Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't

reveal whether illegal block cipher padding was found or a MAC verification error occured. In ssl/s2_pkt.c, verify that the purported number of padding bytes is in the legal range.
2001-09-20 18:35:52 +00:00
parent be6d77005f
commit ee60d9fb28
9 changed files with 79 additions and 35 deletions
--- a/ssl/s2_enc.c
+++ b/ssl/s2_enc.c
@@ -111,8 +111,8 @@ err:
 	}

 /* read/writes from s->s2->mac_data using length for encrypt and 
- * decrypt.  It sets the s->s2->padding, s->[rw]length and
- * s->s2->pad_data ptr if we are encrypting */
+ * decrypt.  It sets s->s2->padding and s->[rw]length
+ * if we are encrypting */
 void ssl2_enc(SSL *s, int send)
 	{
 	EVP_CIPHER_CTX *ds;