summaryrefslogtreecommitdiff
path: root/src/lib/libssl/s3_both.c
diff options
context:
space:
mode:
authormarkus <>2013-02-14 15:11:44 +0000
committermarkus <>2013-02-14 15:11:44 +0000
commit9822d929c08eed1446dc09464293449326730af2 (patch)
treecd2035e8f8ac3d4ade1ee779dcaabbe671c2003a /src/lib/libssl/s3_both.c
parent692574e51be904b35cfcb2609fd641e93dc8cef7 (diff)
downloadopenbsd-9822d929c08eed1446dc09464293449326730af2.tar.gz
openbsd-9822d929c08eed1446dc09464293449326730af2.tar.bz2
openbsd-9822d929c08eed1446dc09464293449326730af2.zip
cherry pick bugfixes for http://www.openssl.org/news/secadv_20130205.txt
from the openssl git (changes between openssl 1.0.1c and 1.0.1d). ok djm@
Diffstat (limited to 'src/lib/libssl/s3_both.c')
-rw-r--r--src/lib/libssl/s3_both.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c
index b63460a56d..6981852b5b 100644
--- a/src/lib/libssl/s3_both.c
+++ b/src/lib/libssl/s3_both.c
@@ -263,7 +263,7 @@ int ssl3_get_finished(SSL *s, int a, int b)
263 goto f_err; 263 goto f_err;
264 } 264 }
265 265
266 if (memcmp(p, s->s3->tmp.peer_finish_md, i) != 0) 266 if (timingsafe_bcmp(p, s->s3->tmp.peer_finish_md, i) != 0)
267 { 267 {
268 al=SSL_AD_DECRYPT_ERROR; 268 al=SSL_AD_DECRYPT_ERROR;
269 SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED); 269 SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-15 08:30:11 +0000