commit 6186019d5dab9c2d135f7a619c20db6947e6bc1b
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Tue Nov 04 13:05:42 2014 +0100
committer Manuel Pégourié-Gonnard <mpg@elzevir.fr> Tue Dec 02 10:40:54 2014 +0100
tree 0f05a004aea04a8b6570224b51dbb31ca4abd0fe
parent 615e677c0bc386cc012d0d1639bd0caef69d1aa7

Save 48 bytes if SSLv3 is not defined

include/polarssl/ssl.h

diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index 37123c7..b1df138 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -305,6 +305,15 @@
                         )
 
 /*
+ * Length of the verify data for secure renegotiation
+ */
+#if defined(POLARSSL_SSL_PROTO_SSL3)
+#define SSL_VERIFY_DATA_MAX_LEN 36
+#else
+#define SSL_VERIFY_DATA_MAX_LEN 12
+#endif
+
+/*
  * Signaling ciphersuite values (SCSV)
  */
 #define SSL_EMPTY_RENEGOTIATION_INFO    0xFF   /**< renegotiation info ext */
@@ -867,8 +876,8 @@
                                               secure renegotiation           */
 #if defined(POLARSSL_SSL_RENEGOTIATION)
     size_t verify_data_len;             /*!<  length of verify data stored   */
-    char own_verify_data[36];           /*!<  previous handshake verify data */
-    char peer_verify_data[36];          /*!<  previous handshake verify data */
+    char own_verify_data[SSL_VERIFY_DATA_MAX_LEN]; /*!<  previous handshake verify data */
+    char peer_verify_data[SSL_VERIFY_DATA_MAX_LEN]; /*!<  previous handshake verify data */
 #endif
 };
 

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 898182c..df57bb1 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3476,8 +3476,8 @@
     ssl->renego_records_seen = 0;
 
     ssl->verify_data_len = 0;
-    memset( ssl->own_verify_data, 0, 36 );
-    memset( ssl->peer_verify_data, 0, 36 );
+    memset( ssl->own_verify_data, 0, SSL_VERIFY_DATA_MAX_LEN );
+    memset( ssl->peer_verify_data, 0, SSL_VERIFY_DATA_MAX_LEN );
 #endif
     ssl->secure_renegotiation = SSL_LEGACY_RENEGOTIATION;