From 3497fced36438bea6112cd59978ebd981567a2ca Mon Sep 17 00:00:00 2001 From: Alain Spineux Date: Fri, 17 Nov 2023 14:34:48 +0100 Subject: [PATCH] Fix openssl 3.x don't tolerate to call EVP_CipherFinal_ex() twice - tests/encrypt-bug-test fail with openssl 3.0 - the problem is to restore a 64K+1bytes file backed up using encryption - was working with openssl 1.0 & 1.1 - When using TLS this can block the restore - get Error: restore.c:1736 Decryption error. buf_len=5 decrypt_len=0 on file xxx/encrypt-bug.jpg - OPENSSL give ERR=error:1C80006B:Provider routines::wrong final block length --- bacula/src/filed/restore.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bacula/src/filed/restore.c b/bacula/src/filed/restore.c index ebe204f1d..8f014d108 100644 --- a/bacula/src/filed/restore.c +++ b/bacula/src/filed/restore.c @@ -1727,7 +1727,6 @@ bool flush_cipher(r_ctx &rctx, BFILE *bfd, uint64_t *addr, int flags, int32_t st char ec1[50]; /* Buffer printing huge values */ bool second_pass = false; -again: /* Write out the remaining block and free the cipher context */ cipher_ctx->buf = check_pool_memory_size(cipher_ctx->buf, cipher_ctx->buf_len + cipher_ctx->block_size); @@ -1747,6 +1746,7 @@ again: cipher_ctx->buf_len += decrypted_len; +again: unser_crypto_packet_len(cipher_ctx); Dmsg1(500, "Crypto unser block size=%d\n", cipher_ctx->packet_len - CRYPTO_LEN_SIZE); wsize = cipher_ctx->packet_len - CRYPTO_LEN_SIZE; -- 2.47.3