e_aes_cbc_hmac_sha1.c: handle zero-length payload and engage empty frag

countermeasure. PR: 2778
author: Andy Polyakov <appro@openssl.org> 2012-04-15 14:14:22 +0000
committer: Andy Polyakov <appro@openssl.org> 2012-04-15 14:14:22 +0000
commit: fc90e42c8623af13308d8ef7e7ada84af0a36509 (patch)
tree: 4a1e5965220812bd88b366e661908d91305caa8e /ssl/s3_pkt.c
parent: 26e6bac143f83a0d126a1deaae72f5c5d2413b84 (diff)
download: openssl-new-fc90e42c8623af13308d8ef7e7ada84af0a36509.tar.gz
1 files changed, 6 insertions, 2 deletions
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index b2d9b1683b..ca5412dc2a 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -664,10 +664,14 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
 	if (	(sess == NULL) ||
 		(s->enc_write_ctx == NULL) ||
 		(EVP_MD_CTX_md(s->write_hash) == NULL))
+		{
+#if 1
+		clear=s->enc_write_ctx?0:1;	/* must be AEAD cipher */
+#else
 		clear=1;
-
-	if (clear)
+#endif
 		mac_size=0;
+		}
 	else
 		{
 		mac_size=EVP_MD_CTX_size(s->write_hash);
author	Andy Polyakov <appro@openssl.org>	2012-04-15 14:14:22 +0000
committer	Andy Polyakov <appro@openssl.org>	2012-04-15 14:14:22 +0000
commit	fc90e42c8623af13308d8ef7e7ada84af0a36509 (patch)
tree	4a1e5965220812bd88b366e661908d91305caa8e /ssl/s3_pkt.c
parent	26e6bac143f83a0d126a1deaae72f5c5d2413b84 (diff)
download	openssl-new-fc90e42c8623af13308d8ef7e7ada84af0a36509.tar.gz