Fix SSLv3 handling of SHA-384 suites
Fixes memory corruption, introduced in
a5bdfcd (Relax some SHA2 ciphersuite's version requirements)
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index fdb27f6..4b0c5f8 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -471,8 +471,8 @@
#if defined(POLARSSL_SSL_PROTO_SSL3)
/* Needed only for SSL v3.0 secret */
- unsigned char mac_enc[32]; /*!< SSL v3.0 secret (enc) */
- unsigned char mac_dec[32]; /*!< SSL v3.0 secret (dec) */
+ unsigned char mac_enc[48]; /*!< SSL v3.0 secret (enc) */
+ unsigned char mac_dec[48]; /*!< SSL v3.0 secret (dec) */
#endif /* POLARSSL_SSL_PROTO_SSL3 */
md_context_t md_ctx_enc; /*!< MAC (encryption) */
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index c1e3d37..a903b3e 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -941,6 +941,8 @@
padlen = 40;
else if( md_type == POLARSSL_MD_SHA256 )
padlen = 32;
+ else if( md_type == POLARSSL_MD_SHA384 )
+ padlen = 16;
memcpy( header, ctr, 8 );
header[ 8] = (unsigned char) type;