Remove superfluous check

|tls_process_finished| was checking that |peer_finish_md_len| was non-negative. However neither |tls1_final_finish_mac| or |ssl3_final_finish_mac| can ever return a negative value, so the check is superfluous. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Matt Caswell <matt@openssl.org> 2015-10-26 15:05:43 +0100
committer: Matt Caswell <matt@openssl.org> 2015-10-30 09:39:47 +0100
commit: 956de7b2873e0dde61b287049cd0eb35756b6207 (patch)
tree: 1848f7baba803cfc77aa1e04e08ebb6b3ac8cc9f /ssl
parent: Change SSL_state_string return strings to start with a T (diff)
download: openssl-956de7b2873e0dde61b287049cd0eb35756b6207.tar.xz
openssl-956de7b2873e0dde61b287049cd0eb35756b6207.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index f2a2925deb..2c100dc817 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -306,7 +306,7 @@ MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt)
 
     i = s->s3->tmp.peer_finish_md_len;
 
-    if (i < 0 || (unsigned long)i != PACKET_remaining(pkt)) {
+    if ((unsigned long)i != PACKET_remaining(pkt)) {
         al = SSL_AD_DECODE_ERROR;
         SSLerr(SSL_F_TLS_PROCESS_FINISHED, SSL_R_BAD_DIGEST_LENGTH);
         goto f_err;
author	Matt Caswell <matt@openssl.org>	2015-10-26 15:05:43 +0100
committer	Matt Caswell <matt@openssl.org>	2015-10-30 09:39:47 +0100
commit	956de7b2873e0dde61b287049cd0eb35756b6207 (patch)
tree	1848f7baba803cfc77aa1e04e08ebb6b3ac8cc9f /ssl
parent	Change SSL_state_string return strings to start with a T (diff)
download	openssl-956de7b2873e0dde61b287049cd0eb35756b6207.tar.xz openssl-956de7b2873e0dde61b287049cd0eb35756b6207.zip