summaryrefslogtreecommitdiffstats
path: root/ssl/t1_lib.c
diff options
context:
space:
mode:
authorDr. Stephen Henson <steve@openssl.org>2013-12-13 14:41:32 +0000
committerDr. Stephen Henson <steve@openssl.org>2013-12-13 15:29:26 +0000
commit8c6d8c2a498146992123ef5407d7ba01a1e7224d (patch)
treeda164e7b7c96df04f3969b2d4c428bae19d24d1c /ssl/t1_lib.c
parent53a8f8c26d43b2fb1a0a4a6d2b12c27abf97ea77 (diff)
Backport TLS padding extension from master.
Diffstat (limited to 'ssl/t1_lib.c')
-rw-r--r--ssl/t1_lib.c30
1 files changed, 30 insertions, 0 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 274f84631e..3359e87d4d 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1502,6 +1502,36 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
}
}
+#ifdef TLSEXT_TYPE_padding
+ /* Add padding to workaround bugs in F5 terminators.
+ * See https://tools.ietf.org/html/draft-agl-tls-padding-02
+ *
+ * NB: because this code works out the length of all existing
+ * extensions it MUST always appear last.
+ */
+ {
+ int hlen = ret - (unsigned char *)s->init_buf->data;
+ /* The code in s23_clnt.c to build ClientHello messages includes the
+ * 5-byte record header in the buffer, while the code in s3_clnt.c does
+ * not. */
+ if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
+ hlen -= 5;
+ if (hlen > 0xff && hlen < 0x200)
+ {
+ hlen = 0x200 - hlen;
+ if (hlen >= 4)
+ hlen -= 4;
+ else
+ hlen = 0;
+
+ s2n(TLSEXT_TYPE_padding, ret);
+ s2n(hlen, ret);
+ memset(ret, 0, hlen);
+ ret += hlen;
+ }
+ }
+#endif
+
if ((extdatalen = ret-p-2) == 0)
return p;