Loading CHANGES +7 −1 Original line number Diff line number Diff line Loading @@ -4,7 +4,13 @@ Changes between 0.9.8b and 0.9.8c [xx XXX xxxx] *) *) Disable the padding bug check when compression is in use. The padding bug check assumes the first packet is of even length, this is not necessarily true if compresssion is enabled and can result in false positives causing handshake failure. The actual bug test is ancient code so it is hoped that implementations will either have fixed it by now or any which still have the bug do not support compression. [Steve Henson] Changes between 0.9.8a and 0.9.8b [04 May 2006] Loading ssl/t1_enc.c +9 −1 Original line number Diff line number Diff line Loading @@ -628,7 +628,15 @@ int tls1_enc(SSL *s, int send) { ii=i=rec->data[l-1]; /* padding_length */ i++; if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG) /* NB: if compression is in operation the first packet * may not be of even length so the padding bug check * cannot be performed. This bug workaround has been * around since SSLeay so hopefully it is either fixed * now or no buggy implementation supports compression * [steve] */ if ( (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG) && !s->expand) { /* First packet is even in size, so check */ if ((memcmp(s->s3->read_sequence, Loading Loading
CHANGES +7 −1 Original line number Diff line number Diff line Loading @@ -4,7 +4,13 @@ Changes between 0.9.8b and 0.9.8c [xx XXX xxxx] *) *) Disable the padding bug check when compression is in use. The padding bug check assumes the first packet is of even length, this is not necessarily true if compresssion is enabled and can result in false positives causing handshake failure. The actual bug test is ancient code so it is hoped that implementations will either have fixed it by now or any which still have the bug do not support compression. [Steve Henson] Changes between 0.9.8a and 0.9.8b [04 May 2006] Loading
ssl/t1_enc.c +9 −1 Original line number Diff line number Diff line Loading @@ -628,7 +628,15 @@ int tls1_enc(SSL *s, int send) { ii=i=rec->data[l-1]; /* padding_length */ i++; if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG) /* NB: if compression is in operation the first packet * may not be of even length so the padding bug check * cannot be performed. This bug workaround has been * around since SSLeay so hopefully it is either fixed * now or no buggy implementation supports compression * [steve] */ if ( (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG) && !s->expand) { /* First packet is even in size, so check */ if ((memcmp(s->s3->read_sequence, Loading
