From 48785f83a9f6abc9abdda0e64947adc49f083d87 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Sun, 8 Jun 2014 15:10:14 +0000
Subject: Add a define for the SSLv3 sequence size and use it, rather than
 sprinkling magic numbers around.

ok deraadt@
---
 src/lib/libssl/s3_cbc.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/lib/libssl/s3_cbc.c')

diff --git a/src/lib/libssl/s3_cbc.c b/src/lib/libssl/s3_cbc.c
index 9ba9896a52..eb1a8fdff7 100644
--- a/src/lib/libssl/s3_cbc.c
+++ b/src/lib/libssl/s3_cbc.c
@@ -172,8 +172,8 @@ tls1_cbc_remove_padding(const SSL* s, SSL3_RECORD *rec, unsigned block_size,
 	 */
 	if ((s->options & SSL_OP_TLS_BLOCK_PADDING_BUG) && !s->expand) {
 		/* First packet is even in size, so check */
-		if ((memcmp(s->s3->read_sequence, "\0\0\0\0\0\0\0\0", 8) == 0) &&
-		    !(padding_length & 1)) {
+		if ((memcmp(s->s3->read_sequence, "\0\0\0\0\0\0\0\0",
+		    SSL3_SEQUENCE_SIZE) == 0) && !(padding_length & 1)) {
 			s->s3->flags|=TLS1_FLAGS_TLS_PADDING_BUG;
 		}
 		if ((s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG) &&
-- 
cgit v1.2.3-55-g6feb