deprecate internal use of EVP_[Cipher|Encrypt|Decrypt]_Final.

14 years ago these were changed in OpenSSL to be the same as the _ex functions. We use the _ex functions only internally to ensure it is obvious the ctx must be cleared. ok bcook@
author: beck <beck@openbsd.org> 2016-05-30 13:42:54 +0000
committer: beck <beck@openbsd.org> 2016-05-30 13:42:54 +0000
commit: d0e9d4bbb452049b3dd8bed672a608eb0055960c (patch)
tree: 06c190e68b646f894569b6a08e3c9a8745c9ca2c /lib/libssl/t1_lib.c
parent: Even when only writing an unescaped character, the dst buffer may need to (diff)
download: wireguard-openbsd-d0e9d4bbb452049b3dd8bed672a608eb0055960c.tar.xz
wireguard-openbsd-d0e9d4bbb452049b3dd8bed672a608eb0055960c.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/libssl/t1_lib.c b/lib/libssl/t1_lib.c
index 78553139141..7230dec6714 100644
--- a/lib/libssl/t1_lib.c
+++ b/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.86 2016/03/10 23:21:46 mmcc Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.87 2016/05/30 13:42:54 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -2199,7 +2199,7 @@ tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen,
 		return -1;
 	}
 	EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen);
-	if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0) {
+	if (EVP_DecryptFinal_ex(&ctx, sdec + slen, &mlen) <= 0) {
 		free(sdec);
 		EVP_CIPHER_CTX_cleanup(&ctx);
 		return 2;
author	beck <beck@openbsd.org>	2016-05-30 13:42:54 +0000
committer	beck <beck@openbsd.org>	2016-05-30 13:42:54 +0000
commit	d0e9d4bbb452049b3dd8bed672a608eb0055960c (patch)
tree	06c190e68b646f894569b6a08e3c9a8745c9ca2c /lib/libssl/t1_lib.c
parent	Even when only writing an unescaped character, the dst buffer may need to (diff)
download	wireguard-openbsd-d0e9d4bbb452049b3dd8bed672a608eb0055960c.tar.xz wireguard-openbsd-d0e9d4bbb452049b3dd8bed672a608eb0055960c.zip