Actually comment out the cpuid asm!

[oweals/openssl.git] / ssl / t1_lib.c

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 1d336c2149b4887337b695a41f02907f8487bd52..92e8f88c53f09a71fb2496144fe0b98a2043537f 100644 (file)
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1389,11 +1389,11 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
        /* 1 byte for the list (we only support audit proofs) */
        if (s->ctx->tlsext_authz_server_audit_proof_cb != NULL)
                {
-               size_t lenmax;
                 const unsigned short ext_len = 2;
                 const unsigned char list_len = 1;
 
-               if ((lenmax = limit - ret - 6) < 0) return NULL;
+               if (limit < ret + 6)
+                       return NULL;
 
                s2n(TLSEXT_TYPE_server_authz, ret);
                 /* Extension length: 2 bytes */
@@ -2449,7 +2449,7 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char
                        unsigned char selected_len;
 
                        /* We must have requested it. */
-                       if ((s->ctx->next_proto_select_cb == NULL))
+                       if (s->ctx->next_proto_select_cb == NULL)
                                {
                                *al = TLS1_AD_UNSUPPORTED_EXTENSION;
                                return 0;
@@ -3125,7 +3125,7 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen,
        HMAC_Update(&hctx, etick, eticklen);
        HMAC_Final(&hctx, tick_hmac, NULL);
        HMAC_CTX_cleanup(&hctx);
-       if (memcmp(tick_hmac, etick + eticklen, mlen))
+       if (CRYPTO_memcmp(tick_hmac, etick + eticklen, mlen))
                return 2;
        /* Attempt to decrypt session data */
        /* Move p after IV to start of encrypted ticket, update length */