openssl/openssl-0.9.8b-block-padding.patch

23 lines
770 B
Diff
Raw Normal View History

openssl/ssl/t1_enc.c 1.35.2.1 -> 1.35.2.2
--- openssl/ssl/t1_enc.c 2005/09/30 23:38:20 1.35.2.1
+++ openssl/ssl/t1_enc.c 2006/05/07 12:27:48 1.35.2.2
@@ -628,7 +628,15 @@
{
ii=i=rec->data[l-1]; /* padding_length */
i++;
- if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG)
+ /* NB: if compression is in operation the first packet
+ * may not be of even length so the padding bug check
+ * cannot be performed. This bug workaround has been
+ * around since SSLeay so hopefully it is either fixed
+ * now or no buggy implementation supports compression
+ * [steve]
+ */
+ if ( (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG)
+ && !s->expand)
{
/* First packet is even in size, so check */
if ((memcmp(s->s3->read_sequence,