In the absence of feedback either way, commit the fix that looks right for

wrong keylength with export null ciphers.
author: Ben Laurie <ben@openssl.org> 1999-02-13 12:39:50 +0000
committer: Ben Laurie <ben@openssl.org> 1999-02-13 12:39:50 +0000
commit: 436d318c806003352b916f637ceb68f3bfde72de (patch)
tree: ffbfaaec1c18362a8379c33c66027133fa2f9538 /ssl/t1_enc.c
parent: be560e7b67fef773895b6321b55f2d1630ce7861 (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 893c0bc73b..ac9da4da3a 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -177,7 +177,7 @@ int which;
 	EVP_CIPHER *c;
 	COMP_METHOD *comp;
 	EVP_MD *m;
-	int exp,n,i,j,k,exp_label_len;
+	int exp,n,i,j,k,exp_label_len,cl;
 
 	exp=(s->s3->tmp.new_cipher->algorithms & SSL_EXPORT)?1:0;
 	c=s->s3->tmp.new_sym_enc;
@@ -244,7 +244,9 @@ int which;
 
 	p=s->s3->tmp.key_block;
 	i=EVP_MD_size(m);
-	j=(exp)?5:EVP_CIPHER_key_length(c);
+	cl=EVP_CIPHER_key_length(c);
+	j=exp ? (cl < 5 ? cl : 5) : cl;
+	/* Was j=(exp)?5:EVP_CIPHER_key_length(c); */
 	k=EVP_CIPHER_iv_length(c);
 	er1= &(s->s3->client_random[0]);
 	er2= &(s->s3->server_random[0]);
author	Ben Laurie <ben@openssl.org>	1999-02-13 12:39:50 +0000
committer	Ben Laurie <ben@openssl.org>	1999-02-13 12:39:50 +0000
commit	436d318c806003352b916f637ceb68f3bfde72de (patch)
tree	ffbfaaec1c18362a8379c33c66027133fa2f9538 /ssl/t1_enc.c
parent	be560e7b67fef773895b6321b55f2d1630ce7861 (diff)