diff options
| author | jsing <> | 2014-06-13 14:15:14 +0000 |
|---|---|---|
| committer | jsing <> | 2014-06-13 14:15:14 +0000 |
| commit | 59cb87008ae68d857a9cd062acbed4b850bb9045 (patch) | |
| tree | 1933b1005cb4378b77382177555866ecf50c8a18 | |
| parent | 42312e49a8a5100d3d1c52f6f66bde88a10c3a92 (diff) | |
| download | openbsd-59cb87008ae68d857a9cd062acbed4b850bb9045.tar.gz openbsd-59cb87008ae68d857a9cd062acbed4b850bb9045.tar.bz2 openbsd-59cb87008ae68d857a9cd062acbed4b850bb9045.zip | |
The export_key/export_iv variables are only used in the is_export case.
Also use c rather than &c[0].
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/src/ssl/s3_enc.c | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/src/lib/libssl/src/ssl/s3_enc.c b/src/lib/libssl/src/ssl/s3_enc.c index 38ccc46724..1fdccbb842 100644 --- a/src/lib/libssl/src/ssl/s3_enc.c +++ b/src/lib/libssl/src/ssl/s3_enc.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_enc.c,v 1.42 2014/06/13 14:11:35 jsing Exp $ */ | 1 | /* $OpenBSD: s3_enc.c,v 1.43 2014/06/13 14:15:14 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -355,23 +355,26 @@ ssl3_change_cipher_state(SSL *s, int which) | |||
| 355 | EVP_DigestUpdate(&mac_ctx, key, j); | 355 | EVP_DigestUpdate(&mac_ctx, key, j); |
| 356 | EVP_DigestUpdate(&mac_ctx, er1, SSL3_RANDOM_SIZE); | 356 | EVP_DigestUpdate(&mac_ctx, er1, SSL3_RANDOM_SIZE); |
| 357 | EVP_DigestUpdate(&mac_ctx, er2, SSL3_RANDOM_SIZE); | 357 | EVP_DigestUpdate(&mac_ctx, er2, SSL3_RANDOM_SIZE); |
| 358 | EVP_DigestFinal_ex(&mac_ctx, &(export_key[0]), NULL); | 358 | EVP_DigestFinal_ex(&mac_ctx, export_key, NULL); |
| 359 | key = &(export_key[0]); | 359 | key = export_key; |
| 360 | 360 | ||
| 361 | if (k > 0) { | 361 | if (k > 0) { |
| 362 | EVP_DigestInit_ex(&mac_ctx, EVP_md5(), NULL); | 362 | EVP_DigestInit_ex(&mac_ctx, EVP_md5(), NULL); |
| 363 | EVP_DigestUpdate(&mac_ctx, er1, SSL3_RANDOM_SIZE); | 363 | EVP_DigestUpdate(&mac_ctx, er1, SSL3_RANDOM_SIZE); |
| 364 | EVP_DigestUpdate(&mac_ctx, er2, SSL3_RANDOM_SIZE); | 364 | EVP_DigestUpdate(&mac_ctx, er2, SSL3_RANDOM_SIZE); |
| 365 | EVP_DigestFinal_ex(&mac_ctx, &(export_iv[0]), NULL); | 365 | EVP_DigestFinal_ex(&mac_ctx, export_iv, NULL); |
| 366 | iv = &(export_iv[0]); | 366 | iv = export_iv; |
| 367 | } | 367 | } |
| 368 | } | 368 | } |
| 369 | 369 | ||
| 370 | EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, iv, | 370 | EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, iv, |
| 371 | (which & SSL3_CC_WRITE)); | 371 | (which & SSL3_CC_WRITE)); |
| 372 | 372 | ||
| 373 | OPENSSL_cleanse(&(export_key[0]), sizeof(export_key)); | 373 | if (is_export) { |
| 374 | OPENSSL_cleanse(&(export_iv[0]), sizeof(export_iv)); | 374 | OPENSSL_cleanse(export_key, sizeof(export_key)); |
| 375 | OPENSSL_cleanse(export_iv, sizeof(export_iv)); | ||
| 376 | } | ||
| 377 | |||
| 375 | EVP_MD_CTX_cleanup(&mac_ctx); | 378 | EVP_MD_CTX_cleanup(&mac_ctx); |
| 376 | return (1); | 379 | return (1); |
| 377 | err: | 380 | err: |