diff options
| author |   tedu <tedu@openbsd.org> | 2014-06-04 14:10:23 +0000 |
|---|---|---|
| committer | tedu <tedu@openbsd.org> | 2014-06-04 14:10:23 +0000 |
| commit | 0fbb22b80081dae9dd04cbedeae2fa3ba34318dd (patch) | |
| tree | dffb8775e5ef95187e0b23e9c49a5b1b2b103a00 /lib/libssl/t1_reneg.c | |
| parent | Clearing the data toggle bit only makes sense for endpoints that use it, (diff) | |
| download | wireguard-openbsd-0fbb22b80081dae9dd04cbedeae2fa3ba34318dd.tar.xz wireguard-openbsd-0fbb22b80081dae9dd04cbedeae2fa3ba34318dd.zip | |
without overthinking it, replace a few memcmp calls with CRYPTO_memcmp
where it is feasible to do so. better safe than sorry.
Diffstat (limited to 'lib/libssl/t1_reneg.c')
| -rw-r--r-- | lib/libssl/t1_reneg.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/libssl/t1_reneg.c b/lib/libssl/t1_reneg.c index 5f96e1fa7e9..c9e0704c079 100644 --- a/lib/libssl/t1_reneg.c +++ b/lib/libssl/t1_reneg.c @@ -172,7 +172,7 @@ ssl_parse_clienthello_renegotiate_ext(SSL *s, unsigned char *d, int len, return 0; } - if (memcmp(d, s->s3->previous_client_finished, + if (CRYPTO_memcmp(d, s->s3->previous_client_finished, s->s3->previous_client_finished_len)) { SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT, SSL_R_RENEGOTIATION_MISMATCH); @@ -259,7 +259,7 @@ ssl_parse_serverhello_renegotiate_ext(SSL *s, unsigned char *d, int len, return 0; } - if (memcmp(d, s->s3->previous_client_finished, + if (CRYPTO_memcmp(d, s->s3->previous_client_finished, s->s3->previous_client_finished_len)) { SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT, SSL_R_RENEGOTIATION_MISMATCH); @@ -268,7 +268,7 @@ ssl_parse_serverhello_renegotiate_ext(SSL *s, unsigned char *d, int len, } d += s->s3->previous_client_finished_len; - if (memcmp(d, s->s3->previous_server_finished, + if (CRYPTO_memcmp(d, s->s3->previous_server_finished, s->s3->previous_server_finished_len)) { SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT, SSL_R_RENEGOTIATION_MISMATCH); |