On 11 February 2013 13:19, David Woodhouse <dw...@infradead.org> wrote:
> On Mon, 2013-02-11 at 20:59 +0000, David Woodhouse wrote:
>> > From 32cc2479b473c49ce869e57fded7e9a77b695c0d Mon Sep 17 00:00:00 2001
>> > From: "Dr. Stephen Henson" <st...@openssl.org>
>> > Date: Thu, 7 Feb 2013 21:06:37 +0000
>> > Subject: [PATCH] Fix IV check and padding removal.
>> ...
>> + if (s->version >= TLS1_1_VERSION || s->version == DTLS1_VERSION)
>>
>>
>> That's redundant, isn't it? DTLS1_VERSION (0xfeff) is greater than
>> TLS1_1_version (0x302) anyway.
>>
>> DTLS1_BAD_VER isn't though. Changing the DTLS1_VERSION to DTLS1_BAD_VER
>> makes OpenConnect work again...
>>
>> diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c
>> index 2e93657..1db1d8c 100644
>> --- a/ssl/s3_cbc.c
>> +++ b/ssl/s3_cbc.c
>> @@ -146,7 +146,7 @@ int tls1_cbc_remove_padding(const SSL* s,
>> unsigned padding_length, good, to_check, i;
>> const unsigned overhead = 1 /* padding length byte */ + mac_size;
>> /* Check if version requires explicit IV */
>> - if (s->version >= TLS1_1_VERSION || s->version == DTLS1_VERSION)
>> + if (s->version >= TLS1_1_VERSION || s->version == DTLS1_BAD_VER)
>> {
>> /* These lengths are all public so we can test them in
>> * non-constant time.
>
> Ah, it looks like you only moved the offending code; it was actually
> Ben's fault in commit 9f27de17 / 014265eb.
Gah! I wish tests would pick up stuff like this!
> (I'm so happy you finally moved to git :)
>
> --
> dwmw2
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
