summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authortaca <taca@pkgsrc.org>2013-02-13 15:09:48 +0000
committertaca <taca@pkgsrc.org>2013-02-13 15:09:48 +0000
commit5740baec1da3605a644fdf0fb804ac342e0cadf8 (patch)
tree50c679064f6de4a1ce9eb1ded3f43618416caa5e /security
parent27de1b18e498f63cf7193cdf9b4ed9adeacc14a7 (diff)
downloadpkgsrc-5740baec1da3605a644fdf0fb804ac342e0cadf8.tar.gz
Oops, forgot to "cvs rm" an obsolete patch file.
Thanks to wiz@ noted via mail.
Diffstat (limited to 'security')
-rw-r--r--security/openssl/patches/patch-ssl_s3__cbc.c67
1 files changed, 0 insertions, 67 deletions
diff --git a/security/openssl/patches/patch-ssl_s3__cbc.c b/security/openssl/patches/patch-ssl_s3__cbc.c
deleted file mode 100644
index 41acb9a6b97..00000000000
--- a/security/openssl/patches/patch-ssl_s3__cbc.c
+++ /dev/null
@@ -1,67 +0,0 @@
-$NetBSD: patch-ssl_s3__cbc.c,v 1.1 2013/02/08 14:11:08 jperkin Exp $
-
-Apply data-corruption patch from:
-
- http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=32cc247
-
-Fix IV check and padding removal.
-
-Fix the calculation that checks there is enough room in a record
-after removing padding and optional explicit IV. (by Steve)
-
-For AEAD remove the correct number of padding bytes (by Andy)
-
---- ssl/s3_cbc.c
-+++ ssl/s3_cbc.c
-@@ -139,31 +139,22 @@ int tls1_cbc_remove_padding(const SSL* s,
- unsigned mac_size)
- {
- unsigned padding_length, good, to_check, i;
-- const char has_explicit_iv =
-- s->version >= TLS1_1_VERSION || s->version == DTLS1_VERSION;
-- const unsigned overhead = 1 /* padding length byte */ +
-- mac_size +
-- (has_explicit_iv ? block_size : 0);
--
-- /* These lengths are all public so we can test them in non-constant
-- * time. */
-- if (overhead > rec->length)
-- return 0;
--
-- /* We can always safely skip the explicit IV. We check at the beginning
-- * of this function that the record has at least enough space for the
-- * IV, MAC and padding length byte. (These can be checked in
-- * non-constant time because it's all public information.) So, if the
-- * padding was invalid, then we didn't change |rec->length| and this is
-- * safe. If the padding was valid then we know that we have at least
-- * overhead+padding_length bytes of space and so this is still safe
-- * because overhead accounts for the explicit IV. */
-- if (has_explicit_iv)
-+ const unsigned overhead = 1 /* padding length byte */ + mac_size;
-+ /* Check if version requires explicit IV */
-+ if (s->version >= TLS1_1_VERSION || s->version == DTLS1_VERSION)
- {
-+ /* These lengths are all public so we can test them in
-+ * non-constant time.
-+ */
-+ if (overhead + block_size > rec->length)
-+ return 0;
-+ /* We can now safely skip explicit IV */
- rec->data += block_size;
- rec->input += block_size;
- rec->length -= block_size;
- }
-+ else if (overhead > rec->length)
-+ return 0;
-
- padding_length = rec->data[rec->length-1];
-
-@@ -190,7 +181,7 @@ int tls1_cbc_remove_padding(const SSL* s,
- if (EVP_CIPHER_flags(s->enc_read_ctx->cipher)&EVP_CIPH_FLAG_AEAD_CIPHER)
- {
- /* padding is already verified */
-- rec->length -= padding_length;
-+ rec->length -= padding_length + 1;
- return 1;
- }
-