PR: 2628

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix for ECC keys and DTLS.

diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index 1cae330b174df97b4f6c605b7b2f02f7d3e904d6..360f873463c338650be73ee1a7324cc0c1e3c7e6 100644 (file)
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -1269,7 +1269,7 @@ int dtls1_send_server_key_exchange(SSL *s)
                                EVP_SignInit_ex(&md_ctx,EVP_ecdsa(), NULL);
                                EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
                                EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
-                               EVP_SignUpdate(&md_ctx,&(d[4]),n);
+                               EVP_SignUpdate(&md_ctx,&(d[DTLS1_HM_HEADER_LENGTH]),n);
                                if (!EVP_SignFinal(&md_ctx,&(p[2]),
                                        (unsigned int *)&i,pkey))
                                        {