Fixed incorrect return code handling in ssl3_final_finish_mac.

Based on an original patch by Joel Sing (OpenBSD) who also originally identified the issue.

Fixed incorrect return code handling in ssl3_final_finish_mac.
Based on an original patch by Joel Sing (OpenBSD) who also originally identified the issue.
687721a7 · Matt Caswell · 043fd646 · 687721a7
隐藏空白更改
内联并排

Showing with 10 addition and 2 deletion

ssl/s3_enc.c ssl/s3_enc.c +10 -2

未找到文件。
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -663,10 +663,18 @@ int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p)
 int ssl3_final_finish_mac(SSL *s, 
 	     const char *sender, int len, unsigned char *p)
 	{
-	int ret;
+	int ret, sha1len;
 	ret=ssl3_handshake_mac(s,NID_md5,sender,len,p);
+	if(ret == 0)
+		return 0;
 	p+=ret;
-	ret+=ssl3_handshake_mac(s,NID_sha1,sender,len,p);
+	sha1len=ssl3_handshake_mac(s,NID_sha1,sender,len,p);
+	if(sha1len == 0)
+		return 0;
+	ret+=sha1len;
 	return(ret);
 	}
 static int ssl3_handshake_mac(SSL *s, int md_nid,