Are there some other required changes missing from the "tls-aead-0.9.8.diff"
file?
Obviously. Would *md = EVP_md_null() instead of NULL in
ssl_cipher_get_evp() do the trick...
Using EVP_md_null() prevents the seg. fault. However, now the code
generates a "Bad Record MAC" alert when a client connects using the
"stitched" AESNI-CBC-SHA1 cipher suite. (I assume I would get the
same error with the "stitched" RC4-HMAC-MD5 cipher suite, but I
haven't tried it.)
http://cvs.openssl.org/chngview?cn=22689
http://cvs.openssl.org/chngview?cn=22690
Second is patch for patch and is hard to read, see
http://cvs.openssl.org/fileview?f=openssl-addons/intel-accel/tls-aead-0.9.8.diff&v=1.2
instead. Basically it removes *md=NULL or *md=EVP_md_null from
ssl_ciph.c and adds few lines to s3_pkt.c.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
