From 519b07bca04bdd8585b48f2de6b7124ca6455358 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Tue, 13 Jan 2015 15:16:20 +0100
Subject: ssl: Reenable padding check for TLS-1.0 and provide backwards
 compatible     disable option

---
 lib/ssl/src/tls_record.erl | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'lib/ssl/src/tls_record.erl')

diff --git a/lib/ssl/src/tls_record.erl b/lib/ssl/src/tls_record.erl
index 37929c928d..3d5c5c0da3 100644
--- a/lib/ssl/src/tls_record.erl
+++ b/lib/ssl/src/tls_record.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2007-2014. All Rights Reserved.
+%% Copyright Ericsson AB 2007-2015. All Rights Reserved.
 %%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
@@ -34,7 +34,7 @@
 -export([get_tls_records/2]).
 
 %% Decoding
--export([decode_cipher_text/2]).
+-export([decode_cipher_text/3]).
 
 %% Encoding
 -export([encode_plain_text/4]).
@@ -159,7 +159,7 @@ encode_plain_text(Type, Version, Data,
     {CipherText, ConnectionStates#connection_states{current_write = WriteState#connection_state{sequence_number = Seq +1}}}.
 
 %%--------------------------------------------------------------------
--spec decode_cipher_text(#ssl_tls{}, #connection_states{}) ->
+-spec decode_cipher_text(#ssl_tls{}, #connection_states{}, boolean()) ->
 				{#ssl_tls{}, #connection_states{}}| #alert{}.
 %%
 %% Description: Decode cipher text
@@ -174,7 +174,7 @@ decode_cipher_text(#ssl_tls{type = Type, version = Version,
 						 #security_parameters{
 						    cipher_type = ?AEAD,
 						    compression_algorithm=CompAlg}
-					    } = ReadState0} = ConnnectionStates0) ->
+					    } = ReadState0} = ConnnectionStates0, _) ->
     AAD = calc_aad(Type, Version, ReadState0),
     case ssl_record:decipher_aead(Version, CipherFragment, ReadState0, AAD) of
 	{PlainFragment, ReadState1} ->
@@ -197,8 +197,8 @@ decode_cipher_text(#ssl_tls{type = Type, version = Version,
 					     sequence_number = Seq,
 					     security_parameters=
 						 #security_parameters{compression_algorithm=CompAlg}
-					    } = ReadState0} = ConnnectionStates0) ->
-    case ssl_record:decipher(Version, CipherFragment, ReadState0) of
+					    } = ReadState0} = ConnnectionStates0, PaddingCheck) ->
+    case ssl_record:decipher(Version, CipherFragment, ReadState0, PaddingCheck) of
 	{PlainFragment, Mac, ReadState1} ->
 	    MacHash = calc_mac_hash(Type, Version, PlainFragment, ReadState1),
 	    case ssl_record:is_correct_mac(Mac, MacHash) of
-- 
cgit v1.2.3