projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Add and use a constant-time memcmp.
[openssl.git]
/
ssl
/
d1_pkt.c
diff --git
a/ssl/d1_pkt.c
b/ssl/d1_pkt.c
index 65b1ef28cdeb8bc89caf1215d9108b76f8c2d940..8e9ee5a77e5fab1a2b1ab8044dca69a87b47c5b8 100644
(file)
--- a/
ssl/d1_pkt.c
+++ b/
ssl/d1_pkt.c
@@
-410,8
+410,8
@@
if ( (sess == NULL) ||
}
else
rr->length = 0;
}
else
rr->length = 0;
- s->method->ssl3_enc->mac(s,md,0);
- if (
mac == NULL || memcmp(md, mac,
mac_size) != 0)
+
i=
s->method->ssl3_enc->mac(s,md,0);
+ if (
i < 0 || mac == NULL || CRYPTO_memcmp(md,mac,
mac_size) != 0)
{
decryption_failed_or_bad_record_mac = 1;
}
{
decryption_failed_or_bad_record_mac = 1;
}