diff options
Diffstat (limited to 'src/lib/libssl/s3_both.c')
| -rw-r--r-- | src/lib/libssl/s3_both.c | 15 |
1 files changed, 6 insertions, 9 deletions
diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c index 53b9390fdd..ed0fcfc532 100644 --- a/src/lib/libssl/s3_both.c +++ b/src/lib/libssl/s3_both.c | |||
| @@ -206,10 +206,10 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen) | |||
| 206 | 206 | ||
| 207 | #ifndef OPENSSL_NO_NEXTPROTONEG | 207 | #ifndef OPENSSL_NO_NEXTPROTONEG |
| 208 | /* ssl3_take_mac calculates the Finished MAC for the handshakes messages seen to far. */ | 208 | /* ssl3_take_mac calculates the Finished MAC for the handshakes messages seen to far. */ |
| 209 | static void ssl3_take_mac(SSL *s) | 209 | static void ssl3_take_mac(SSL *s) { |
| 210 | { | ||
| 211 | const char *sender; | 210 | const char *sender; |
| 212 | int slen; | 211 | int slen; |
| 212 | |||
| 213 | /* If no new cipher setup return immediately: other functions will | 213 | /* If no new cipher setup return immediately: other functions will |
| 214 | * set the appropriate error. | 214 | * set the appropriate error. |
| 215 | */ | 215 | */ |
| @@ -228,7 +228,7 @@ static void ssl3_take_mac(SSL *s) | |||
| 228 | 228 | ||
| 229 | s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s, | 229 | s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s, |
| 230 | sender,slen,s->s3->tmp.peer_finish_md); | 230 | sender,slen,s->s3->tmp.peer_finish_md); |
| 231 | } | 231 | } |
| 232 | #endif | 232 | #endif |
| 233 | 233 | ||
| 234 | int ssl3_get_finished(SSL *s, int a, int b) | 234 | int ssl3_get_finished(SSL *s, int a, int b) |
| @@ -238,9 +238,8 @@ int ssl3_get_finished(SSL *s, int a, int b) | |||
| 238 | unsigned char *p; | 238 | unsigned char *p; |
| 239 | 239 | ||
| 240 | #ifdef OPENSSL_NO_NEXTPROTONEG | 240 | #ifdef OPENSSL_NO_NEXTPROTONEG |
| 241 | /* the mac has already been generated when we received the | 241 | /* the mac has already been generated when we received the change |
| 242 | * change cipher spec message and is in s->s3->tmp.peer_finish_md. | 242 | * cipher spec message and is in s->s3->tmp.peer_finish_md. */ |
| 243 | */ | ||
| 244 | #endif | 243 | #endif |
| 245 | 244 | ||
| 246 | n=s->method->ssl_get_message(s, | 245 | n=s->method->ssl_get_message(s, |
| @@ -271,7 +270,7 @@ int ssl3_get_finished(SSL *s, int a, int b) | |||
| 271 | goto f_err; | 270 | goto f_err; |
| 272 | } | 271 | } |
| 273 | 272 | ||
| 274 | if (CRYPTO_memcmp(p, s->s3->tmp.peer_finish_md, i) != 0) | 273 | if (timingsafe_bcmp(p, s->s3->tmp.peer_finish_md, i) != 0) |
| 275 | { | 274 | { |
| 276 | al=SSL_AD_DECRYPT_ERROR; | 275 | al=SSL_AD_DECRYPT_ERROR; |
| 277 | SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED); | 276 | SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED); |
| @@ -545,14 +544,12 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) | |||
| 545 | s->init_num += i; | 544 | s->init_num += i; |
| 546 | n -= i; | 545 | n -= i; |
| 547 | } | 546 | } |
| 548 | |||
| 549 | #ifndef OPENSSL_NO_NEXTPROTONEG | 547 | #ifndef OPENSSL_NO_NEXTPROTONEG |
| 550 | /* If receiving Finished, record MAC of prior handshake messages for | 548 | /* If receiving Finished, record MAC of prior handshake messages for |
| 551 | * Finished verification. */ | 549 | * Finished verification. */ |
| 552 | if (*s->init_buf->data == SSL3_MT_FINISHED) | 550 | if (*s->init_buf->data == SSL3_MT_FINISHED) |
| 553 | ssl3_take_mac(s); | 551 | ssl3_take_mac(s); |
| 554 | #endif | 552 | #endif |
| 555 | |||
| 556 | /* Feed this message into MAC computation. */ | 553 | /* Feed this message into MAC computation. */ |
| 557 | ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num + 4); | 554 | ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num + 4); |
| 558 | if (s->msg_callback) | 555 | if (s->msg_callback) |