diff options
Diffstat (limited to 'src/lib/libssl/t1_enc.c')
| -rw-r--r-- | src/lib/libssl/t1_enc.c | 14 |
1 files changed, 4 insertions, 10 deletions
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 9719541f2b..793ea43e90 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c | |||
| @@ -157,7 +157,7 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec, | |||
| 157 | const void *seed5, int seed5_len, | 157 | const void *seed5, int seed5_len, |
| 158 | unsigned char *out, int olen) | 158 | unsigned char *out, int olen) |
| 159 | { | 159 | { |
| 160 | int chunk,n; | 160 | int chunk; |
| 161 | unsigned int j; | 161 | unsigned int j; |
| 162 | HMAC_CTX ctx; | 162 | HMAC_CTX ctx; |
| 163 | HMAC_CTX ctx_tmp; | 163 | HMAC_CTX ctx_tmp; |
| @@ -187,7 +187,6 @@ static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec, | |||
| 187 | if (!HMAC_Final(&ctx,A1,&A1_len)) | 187 | if (!HMAC_Final(&ctx,A1,&A1_len)) |
| 188 | goto err; | 188 | goto err; |
| 189 | 189 | ||
| 190 | n=0; | ||
| 191 | for (;;) | 190 | for (;;) |
| 192 | { | 191 | { |
| 193 | if (!HMAC_Init_ex(&ctx,NULL,0,NULL,NULL)) /* re-init */ | 192 | if (!HMAC_Init_ex(&ctx,NULL,0,NULL,NULL)) /* re-init */ |
| @@ -309,13 +308,13 @@ static int tls1_generate_key_block(SSL *s, unsigned char *km, | |||
| 309 | int tls1_change_cipher_state(SSL *s, int which) | 308 | int tls1_change_cipher_state(SSL *s, int which) |
| 310 | { | 309 | { |
| 311 | static const unsigned char empty[]=""; | 310 | static const unsigned char empty[]=""; |
| 312 | unsigned char *p,*key_block,*mac_secret; | 311 | unsigned char *p,*mac_secret; |
| 313 | unsigned char *exp_label; | 312 | unsigned char *exp_label; |
| 314 | unsigned char tmp1[EVP_MAX_KEY_LENGTH]; | 313 | unsigned char tmp1[EVP_MAX_KEY_LENGTH]; |
| 315 | unsigned char tmp2[EVP_MAX_KEY_LENGTH]; | 314 | unsigned char tmp2[EVP_MAX_KEY_LENGTH]; |
| 316 | unsigned char iv1[EVP_MAX_IV_LENGTH*2]; | 315 | unsigned char iv1[EVP_MAX_IV_LENGTH*2]; |
| 317 | unsigned char iv2[EVP_MAX_IV_LENGTH*2]; | 316 | unsigned char iv2[EVP_MAX_IV_LENGTH*2]; |
| 318 | unsigned char *ms,*key,*iv,*er1,*er2; | 317 | unsigned char *ms,*key,*iv; |
| 319 | int client_write; | 318 | int client_write; |
| 320 | EVP_CIPHER_CTX *dd; | 319 | EVP_CIPHER_CTX *dd; |
| 321 | const EVP_CIPHER *c; | 320 | const EVP_CIPHER *c; |
| @@ -337,7 +336,6 @@ int tls1_change_cipher_state(SSL *s, int which) | |||
| 337 | #ifndef OPENSSL_NO_COMP | 336 | #ifndef OPENSSL_NO_COMP |
| 338 | comp=s->s3->tmp.new_compression; | 337 | comp=s->s3->tmp.new_compression; |
| 339 | #endif | 338 | #endif |
| 340 | key_block=s->s3->tmp.key_block; | ||
| 341 | 339 | ||
| 342 | #ifdef KSSL_DEBUG | 340 | #ifdef KSSL_DEBUG |
| 343 | printf("tls1_change_cipher_state(which= %d) w/\n", which); | 341 | printf("tls1_change_cipher_state(which= %d) w/\n", which); |
| @@ -448,8 +446,6 @@ int tls1_change_cipher_state(SSL *s, int which) | |||
| 448 | cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl; | 446 | cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl; |
| 449 | /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */ | 447 | /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */ |
| 450 | k=EVP_CIPHER_iv_length(c); | 448 | k=EVP_CIPHER_iv_length(c); |
| 451 | er1= &(s->s3->client_random[0]); | ||
| 452 | er2= &(s->s3->server_random[0]); | ||
| 453 | if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) || | 449 | if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) || |
| 454 | (which == SSL3_CHANGE_CIPHER_SERVER_READ)) | 450 | (which == SSL3_CHANGE_CIPHER_SERVER_READ)) |
| 455 | { | 451 | { |
| @@ -880,7 +876,7 @@ int tls1_final_finish_mac(SSL *s, | |||
| 880 | int tls1_mac(SSL *ssl, unsigned char *md, int send) | 876 | int tls1_mac(SSL *ssl, unsigned char *md, int send) |
| 881 | { | 877 | { |
| 882 | SSL3_RECORD *rec; | 878 | SSL3_RECORD *rec; |
| 883 | unsigned char *mac_sec,*seq; | 879 | unsigned char *seq; |
| 884 | EVP_MD_CTX *hash; | 880 | EVP_MD_CTX *hash; |
| 885 | size_t md_size; | 881 | size_t md_size; |
| 886 | int i; | 882 | int i; |
| @@ -892,14 +888,12 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send) | |||
| 892 | if (send) | 888 | if (send) |
| 893 | { | 889 | { |
| 894 | rec= &(ssl->s3->wrec); | 890 | rec= &(ssl->s3->wrec); |
| 895 | mac_sec= &(ssl->s3->write_mac_secret[0]); | ||
| 896 | seq= &(ssl->s3->write_sequence[0]); | 891 | seq= &(ssl->s3->write_sequence[0]); |
| 897 | hash=ssl->write_hash; | 892 | hash=ssl->write_hash; |
| 898 | } | 893 | } |
| 899 | else | 894 | else |
| 900 | { | 895 | { |
| 901 | rec= &(ssl->s3->rrec); | 896 | rec= &(ssl->s3->rrec); |
| 902 | mac_sec= &(ssl->s3->read_mac_secret[0]); | ||
| 903 | seq= &(ssl->s3->read_sequence[0]); | 897 | seq= &(ssl->s3->read_sequence[0]); |
| 904 | hash=ssl->read_hash; | 898 | hash=ssl->read_hash; |
| 905 | } | 899 | } |