From f1af6a0fd89c7819b589f8168a570bcd35c0f727 Mon Sep 17 00:00:00 2001
From: tedu <>
Date: Wed, 4 Jun 2014 14:10:23 +0000
Subject: without overthinking it, replace a few memcmp calls with
 CRYPTO_memcmp where it is feasible to do so. better safe than sorry.

---
 src/lib/libssl/ssl_sess.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/lib/libssl/ssl_sess.c')

diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
index 2900490ad2..1e2bade1fb 100644
--- a/src/lib/libssl/ssl_sess.c
+++ b/src/lib/libssl/ssl_sess.c
@@ -498,7 +498,7 @@ ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
 	/* Now ret is non-NULL and we own one of its reference counts. */
 
 	if (ret->sid_ctx_length != s->sid_ctx_length
-		|| memcmp(ret->sid_ctx, s->sid_ctx, ret->sid_ctx_length)) {
+	    || CRYPTO_memcmp(ret->sid_ctx, s->sid_ctx, ret->sid_ctx_length)) {
 		/* We have the session requested by the client, but we don't
 		 * want to use it in this context. */
 		goto err; /* treat like cache miss */
-- 
cgit v1.2.3-55-g6feb