Commit c72ac7c3 authored by Manuel Pégourié-Gonnard's avatar Manuel Pégourié-Gonnard
Browse files

Fix SSLv3 handling of SHA-384 suites

Fixes memory corruption, introduced in
a5bdfcde (Relax some SHA2 ciphersuite's version requirements)
parent e1b665e1
......@@ -471,8 +471,8 @@ struct _ssl_transform
#if defined(POLARSSL_SSL_PROTO_SSL3)
/* Needed only for SSL v3.0 secret */
unsigned char mac_enc[32]; /*!< SSL v3.0 secret (enc) */
unsigned char mac_dec[32]; /*!< SSL v3.0 secret (dec) */
unsigned char mac_enc[48]; /*!< SSL v3.0 secret (enc) */
unsigned char mac_dec[48]; /*!< SSL v3.0 secret (dec) */
#endif /* POLARSSL_SSL_PROTO_SSL3 */
md_context_t md_ctx_enc; /*!< MAC (encryption) */
......
......@@ -941,6 +941,8 @@ static void ssl_mac( md_context_t *md_ctx, unsigned char *secret,
padlen = 40;
else if( md_type == POLARSSL_MD_SHA256 )
padlen = 32;
else if( md_type == POLARSSL_MD_SHA384 )
padlen = 16;
memcpy( header, ctr, 8 );
header[ 8] = (unsigned char) type;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment