In the is_sslv3 case, the header length is recomputed to be large enough.
I also note that we've recently added a sanity check to make this explicit, see
commit
29b0a15a480626544dd0c803d5de671552544de6
Sorry that we didn't acknowledge your report!
Cheers,
Emilia
On 12 September 2013 17:14, Arthur Mesh via RT r...@openssl.org wrote:
I am not 100% sure this is a real bug, hence first tried mailing
openssl-users instead of rt@. But since there was no reply, I am sending
this to rt@
641 if (is_sslv3)
642 {
snip
I am not 100% sure this is a real bug, hence first tried mailing
openssl-users instead of rt@. But since there was no reply, I am sending
this to rt@
641 if (is_sslv3)
642 {
snip
647 unsigned overhang = header_length-md_block_size;