forked from rpms/openssl
499412dfe4
- better fix for #173399 from upstream - upstream fix for pkcs12
23 lines
770 B
Diff
23 lines
770 B
Diff
openssl/ssl/t1_enc.c 1.35.2.1 -> 1.35.2.2
|
|
|
|
--- openssl/ssl/t1_enc.c 2005/09/30 23:38:20 1.35.2.1
|
|
+++ openssl/ssl/t1_enc.c 2006/05/07 12:27:48 1.35.2.2
|
|
@@ -628,7 +628,15 @@
|
|
{
|
|
ii=i=rec->data[l-1]; /* padding_length */
|
|
i++;
|
|
- if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG)
|
|
+ /* NB: if compression is in operation the first packet
|
|
+ * may not be of even length so the padding bug check
|
|
+ * cannot be performed. This bug workaround has been
|
|
+ * around since SSLeay so hopefully it is either fixed
|
|
+ * now or no buggy implementation supports compression
|
|
+ * [steve]
|
|
+ */
|
|
+ if ( (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG)
|
|
+ && !s->expand)
|
|
{
|
|
/* First packet is even in size, so check */
|
|
if ((memcmp(s->s3->read_sequence,
|
|
|