Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't

reveal whether illegal block cipher padding was found or a MAC verification error occured. In ssl/s2_pkt.c, verify that the purported number of padding bytes is in the legal range.
author: Bodo Möller <bodo@openssl.org> 2001-09-20 18:35:52 +0000
committer: Bodo Möller <bodo@openssl.org> 2001-09-20 18:35:52 +0000
commit: ee60d9fb282030be3f25e951b86d74d8f2dd1bdd (patch)
tree: 307f2414af069a1717aaa5a9906dd586024d2f2e /ssl/ssl.h
parent: be6d77005f0d474462ed5df896596d06402c05b2 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 538d11a0c0..88060ad6d8 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1474,6 +1474,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED		 145
 #define SSL_R_DATA_LENGTH_TOO_LONG			 146
 #define SSL_R_DECRYPTION_FAILED				 147
+#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC	 1109
 #define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG		 148
 #define SSL_R_DIGEST_CHECK_FAILED			 149
 #define SSL_R_ENCRYPTED_LENGTH_TOO_LONG			 150
@@ -1484,6 +1485,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_GOT_A_FIN_BEFORE_A_CCS			 154
 #define SSL_R_HTTPS_PROXY_REQUEST			 155
 #define SSL_R_HTTP_REQUEST				 156
+#define SSL_R_ILLEGAL_PADDING				 1110
 #define SSL_R_INVALID_CHALLENGE_LENGTH			 158
 #define SSL_R_INVALID_COMMAND				 280
 #define SSL_R_INVALID_PURPOSE				 278
author	Bodo Möller <bodo@openssl.org>	2001-09-20 18:35:52 +0000
committer	Bodo Möller <bodo@openssl.org>	2001-09-20 18:35:52 +0000
commit	ee60d9fb282030be3f25e951b86d74d8f2dd1bdd (patch)
tree	307f2414af069a1717aaa5a9906dd586024d2f2e /ssl/ssl.h
parent	be6d77005f0d474462ed5df896596d06402c05b2 (diff)