session tickets: use more sizeof

        {

            unsigned char *keys = parg;

            long tlsext_tick_keylen = (sizeof(ctx->tlsext_tick_key_name) +

                sizeof(ctx->tlsext_tick_hmac_key) + (ctx->tlsext_tick_aes_key));

            if (!keys)

                sizeof(ctx->tlsext_tick_hmac_key) + sizeof(ctx->tlsext_tick_aes_key));

            if (keys == NULL)

                return tlsext_tick_keylen;

            if (larg != tlsext_tick_keylen) {

                SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);

/* Needed in ssl_cert.c */

DEFINE_LHASH_OF(X509_NAME);

#define TLSEXT_KEYNAME_LENGTH 16

struct ssl_ctx_st {

    const SSL_METHOD *method;

    STACK_OF(SSL_CIPHER) *cipher_list;

    int (*tlsext_servername_callback) (SSL *, int *, void *);

    void *tlsext_servername_arg;

    /* RFC 4507 session ticket keys */

    unsigned char tlsext_tick_key_name[16];

    unsigned char tlsext_tick_key_name[TLSEXT_KEYNAME_LENGTH];

    unsigned char tlsext_tick_hmac_key[32];

    unsigned char tlsext_tick_aes_key[32];

    /* Callback to support customisation of ticket key setting */

    unsigned int hlen;

    SSL_CTX *tctx = s->initial_ctx;

    unsigned char iv[EVP_MAX_IV_LENGTH];

    unsigned char key_name[16];

    unsigned char key_name[TLSEXT_KEYNAME_LENGTH];

    int iv_len;

    /* get session encoding length */

    slen_full = i2d_SSL_SESSION(s->session, NULL);

     * Grow buffer if need be: the length calculation is as

     * follows handshake_header_length +

     * 4 (ticket lifetime hint) + 2 (ticket length) +

     * 16 (key name) + max_iv_len (iv length) +

     * session_length + max_enc_block_size (max encrypted session

     * length) + max_md_size (HMAC).

     * sizeof(keyname) + max_iv_len (iv length) +

     * max_enc_block_size (max encrypted session * length) +

     * max_md_size (HMAC) + session_length.

     */

    if (!BUF_MEM_grow(s->init_buf,

                      SSL_HM_HEADER_LENGTH(s) + 22 + EVP_MAX_IV_LENGTH +

                      EVP_MAX_BLOCK_LENGTH + EVP_MAX_MD_SIZE + slen))

                      SSL_HM_HEADER_LENGTH(s) + 6 + sizeof(key_name) +

                      EVP_MAX_IV_LENGTH + EVP_MAX_BLOCK_LENGTH +

                      EVP_MAX_MD_SIZE + slen))

        goto err;

    p = ssl_handshake_start(s);

    if (tctx->tlsext_ticket_key_cb) {

        if (tctx->tlsext_ticket_key_cb(s, key_name, iv, ctx, hctx, 1) < 0)

            goto err;

        iv_len = EVP_CIPHER_CTX_iv_length(ctx);

    } else {

        if (RAND_bytes(iv, 16) <= 0)

        const EVP_CIPHER *cipher = EVP_aes_256_cbc();

        iv_len = EVP_CIPHER_iv_length(cipher);

        if (RAND_bytes(iv, iv_len) <= 0)

            goto err;

        if (!EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL,

        if (!EVP_EncryptInit_ex(ctx, cipher, NULL,

                                tctx->tlsext_tick_aes_key, iv))

            goto err;

        if (!HMAC_Init_ex(hctx, tctx->tlsext_tick_hmac_key,

    p += 2;

    /* Output key name */

    macstart = p;

    memcpy(p, key_name, 16);

    p += 16;

    memcpy(p, key_name, sizeof(key_name));

    p += sizeof(key_name);

    /* output IV */

    memcpy(p, iv, EVP_CIPHER_CTX_iv_length(ctx));

    p += EVP_CIPHER_CTX_iv_length(ctx);

    memcpy(p, iv, iv_len);

    p += iv_len;

    /* Encrypt session data */

    if (!EVP_EncryptUpdate(ctx, p, &len, senc, slen))

        goto err;