always compare memcmp against 0, for clarity.

author: tedu <> 2014-06-21 20:27:25 +0000
committer: tedu <> 2014-06-21 20:27:25 +0000
commit: 9792ceb010ad6377f4e016b43301244289ddf2f1 (patch)
tree: 8a5da5b6cd0c6d564a1b5211658d6c23da0ddee6 /src/lib/libssl/t1_reneg.c
parent: e4a00d72f460a6b1ae6fd91aae01686bfbd0f3f3 (diff)
download: openbsd-9792ceb010ad6377f4e016b43301244289ddf2f1.tar.gz
openbsd-9792ceb010ad6377f4e016b43301244289ddf2f1.tar.bz2
openbsd-9792ceb010ad6377f4e016b43301244289ddf2f1.zip
1 files changed, 3 insertions, 3 deletions
diff --git a/src/lib/libssl/t1_reneg.c b/src/lib/libssl/t1_reneg.c
index 483d311e9c..fee9dd8e4a 100644
--- a/src/lib/libssl/t1_reneg.c
+++ b/src/lib/libssl/t1_reneg.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_reneg.c,v 1.7 2014/06/19 21:29:51 tedu Exp $ */
+/* $OpenBSD: t1_reneg.c,v 1.8 2014/06/21 20:27:25 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -173,7 +173,7 @@ ssl_parse_clienthello_renegotiate_ext(SSL *s, unsigned char *d, int len,
        }
        if (timingsafe_memcmp(d, s->s3->previous_client_finished,
-            s->s3->previous_client_finished_len)) {
+            s->s3->previous_client_finished_len) != 0) {
                SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,
                    SSL_R_RENEGOTIATION_MISMATCH);
                *al = SSL_AD_HANDSHAKE_FAILURE;
@@ -260,7 +260,7 @@ ssl_parse_serverhello_renegotiate_ext(SSL *s, unsigned char *d, int len,
        }
        if (timingsafe_memcmp(d, s->s3->previous_client_finished,
-            s->s3->previous_client_finished_len)) {
+            s->s3->previous_client_finished_len) != 0) {
                SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
                    SSL_R_RENEGOTIATION_MISMATCH);
                *al = SSL_AD_HANDSHAKE_FAILURE;
author	tedu <>	2014-06-21 20:27:25 +0000
committer	tedu <>	2014-06-21 20:27:25 +0000
commit	9792ceb010ad6377f4e016b43301244289ddf2f1 (patch)
tree	8a5da5b6cd0c6d564a1b5211658d6c23da0ddee6 /src/lib/libssl/t1_reneg.c
parent	e4a00d72f460a6b1ae6fd91aae01686bfbd0f3f3 (diff)
download	openbsd-9792ceb010ad6377f4e016b43301244289ddf2f1.tar.gz openbsd-9792ceb010ad6377f4e016b43301244289ddf2f1.tar.bz2 openbsd-9792ceb010ad6377f4e016b43301244289ddf2f1.zip

diff --git a/src/lib/libssl/t1_reneg.c b/src/lib/libssl/t1_reneg.c index 483d311e9c..fee9dd8e4a 100644 --- a/src/lib/libssl/t1_reneg.c +++ b/src/lib/libssl/t1_reneg.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: t1_reneg.c,v 1.7 2014/06/19 21:29:51 tedu Exp $ */	1	/* $OpenBSD: t1_reneg.c,v 1.8 2014/06/21 20:27:25 tedu Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -173,7 +173,7 @@ ssl_parse_clienthello_renegotiate_ext(SSL s, unsigned char d, int len,
173	}	173	}
174		174
175	if (timingsafe_memcmp(d, s->s3->previous_client_finished,	175	if (timingsafe_memcmp(d, s->s3->previous_client_finished,
176	s->s3->previous_client_finished_len)) {	176	s->s3->previous_client_finished_len) != 0) {
177	SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,	177	SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,
178	SSL_R_RENEGOTIATION_MISMATCH);	178	SSL_R_RENEGOTIATION_MISMATCH);
179	*al = SSL_AD_HANDSHAKE_FAILURE;	179	*al = SSL_AD_HANDSHAKE_FAILURE;
@@ -260,7 +260,7 @@ ssl_parse_serverhello_renegotiate_ext(SSL s, unsigned char d, int len,
260	}	260	}
261		261
262	if (timingsafe_memcmp(d, s->s3->previous_client_finished,	262	if (timingsafe_memcmp(d, s->s3->previous_client_finished,
263	s->s3->previous_client_finished_len)) {	263	s->s3->previous_client_finished_len) != 0) {
264	SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,	264	SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
265	SSL_R_RENEGOTIATION_MISMATCH);	265	SSL_R_RENEGOTIATION_MISMATCH);
266	*al = SSL_AD_HANDSHAKE_FAILURE;	266	*al = SSL_AD_HANDSHAKE_FAILURE;