X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Ft1_enc.c;h=243464298d122cf6fbc9cfcde8fd149b7fe00295;hp=daa15d0a300e254a798791640422f6c589a8e0e6;hb=3cc6cdea0f673eadc61b97756a2ff46281749b5e;hpb=e4aac1cb684a630d4e55bf5960d4fd8d1dbcccd1

diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index daa15d0a30..243464298d 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -57,14 +57,16 @@
  */
 
 #include <stdio.h>
-#include "comp.h"
-#include "evp.h"
-#include "hmac.h"
+#include <openssl/comp.h>
+#include <openssl/md5.h>
+#include <openssl/sha.h>
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
 #include "ssl_locl.h"
 
-static void tls1_P_hash(const EVP_MD *md, unsigned char *sec, int sec_len,
-			unsigned char *seed, int seed_len, unsigned char *out,
-			int olen)
+static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
+			int sec_len, unsigned char *seed, int seed_len,
+			unsigned char *out, int olen)
 	{
 	int chunk,n;
 	unsigned int j;
@@ -107,12 +109,12 @@ static void tls1_P_hash(const EVP_MD *md, unsigned char *sec, int sec_len,
 	}
 
 static void tls1_PRF(const EVP_MD *md5, const EVP_MD *sha1,
-		     unsigned char *label, int label_len, unsigned char *sec,
-		     int slen, unsigned char *out1, unsigned char *out2,
-		     int olen)
+		     unsigned char *label, int label_len,
+		     const unsigned char *sec, int slen, unsigned char *out1,
+		     unsigned char *out2, int olen)
 	{
 	int len,i;
-	unsigned char *S1,*S2;
+	const unsigned char *S1,*S2;
 
 	len=slen/2;
 	S1=sec;
@@ -150,6 +152,7 @@ static void tls1_generate_key_block(SSL *s, unsigned char *km,
 
 int tls1_change_cipher_state(SSL *s, int which)
 	{
+	static const unsigned char empty[]="";
 	unsigned char *p,*key_block,*mac_secret;
 	unsigned char *exp_label,buf[TLS_MD_MAX_CONST_SIZE+
 		SSL3_RANDOM_SIZE*2];
@@ -296,8 +299,8 @@ printf("which = %04X\nmac key=",which);
 			p+=SSL3_RANDOM_SIZE;
 			memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
 			p+=SSL3_RANDOM_SIZE;
-			tls1_PRF(s->ctx->md5,s->ctx->sha1,
-				buf,(int)(p-buf),"",0,iv1,iv2,k*2);
+			tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,p-buf,empty,0,
+				 iv1,iv2,k*2);
 			if (client_write)
 				iv=iv1;
 			else
@@ -491,7 +494,7 @@ int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in_ctx, unsigned char *out)
 	}
 
 int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx,
-	     unsigned char *str, int slen, unsigned char *out)
+	     const char *str, int slen, unsigned char *out)
 	{
 	unsigned int i;
 	EVP_MD_CTX ctx;