PR: 1794

[openssl.git] / ssl / t1_enc.c

diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index b9d0dd3757c37b127923e1f8d24b3672abba0c3e..1c6fe5d82ae92dbf574b4b2ab10666245bab3685 100644 (file)
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -1172,13 +1172,13 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, unsigned int olen,
         * 15, so size of val > max(prohibited label len) = 15 and the
         * comparisons won't have buffer overflow
         */
-       if (bcmp(val, TLS_MD_CLIENT_FINISH_CONST,
+       if (memcmp(val, TLS_MD_CLIENT_FINISH_CONST,
                 TLS_MD_CLIENT_FINISH_CONST_SIZE) == 0) goto err1;
-       if (bcmp(val, TLS_MD_SERVER_FINISH_CONST,
+       if (memcmp(val, TLS_MD_SERVER_FINISH_CONST,
                 TLS_MD_SERVER_FINISH_CONST_SIZE) == 0) goto err1;
-       if (bcmp(val, TLS_MD_MASTER_SECRET_CONST,
+       if (memcmp(val, TLS_MD_MASTER_SECRET_CONST,
                 TLS_MD_MASTER_SECRET_CONST_SIZE) == 0) goto err1;
-       if (bcmp(val, TLS_MD_KEY_EXPANSION_CONST,
+       if (memcmp(val, TLS_MD_KEY_EXPANSION_CONST,
                 TLS_MD_KEY_EXPANSION_CONST_SIZE) == 0) goto err1;
 
        tls1_PRF(s->s3->tmp.new_cipher->algorithm2,
@@ -1242,9 +1242,6 @@ int tls1_alert_code(int code)
        case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE: return(TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE);
        case SSL_AD_BAD_CERTIFICATE_HASH_VALUE: return(TLS1_AD_BAD_CERTIFICATE_HASH_VALUE);
        case SSL_AD_UNKNOWN_PSK_IDENTITY:return(TLS1_AD_UNKNOWN_PSK_IDENTITY);
-#ifndef OPENSSL_NO_SRP
-       case SSL_AD_MISSING_SRP_USERNAME:return(TLS1_AD_MISSING_SRP_USERNAME);
-#endif
 #if 0 /* not appropriate for TLS, not used for DTLS */
        case DTLS1_AD_MISSING_HANDSHAKE_MESSAGE: return 
                                          (DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);