From b688f48b13f94b15665e951ee08be5d7f4d07ca7 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Fri, 16 Jul 2010 12:02:31 +0200
Subject: Do not check the padding for TLS 1.0

For interoperability reasons we do not check the padding in TLS 1.0 as
it is not strictly required and breaks interopability with for
instance Google.
---
 lib/ssl/src/ssl_cipher.erl | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'lib/ssl/src/ssl_cipher.erl')

diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl
index a6e80047c2..073c937087 100644
--- a/lib/ssl/src/ssl_cipher.erl
+++ b/lib/ssl/src/ssl_cipher.erl
@@ -506,6 +506,12 @@ generic_stream_cipher_from_bin(T, HashSz) ->
 
 is_correct_padding(_, {3, 0}) ->
     true; 
+%% For interoperability reasons we do not check the padding in TLS 1.0 as it
+%% is not strictly required and breaks interopability with for instance 
+%% Google. 
+is_correct_padding(_, {3, 1}) ->
+    true; 
+%% Padding must be check in TLS 1.1 and after  
 is_correct_padding(#generic_block_cipher{padding_length = Len, padding = Padding}, _) ->
     list_to_binary(lists:duplicate(Len, Len))  == Padding.
 
-- 
cgit v1.2.3