X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=ssl%2Ft1_enc.c;h=0d34357eb474e58238c3c499aa61c4f3e6962527;hb=470fa98f8aa5ca37e7e6720be7ca1abda8f906f0;hp=daa15d0a300e254a798791640422f6c589a8e0e6;hpb=e4aac1cb684a630d4e55bf5960d4fd8d1dbcccd1;p=oweals%2Fopenssl.git diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index daa15d0a30..0d34357eb4 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -57,14 +57,16 @@ */ #include -#include "comp.h" -#include "evp.h" -#include "hmac.h" +#include +#include +#include +#include +#include #include "ssl_locl.h" -static void tls1_P_hash(const EVP_MD *md, unsigned char *sec, int sec_len, - unsigned char *seed, int seed_len, unsigned char *out, - int olen) +static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec, + int sec_len, unsigned char *seed, int seed_len, + unsigned char *out, int olen) { int chunk,n; unsigned int j; @@ -107,12 +109,12 @@ static void tls1_P_hash(const EVP_MD *md, unsigned char *sec, int sec_len, } static void tls1_PRF(const EVP_MD *md5, const EVP_MD *sha1, - unsigned char *label, int label_len, unsigned char *sec, - int slen, unsigned char *out1, unsigned char *out2, - int olen) + unsigned char *label, int label_len, + const unsigned char *sec, int slen, unsigned char *out1, + unsigned char *out2, int olen) { int len,i; - unsigned char *S1,*S2; + const unsigned char *S1,*S2; len=slen/2; S1=sec; @@ -150,6 +152,7 @@ static void tls1_generate_key_block(SSL *s, unsigned char *km, int tls1_change_cipher_state(SSL *s, int which) { + static const unsigned char empty[]=""; unsigned char *p,*key_block,*mac_secret; unsigned char *exp_label,buf[TLS_MD_MAX_CONST_SIZE+ SSL3_RANDOM_SIZE*2]; @@ -175,7 +178,7 @@ int tls1_change_cipher_state(SSL *s, int which) { if ((s->enc_read_ctx == NULL) && ((s->enc_read_ctx=(EVP_CIPHER_CTX *) - Malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) + OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) goto err; dd= s->enc_read_ctx; s->read_hash=m; @@ -194,7 +197,7 @@ int tls1_change_cipher_state(SSL *s, int which) } if (s->s3->rrec.comp == NULL) s->s3->rrec.comp=(unsigned char *) - Malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH); + OPENSSL_malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH); if (s->s3->rrec.comp == NULL) goto err; } @@ -205,7 +208,7 @@ int tls1_change_cipher_state(SSL *s, int which) { if ((s->enc_write_ctx == NULL) && ((s->enc_write_ctx=(EVP_CIPHER_CTX *) - Malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) + OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) goto err; dd= s->enc_write_ctx; s->write_hash=m; @@ -296,8 +299,8 @@ printf("which = %04X\nmac key=",which); p+=SSL3_RANDOM_SIZE; memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE); p+=SSL3_RANDOM_SIZE; - tls1_PRF(s->ctx->md5,s->ctx->sha1, - buf,(int)(p-buf),"",0,iv1,iv2,k*2); + tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,p-buf,empty,0, + iv1,iv2,k*2); if (client_write) iv=iv1; else @@ -352,9 +355,9 @@ int tls1_setup_key_block(SSL *s) ssl3_cleanup_key_block(s); - if ((p1=(unsigned char *)Malloc(num)) == NULL) + if ((p1=(unsigned char *)OPENSSL_malloc(num)) == NULL) goto err; - if ((p2=(unsigned char *)Malloc(num)) == NULL) + if ((p2=(unsigned char *)OPENSSL_malloc(num)) == NULL) goto err; s->s3->tmp.key_block_length=num; @@ -371,7 +374,7 @@ printf("pre-master\n"); #endif tls1_generate_key_block(s,p1,p2,num); memset(p2,0,num); - Free(p2); + OPENSSL_free(p2); #ifdef TLS_DEBUG printf("\nkey block\n"); { int z; for (z=0; z