diff options
Diffstat (limited to 'src/lib/libssl/s3_cbc.c')
| -rw-r--r-- | src/lib/libssl/s3_cbc.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/lib/libssl/s3_cbc.c b/src/lib/libssl/s3_cbc.c index 24f0a22d07..74bd4b47c8 100644 --- a/src/lib/libssl/s3_cbc.c +++ b/src/lib/libssl/s3_cbc.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_cbc.c,v 1.7 2014/06/12 15:49:31 deraadt Exp $ */ | 1 | /* $OpenBSD: s3_cbc.c,v 1.8 2014/07/10 08:51:14 tedu Exp $ */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 2012 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 2012 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| @@ -169,8 +169,9 @@ tls1_cbc_remove_padding(const SSL* s, SSL3_RECORD *rec, unsigned block_size, | |||
| 169 | * even length so the padding bug check cannot be performed. This bug | 169 | * even length so the padding bug check cannot be performed. This bug |
| 170 | * workaround has been around since SSLeay so hopefully it is either | 170 | * workaround has been around since SSLeay so hopefully it is either |
| 171 | * fixed now or no buggy implementation supports compression [steve] | 171 | * fixed now or no buggy implementation supports compression [steve] |
| 172 | * (We don't support compression either, so it's not in operation.) | ||
| 172 | */ | 173 | */ |
| 173 | if ((s->options & SSL_OP_TLS_BLOCK_PADDING_BUG) && !s->expand) { | 174 | if ((s->options & SSL_OP_TLS_BLOCK_PADDING_BUG)) { |
| 174 | /* First packet is even in size, so check */ | 175 | /* First packet is even in size, so check */ |
| 175 | if ((memcmp(s->s3->read_sequence, "\0\0\0\0\0\0\0\0", | 176 | if ((memcmp(s->s3->read_sequence, "\0\0\0\0\0\0\0\0", |
| 176 | SSL3_SEQUENCE_SIZE) == 0) && !(padding_length & 1)) { | 177 | SSL3_SEQUENCE_SIZE) == 0) && !(padding_length & 1)) { |