From ee60d9fb282030be3f25e951b86d74d8f2dd1bdd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bodo=20M=C3=B6ller?= Date: Thu, 20 Sep 2001 18:35:52 +0000 Subject: Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't reveal whether illegal block cipher padding was found or a MAC verification error occured. In ssl/s2_pkt.c, verify that the purported number of padding bytes is in the legal range. --- ssl/ssl_err.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'ssl/ssl_err.c') diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index 26410b9b2a..0fdd38dd24 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -259,6 +259,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {SSL_R_DATA_BETWEEN_CCS_AND_FINISHED ,"data between ccs and finished"}, {SSL_R_DATA_LENGTH_TOO_LONG ,"data length too long"}, {SSL_R_DECRYPTION_FAILED ,"decryption failed"}, +{SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC,"decryption failed or bad record mac"}, {SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG ,"dh public value length is wrong"}, {SSL_R_DIGEST_CHECK_FAILED ,"digest check failed"}, {SSL_R_ENCRYPTED_LENGTH_TOO_LONG ,"encrypted length too long"}, @@ -269,6 +270,7 @@ static ERR_STRING_DATA SSL_str_reasons[]= {SSL_R_GOT_A_FIN_BEFORE_A_CCS ,"got a fin before a ccs"}, {SSL_R_HTTPS_PROXY_REQUEST ,"https proxy request"}, {SSL_R_HTTP_REQUEST ,"http request"}, +{SSL_R_ILLEGAL_PADDING ,"illegal padding"}, {SSL_R_INVALID_CHALLENGE_LENGTH ,"invalid challenge length"}, {SSL_R_INVALID_COMMAND ,"invalid command"}, {SSL_R_INVALID_PURPOSE ,"invalid purpose"}, -- cgit v1.2.3