without overthinking it, replace a few memcmp calls with CRYPTO_memcmp

where it is feasible to do so. better safe than sorry.
author: tedu <> 2014-06-04 14:10:23 +0000
committer: tedu <> 2014-06-04 14:10:23 +0000
commit: f1af6a0fd89c7819b589f8168a570bcd35c0f727 (patch)
tree: 2239b639d15116fcc235465d6e2d18383e6f7ce1 /src/lib/libssl/s3_srvr.c
parent: 3968230a0022bbdf64e7caf8e2e998f8299a5add (diff)
download: openbsd-f1af6a0fd89c7819b589f8168a570bcd35c0f727.tar.gz
openbsd-f1af6a0fd89c7819b589f8168a570bcd35c0f727.tar.bz2
openbsd-f1af6a0fd89c7819b589f8168a570bcd35c0f727.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c
index f12b680e99..948569a156 100644
--- a/src/lib/libssl/s3_srvr.c
+++ b/src/lib/libssl/s3_srvr.c
@@ -1025,7 +1025,7 @@ ssl3_get_client_hello(SSL *s)
                                        goto f_err;
                                }
                                /* else cookie verification succeeded */
-                        } else if (memcmp(s->d1->rcvd_cookie, s->d1->cookie,
+                        } else if (CRYPTO_memcmp(s->d1->rcvd_cookie, s->d1->cookie,
                            s->d1->cookie_len) != 0) {
                                /* default verification */
                                al = SSL_AD_HANDSHAKE_FAILURE;
author	tedu <>	2014-06-04 14:10:23 +0000
committer	tedu <>	2014-06-04 14:10:23 +0000
commit	f1af6a0fd89c7819b589f8168a570bcd35c0f727 (patch)
tree	2239b639d15116fcc235465d6e2d18383e6f7ce1 /src/lib/libssl/s3_srvr.c
parent	3968230a0022bbdf64e7caf8e2e998f8299a5add (diff)
download	openbsd-f1af6a0fd89c7819b589f8168a570bcd35c0f727.tar.gz openbsd-f1af6a0fd89c7819b589f8168a570bcd35c0f727.tar.bz2 openbsd-f1af6a0fd89c7819b589f8168a570bcd35c0f727.zip

diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c index f12b680e99..948569a156 100644 --- a/src/lib/libssl/s3_srvr.c +++ b/src/lib/libssl/s3_srvr.c
@@ -1025,7 +1025,7 @@ ssl3_get_client_hello(SSL *s)
1025	goto f_err;	1025	goto f_err;
1026	}	1026	}
1027	/* else cookie verification succeeded */	1027	/* else cookie verification succeeded */
1028	} else if (memcmp(s->d1->rcvd_cookie, s->d1->cookie,	1028	} else if (CRYPTO_memcmp(s->d1->rcvd_cookie, s->d1->cookie,
1029	s->d1->cookie_len) != 0) {	1029	s->d1->cookie_len) != 0) {
1030	/* default verification */	1030	/* default verification */
1031	al = SSL_AD_HANDSHAKE_FAILURE;	1031	al = SSL_AD_HANDSHAKE_FAILURE;