CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2020/02/19 11:22:54
Modified files:
lib/libssl : ssl_pkt.c
Log message:
Refactor do_ssl3_write().
When empty fragments were added as a countermeasure against chosen
plaintext attacks on CBC, it was done by adding a recursive call to
do_ssl3_write(). This makes the code more complex and difficult to change.
Split the record creation code into a separate ssl3_create_record()
function, which do_ssl3_write() calls. In the case where an empty fragment
is needed, ssl3_create_record() is simply called twice, removing the need
for recursion.
ok inoguchi@ tb@
