$OpenBSD: patch-ssl_ssl_rec_c,v 1.2 2013/04/25 15:18:19 sthen Exp $

Add AES encryption support.

--- ssl/ssl_rec.c.orig	Fri Nov  3 06:38:06 2000
+++ ssl/ssl_rec.c	Thu Apr 25 14:59:17 2013
@@ -78,7 +78,9 @@ static char *ciphers[]={
      "DES3",
      "RC4",
      "RC2",
-     "IDEA"
+     "IDEA",
+     "AES128",
+     "AES256"
 };
 
 
@@ -101,7 +103,12 @@ int ssl_create_rec_decoder(dp,cs,mk,sk,iv)
     /* Find the SSLeay cipher */
     if(cs->enc!=ENC_NULL){
       ciph=(EVP_CIPHER *)EVP_get_cipherbyname(ciphers[cs->enc-0x30]);
+      if(!ciph)
+	ABORT(R_INTERNAL);
     }
+    else {
+      ciph=EVP_enc_null();
+    }
 
     if(!(dec=(ssl_rec_decoder *)calloc(sizeof(ssl_rec_decoder),1)))
       ABORT(R_NO_MEMORY);
@@ -169,7 +176,7 @@ int ssl_decode_rec_data(ssl,d,ct,version,in,inl,out,ou
     *outl=inl;
     
     /* Now strip off the padding*/
-    if(d->cs->block!=1){
+    if(d->cs->block>1){
       pad=out[inl-1];
       *outl-=(pad+1);
     }