From 635b7d3f2a3a4c1caaf772dc9a6c1cdcb958f6fe Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 16 Mar 2017 14:06:00 +0000 Subject: [PATCH] Updates following review feedback Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/2895) --- ssl/statem/statem_lib.c | 10 ++++------ ssl/statem/statem_srvr.c | 2 +- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 04ac795114..5164cc0c29 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -1881,12 +1881,9 @@ int create_synthetic_message_hash(SSL *s) { unsigned char hashval[EVP_MAX_MD_SIZE]; size_t hashlen = 0; - unsigned char msghdr[SSL3_HM_HEADER_LENGTH] = { - SSL3_MT_MESSAGE_HASH, - 0, - 0, - 0 - }; + unsigned char msghdr[SSL3_HM_HEADER_LENGTH]; + + memset(msghdr, 0, sizeof(msghdr)); /* Get the hash of the initial ClientHello */ if (!ssl3_digest_cached_records(s, 0) @@ -1900,6 +1897,7 @@ int create_synthetic_message_hash(SSL *s) return 0; /* Inject the synthetic message_hash message */ + msghdr[0] = SSL3_MT_MESSAGE_HASH; msghdr[SSL3_HM_HEADER_LENGTH - 1] = hashlen; if (!ssl3_finish_mac(s, msghdr, SSL3_HM_HEADER_LENGTH) || !ssl3_finish_mac(s, hashval, hashlen)) { diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index a1feb27a6c..78f977fcc8 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -1534,7 +1534,7 @@ static int tls_early_post_process_client_hello(SSL *s, int *al) goto err; } - /* TLSv1.3 defines that a ClientHello must end on a record boundary */ + /* TLSv1.3 specifies that a ClientHello must end on a record boundary */ if (SSL_IS_TLS13(s) && RECORD_LAYER_processed_read_pending(&s->rlayer)) { *al = SSL_AD_UNEXPECTED_MESSAGE; SSLerr(SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO, -- 2.34.1