Cross Reference: /freebsd-11.0-release/crypto/openssl/ssl/t1

Deleted Added

sdiff udiff text old ( 100928 ) new ( 100936 )

full compact

t1_enc.c (100928)	t1_enc.c (100936)
1/* ssl/t1_enc.c / 2/ Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 419 unchanged lines hidden (view full) --- 428 tls1_generate_key_block(s,p1,p2,num); 429 memset(p2,0,num); 430 OPENSSL_free(p2); 431#ifdef TLS_DEBUG 432printf("\nkey block\n"); 433{ int z; for (z=0; z<num; z++) printf("%02X%c",p1[z],((z+1)%16)?' ':'\n'); } 434#endif 435	1/* ssl/t1_enc.c / 2/ Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * --- 419 unchanged lines hidden (view full) --- 428 tls1_generate_key_block(s,p1,p2,num); 429 memset(p2,0,num); 430 OPENSSL_free(p2); 431#ifdef TLS_DEBUG 432printf("\nkey block\n"); 433{ int z; for (z=0; z<num; z++) printf("%02X%c",p1[z],((z+1)%16)?' ':'\n'); } 434#endif 435
436 /* enable vulnerability countermeasure for CBC ciphers with 437 * known-IV problem (http://www.openssl.org/~bodo/tls-cbc.txt) / 438* s->s3->need_empty_fragments = 1;	436 if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)) 437 { 438 /* enable vulnerability countermeasure for CBC ciphers with 439 * known-IV problem (http://www.openssl.org/~bodo/tls-cbc.txt) 440 / 441* s->s3->need_empty_fragments = 1; 442 443 if (s->session->cipher != NULL) 444 { 445 if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_eNULL) 446 s->s3->need_empty_fragments = 0; 447
439#ifndef NO_RC4	448#ifndef NO_RC4
440 if ((s->session->cipher != NULL) && ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4)) 441 s->s3->need_empty_fragments = 0;	449 if ((s->session->cipher->algorithms & SSL_ENC_MASK) == SSL_RC4) 450 s->s3->need_empty_fragments = 0;
442#endif	451#endif
	452 } 453 }
443 444 return(1); 445err: 446 SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,ERR_R_MALLOC_FAILURE); 447 return(0); 448 } 449 450int tls1_enc(SSL s, int send) --- 260 unchanged lines hidden* ---	454 455 return(1); 456err: 457 SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,ERR_R_MALLOC_FAILURE); 458 return(0); 459 } 460 461int tls1_enc(SSL s, int send) --- 260 unchanged lines hidden* ---