

(cherry picked from commit 695dd3a332fdd54b873fd0d08f9ae720141f24cd)

parent 143ee7b6

engines/e_dasync.c

+1 −2

Original line number	Diff line number	Diff line
		@@ -138,7 +138,6 @@ struct dasync_pipeline_ctx {
		unsigned char **inbufs;
		unsigned char **outbufs;
		size_t *lens;
		int enc;
		unsigned char tlsaad[SSL_MAX_PIPELINES][EVP_AEAD_TLS1_AAD_LEN];
		unsigned int aadctr;
		};
		@@ -603,7 +602,7 @@ static int dasync_cipher_ctrl_helper(EVP_CIPHER_CTX *ctx, int type, int arg,

		len = p[arg - 2] << 8 \| p[arg - 1];

		if (pipe_ctx->enc) {
		if (EVP_CIPHER_CTX_encrypting(ctx)) {
		if ((p[arg - 4] << 8 \| p[arg - 3]) >= TLS1_1_VERSION) {
		if (len < AES_BLOCK_SIZE)
		return 0;