Add a define for the SSLv3 sequence size and use it, rather than sprinkling

magic numbers around. ok deraadt@
author: jsing <> 2014-06-08 15:10:14 +0000
committer: jsing <> 2014-06-08 15:10:14 +0000
commit: 48785f83a9f6abc9abdda0e64947adc49f083d87 (patch)
tree: eeaa4bb55da13a0440a55e4d626f2f38e5d93b9e /src/lib/libssl/t1_enc.c
parent: 6edaa113208368ea663f46ef4188ba92cadb51a4 (diff)
download: openbsd-48785f83a9f6abc9abdda0e64947adc49f083d87.tar.gz
openbsd-48785f83a9f6abc9abdda0e64947adc49f083d87.tar.bz2
openbsd-48785f83a9f6abc9abdda0e64947adc49f083d87.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index 353a408c98..6dcb2c849f 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -525,7 +525,7 @@ tls1_change_cipher_state(SSL *s, int which)
         */
        if (!SSL_IS_DTLS(s)) {
                seq = is_read ? s->s3->read_sequence : s->s3->write_sequence;
-                memset(seq, 0, 8);
+                memset(seq, 0, SSL3_SEQUENCE_SIZE);
        }
        key_len = EVP_CIPHER_key_length(cipher);
@@ -753,7 +753,7 @@ tls1_enc(SSL *s, int send)
                                memcpy(p, &seq[2], 6);
                                memcpy(buf, dtlsseq, 8);
                        } else {
-                                memcpy(buf, seq, 8);
+                                memcpy(buf, seq, SSL3_SEQUENCE_SIZE);
                                for (i = 7; i >= 0; i--) {      /* increment */
                                        ++seq[i];
                                        if (seq[i] != 0)
author	jsing <>	2014-06-08 15:10:14 +0000
committer	jsing <>	2014-06-08 15:10:14 +0000
commit	48785f83a9f6abc9abdda0e64947adc49f083d87 (patch)
tree	eeaa4bb55da13a0440a55e4d626f2f38e5d93b9e /src/lib/libssl/t1_enc.c
parent	6edaa113208368ea663f46ef4188ba92cadb51a4 (diff)
download	openbsd-48785f83a9f6abc9abdda0e64947adc49f083d87.tar.gz openbsd-48785f83a9f6abc9abdda0e64947adc49f083d87.tar.bz2 openbsd-48785f83a9f6abc9abdda0e64947adc49f083d87.zip

diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 353a408c98..6dcb2c849f 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c
@@ -525,7 +525,7 @@ tls1_change_cipher_state(SSL *s, int which)
525	*/	525	*/
526	if (!SSL_IS_DTLS(s)) {	526	if (!SSL_IS_DTLS(s)) {
527	seq = is_read ? s->s3->read_sequence : s->s3->write_sequence;	527	seq = is_read ? s->s3->read_sequence : s->s3->write_sequence;
528	memset(seq, 0, 8);	528	memset(seq, 0, SSL3_SEQUENCE_SIZE);
529	}	529	}
530		530
531	key_len = EVP_CIPHER_key_length(cipher);	531	key_len = EVP_CIPHER_key_length(cipher);
@@ -753,7 +753,7 @@ tls1_enc(SSL *s, int send)
753	memcpy(p, &seq[2], 6);	753	memcpy(p, &seq[2], 6);
754	memcpy(buf, dtlsseq, 8);	754	memcpy(buf, dtlsseq, 8);
755	} else {	755	} else {
756	memcpy(buf, seq, 8);	756	memcpy(buf, seq, SSL3_SEQUENCE_SIZE);
757	for (i = 7; i >= 0; i--) { /* increment */	757	for (i = 7; i >= 0; i--) { /* increment */
758	++seq[i];	758	++seq[i];
759	if (seq[i] != 0)	759	if (seq[i] != 0)