===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/cipher.c,v
retrieving revision 1.85
retrieving revision 1.86
diff -u -r1.85 -r1.86
--- src/usr.bin/ssh/cipher.c	2013/01/08 18:49:04	1.85
+++ src/usr.bin/ssh/cipher.c	2013/01/12 11:22:04	1.86
@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher.c,v 1.85 2013/01/08 18:49:04 markus Exp $ */
+/* $OpenBSD: cipher.c,v 1.86 2013/01/12 11:22:04 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -320,8 +320,12 @@
 		fatal("%s: EVP_Cipher failed", __func__);
 	if (authlen) {
 		/* compute tag (on encrypt) or verify tag (on decrypt) */
-		if (EVP_Cipher(&cc->evp, NULL, NULL, 0) < 0)
-			fatal("%s: EVP_Cipher(finish) failed", __func__);
+		if (EVP_Cipher(&cc->evp, NULL, NULL, 0) < 0) {
+			if (cc->encrypt)
+				fatal("%s: EVP_Cipher(final) failed", __func__);
+			else
+				fatal("Decryption integrity check failed");
+		}
 		if (cc->encrypt &&
 		    !EVP_CIPHER_CTX_ctrl(&cc->evp, EVP_CTRL_GCM_GET_TAG,
 		    authlen, dest + aadlen + len))