Fix return code in tls1_mac

The return code from tls1_mac is supposed to be a boolean 0 for fail, 1 for success. In one place we returned -1 on error. This would cause code calling the mac function to erroneously see this as a success (because a non-zero value is being treated as success in all call sites). Fortunately, AFAICT, the place that returns -1 can only happen on an internal error so is not under attacker control. Additionally this code only appears in master. In 1.1.0 the return codes are treated differently. Therefore there are no security implications. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3495)
author: Matt Caswell <matt@openssl.org> 2017-05-19 10:28:43 +0100
committer: Matt Caswell <matt@openssl.org> 2017-05-19 17:02:11 +0100
commit: aabe3a359197d99867abaab8a4beb42003ee7d79 (patch)
tree: 0c1d9f534902225c3797036e1389b4f9bdc560a8 /ssl/record
parent: ffbaf06ade6dab6a0805a24087cf2e84c5db8d43 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c
index 85d726fb20..8ebb1b92ee 100644
--- a/ssl/record/ssl3_record.c
+++ b/ssl/record/ssl3_record.c
@@ -1225,7 +1225,7 @@ int tls1_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int sending)
                                    ssl->s3->read_mac_secret,
                                    ssl->s3->read_mac_secret_size, 0) <= 0) {
             EVP_MD_CTX_free(hmac);
-            return -1;
+            return 0;
         }
     } else {
         /* TODO(size_t): Convert these calls */
author	Matt Caswell <matt@openssl.org>	2017-05-19 10:28:43 +0100
committer	Matt Caswell <matt@openssl.org>	2017-05-19 17:02:11 +0100
commit	aabe3a359197d99867abaab8a4beb42003ee7d79 (patch)
tree	0c1d9f534902225c3797036e1389b4f9bdc560a8 /ssl/record
parent	ffbaf06ade6dab6a0805a24087cf2e84c5db8d43 (diff)