i=s->method->ssl3_enc->final_finish_mac(s,
sender,slen,s->s3->tmp.finish_md);
+ if (i == 0)
+ return 0;
s->s3->tmp.finish_md_len = i;
memcpy(p, s->s3->tmp.finish_md, i);
p+=i;
{
const char *sender;
int slen;
-
+ /* If no new cipher setup return immediately: other functions will
+ * set the appropriate error.
+ */
+ if (s->s3->tmp.new_cipher == NULL)
+ return;
if (s->state & SSL_ST_CONNECT)
{
sender=s->method->ssl3_enc->server_finished_label;
goto f_err;
}
- if (memcmp(p, s->s3->tmp.peer_finish_md, i) != 0)
+ if (CRYPTO_memcmp(p, s->s3->tmp.peer_finish_md, i) != 0)
{
al=SSL_AD_DECRYPT_ERROR;
SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED);