[git commit] tls: fix a potential (currently "disabled" by a macro) SHA1-related bug

Denys Vlasenko vda.linux at googlemail.com
Mon Dec 10 17:49:29 UTC 2018


commit: https://git.busybox.net/busybox/commit/?id=c67ff8a1b04c56b9445a891cb48db7fc0f0f4445
branch: https://git.busybox.net/busybox/commit/?id=refs/heads/master

Signed-off-by: Denys Vlasenko <vda.linux at googlemail.com>
---
 networking/tls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/networking/tls.c b/networking/tls.c
index be13c6d5e..253d687b4 100644
--- a/networking/tls.c
+++ b/networking/tls.c
@@ -525,7 +525,7 @@ static unsigned hmac(tls_state_t *tls, uint8_t *out, uint8_t *key, unsigned key_
 	va_start(va, key_size);
 
 	hmac_begin(&pre, key, key_size,
-			(ENABLE_FEATURE_TLS_SHA1 || tls->MAC_size == SHA256_OUTSIZE)
+			(!ENABLE_FEATURE_TLS_SHA1 || tls->MAC_size == SHA256_OUTSIZE)
 				? sha256_begin
 				: sha1_begin
 	);


More information about the busybox-cvs mailing list