ppc-xlate.pl update.

[openssl.git] / ssl / s2_enc.c

diff --git a/ssl/s2_enc.c b/ssl/s2_enc.c
index b4187bbbdd7b14a8ef6697c63c74f5b7dfef1330..1f62acd5b1e6fb1199c350ffe2452e8c51689a7b 100644 (file)
--- a/ssl/s2_enc.c
+++ b/ssl/s2_enc.c
@@ -82,25 +82,31 @@ int ssl2_enc_init(SSL *s, int client)
                ((s->enc_read_ctx=(EVP_CIPHER_CTX *)
                OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
                goto err;
+
+       /* make sure it's intialized in case the malloc for enc_write_ctx fails
+        * and we exit with an error */
+       rs= s->enc_read_ctx;
+       EVP_CIPHER_CTX_init(rs);
+
        if ((s->enc_write_ctx == NULL) &&
                ((s->enc_write_ctx=(EVP_CIPHER_CTX *)
                OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
                goto err;
 
-       rs= s->enc_read_ctx;
        ws= s->enc_write_ctx;
-
-       EVP_CIPHER_CTX_init(rs);
        EVP_CIPHER_CTX_init(ws);
 
        num=c->key_len;
        s->s2->key_material_length=num*2;
+       OPENSSL_assert(s->s2->key_material_length <= sizeof s->s2->key_material);
 
-       ssl2_generate_key_material(s);
+       if (ssl2_generate_key_material(s) <= 0)
+               return 0;
 
-       EVP_EncryptInit(ws,c,&(s->s2->key_material[(client)?num:0]),
+       OPENSSL_assert(c->iv_len <= (int)sizeof(s->session->key_arg));
+       EVP_EncryptInit_ex(ws,c,NULL,&(s->s2->key_material[(client)?num:0]),
                s->session->key_arg);
-       EVP_DecryptInit(rs,c,&(s->s2->key_material[(client)?0:num]),
+       EVP_DecryptInit_ex(rs,c,NULL,&(s->s2->key_material[(client)?0:num]),
                s->session->key_arg);
        s->s2->read_key=  &(s->s2->key_material[(client)?0:num]);
        s->s2->write_key= &(s->s2->key_material[(client)?num:0]);