projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
ssl/s3_pkt.c: detect RAND_bytes error in multi-block.
[openssl.git]
/
ssl
/
s3_enc.c
diff --git
a/ssl/s3_enc.c
b/ssl/s3_enc.c
index 196f0739d5fea556fd024d1289fd75c7dbe92ae8..f1b264185362599d990685c61b20429d806434ca 100644
(file)
--- a/
ssl/s3_enc.c
+++ b/
ssl/s3_enc.c
@@
-418,7
+418,7
@@
int ssl3_setup_key_block(SSL *s)
if (s->s3->tmp.key_block_length != 0)
return(1);
if (s->s3->tmp.key_block_length != 0)
return(1);
- if (!ssl_cipher_get_evp(s->session,&c,&hash,NULL,NULL,&comp))
+ if (!ssl_cipher_get_evp(s->session,&c,&hash,NULL,NULL,&comp
, 0
))
{
SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
return(0);
{
SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
return(0);
@@
-494,7
+494,7
@@
void ssl3_cleanup_key_block(SSL *s)
* short etc).
* 1: if the record's padding is valid / the encryption was successful.
* -1: if the record's padding is invalid or, if sending, an internal error
* short etc).
* 1: if the record's padding is valid / the encryption was successful.
* -1: if the record's padding is invalid or, if sending, an internal error
- * occured.
+ * occur
r
ed.
*/
int ssl3_enc(SSL *s, int send)
{
*/
int ssl3_enc(SSL *s, int send)
{
@@
-730,7
+730,7
@@
int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
EVP_MD_CTX md_ctx;
const EVP_MD_CTX *hash;
unsigned char *p,rec_char;
EVP_MD_CTX md_ctx;
const EVP_MD_CTX *hash;
unsigned char *p,rec_char;
- size_t md_size
, orig_len
;
+ size_t md_size;
int npad;
int t;
int npad;
int t;
@@
-755,10
+755,6
@@
int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
md_size=t;
npad=(48/md_size)*md_size;
md_size=t;
npad=(48/md_size)*md_size;
- /* kludge: ssl3_cbc_remove_padding passes padding length in rec->type */
- orig_len = rec->length+md_size+((unsigned int)rec->type>>8);
- rec->type &= 0xff;
-
if (!send &&
EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
ssl3_cbc_record_digest_supported(hash))
if (!send &&
EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
ssl3_cbc_record_digest_supported(hash))
@@
-790,7
+786,7
@@
int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
hash,
md, &md_size,
header, rec->input,
hash,
md, &md_size,
header, rec->input,
- rec->length + md_size, orig_len,
+ rec->length + md_size,
rec->
orig_len,
mac_sec, md_size,
1 /* is SSLv3 */);
}
mac_sec, md_size,
1 /* is SSLv3 */);
}