mirror of
https://github.com/openwrt/openwrt.git
synced 2025-01-13 00:10:21 +00:00
d872d00b2f
This version adds the following functionality: * TLS 1.3 * AFALG engine support for hardware accelleration * x25519 ECC curve support * CRIME protection: disable use of compression by default * Support for ChaCha20 and Poly1305 Patches fixing bugs in the /dev/crypto engine were applied, from https://github.com/openssl/openssl/pull/7585 This increses the size of the ipk binray on MIPS32 by about 32%: old: 693.941 bin/packages/mips_24kc/base/libopenssl1.0.0_1.0.2q-2_mips_24kc.ipk 193.827 bin/packages/mips_24kc/base/openssl-util_1.0.2q-2_mips_24kc.ipk new: 912.493 bin/packages/mips_24kc/base/libopenssl1.1_1.1.1a-2_mips_24kc.ipk 239.316 bin/packages/mips_24kc/base/openssl-util_1.1.1a-2_mips_24kc.ipk Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
47 lines
1.4 KiB
Diff
47 lines
1.4 KiB
Diff
From 5378c582c8d3f1130b17abb2950bfd09cde099c6 Mon Sep 17 00:00:00 2001
|
|
From: Eneas U de Queiroz <cote2004-github@yahoo.com>
|
|
Date: Mon, 5 Nov 2018 15:59:44 -0200
|
|
Subject: [PATCH 4/7] eng_devcrypto: close session on cleanup, not final
|
|
|
|
Close the session in digest_cleanup instead of digest_final. A failure
|
|
in closing the session does not mean a previous successful digest final
|
|
has failed as well.
|
|
|
|
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
|
|
|
|
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
(Merged from https://github.com/openssl/openssl/pull/7585)
|
|
|
|
(cherry picked from commit a67203a19d379a8cc8b369587c60c46eb4e19014)
|
|
|
|
--- a/crypto/engine/eng_devcrypto.c
|
|
+++ b/crypto/engine/eng_devcrypto.c
|
|
@@ -461,10 +461,6 @@ static int digest_final(EVP_MD_CTX *ctx,
|
|
SYSerr(SYS_F_IOCTL, errno);
|
|
return 0;
|
|
}
|
|
- if (ioctl(cfd, CIOCFSESSION, &digest_ctx->sess.ses) < 0) {
|
|
- SYSerr(SYS_F_IOCTL, errno);
|
|
- return 0;
|
|
- }
|
|
|
|
return 1;
|
|
}
|
|
@@ -496,6 +492,15 @@ static int digest_copy(EVP_MD_CTX *to, c
|
|
|
|
static int digest_cleanup(EVP_MD_CTX *ctx)
|
|
{
|
|
+ struct digest_ctx *digest_ctx =
|
|
+ (struct digest_ctx *)EVP_MD_CTX_md_data(ctx);
|
|
+
|
|
+ if (digest_ctx == NULL)
|
|
+ return 1;
|
|
+ if (ioctl(cfd, CIOCFSESSION, &digest_ctx->sess.ses) < 0) {
|
|
+ SYSerr(SYS_F_IOCTL, errno);
|
|
+ return 0;
|
|
+ }
|
|
return 1;
|
|
}
|
|
|