The branch master has been updated via 57b0d651f052ed86528da916397acbcce035fb21 (commit) from 7f07149d25f8d7e00e9350ff2f064a4d25c1a13d (commit)
- Log ----------------------------------------------------------------- commit 57b0d651f052ed86528da916397acbcce035fb21 Author: Bernd Edlinger <bernd.edlin...@hotmail.de> Date: Mon Feb 13 18:36:13 2017 +0100 Use TLSEXT_KEYNAME_LENGTH in tls_decrypt_ticket. Reviewed-by: Matt Caswell <m...@openssl.org> Reviewed-by: Rich Salz <rs...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2618) ----------------------------------------------------------------------- Summary of changes: ssl/t1_lib.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 7c8244d..eba3203 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1252,8 +1252,8 @@ TICKET_RETURN tls_decrypt_ticket(SSL *s, const unsigned char *etick, } /* Attempt to decrypt session data */ /* Move p after IV to start of encrypted ticket, update length */ - p = etick + 16 + EVP_CIPHER_CTX_iv_length(ctx); - eticklen -= 16 + EVP_CIPHER_CTX_iv_length(ctx); + p = etick + TLSEXT_KEYNAME_LENGTH + EVP_CIPHER_CTX_iv_length(ctx); + eticklen -= TLSEXT_KEYNAME_LENGTH + EVP_CIPHER_CTX_iv_length(ctx); sdec = OPENSSL_malloc(eticklen); if (sdec == NULL || EVP_DecryptUpdate(ctx, sdec, &slen, p, (int)eticklen) <= 0) { _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits