generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Check DTLS_BAD_VER for version number.

Browse Source 
The version check for DTLS1_VERSION was redundant as
DTLS1_VERSION > TLS1_1_VERSION, however we do need to
check for DTLS1_BAD_VER for compatibility.

PR:2984
(cherry picked from commit d980abb22e22661e98e5cee33d760ab0c7584ecc)
This commit is contained in:
David Woodhouse 2013-02-12 14:55:32 +00:00 committed by Dr. Stephen Henson
parent 0ced72c608
commit 3a3a1af1da
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ssl/s3_cbc.c
View File

@ -148,7 +148,7 @@ int tls1_cbc_remove_padding(const SSL* s,
unsigned padding_length, good, to_check, i;
const unsigned overhead = 1 /* padding length byte */ + mac_size;
/* Check if version requires explicit IV */
if (s->version >= TLS1_1_VERSION || s->version == DTLS1_VERSION)
if (s->version >= TLS1_1_VERSION || s->version == DTLS1_BAD_VER)
{
/* These lengths are all public so we can test them in
* non-constant time.