diff options
author | David Benjamin <davidben@chromium.org> | 2015-01-22 23:33:51 +0300 |
---|---|---|
committer | Adam Langley <agl@google.com> | 2015-01-23 01:00:01 +0300 |
commit | 1e52ecac4dca31d0007a76f0960ea4c8c79ee094 (patch) | |
tree | 6253d6b4ceb53977bbd546d159f2d0e7ed038873 /ssl/d1_pkt.c | |
parent | 66850ddec105f0be7bba400e64debb56f3e21104 (diff) |
Normalize tls1_enc return values.
The distinction between publicly and non-publicly invalid is barely acted upon
and slightly silly now that the CBC padding check has been folded into
EVP_AEAD.
Change-Id: Idce4b9b8d29d624e3c95243a147265d071612127
Reviewed-on: https://boringssl-review.googlesource.com/2980
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'ssl/d1_pkt.c')
-rw-r--r-- | ssl/d1_pkt.c | 16 |
1 files changed, 2 insertions, 14 deletions
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c index 451a3c24..1d3236f1 100644 --- a/ssl/d1_pkt.c +++ b/ssl/d1_pkt.c @@ -329,7 +329,6 @@ static int dtls1_process_buffered_records(SSL *s) { static int dtls1_process_record(SSL *s) { int al; - int enc_err; SSL3_RECORD *rr; rr = &(s->s3->rrec); @@ -357,23 +356,12 @@ static int dtls1_process_record(SSL *s) { /* decrypt in place in 'rr->input' */ rr->data = rr->input; - enc_err = s->enc_method->enc(s, 0); - /* enc_err is: - * 0: (in non-constant time) if the record is publically invalid. - * 1: if the padding is valid - * -1: if the padding is invalid */ - if (enc_err == 0) { + if (!s->enc_method->enc(s, 0)) { /* For DTLS we simply ignore bad packets. */ rr->length = 0; s->packet_length = 0; goto err; } - if (enc_err < 0) { - /* decryption failed, silently discard message */ - rr->length = 0; - s->packet_length = 0; - goto err; - } if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH) { al = SSL_AD_RECORD_OVERFLOW; @@ -1171,7 +1159,7 @@ static int do_dtls1_write(SSL *s, int type, const uint8_t *buf, wr->data = p; wr->length += eivlen; - if (s->enc_method->enc(s, 1) < 1) { + if (!s->enc_method->enc(s, 1)) { goto err; } |