The EVP_*Init_ex() functions take one extra argument. Let's default

it to NULL.

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index e56bfb13940b83585ff5aa9a541048a29fb4201d..734659d7ecde385efc31b56733aa65c2e05c69d5 100644 (file)
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1526,9 +1526,10 @@ static int ssl3_send_client_key_exchange(SSL *s)
                        */
 
                        memset(iv, 0, EVP_MAX_IV_LENGTH);  /* per RFC 1510 */
-                       EVP_EncryptInit_ex(&ciph_ctx,enc, kssl_ctx->key,iv);
+                       EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,
+                               kssl_ctx->key,iv);
                        EVP_EncryptUpdate(&ciph_ctx,epms,&outl,tmp_buf,
-                                               SSL_MAX_MASTER_KEY_LENGTH);
+                               SSL_MAX_MASTER_KEY_LENGTH);
                        EVP_EncryptFinal_ex(&ciph_ctx,&(epms[outl]),&padl);
                        outl += padl;
                        EVP_CIPHER_CTX_cleanup(&ciph_ctx);

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index f858a9f180846704175734ff510b302c50c98086..0ac44d7ee6de520e415d9aec0b1671c6732028ab 100644 (file)
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1618,7 +1618,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
 
                memset(iv, 0, EVP_MAX_IV_LENGTH);       /* per RFC 1510 */
 
-               if (!EVP_DecryptInit_ex(&ciph_ctx,enc,kssl_ctx->key,iv))
+               if (!EVP_DecryptInit_ex(&ciph_ctx,enc,kssl_ctx->key,iv,NULL))
                        {
                        SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
                                SSL_R_DECRYPTION_FAILED);