diff options
| author | David Woodhouse <dwmw2@infradead.org> | 2013-02-12 15:09:44 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2013-02-12 15:12:52 +0000 |
| commit | a8655eb21a7f9a313db18daa6ccaed928fb6027c (patch) | |
| tree | 33f1073a310ef932f2cc23cd52317f82ab98d495 /ssl/s3_cbc.c | |
| parent | f751dc47596050694c19feba162e63f610e29a74 (diff) | |
Check DTLS_BAD_VER for version number.
Need to check DTLS_BAD_VER as well as DTLS1_VERSION.
PR:2984
(cherry picked from commit 6a14feb048c0b7ad4da341fca364171e273da325)
Diffstat (limited to 'ssl/s3_cbc.c')
| -rw-r--r-- | ssl/s3_cbc.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/s3_cbc.c b/ssl/s3_cbc.c index 6b9b11bd50..9f57fc9a62 100644 --- a/ssl/s3_cbc.c +++ b/ssl/s3_cbc.c @@ -148,7 +148,7 @@ int tls1_cbc_remove_padding(const SSL* s, unsigned padding_length, good, to_check, i; const unsigned overhead = 1 /* padding length byte */ + mac_size; /* Check if version requires explicit IV */ - if (s->version == DTLS1_VERSION) + if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) { /* These lengths are all public so we can test them in * non-constant time. |