From 5597db255b01573c739715644b970e261a6551a0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Markus=20M=C3=A4kel=C3=A4?= <markus.makela@mariadb.com>
Date: Thu, 29 Jun 2017 13:46:06 +0300
Subject: [PATCH] Add wrapper functions for buffer and original IV access

Added functions for accessing the buffer and original IV. This hides the
changes introduced in OpenSSL 1.1.
---
 include/maxscale/encryption.h                  |  2 ++
 server/core/encryption.cc                      | 18 ++++++++++++++++++
 server/modules/routing/binlogrouter/blr_file.c |  4 ++--
 3 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/include/maxscale/encryption.h b/include/maxscale/encryption.h
index dfbb3407a..48b928856 100644
--- a/include/maxscale/encryption.h
+++ b/include/maxscale/encryption.h
@@ -21,5 +21,7 @@ MXS_BEGIN_DECLS
 
 EVP_CIPHER_CTX* mxs_evp_cipher_ctx_alloc();
 void mxs_evp_cipher_ctx_free(EVP_CIPHER_CTX* ctx);
+uint8_t* mxs_evp_cipher_ctx_buf(EVP_CIPHER_CTX* ctx);
+uint8_t* mxs_evp_cipher_ctx_oiv(EVP_CIPHER_CTX* ctx);
 
 MXS_END_DECLS
diff --git a/server/core/encryption.cc b/server/core/encryption.cc
index 99a1e63cf..ed51fd905 100644
--- a/server/core/encryption.cc
+++ b/server/core/encryption.cc
@@ -35,3 +35,21 @@ void mxs_evp_cipher_ctx_free(EVP_CIPHER_CTX* ctx)
     MXS_FREE(ctx);
 #endif
 }
+
+uint8_t* mxs_evp_cipher_ctx_buf(EVP_CIPHER_CTX* ctx)
+{
+#ifdef OPENSSL_1_1
+    return (uint8_t*)EVP_CIPHER_CTX_buf_noconst(ctx);
+#else
+    return (uint8_t*)ctx->buf;
+#endif
+}
+
+uint8_t* mxs_evp_cipher_ctx_oiv(EVP_CIPHER_CTX* ctx)
+{
+#ifdef OPENSSL_1_1
+    return (uint8_t*)EVP_CIPHER_CTX_original_iv(ctx);
+#else
+    return (uint8_t*)ctx->oiv;
+#endif
+}
diff --git a/server/modules/routing/binlogrouter/blr_file.c b/server/modules/routing/binlogrouter/blr_file.c
index 682aa1e9c..7e2035652 100644
--- a/server/modules/routing/binlogrouter/blr_file.c
+++ b/server/modules/routing/binlogrouter/blr_file.c
@@ -3103,9 +3103,9 @@ static GWBUF *blr_aes_crypt(ROUTER_INSTANCE *router,
         if (size - outlen > 0)
         {
             if (!blr_aes_create_tail_for_cbc(out_ptr + 4 + outlen,
-                                             buffer + outlen,
+                                             mxs_evp_cipher_ctx_buf(ctx),
                                              size - outlen,
-                                             iv,
+                                             mxs_evp_cipher_ctx_oiv(ctx),
                                              router->encryption.key_value,
                                              router->encryption.key_len))
             {