upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-03-19 17:29:02 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

ktls: Fix CBC encryption when input and output iov sizes are different

Browse source 
Reported by:	gallatin
Tested by:	gallatin
Fixes:		49f6925ca
Differential Revision:	https://reviews.freebsd.org/D29073
This commit is contained in:
Mark Johnston 2021-03-04 22:45:40 -05:00
parent 0d3b3beeb2
commit ff6a7e4ba6
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
sys/opencrypto/ktls_ocf.c
View file

@ -298,8 +298,8 @@ ktls_ocf_tls_cbc_encrypt(struct ktls_session *tls,
memcpy(crp.crp_iv, hdr + 1, AES_BLOCK_LEN);
crypto_use_uio(&crp, &uio);
if (!inplace) {
memcpy(out_iov, outiov, sizeof(*iniov) * outiovcnt);
out_iov[outiovcnt] = iov[outiovcnt + 1];
memcpy(out_iov, outiov, sizeof(*outiov) * outiovcnt);
out_iov[outiovcnt] = iov[iniovcnt + 1];
out_uio.uio_iov = out_iov;
out_uio.uio_iovcnt = outiovcnt + 1;
out_uio.uio_offset = 0;