git.samba.org / gd / gnutls / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5074fb7) | patch
_gnutls_epoch_set_keys: do not forbid random padding in TLS1.x CBC ciphersuites
authorNikos Mavrogiannopoulos <nmav@gnutls.org>
Sat, 3 Aug 2019 19:51:58 +0000 (21:51 +0200)
committerNikos Mavrogiannopoulos <nmav@redhat.com>
Fri, 6 Sep 2019 07:44:56 +0000 (09:44 +0200)
commitdaa49b9e455d262a1a2bc1b641e72dc004e2cb3e
treef00d09e42ac1e549673831d088cece476664c294tree
parent5074fb7f22c0d09ad0ceb57bd8f9420ae9dc74d3commit | diff
_gnutls_epoch_set_keys: do not forbid random padding in TLS1.x CBC ciphersuites

Since some point in 3.6.x we updated the calculation of maximum record size,
however that did not include the possibility of random record padding available
for CBC ciphersuites which exceeds the maximum. This commit allows for larger
sizes for these ciphersuites to account for random padding as applied by
gnutls 2.12.x.

Resolves: #811

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
NEWS diff | blob | history
lib/constate.c diff | blob | history
lib/record.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.