diff options
author | jsing <> | 2020-02-19 18:22:54 +0000 |
---|---|---|
committer | jsing <> | 2020-02-19 18:22:54 +0000 |
commit | 7c2d32329d6b851e926da71faa8a67c0c5796959 (patch) | |
tree | c4b2636bacbae90e01b0d5b98ce6d9d3491875ee /src/lib/libssl/man/SSL_get_server_tmp_key.3 | |
parent | ee21286b135915abb0809c2c5b8833bd64393ee1 (diff) | |
download | openbsd-7c2d32329d6b851e926da71faa8a67c0c5796959.tar.gz openbsd-7c2d32329d6b851e926da71faa8a67c0c5796959.tar.bz2 openbsd-7c2d32329d6b851e926da71faa8a67c0c5796959.zip |
Refactor do_ssl3_write().
When empty fragments were added as a countermeasure against chosen
plaintext attacks on CBC, it was done by adding a recursive call to
do_ssl3_write(). This makes the code more complex and difficult to change.
Split the record creation code into a separate ssl3_create_record()
function, which do_ssl3_write() calls. In the case where an empty fragment
is needed, ssl3_create_record() is simply called twice, removing the need
for recursion.
ok inoguchi@ tb@
Diffstat (limited to 'src/lib/libssl/man/SSL_get_server_tmp_key.3')
0 files changed, 0 insertions, 0 deletions