diff options
author | Ingela Anderton Andin <[email protected]> | 2015-03-13 09:13:46 +0100 |
---|---|---|
committer | Ingela Anderton Andin <[email protected]> | 2015-03-13 10:51:28 +0100 |
commit | fbe08ea2c744b7eaf47085c0ccda2f224cc2b5ba (patch) | |
tree | 4899f29052ff6696eb5a4583ba75c1acfbfbf0ae /lib/ssl/src | |
parent | 5a137003f1eb045a39c18438ecc1b22081747487 (diff) | |
download | otp-fbe08ea2c744b7eaf47085c0ccda2f224cc2b5ba.tar.gz otp-fbe08ea2c744b7eaf47085c0ccda2f224cc2b5ba.tar.bz2 otp-fbe08ea2c744b7eaf47085c0ccda2f224cc2b5ba.zip |
ssl: Renable padding check
Diffstat (limited to 'lib/ssl/src')
-rw-r--r-- | lib/ssl/src/ssl_cipher.erl | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl index 567690a413..81354721b7 100644 --- a/lib/ssl/src/ssl_cipher.erl +++ b/lib/ssl/src/ssl_cipher.erl @@ -1,7 +1,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 2007-2012. All Rights Reserved. +%% Copyright Ericsson AB 2007-2015. All Rights Reserved. %% %% The contents of this file are subject to the Erlang Public License, %% Version 1.1, (the "License"); you may not use this file except in @@ -668,14 +668,12 @@ generic_stream_cipher_from_bin(T, HashSz) -> #generic_stream_cipher{content=Content, mac=Mac}. -%% For interoperability reasons we do not check the padding content in -%% SSL 3.0 and TLS 1.0 as it is not strictly required and breaks -%% interopability with for instance Google. +%% SSL 3.0 has no padding check is_correct_padding(#generic_block_cipher{padding_length = Len, padding = Padding}, {3, N}) - when N == 0; N == 1 -> + when N == 0 -> Len == byte_size(Padding); -%% Padding must be check in TLS 1.1 and after +%% Padding should/must be check in TLS-1.0/TLS 1.1 and after is_correct_padding(#generic_block_cipher{padding_length = Len, padding = Padding}, _) -> Len == byte_size(Padding) andalso |