openssl/openssl-CVE-2013-0169.4.patch
Danila Leontiev 6b98c1cdb9 Security fix
2013-04-11 17:24:48 +04:00

66 lines
1.9 KiB
Diff

From 080f39539295d2c7c932e79dd670526b90a215a8 Mon Sep 17 00:00:00 2001
From: Ben Laurie <ben@links.org>
Date: Tue, 29 Jan 2013 18:06:08 +0000
Subject: [PATCH] Fixups from previous commit.
---
crypto/evp/c_allc.c | 1 -
ssl/s3_cbc.c | 3 +--
ssl/ssl_algs.c | 1 -
ssl/t1_enc.c | 1 +
4 files changed, 2 insertions(+), 4 deletions(-)
diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c
index e67022f..c5f9268 100644
--- a/crypto/evp/c_allc.c
+++ b/crypto/evp/c_allc.c
@@ -194,7 +194,6 @@ void OpenSSL_add_all_ciphers(void)
EVP_add_cipher_alias(SN_aes_256_cbc,"AES256");
EVP_add_cipher_alias(SN_aes_256_cbc,"aes256");
#endif
-#endif
#ifndef OPENSSL_NO_CAMELLIA
EVP_add_cipher(EVP_camellia_128_ecb());
diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c
index e9b112c..6c5d43e 100644
--- a/ssl/s3_cbc.c
+++ b/ssl/s3_cbc.c
@@ -139,8 +139,7 @@ int tls1_cbc_remove_padding(const SSL* s,
unsigned mac_size)
{
unsigned padding_length, good, to_check, i;
- const char has_explicit_iv =
- s->version >= TLS1_1_VERSION || s->version == DTLS1_VERSION;
+ const char has_explicit_iv = s->version == DTLS1_VERSION;
const unsigned overhead = 1 /* padding length byte */ +
mac_size +
(has_explicit_iv ? block_size : 0);
diff --git a/ssl/ssl_algs.c b/ssl/ssl_algs.c
index 7f1a042..7de975d 100644
--- a/ssl/ssl_algs.c
+++ b/ssl/ssl_algs.c
@@ -87,7 +87,6 @@ int SSL_library_init(void)
EVP_add_cipher(EVP_aes_256_cbc());
#endif
-#endif
#ifndef OPENSSL_NO_CAMELLIA
EVP_add_cipher(EVP_camellia_128_cbc());
EVP_add_cipher(EVP_camellia_256_cbc());
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 3fcb77b..0cb3c56 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -641,6 +641,7 @@ int tls1_enc(SSL *s, int send)
EVP_CIPHER_CTX *ds;
unsigned long l;
int bs,i,j,k,pad=0,ret,mac_size=0;
+ int n;
const EVP_CIPHER *enc;
if (send)
--
1.7.9.5