diff options
author | Matt Caswell <matt@openssl.org> | 2015-10-26 14:05:43 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-10-30 08:39:47 +0000 |
commit | 956de7b2873e0dde61b287049cd0eb35756b6207 (patch) | |
tree | 1848f7baba803cfc77aa1e04e08ebb6b3ac8cc9f | |
parent | fed1767436f626bc43140182442567340bd8bd34 (diff) | |
download | openssl-956de7b2873e0dde61b287049cd0eb35756b6207.tar.gz |
Remove superfluous check
|tls_process_finished| was checking that |peer_finish_md_len| was
non-negative. However neither |tls1_final_finish_mac| or
|ssl3_final_finish_mac| can ever return a negative value, so the check is
superfluous.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
-rw-r--r-- | ssl/statem/statem_lib.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index f2a2925deb..2c100dc817 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -306,7 +306,7 @@ MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt) i = s->s3->tmp.peer_finish_md_len; - if (i < 0 || (unsigned long)i != PACKET_remaining(pkt)) { + if ((unsigned long)i != PACKET_remaining(pkt)) { al = SSL_AD_DECODE_ERROR; SSLerr(SSL_F_TLS_PROCESS_FINISHED, SSL_R_BAD_DIGEST_LENGTH); goto f_err; |