Check EVP_Cipher return values for SSL2
Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
parent
4b87706d20
commit
81ec01b217
3 changed files with 15 additions and 6 deletions
10
ssl/s2_enc.c
10
ssl/s2_enc.c
|
@ -117,8 +117,9 @@ err:
|
|||
|
||||
/* read/writes from s->s2->mac_data using length for encrypt and
|
||||
* decrypt. It sets s->s2->padding and s->[rw]length
|
||||
* if we are encrypting */
|
||||
void ssl2_enc(SSL *s, int send)
|
||||
* if we are encrypting
|
||||
* Returns 0 on error and 1 on success */
|
||||
int ssl2_enc(SSL *s, int send)
|
||||
{
|
||||
EVP_CIPHER_CTX *ds;
|
||||
unsigned long l;
|
||||
|
@ -145,7 +146,10 @@ void ssl2_enc(SSL *s, int send)
|
|||
if (bs == 8)
|
||||
l=(l+7)/8*8;
|
||||
|
||||
EVP_Cipher(ds,s->s2->mac_data,s->s2->mac_data,l);
|
||||
if(EVP_Cipher(ds,s->s2->mac_data,s->s2->mac_data,l) < 1)
|
||||
return 0;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
void ssl2_mac(SSL *s, unsigned char *md, int send)
|
||||
|
|
|
@ -265,7 +265,11 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
|
|||
if ((!s->s2->clear_text) &&
|
||||
(s->s2->rlength >= (unsigned int)mac_size))
|
||||
{
|
||||
ssl2_enc(s,0);
|
||||
if(!ssl2_enc(s,0))
|
||||
{
|
||||
SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_DECRYPTION_FAILED);
|
||||
return(-1);
|
||||
}
|
||||
s->s2->ract_data_length-=mac_size;
|
||||
ssl2_mac(s,mac,0);
|
||||
s->s2->ract_data_length-=s->s2->padding;
|
||||
|
@ -616,7 +620,8 @@ static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
|
|||
s->s2->wact_data_length=len+p;
|
||||
ssl2_mac(s,s->s2->mac_data,1);
|
||||
s->s2->wlength+=p+mac_size;
|
||||
ssl2_enc(s,1);
|
||||
if(ssl2_enc(s,1) < 1)
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* package up the header */
|
||||
|
|
|
@ -1080,7 +1080,7 @@ int ssl_fill_hello_random(SSL *s, int server, unsigned char *field, int len);
|
|||
|
||||
int ssl2_enc_init(SSL *s, int client);
|
||||
int ssl2_generate_key_material(SSL *s);
|
||||
void ssl2_enc(SSL *s,int send_data);
|
||||
int ssl2_enc(SSL *s,int send_data);
|
||||
void ssl2_mac(SSL *s,unsigned char *mac,int send_data);
|
||||
const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p);
|
||||
int ssl2_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p);
|
||||
|
|
Loading…
Reference in a new issue