From c67ff8a1b04c56b9445a891cb48db7fc0f0f4445 Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Mon, 10 Dec 2018 18:49:29 +0100 Subject: [PATCH] tls: fix a potential (currently "disabled" by a macro) SHA1-related bug Signed-off-by: Denys Vlasenko --- networking/tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/networking/tls.c b/networking/tls.c index be13c6d5e..253d687b4 100644 --- a/networking/tls.c +++ b/networking/tls.c @@ -525,7 +525,7 @@ static unsigned hmac(tls_state_t *tls, uint8_t *out, uint8_t *key, unsigned key_ va_start(va, key_size); hmac_begin(&pre, key, key_size, - (ENABLE_FEATURE_TLS_SHA1 || tls->MAC_size == SHA256_OUTSIZE) + (!ENABLE_FEATURE_TLS_SHA1 || tls->MAC_size == SHA256_OUTSIZE) ? sha256_begin : sha1_begin );