ssl/t1_enc.c: pay attention to EVP_CIPH_FLAG_CUSTOM_CIPHER.

[openssl.git] / ssl / t1_enc.c

diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index f32393c56b0c6954b4f47a7f5dcf50c4fa5e4882..201ca9ad6de20299a52870bf85257357fb1ae43b 100644 (file)
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -825,7 +825,10 @@ int tls1_enc(SSL *s, int send)
                                }
                        }
                
-               if (EVP_Cipher(ds,rec->data,rec->input,l) < 0)
+               i = EVP_Cipher(ds,rec->data,rec->input,l);
+               if ((EVP_CIPHER_flags(ds->cipher)&EVP_CIPH_FLAG_CUSTOM_CIPHER)
+                                               ?(i<0)
+                                               :(i==0))
                        return -1;      /* AEAD can fail to verify MAC */
                if (EVP_CIPHER_mode(enc) == EVP_CIPH_GCM_MODE && !send)
                        {