*/
#include <stdio.h>
-#include <assert.h>
#include <openssl/md5.h>
#include <openssl/sha.h>
#include <openssl/evp.h>
static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx,
const char *sender, int len, unsigned char *p);
-static void ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
+static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
{
MD5_CTX m5;
SHA_CTX s1;
for (i=0; i<num; i+=MD5_DIGEST_LENGTH)
{
k++;
- /* If this assert is triggered, it means buf needs to be
- resized. This should never be triggered in a release. */
- assert(k <= sizeof(buf));
+ if (k > sizeof buf)
+ {
+ /* bug: 'buf' is too small for this ciphersuite */
+ SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+
for (j=0; j<k; j++)
buf[j]=c;
c++;
km+=MD5_DIGEST_LENGTH;
}
memset(smd,0,SHA_DIGEST_LENGTH);
+ return 1;
}
int ssl3_change_cipher_state(SSL *s, int which)
s->s3->tmp.key_block_length=num;
s->s3->tmp.key_block=p;
- ssl3_generate_key_block(s,p,num);
+ return ssl3_generate_key_block(s,p,num);
- return(1);
err:
SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK,ERR_R_MALLOC_FAILURE);
return(0);
#define SSL_F_SSL3_CTRL 213
#define SSL_F_SSL3_CTX_CTRL 133
#define SSL_F_SSL3_ENC 134
+#define SSL_F_SSL3_GENERATE_KEY_BLOCK 238
#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135
#define SSL_F_SSL3_GET_CERT_VERIFY 136
#define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137
{ERR_PACK(0,SSL_F_SSL3_CTRL,0), "SSL3_CTRL"},
{ERR_PACK(0,SSL_F_SSL3_CTX_CTRL,0), "SSL3_CTX_CTRL"},
{ERR_PACK(0,SSL_F_SSL3_ENC,0), "SSL3_ENC"},
+{ERR_PACK(0,SSL_F_SSL3_GENERATE_KEY_BLOCK,0), "SSL3_GENERATE_KEY_BLOCK"},
{ERR_PACK(0,SSL_F_SSL3_GET_CERTIFICATE_REQUEST,0), "SSL3_GET_CERTIFICATE_REQUEST"},
{ERR_PACK(0,SSL_F_SSL3_GET_CERT_VERIFY,0), "SSL3_GET_CERT_VERIFY"},
{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_CERTIFICATE,0), "SSL3_GET_CLIENT_CERTIFICATE"},
*/
-#include <assert.h>
+#ifdef REF_CHECK
+# include <assert.h>
+#endif
#include <stdio.h>
#include <openssl/objects.h>
#include <openssl/lhash.h>
projects / oweals / openssl.git / commitdiff