diff options
author | Ben Laurie <ben@links.org> | 2013-01-28 17:30:38 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2013-02-05 16:50:32 +0000 |
commit | 270881316664396326c461ec7a124aec2c6cc081 (patch) | |
tree | a5e48a018e0e932e2f1f1ae63b9bb8614049a732 /ssl/s2_clnt.c | |
parent | affe98998af77e0b929db6251f13322da8691a78 (diff) |
Add and use a constant-time memcmp.
This change adds CRYPTO_memcmp, which compares two vectors of bytes in
an amount of time that's independent of their contents. It also changes
several MAC compares in the code to use this over the standard memcmp,
which may leak information about the size of a matching prefix.
(cherry picked from commit 2ee798880a246d648ecddadc5b91367bee4a5d98)
Conflicts:
crypto/crypto.h
ssl/t1_lib.c
(cherry picked from commit dc406b59f3169fe191e58906df08dce97edb727c)
Conflicts:
crypto/crypto.h
ssl/d1_pkt.c
ssl/s3_pkt.c
Diffstat (limited to 'ssl/s2_clnt.c')
-rw-r--r-- | ssl/s2_clnt.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c index 782129cd5d..c13a640455 100644 --- a/ssl/s2_clnt.c +++ b/ssl/s2_clnt.c @@ -935,7 +935,7 @@ static int get_server_verify(SSL *s) s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* SERVER-VERIFY */ p += 1; - if (memcmp(p,s->s2->challenge,s->s2->challenge_length) != 0) + if (CRYPTO_memcmp(p,s->s2->challenge,s->s2->challenge_length) != 0) { ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_CHALLENGE_IS_DIFFERENT); |