Fixed incorrect return code handling in ssl3_final_finish_mac
authorMatt Caswell <matt@openssl.org>
Tue, 10 Jun 2014 22:24:28 +0000 (23:24 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 10 Jun 2014 22:31:50 +0000 (23:31 +0100)
ssl/s3_enc.c

index f1b2641..6c103a0 100644 (file)
@@ -663,10 +663,18 @@ int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p)
 int ssl3_final_finish_mac(SSL *s, 
             const char *sender, int len, unsigned char *p)
        {
-       int ret;
+       int ret, sha1len;
        ret=ssl3_handshake_mac(s,NID_md5,sender,len,p);
+       if(ret == 0)
+               return 0;
+
        p+=ret;
-       ret+=ssl3_handshake_mac(s,NID_sha1,sender,len,p);
+
+       sha1len=ssl3_handshake_mac(s,NID_sha1,sender,len,p);
+       if(sha1len == 0)
+               return 0;
+
+       ret+=sha1len;
        return(ret);
        }
 static int ssl3_handshake_mac(SSL *s, int md_nid,