- (dtucker) [openbsd-compat/openssl-compat.h] Bug #1291: Work around a

bug in OpenSSL 0.9.8e that prevents aes256-ctr, aes192-ctr and arcfour256 ciphers from working correctly (disconnects with "Bad packet length" errors) as found by Ben Harris. ok djm@
author: Darren Tucker <dtucker@zip.com.au> 2007-03-05 18:25:20 +1100
committer: Darren Tucker <dtucker@zip.com.au> 2007-03-05 18:25:20 +1100
commit: fd30986c927e66985ddc43b25794651c76ba477c (patch)
tree: 16ef25a47e4eaa302bc4f54f930b802d3415ff41 /openbsd-compat/openssl-compat.h
parent: 9975e483498430b8fa75fccd2bad681781df24d1 (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h
index c582cd26..9b5ccff5 100644
--- a/openbsd-compat/openssl-compat.h
+++ b/openbsd-compat/openssl-compat.h
@@ -1,4 +1,4 @@
-/* $Id: openssl-compat.h,v 1.6 2006/02/22 11:24:47 dtucker Exp $ */
+/* $Id: openssl-compat.h,v 1.7 2007/03/05 07:25:20 dtucker Exp $ */
 
 /*
  * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@@ -46,6 +46,11 @@ extern const EVP_CIPHER *evp_acss(void);
 # endif
 #endif
 
+/* OpenSSL 0.9.8e returns cipher key len not context key len */
+#if (OPENSSL_VERSION_NUMBER == 0x0090805fL)
+# define EVP_CIPHER_CTX_key_length(c) ((c)->key_len)
+#endif
+
 /*
  * We overload some of the OpenSSL crypto functions with ssh_* equivalents
  * which cater for older and/or less featureful OpenSSL version.
author	Darren Tucker <dtucker@zip.com.au>	2007-03-05 18:25:20 +1100
committer	Darren Tucker <dtucker@zip.com.au>	2007-03-05 18:25:20 +1100
commit	fd30986c927e66985ddc43b25794651c76ba477c (patch)
tree	16ef25a47e4eaa302bc4f54f930b802d3415ff41 /openbsd-compat/openssl-compat.h
parent	9975e483498430b8fa75fccd2bad681781df24d1 (diff)