From: Joseph Birr-Pixton <jpixton@gmail.com>
Date: Sun, 19 Mar 2017 16:40:14 +0000 (+0000)
Subject: TLS1.3: Correct intermediate secret derivation
X-Git-Tag: OpenSSL_1_1_1-pre1~1986
X-Git-Url: https://git.openssl.org/?p=openssl.git;a=commitdiff_plain;h=b0c9fc9b48be849090e84b4605087ae477c69e72

TLS1.3: Correct intermediate secret derivation

This label for this derivation was incorrectly "derived" or "der" depending
on the pointer size of the build(!). The correct string is "derived secret".

(cherry picked from commit 936dcf272033c1bf59a5e859ec63e2557194f191)

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2989)
---

diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
index 910336281d..3b783a74af 100644
--- a/ssl/tls13_enc.c
+++ b/ssl/tls13_enc.c
@@ -124,7 +124,7 @@ int tls13_generate_secret(SSL *s, const EVP_MD *md,
     size_t mdlen, prevsecretlen;
     int ret;
     EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
-    const char *derived_secret_label = "derived secret";
+    static const char derived_secret_label[] = "derived secret";
     unsigned char preextractsec[EVP_MAX_MD_SIZE];
 
     if (pctx == NULL)