X-Git-Url: https://www.bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=src%2Fssl%2Fssl_engine.c;h=529b10733b24ea204c210a1db541bb85ab3d5fd4;hp=cdd9bcb310a8b18b1a74d6164c381025dc6a5e55;hb=4aac1cd5c65462d5ad13e377705a00eab8c80d81;hpb=968da0f646a43c69a2517a240c9963ff513981b3

diff --git a/src/ssl/ssl_engine.c b/src/ssl/ssl_engine.c
index cdd9bcb..529b107 100644
--- a/src/ssl/ssl_engine.c
+++ b/src/ssl/ssl_engine.c
@@ -1253,8 +1253,11 @@ br_ssl_engine_close(br_ssl_engine_context *cc)
 int
 br_ssl_engine_renegotiate(br_ssl_engine_context *cc)
 {
+	size_t len;
+
 	if (br_ssl_engine_closed(cc) || cc->reneg == 1
-		|| (cc->flags & BR_OPT_NO_RENEGOTIATION) != 0)
+		|| (cc->flags & BR_OPT_NO_RENEGOTIATION) != 0
+		|| br_ssl_engine_recvapp_buf(cc, &len) != NULL)
 	{
 		return 0;
 	}
@@ -1335,13 +1338,14 @@ br_ssl_engine_compute_master(br_ssl_engine_context *cc,
 	int prf_id, const void *pms, size_t pms_len)
 {
 	br_tls_prf_impl iprf;
-	unsigned char seed[64];
+	br_tls_prf_seed_chunk seed[2] = {
+		{ cc->client_random, sizeof cc->client_random },
+		{ cc->server_random, sizeof cc->server_random }
+	};
 
 	iprf = br_ssl_engine_get_PRF(cc, prf_id);
-	memcpy(seed, cc->client_random, 32);
-	memcpy(seed + 32, cc->server_random, 32);
 	iprf(cc->session.master_secret, sizeof cc->session.master_secret,
-		pms, pms_len, "master secret", seed, sizeof seed);
+		pms, pms_len, "master secret", 2, seed);
 }
 
 /*
@@ -1352,14 +1356,15 @@ compute_key_block(br_ssl_engine_context *cc, int prf_id,
 	size_t half_len, unsigned char *kb)
 {
 	br_tls_prf_impl iprf;
-	unsigned char seed[64];
+	br_tls_prf_seed_chunk seed[2] = {
+		{ cc->server_random, sizeof cc->server_random },
+		{ cc->client_random, sizeof cc->client_random }
+	};
 
 	iprf = br_ssl_engine_get_PRF(cc, prf_id);
-	memcpy(seed, cc->server_random, 32);
-	memcpy(seed + 32, cc->client_random, 32);
 	iprf(kb, half_len << 1,
 		cc->session.master_secret, sizeof cc->session.master_secret,
-		"key expansion", seed, sizeof seed);
+		"key expansion", 2, seed);
 }
 
 /* see inner.h */