diff options
| author | Adam Langley <agl@chromium.org> | 2014-06-20 23:00:00 +0400 |
|---|---|---|
| committer | Adam Langley <agl@chromium.org> | 2014-06-21 00:17:35 +0400 |
| commit | d493d5289dd834b65232899c2cd8fe83baddfd44 (patch) | |
| tree | 8d58745d31a798a6acd861bd548e11587125f8cd /ssl/s3_enc.c | |
| parent | 509e5ed20146121177fe3649fe4f51dbc91e60c3 (diff) | |
CBC record splitting.
This patch removes support for empty records (which is almost
universally disabled via SSL_OP_ALL) and adds optional support for 1/n-1
record splitting.
The latter is not enabled by default, since it's not typically used on
servers, but it should be enabled in web browsers since there are known
attacks in that case (see BEAST).
Diffstat (limited to 'ssl/s3_enc.c')
| -rw-r--r-- | ssl/s3_enc.c | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 5fde29d9..fcb57c86 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -402,27 +402,26 @@ int ssl3_setup_key_block(SSL *s) ret = ssl3_generate_key_block(s,p,num); - if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)) + /* enable vulnerability countermeasure for CBC ciphers with + * known-IV problem (http://www.openssl.org/~bodo/tls-cbc.txt) */ + if ((s->mode & SSL_MODE_CBC_RECORD_SPLITTING) != 0) { - /* enable vulnerability countermeasure for CBC ciphers with - * known-IV problem (http://www.openssl.org/~bodo/tls-cbc.txt) - */ - s->s3->need_empty_fragments = 1; + s->s3->need_record_splitting = 1; if (s->session->cipher != NULL) { if (s->session->cipher->algorithm_enc == SSL_eNULL) - s->s3->need_empty_fragments = 0; - + s->s3->need_record_splitting = 0; + #ifndef OPENSSL_NO_RC4 if (s->session->cipher->algorithm_enc == SSL_RC4) - s->s3->need_empty_fragments = 0; + s->s3->need_record_splitting = 0; #endif } } return ret; - + err: OPENSSL_PUT_ERROR(SSL, ssl3_setup_key_block, ERR_R_MALLOC_FAILURE); return(0); |