diff options
author | Ben Laurie <ben@openssl.org> | 1999-02-13 12:39:50 +0000 |
---|---|---|
committer | Ben Laurie <ben@openssl.org> | 1999-02-13 12:39:50 +0000 |
commit | 436d318c806003352b916f637ceb68f3bfde72de (patch) | |
tree | ffbfaaec1c18362a8379c33c66027133fa2f9538 /ssl/s3_enc.c | |
parent | be560e7b67fef773895b6321b55f2d1630ce7861 (diff) |
In the absence of feedback either way, commit the fix that looks right for
wrong keylength with export null ciphers.
Diffstat (limited to 'ssl/s3_enc.c')
-rw-r--r-- | ssl/s3_enc.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index f498093ba0..c5c9a3be42 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -139,7 +139,7 @@ int which; COMP_METHOD *comp; EVP_MD *m; MD5_CTX md; - int exp,n,i,j,k; + int exp,n,i,j,k,cl; exp=(s->s3->tmp.new_cipher->algorithms & SSL_EXPORT)?1:0; c=s->s3->tmp.new_sym_enc; @@ -208,8 +208,9 @@ int which; p=s->s3->tmp.key_block; i=EVP_MD_size(m); - /* Should be j=exp?min(5,EVP_CIPHER_key_length(c)):EVP_CIPHER_key_length(c); ?? - Ben 30/12/98 */ - j=(exp)?5:EVP_CIPHER_key_length(c); + cl=EVP_CIPHER_key_length(c); + j=exp ? (cl < 5 ? cl : 5) : cl; + /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */ k=EVP_CIPHER_iv_length(c); if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) || (which == SSL3_CHANGE_CIPHER_SERVER_READ)) |