diff options
| author | jsing <> | 2014-06-07 17:16:39 +0000 |
|---|---|---|
| committer | jsing <> | 2014-06-07 17:16:39 +0000 |
| commit | ac7554180458e6a678c9bc571314514246cb0fc0 (patch) | |
| tree | 8965c91a2d0e9bfdf9a024d10dbf27cb97f3dc2c /src | |
| parent | ffd7d5058a027525ac9aff6c2aa9a572a55182fc (diff) | |
| download | openbsd-ac7554180458e6a678c9bc571314514246cb0fc0.tar.gz openbsd-ac7554180458e6a678c9bc571314514246cb0fc0.tar.bz2 openbsd-ac7554180458e6a678c9bc571314514246cb0fc0.zip | |
Use !is_read to imply SSL3_CC_WRITE.
While this is not strictly correct (since the presence of SSL3_CC_READ does
not guarantee the absence of SSL3_CC_WRITE), in practice only one of these
flags is set at a time and there is existing logic which already relies on
this behaviour.
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/src/ssl/t1_enc.c | 5 | ||||
| -rw-r--r-- | src/lib/libssl/t1_enc.c | 5 |
2 files changed, 4 insertions, 6 deletions
diff --git a/src/lib/libssl/src/ssl/t1_enc.c b/src/lib/libssl/src/ssl/t1_enc.c index 3e90b78468..fba582d4ad 100644 --- a/src/lib/libssl/src/ssl/t1_enc.c +++ b/src/lib/libssl/src/ssl/t1_enc.c | |||
| @@ -530,12 +530,11 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 530 | 530 | ||
| 531 | if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) { | 531 | if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) { |
| 532 | EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, NULL, | 532 | EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, NULL, |
| 533 | (which & SSL3_CC_WRITE)); | 533 | !is_read); |
| 534 | EVP_CIPHER_CTX_ctrl(cipher_ctx, EVP_CTRL_GCM_SET_IV_FIXED, | 534 | EVP_CIPHER_CTX_ctrl(cipher_ctx, EVP_CTRL_GCM_SET_IV_FIXED, |
| 535 | iv_len, (unsigned char *)iv); | 535 | iv_len, (unsigned char *)iv); |
| 536 | } else | 536 | } else |
| 537 | EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, iv, | 537 | EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, iv, !is_read); |
| 538 | (which & SSL3_CC_WRITE)); | ||
| 539 | 538 | ||
| 540 | /* Needed for "composite" AEADs, such as RC4-HMAC-MD5 */ | 539 | /* Needed for "composite" AEADs, such as RC4-HMAC-MD5 */ |
| 541 | if ((EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) && | 540 | if ((EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) && |
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 3e90b78468..fba582d4ad 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c | |||
| @@ -530,12 +530,11 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 530 | 530 | ||
| 531 | if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) { | 531 | if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) { |
| 532 | EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, NULL, | 532 | EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, NULL, |
| 533 | (which & SSL3_CC_WRITE)); | 533 | !is_read); |
| 534 | EVP_CIPHER_CTX_ctrl(cipher_ctx, EVP_CTRL_GCM_SET_IV_FIXED, | 534 | EVP_CIPHER_CTX_ctrl(cipher_ctx, EVP_CTRL_GCM_SET_IV_FIXED, |
| 535 | iv_len, (unsigned char *)iv); | 535 | iv_len, (unsigned char *)iv); |
| 536 | } else | 536 | } else |
| 537 | EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, iv, | 537 | EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, iv, !is_read); |
| 538 | (which & SSL3_CC_WRITE)); | ||
| 539 | 538 | ||
| 540 | /* Needed for "composite" AEADs, such as RC4-HMAC-MD5 */ | 539 | /* Needed for "composite" AEADs, such as RC4-HMAC-MD5 */ |
| 541 | if ((EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) && | 540 | if ((EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) && |