diff options
author | simon <simon@FreeBSD.org> | 2006-10-01 07:38:44 +0000 |
---|---|---|
committer | simon <simon@FreeBSD.org> | 2006-10-01 07:38:44 +0000 |
commit | 387e65d767783525d46f90e7415169ff0015f809 (patch) | |
tree | ddbe8498869205da709070fe1d40135d495b9326 /crypto/openssl/ssl/t1_enc.c | |
parent | fb3c70eda88d3175627edc6a3316b4508b3d29c5 (diff) | |
download | FreeBSD-src-387e65d767783525d46f90e7415169ff0015f809.zip FreeBSD-src-387e65d767783525d46f90e7415169ff0015f809.tar.gz |
Vendor import of OpenSSL 0.9.8d.
Diffstat (limited to 'crypto/openssl/ssl/t1_enc.c')
-rw-r--r-- | crypto/openssl/ssl/t1_enc.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/crypto/openssl/ssl/t1_enc.c b/crypto/openssl/ssl/t1_enc.c index c544c76..e0ce681 100644 --- a/crypto/openssl/ssl/t1_enc.c +++ b/crypto/openssl/ssl/t1_enc.c @@ -628,7 +628,15 @@ int tls1_enc(SSL *s, int send) { ii=i=rec->data[l-1]; /* padding_length */ i++; - if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG) + /* NB: if compression is in operation the first packet + * may not be of even length so the padding bug check + * cannot be performed. This bug workaround has been + * around since SSLeay so hopefully it is either fixed + * now or no buggy implementation supports compression + * [steve] + */ + if ( (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG) + && !s->expand) { /* First packet is even in size, so check */ if ((memcmp(s->s3->read_sequence, |