without overthinking it, replace a few memcmp calls with CRYPTO_memcmp

where it is feasible to do so. better safe than sorry.
author: tedu <tedu@openbsd.org> 2014-06-04 14:10:23 +0000
committer: tedu <tedu@openbsd.org> 2014-06-04 14:10:23 +0000
commit: 0fbb22b80081dae9dd04cbedeae2fa3ba34318dd (patch)
tree: dffb8775e5ef95187e0b23e9c49a5b1b2b103a00 /lib/libssl/src/ssl/s3_srvr.c
parent: Clearing the data toggle bit only makes sense for endpoints that use it, (diff)
download: wireguard-openbsd-0fbb22b80081dae9dd04cbedeae2fa3ba34318dd.tar.xz
wireguard-openbsd-0fbb22b80081dae9dd04cbedeae2fa3ba34318dd.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/libssl/src/ssl/s3_srvr.c b/lib/libssl/src/ssl/s3_srvr.c
index f12b680e996..948569a156e 100644
--- a/lib/libssl/src/ssl/s3_srvr.c
+++ b/lib/libssl/src/ssl/s3_srvr.c
@@ -1025,7 +1025,7 @@ ssl3_get_client_hello(SSL *s)
 					goto f_err;
 				}
 				/* else cookie verification succeeded */
-			} else if (memcmp(s->d1->rcvd_cookie, s->d1->cookie,
+			} else if (CRYPTO_memcmp(s->d1->rcvd_cookie, s->d1->cookie,
 			    s->d1->cookie_len) != 0) {
 				/* default verification */
 				al = SSL_AD_HANDSHAKE_FAILURE;
author	tedu <tedu@openbsd.org>	2014-06-04 14:10:23 +0000
committer	tedu <tedu@openbsd.org>	2014-06-04 14:10:23 +0000
commit	0fbb22b80081dae9dd04cbedeae2fa3ba34318dd (patch)
tree	dffb8775e5ef95187e0b23e9c49a5b1b2b103a00 /lib/libssl/src/ssl/s3_srvr.c
parent	Clearing the data toggle bit only makes sense for endpoints that use it, (diff)
download	wireguard-openbsd-0fbb22b80081dae9dd04cbedeae2fa3ba34318dd.tar.xz wireguard-openbsd-0fbb22b80081dae9dd04cbedeae2fa3ba34318dd.zip