diff options
| author | Ingela Anderton Andin <[email protected]> | 2015-01-13 15:16:20 +0100 |
|---|---|---|
| committer | Ingela Anderton Andin <[email protected]> | 2015-01-23 11:34:18 +0100 |
| commit | 519b07bca04bdd8585b48f2de6b7124ca6455358 (patch) | |
| tree | 71dcbdfd4b32ff7784bb91d35f0cc3eecccb0c64 /lib/ssl/src/tls_record.erl | |
| parent | 69de799fdce1c4cc5a582df6f2a86ccd3e62c3a9 (diff) | |
| download | otp-519b07bca04bdd8585b48f2de6b7124ca6455358.tar.gz otp-519b07bca04bdd8585b48f2de6b7124ca6455358.tar.bz2 otp-519b07bca04bdd8585b48f2de6b7124ca6455358.zip | |
ssl: Reenable padding check for TLS-1.0 and provide backwards compatible
disable option
Diffstat (limited to 'lib/ssl/src/tls_record.erl')
| -rw-r--r-- | lib/ssl/src/tls_record.erl | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/lib/ssl/src/tls_record.erl b/lib/ssl/src/tls_record.erl index 37929c928d..3d5c5c0da3 100644 --- a/lib/ssl/src/tls_record.erl +++ b/lib/ssl/src/tls_record.erl @@ -1,7 +1,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 2007-2014. All Rights Reserved. +%% Copyright Ericsson AB 2007-2015. All Rights Reserved. %% %% The contents of this file are subject to the Erlang Public License, %% Version 1.1, (the "License"); you may not use this file except in @@ -34,7 +34,7 @@ -export([get_tls_records/2]). %% Decoding --export([decode_cipher_text/2]). +-export([decode_cipher_text/3]). %% Encoding -export([encode_plain_text/4]). @@ -159,7 +159,7 @@ encode_plain_text(Type, Version, Data, {CipherText, ConnectionStates#connection_states{current_write = WriteState#connection_state{sequence_number = Seq +1}}}. %%-------------------------------------------------------------------- --spec decode_cipher_text(#ssl_tls{}, #connection_states{}) -> +-spec decode_cipher_text(#ssl_tls{}, #connection_states{}, boolean()) -> {#ssl_tls{}, #connection_states{}}| #alert{}. %% %% Description: Decode cipher text @@ -174,7 +174,7 @@ decode_cipher_text(#ssl_tls{type = Type, version = Version, #security_parameters{ cipher_type = ?AEAD, compression_algorithm=CompAlg} - } = ReadState0} = ConnnectionStates0) -> + } = ReadState0} = ConnnectionStates0, _) -> AAD = calc_aad(Type, Version, ReadState0), case ssl_record:decipher_aead(Version, CipherFragment, ReadState0, AAD) of {PlainFragment, ReadState1} -> @@ -197,8 +197,8 @@ decode_cipher_text(#ssl_tls{type = Type, version = Version, sequence_number = Seq, security_parameters= #security_parameters{compression_algorithm=CompAlg} - } = ReadState0} = ConnnectionStates0) -> - case ssl_record:decipher(Version, CipherFragment, ReadState0) of + } = ReadState0} = ConnnectionStates0, PaddingCheck) -> + case ssl_record:decipher(Version, CipherFragment, ReadState0, PaddingCheck) of {PlainFragment, Mac, ReadState1} -> MacHash = calc_mac_hash(Type, Version, PlainFragment, ReadState1), case ssl_record:is_correct_mac(Mac, MacHash) of |