Fixed incorrect return code handling in ssl3_final_finish_mac
authorMatt Caswell <matt@openssl.org>
Tue, 10 Jun 2014 22:24:28 +0000 (23:24 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 10 Jun 2014 22:29:53 +0000 (23:29 +0100)
ssl/s3_enc.c

index 6bc08121622025af6ba46fabaa99467592d9895f..c44cc9298ab638a6039bfb8c2074f8c208622cab 100644 (file)
@@ -631,10 +631,18 @@ int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p)
 int ssl3_final_finish_mac(SSL *s, 
             const char *sender, int len, unsigned char *p)
        {
-       int ret;
+       int ret, sha1len;
        ret=ssl3_handshake_mac(s,NID_md5,sender,len,p);
+       if(ret == 0)
+               return 0;
+
        p+=ret;
-       ret+=ssl3_handshake_mac(s,NID_sha1,sender,len,p);
+
+       sha1len=ssl3_handshake_mac(s,NID_sha1,sender,len,p);
+       if(sha1len == 0)
+               return 0;
+
+       ret+=sha1len;
        return(ret);
        }
 static int ssl3_handshake_mac(SSL *s, int md_nid,