For provided ciphers, EVP_CIPHER_CTX_ctrl() with EVP_CTRL_INIT always returns 1
authorRichard Levitte <levitte@openssl.org>
Tue, 15 Oct 2019 14:45:12 +0000 (16:45 +0200)
committerRichard Levitte <levitte@openssl.org>
Thu, 17 Oct 2019 07:14:01 +0000 (09:14 +0200)
This control command should never be used with provided methods, but
since this is publically available, someone might still make the
mistake.  We make sure it returns 1 so as not to be overly
disruptive.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10163)

crypto/evp/evp_enc.c

index 3f0e5a7..86506d3 100644 (file)
@@ -1089,8 +1089,16 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
                                               ptr, sz);
         break;
 
+    case EVP_CTRL_INIT:
+        /*
+         * TODO(3.0) EVP_CTRL_INIT is purely legacy, no provider counterpart
+         * As a matter of fact, this should be dead code, but some caller
+         * might still do a direct control call with this command, so...
+         * Legacy methods return 1 except for exceptional circumstances, so
+         * we do the same here to not be disruptive.
+         */
+        return 1;
     case EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS: /* Used by DASYNC */
-    case EVP_CTRL_INIT: /* TODO(3.0) Purely legacy, no provider counterpart */
     default:
         goto end;
     case EVP_CTRL_GET_IV: