From 489dbb57ee3abd9d28ef0c63007d420b6a34b1f4 Mon Sep 17 00:00:00 2001 From: doug <> Date: Fri, 17 Jul 2015 07:04:41 +0000 Subject: Remove workaround for TLS padding bug from SSLeay days. OpenSSL doesn't remember which clients were impacted and the functionality has been broken in their stable releases for 2 years. Based on OpenSSL commit a8e4ac6a2fe67c19672ecf0c6aeafa15801ce3a5. ok jsing@ --- src/lib/libssl/s3_cbc.c | 20 +------------------- 1 file changed, 1 insertion(+), 19 deletions(-) (limited to 'src/lib/libssl/s3_cbc.c') diff --git a/src/lib/libssl/s3_cbc.c b/src/lib/libssl/s3_cbc.c index fd4781b64c..57485caacf 100644 --- a/src/lib/libssl/s3_cbc.c +++ b/src/lib/libssl/s3_cbc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_cbc.c,v 1.9 2014/12/15 00:46:53 doug Exp $ */ +/* $OpenBSD: s3_cbc.c,v 1.10 2015/07/17 07:04:40 doug Exp $ */ /* ==================================================================== * Copyright (c) 2012 The OpenSSL Project. All rights reserved. * @@ -165,24 +165,6 @@ tls1_cbc_remove_padding(const SSL* s, SSL3_RECORD *rec, unsigned block_size, padding_length = rec->data[rec->length - 1]; - /* NB: if compression is in operation the first packet may not be of - * even length so the padding bug check cannot be performed. This bug - * workaround has been around since SSLeay so hopefully it is either - * fixed now or no buggy implementation supports compression [steve] - * (We don't support compression either, so it's not in operation.) - */ - if ((s->options & SSL_OP_TLS_BLOCK_PADDING_BUG)) { - /* First packet is even in size, so check */ - if ((memcmp(s->s3->read_sequence, "\0\0\0\0\0\0\0\0", - SSL3_SEQUENCE_SIZE) == 0) && !(padding_length & 1)) { - s->s3->flags|=TLS1_FLAGS_TLS_PADDING_BUG; - } - if ((s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG) && - padding_length > 0) { - padding_length--; - } - } - if (EVP_CIPHER_flags(s->enc_read_ctx->cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) { /* padding is already verified */ rec->length -= padding_length + 1; -- cgit v1.2.3-55-g6feb