While working on another diff I ended up looking to see why on earth the

DTLS code had a chunk that checked to see if the SSL version was *not*
DTLS. Turns out that this is inside a big #if 0 block with a comment
explaining why DTLS will never need this code...

The DTLS code was clearly written by wholesale copying the SSLv3 code.
Any code not applicable to DTLS was seemingly #if 0'd or commented out
and left for others to find.

d1_pkt.c is copied from s3_pkt.c and it has a do_dtls1_write() function
that has the same function signature as do_ssl3_write(), except that the
create_empty_fragement (yes, that is the spelling in ssl_locl.h) argument
is unused for DTLS (although there is code that pretends to use it) since
it uses explicit IV (as the comment notes).

Instead of leaving this turd lying around, nuke the #if 0'd code (along
with the check for *not* DTLS) and remove the pointless
create_empty_fragment argument given the only two do_dtls1_write() calls
specify zero.

This kind of thing also makes you wonder how much actual peer review
occurred before the code was initially committed...

ok beck@

4 files changed, 12 insertions, 80 deletions

diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index db898f507a..d2f63b890b 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -1361,12 +1361,12 @@ dtls1_write_bytes(SSL *s, int type, const void *buf, int len)
 
         OPENSSL_assert(len <= SSL3_RT_MAX_PLAIN_LENGTH);
         s->rwstate = SSL_NOTHING;
-        i = do_dtls1_write(s, type, buf, len, 0);
+        i = do_dtls1_write(s, type, buf, len);
         return i;
 }
 
 int
-do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, int create_empty_fragment)
+do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
 {
         unsigned char *p, *pseq;
         int i, mac_size, clear = 0;
@@ -1391,7 +1391,7 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, int
                 /* if it went, fall through and send more stuff */
         }
 
-        if (len == 0 && !create_empty_fragment)
+        if (len == 0)
                 return 0;
 
         wr = &(s->s3->wrec);
@@ -1410,35 +1410,8 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, int
                         goto err;
         }
 
-        /* DTLS implements explicit IV, so no need for empty fragments */
-#if 0
-        /* 'create_empty_fragment' is true only when this function calls itself */
-        if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done &&
-            SSL_version(s) != DTLS1_VERSION &&
-            SSL_version(s) != DTLS1_BAD_VER) {
-                /* countermeasure against known-IV weakness in CBC ciphersuites
-                 * (see http://www.openssl.org/~bodo/tls-cbc.txt) 
-                 */
-
-                if (s->s3->need_empty_fragments && type == SSL3_RT_APPLICATION_DATA) {
-                        /* recursive function call with 'create_empty_fragment' set;
-                         * this prepares and buffers the data for an empty fragment
-                         * (these 'prefix_len' bytes are sent out later
-                         * together with the actual payload) */
-                        prefix_len = s->method->do_ssl_write(s, type, buf, 0, 1);
-                        if (prefix_len <= 0)
-                                goto err;
-
-                        if (s->s3->wbuf.len < (size_t)prefix_len + SSL3_RT_MAX_PACKET_SIZE) {
-                                /* insufficient space */
-                                SSLerr(SSL_F_DO_DTLS1_WRITE, ERR_R_INTERNAL_ERROR);
-                                goto err;
-                        }
-                }
+        /* DTLS implements explicit IV, so no need for empty fragments. */
 
-                s->s3->empty_fragment_done = 1;
-        }
-#endif
         p = wb->buf + prefix_len;
 
         /* write the header */
@@ -1542,13 +1515,6 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, int
 
         ssl3_record_sequence_update(&(s->s3->write_sequence[0]));
 
-        if (create_empty_fragment) {
-                /* we are in a recursive call;
-                 * just return the length, don't write out anything here
-                 */
-                return wr->length;
-        }
-
         /* now let's set up wb */
         wb->left = prefix_len + wr->length;
         wb->offset = 0;
@@ -1644,7 +1610,7 @@ dtls1_dispatch_alert(SSL *s)
         }
 #endif
 
-        i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf), 0);
+        i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf));
         if (i <= 0) {
                 s->s3->alert_dispatch = 1;
                 /* fprintf( stderr, "not done with alert\n" ); */
diff --git a/src/lib/libssl/src/ssl/d1_pkt.c b/src/lib/libssl/src/ssl/d1_pkt.c
index db898f507a..d2f63b890b 100644
--- a/src/lib/libssl/src/ssl/d1_pkt.c
+++ b/src/lib/libssl/src/ssl/d1_pkt.c
@@ -1361,12 +1361,12 @@ dtls1_write_bytes(SSL *s, int type, const void *buf, int len)
 
         OPENSSL_assert(len <= SSL3_RT_MAX_PLAIN_LENGTH);
         s->rwstate = SSL_NOTHING;
-        i = do_dtls1_write(s, type, buf, len, 0);
+        i = do_dtls1_write(s, type, buf, len);
         return i;
 }
 
 int
-do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, int create_empty_fragment)
+do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
 {
         unsigned char *p, *pseq;
         int i, mac_size, clear = 0;
@@ -1391,7 +1391,7 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, int
                 /* if it went, fall through and send more stuff */
         }
 
-        if (len == 0 && !create_empty_fragment)
+        if (len == 0)
                 return 0;
 
         wr = &(s->s3->wrec);
@@ -1410,35 +1410,8 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, int
                         goto err;
         }
 
-        /* DTLS implements explicit IV, so no need for empty fragments */
-#if 0
-        /* 'create_empty_fragment' is true only when this function calls itself */
-        if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done &&
-            SSL_version(s) != DTLS1_VERSION &&
-            SSL_version(s) != DTLS1_BAD_VER) {
-                /* countermeasure against known-IV weakness in CBC ciphersuites
-                 * (see http://www.openssl.org/~bodo/tls-cbc.txt) 
-                 */
-
-                if (s->s3->need_empty_fragments && type == SSL3_RT_APPLICATION_DATA) {
-                        /* recursive function call with 'create_empty_fragment' set;
-                         * this prepares and buffers the data for an empty fragment
-                         * (these 'prefix_len' bytes are sent out later
-                         * together with the actual payload) */
-                        prefix_len = s->method->do_ssl_write(s, type, buf, 0, 1);
-                        if (prefix_len <= 0)
-                                goto err;
-
-                        if (s->s3->wbuf.len < (size_t)prefix_len + SSL3_RT_MAX_PACKET_SIZE) {
-                                /* insufficient space */
-                                SSLerr(SSL_F_DO_DTLS1_WRITE, ERR_R_INTERNAL_ERROR);
-                                goto err;
-                        }
-                }
+        /* DTLS implements explicit IV, so no need for empty fragments. */
 
-                s->s3->empty_fragment_done = 1;
-        }
-#endif
         p = wb->buf + prefix_len;
 
         /* write the header */
@@ -1542,13 +1515,6 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, int
 
         ssl3_record_sequence_update(&(s->s3->write_sequence[0]));
 
-        if (create_empty_fragment) {
-                /* we are in a recursive call;
-                 * just return the length, don't write out anything here
-                 */
-                return wr->length;
-        }
-
         /* now let's set up wb */
         wb->left = prefix_len + wr->length;
         wb->offset = 0;
@@ -1644,7 +1610,7 @@ dtls1_dispatch_alert(SSL *s)
         }
 #endif
 
-        i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf), 0);
+        i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf));
         if (i <= 0) {
                 s->s3->alert_dispatch = 1;
                 /* fprintf( stderr, "not done with alert\n" ); */
diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h
index 16d31f33d2..208610dac1 100644
--- a/src/lib/libssl/src/ssl/ssl_locl.h
+++ b/src/lib/libssl/src/ssl/ssl_locl.h
@@ -806,7 +806,7 @@ int dtls1_shutdown(SSL *s);
 long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
 int dtls1_get_record(SSL *s);
 int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
-    unsigned int len, int create_empty_fragement);
+    unsigned int len);
 int dtls1_dispatch_alert(SSL *s);
 int dtls1_enc(SSL *s, int snd);
 
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 16d31f33d2..208610dac1 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -806,7 +806,7 @@ int dtls1_shutdown(SSL *s);
 long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
 int dtls1_get_record(SSL *s);
 int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
-    unsigned int len, int create_empty_fragement);
+    unsigned int len);
 int dtls1_dispatch_alert(SSL *s);
 int dtls1_enc(SSL *s, int snd);