Updates following review feedback

Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2895)
author: Matt Caswell <matt@openssl.org> 2017-03-16 14:06:00 +0000
committer: Matt Caswell <matt@openssl.org> 2017-03-16 14:20:38 +0000
commit: 635b7d3f2a3a4c1caaf772dc9a6c1cdcb958f6fe (patch)
tree: 05de5d59ab097ec192341053fdd156d4a4670321 /ssl
parent: c35cb287cbda087cc203be86d74d35ea1b5eeac6 (diff)
download: openssl-635b7d3f2a3a4c1caaf772dc9a6c1cdcb958f6fe.tar.gz
2 files changed, 5 insertions, 7 deletions
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index 04ac795114..5164cc0c29 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -1881,12 +1881,9 @@ int create_synthetic_message_hash(SSL *s)
 {
     unsigned char hashval[EVP_MAX_MD_SIZE];
     size_t hashlen = 0;
-    unsigned char msghdr[SSL3_HM_HEADER_LENGTH] = {
-        SSL3_MT_MESSAGE_HASH,
-        0,
-        0,
-        0
-    };
+    unsigned char msghdr[SSL3_HM_HEADER_LENGTH];
+
+    memset(msghdr, 0, sizeof(msghdr));
 
     /* Get the hash of the initial ClientHello */
     if (!ssl3_digest_cached_records(s, 0)
@@ -1900,6 +1897,7 @@ int create_synthetic_message_hash(SSL *s)
         return 0;
 
     /* Inject the synthetic message_hash message */
+    msghdr[0] = SSL3_MT_MESSAGE_HASH;
     msghdr[SSL3_HM_HEADER_LENGTH - 1] = hashlen;
     if (!ssl3_finish_mac(s, msghdr, SSL3_HM_HEADER_LENGTH)
             || !ssl3_finish_mac(s, hashval, hashlen)) {
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index a1feb27a6c..78f977fcc8 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -1534,7 +1534,7 @@ static int tls_early_post_process_client_hello(SSL *s, int *al)
         goto err;
     }
 
-    /* TLSv1.3 defines that a ClientHello must end on a record boundary */
+    /* TLSv1.3 specifies that a ClientHello must end on a record boundary */
     if (SSL_IS_TLS13(s) && RECORD_LAYER_processed_read_pending(&s->rlayer)) {
         *al = SSL_AD_UNEXPECTED_MESSAGE;
         SSLerr(SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO,
author	Matt Caswell <matt@openssl.org>	2017-03-16 14:06:00 +0000
committer	Matt Caswell <matt@openssl.org>	2017-03-16 14:20:38 +0000
commit	635b7d3f2a3a4c1caaf772dc9a6c1cdcb958f6fe (patch)
tree	05de5d59ab097ec192341053fdd156d4a4670321 /ssl
parent	c35cb287cbda087cc203be86d74d35ea1b5eeac6 (diff)
download	openssl-635b7d3f2a3a4c1caaf772dc9a6c1cdcb958f6fe.tar.gz