From adfc37868e2dc406b80ab3111163eb475ef06975 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Wed, 21 Jun 2017 11:58:10 +0100
Subject: [PATCH 1/1] Use constants rather than macros for the cipher bytes in
 the apps

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3670)
---
 apps/apps.h     | 2 ++
 apps/s_client.c | 8 ++++----
 apps/s_server.c | 4 ++--
 3 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/apps/apps.h b/apps/apps.h
index 66ece0b43c..4ec0693b30 100644
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -55,6 +55,8 @@ extern char *default_config_file;
 extern BIO *bio_in;
 extern BIO *bio_out;
 extern BIO *bio_err;
+extern const unsigned char tls13_aes128gcmsha256_id[];
+extern const unsigned char tls13_aes256gcmsha384_id[];
 BIO *dup_bio_in(int format);
 BIO *dup_bio_out(int format);
 BIO *dup_bio_err(int format);
diff --git a/apps/s_client.c b/apps/s_client.c
index 71e4c1f01f..60ce9c68af 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -172,8 +172,8 @@ static unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity,
 }
 #endif
 
-#define TLS13_AES_128_GCM_SHA256_BYTES  ((const unsigned char *)"\x13\x01")
-#define TLS13_AES_256_GCM_SHA384_BYTES  ((const unsigned char *)"\x13\x02")
+const unsigned char tls13_aes128gcmsha256_id[] = { 0x13, 0x01 };
+const unsigned char tls13_aes256gcmsha384_id[] = { 0x13, 0x02 };
 
 static int psk_use_session_cb(SSL *s, const EVP_MD *md,
                               const unsigned char **id, size_t *idlen,
@@ -196,9 +196,9 @@ static int psk_use_session_cb(SSL *s, const EVP_MD *md,
         }
 
         if (key_len == EVP_MD_size(EVP_sha256()))
-            cipher = SSL_CIPHER_find(s, TLS13_AES_128_GCM_SHA256_BYTES);
+            cipher = SSL_CIPHER_find(s, tls13_aes128gcmsha256_id);
         else if(key_len == EVP_MD_size(EVP_sha384()))
-            cipher = SSL_CIPHER_find(s, TLS13_AES_256_GCM_SHA384_BYTES);
+            cipher = SSL_CIPHER_find(s, tls13_aes256gcmsha384_id);
 
         if (cipher == NULL) {
             /* Doesn't look like a suitable TLSv1.3 key. Ignore it */
diff --git a/apps/s_server.c b/apps/s_server.c
index c2ef521479..13cc7a190a 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -208,9 +208,9 @@ static int psk_find_session_cb(SSL *ssl, const unsigned char *identity,
     }
 
     if (key_len == EVP_MD_size(EVP_sha256()))
-        cipher = SSL_CIPHER_find(ssl, TLS13_AES_128_GCM_SHA256_BYTES);
+        cipher = SSL_CIPHER_find(ssl, tls13_aes128gcmsha256_id);
     else if(key_len == EVP_MD_size(EVP_sha384()))
-        cipher = SSL_CIPHER_find(ssl, TLS13_AES_256_GCM_SHA384_BYTES);
+        cipher = SSL_CIPHER_find(ssl, tls13_aes256gcmsha384_id);
 
     if (cipher == NULL) {
         /* Doesn't look like a suitable TLSv1.3 key. Ignore it */
-- 
2.34.1