Index: third_party/tlslite/patches/ssl3_padding.patch |
diff --git a/third_party/tlslite/patches/ssl3_padding.patch b/third_party/tlslite/patches/ssl3_padding.patch |
new file mode 100644 |
index 0000000000000000000000000000000000000000..dbdb6421b17035fa8173f5110d3d93817bbb36fc |
--- /dev/null |
+++ b/third_party/tlslite/patches/ssl3_padding.patch |
@@ -0,0 +1,14 @@ |
+diff --git a/third_party/tlslite/tlslite/tlsrecordlayer.py b/third_party/tlslite/tlslite/tlsrecordlayer.py |
+index ff08cbf..fb85224 100755 |
+--- a/third_party/tlslite/tlslite/tlsrecordlayer.py |
++++ b/third_party/tlslite/tlslite/tlsrecordlayer.py |
+@@ -590,6 +590,9 @@ class TLSRecordLayer(object): |
+ currentLength = len(b) + len(macBytes) + 1 |
+ blockLength = self._writeState.encContext.block_size |
+ paddingLength = blockLength-(currentLength % blockLength) |
++ #SSL3 requires minimal padding. (TLS doesn't care.) |
++ if paddingLength == blockLength: |
++ paddingLength = 0 |
wtc
2014/04/08 22:29:09
This is how NSS does it:
currentLength = len(
davidben
2014/04/08 23:30:36
Oh, that's much tidier. Done.
|
+ |
+ paddingBytes = bytearray([paddingLength] * (paddingLength+1)) |
+ if self.fault == Fault.badPadding: |