From: Martin Willi <martin@revosec.ch>
Date: Tue, 17 Jul 2012 09:32:13 +0000 (+0200)
Subject: Fix tls_prf bug introduced with bc474883
X-Git-Tag: 5.0.1~291
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2df12b4c57a97c5c1203401f41f5e11cb95a0153;p=thirdparty%2Fstrongswan.git

Fix tls_prf bug introduced with bc474883
---

diff --git a/src/libtls/tls_prf.c b/src/libtls/tls_prf.c
index a70b121d66..918de1e50b 100644
--- a/src/libtls/tls_prf.c
+++ b/src/libtls/tls_prf.c
@@ -55,11 +55,14 @@ static bool p_hash(prf_t *prf, char *label, chunk_t seed, size_t block_size,
 
 	while (TRUE)
 	{
+		/* A(i) = HMAC_hash(secret, A(i-1)) */
+		if (!prf->get_bytes(prf, a, abuf))
+		{
+			return FALSE;
+		}
 		a = chunk_from_thing(abuf);
-		/* A(i) = HMAC_hash(secret, A(i-1))
-		 * HMAC_hash(secret, A(i) + seed) */
-		if (!prf->get_bytes(prf, a, abuf) ||
-			!prf->get_bytes(prf, a, NULL) ||
+		/* HMAC_hash(secret, A(i) + seed) */
+		if (!prf->get_bytes(prf, a, NULL) ||
 			!prf->get_bytes(prf, seed, buf))
 		{
 			return FALSE;