Revert 97269 - Send only one byte of data in the first CBC encrypted

net/third_party/nss/ssl/ssl3con.c

 /*
  * SSL3 Protocol
  *
  * ***** BEGIN LICENSE BLOCK *****
  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  *
  * The contents of this file are subject to the Mozilla Public License Version
  * 1.1 (the "License"); you may not use this file except in compliance with
  * the License. You may obtain a copy of the License at
  * http://www.mozilla.org/MPL/
@@ skipping 2303 matching lines @@
 
 /* Attempt to send the content of "in" in an SSL application_data record.
  * Returns "len" or SECFailure,   never SECWouldBlock, nor SECSuccess.
  */
 int
 ssl3_SendApplicationData(sslSocket *ss, const unsigned char *in,
                          PRInt32 len, PRInt32 flags)
 {
     PRInt32   totalSent = 0;
     PRInt32   discarded = 0;
-    PRBool    isBlockCipher;
-    int       recordIndex;
 
     PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss) );
     if (len < 0 || !in) {
         PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
         return SECFailure;
     }
 
     if (ss->pendingBuf.len > SSL3_PENDING_HIGH_WATER &&
         !ssl_SocketIsBlocking(ss)) {
         PORT_Assert(!ssl_SocketIsBlocking(ss));
         PORT_SetError(PR_WOULD_BLOCK_ERROR);
         return SECFailure;
     }
 
     if (ss->appDataBuffered && len) {
         PORT_Assert (in[0] == (unsigned char)(ss->appDataBuffered));
         if (in[0] != (unsigned char)(ss->appDataBuffered)) {
             PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
             return SECFailure;
         }
         in++;
         len--;
         discarded = 1;
     }
-
-    ssl_GetSpecReadLock(ss);
-    isBlockCipher = ss->ssl3.cwSpec->cipher_def->type == type_block;
-    ssl_ReleaseSpecReadLock(ss);
-
-    for (recordIndex = 0; len > totalSent; recordIndex++) {
+    while (len > totalSent) {
         PRInt32   sent, toSend;
 
         if (totalSent > 0) {
             /*
              * The thread yield is intended to give the reader thread a
              * chance to get some cycles while the writer thread is in
              * the middle of a large application data write.  (See
              * Bugzilla bug 127740, comment #1.)
              */
             ssl_ReleaseXmitBufLock(ss);
             PR_Sleep(PR_INTERVAL_NO_WAIT);      /* PR_Yield(); */
             ssl_GetXmitBufLock(ss);
         }
         toSend = PR_MIN(len - totalSent, MAX_FRAGMENT_LENGTH);
-        if (isBlockCipher &&
-            ss->ssl3.cwSpec->version <= SSL_LIBRARY_VERSION_3_1_TLS) {
-            /*
-             * We assume that block ciphers are used in CBC mode and send
-             * only one byte in the first record.  This effectively
-             * randomizes the IV in a backward compatible way.
-             *
-             * We get back to the MAX_FRAGMENT_LENGTH record boundary in
-             * the second record.  So for a large amount of data, we send
-             *     1
-             *     MAX_FRAGMENT_LENGTH - 1
-             *     MAX_FRAGMENT_LENGTH
-             *     MAX_FRAGMENT_LENGTH
-             *     ...
-             */
-            if (recordIndex == 0) {
-                toSend = 1;
-            } else if (recordIndex == 1 &&
-                       len - totalSent > MAX_FRAGMENT_LENGTH) {
-                toSend--;
-            }
-        }
         sent = ssl3_SendRecord(ss, content_application_data, 
                                in + totalSent, toSend, flags);
         if (sent < 0) {
             if (totalSent > 0 && PR_GetError() == PR_WOULD_BLOCK_ERROR) {
                 PORT_Assert(ss->lastWriteBlocked);
                 break;
             }
             return SECFailure; /* error code set by ssl3_SendRecord */
         }
         totalSent += sent;
@@ skipping 7579 matching lines @@
 
     ss->ssl3.initialized = PR_FALSE;
 
     if (ss->ssl3.nextProto.data) {
         PORT_Free(ss->ssl3.nextProto.data);
         ss->ssl3.nextProto.data = NULL;
     }
 }
 
 /* End of ssl3con.c */