Oops, revert changes commited by mistake. The previous commit was supposed

to only apply to s23_srvr.c.

1 files changed, 3 insertions, 2 deletions

diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c
index 2391d52994..aec6e272bf 100644
--- a/src/lib/libssl/d1_both.c
+++ b/src/lib/libssl/d1_both.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_both.c,v 1.25 2014/08/07 19:46:31 miod Exp $ */
+/* $OpenBSD: d1_both.c,v 1.26 2014/08/07 20:02:23 miod Exp $ */
 /*
  * DTLS implementation written by Nagendra Modadugu
  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -903,7 +903,6 @@ dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen)
 
                 i = s->method->ssl3_enc->final_finish_mac(s, sender, slen,
                     s->s3->tmp.finish_md);
-                OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
                 s->s3->tmp.finish_md_len = i;
                 memcpy(p, s->s3->tmp.finish_md, i);
                 p += i;
@@ -914,10 +913,12 @@ dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen)
                  * renegotiation checks
                  */
                 if (s->type == SSL_ST_CONNECT) {
+                        OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
                         memcpy(s->s3->previous_client_finished,
                             s->s3->tmp.finish_md, i);
                         s->s3->previous_client_finished_len = i;
                 } else {
+                        OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
                         memcpy(s->s3->previous_server_finished,
                             s->s3->tmp.finish_md, i);
                         s->s3->previous_server_finished_len = i;