diff options
| author |   beck <beck@openbsd.org> | 2017-01-23 08:08:06 +0000 |
|---|---|---|
| committer | beck <beck@openbsd.org> | 2017-01-23 08:08:06 +0000 |
| commit | d2a38c8ae537989d0e986356a383eb44b37a2cb5 (patch) | |
| tree | 3cf685b3bcb37a7cd823730cd675d9ae504399b4 /lib/libssl/s3_pkt.c | |
| parent | Add drivers for the Raspberry Pi 3. (diff) | |
| download | wireguard-openbsd-d2a38c8ae537989d0e986356a383eb44b37a2cb5.tar.xz wireguard-openbsd-d2a38c8ae537989d0e986356a383eb44b37a2cb5.zip | |
move back read_hash and enc_read_ctx into ssl_st. wpa_supplicant and
other perversions touches them sickly and unnaturally.
Diffstat (limited to 'lib/libssl/s3_pkt.c')
| -rw-r--r-- | lib/libssl/s3_pkt.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/lib/libssl/s3_pkt.c b/lib/libssl/s3_pkt.c index 458a355692b..3fb5168d165 100644 --- a/lib/libssl/s3_pkt.c +++ b/lib/libssl/s3_pkt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_pkt.c,v 1.64 2017/01/23 06:45:30 beck Exp $ */ +/* $OpenBSD: s3_pkt.c,v 1.65 2017/01/23 08:08:06 beck Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -395,13 +395,13 @@ again: /* r->length is now the compressed data plus mac */ - if ((sess != NULL) && (s->internal->enc_read_ctx != NULL) && - (EVP_MD_CTX_md(s->internal->read_hash) != NULL)) { - /* s->internal->read_hash != NULL => mac_size != -1 */ + if ((sess != NULL) && (s->enc_read_ctx != NULL) && + (EVP_MD_CTX_md(s->read_hash) != NULL)) { + /* s->read_hash != NULL => mac_size != -1 */ unsigned char *mac = NULL; unsigned char mac_tmp[EVP_MAX_MD_SIZE]; - mac_size = EVP_MD_CTX_size(s->internal->read_hash); + mac_size = EVP_MD_CTX_size(s->read_hash); OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE); /* kludge: *_cbc_remove_padding passes padding length in rr->type */ @@ -414,14 +414,14 @@ again: */ if (orig_len < mac_size || /* CBC records must have a padding length byte too. */ - (EVP_CIPHER_CTX_mode(s->internal->enc_read_ctx) == EVP_CIPH_CBC_MODE && + (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE && orig_len < mac_size + 1)) { al = SSL_AD_DECODE_ERROR; SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_LENGTH_TOO_SHORT); goto f_err; } - if (EVP_CIPHER_CTX_mode(s->internal->enc_read_ctx) == EVP_CIPH_CBC_MODE) { + if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE) { /* We update the length so that the TLS header bytes * can be constructed correctly but we need to extract * the MAC in constant time from within the record, @@ -960,7 +960,7 @@ start: /* make sure that we are not getting application data when we * are doing a handshake for the first time */ if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) && - (s->internal->enc_read_ctx == NULL)) { + (s->enc_read_ctx == NULL)) { al = SSL_AD_UNEXPECTED_MESSAGE; SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_APP_DATA_IN_HANDSHAKE); |