| diff -burN android-openssl.orig/openssl.config android-openssl-lhash2/openssl.config |
| --- android-openssl.orig/openssl.config 2013-11-05 14:11:10.833326408 -0500 |
| +++ android-openssl-lhash2/openssl.config 2013-11-05 14:38:31.187575574 -0500 |
| @@ -1015,6 +1015,7 @@ |
| use_aead_for_aes_gcm.patch \ |
| chacha20poly1305.patch \ |
| neon_runtime.patch \ |
| +paddingext.patch \ |
| " |
| |
| OPENSSL_PATCHES_progs_SOURCES="\ |
| diff -burN android-openssl-foo/patches/paddingext.patch android-openssl/patches/paddingext.patch |
| --- android-openssl-foo/patches/paddingext.patch 1969-12-31 19:00:00.000000000 -0500 |
| +++ android-openssl/patches/paddingext.patch 2013-11-05 14:14:34.631283497 -0500 |
| @@ -0,0 +1,96 @@ |
| +From 61a9671951205d66382556b2502993ffc9201f59 Mon Sep 17 00:00:00 2001 |
| +From: Adam Langley <agl@chromium.org> |
| +Date: Wed, 11 Dec 2013 16:25:17 -0500 |
| +Subject: [PATCH 57/57] Add padding extension. |
| + |
| +This change adds a padding extension, when needed, in order to work |
| +around bugs in F5 terminators. |
| +--- |
| + ssl/t1_lib.c | 20 ++++++++++++++++++++ |
| + ssl/tls1.h | 4 ++++ |
| + 2 files changed, 24 insertions(+) |
| + |
| +diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c |
| +index 47673e7..94e9692 100644 |
| +--- a/ssl/s23_clnt.c |
| ++++ b/ssl/s23_clnt.c |
| +@@ -466,7 +466,10 @@ static int ssl23_client_hello(SSL *s) |
| + { |
| + /* create Client Hello in SSL 3.0/TLS 1.0 format */ |
| + |
| +- /* do the record header (5 bytes) and handshake message header (4 bytes) last */ |
| ++ /* do the record header (5 bytes) and handshake message |
| ++ * header (4 bytes) last. Note: the code to add the |
| ++ * padding extension in t1_lib.c depends on the size of |
| ++ * this prefix. */ |
| + d = p = &(buf[9]); |
| + |
| + *(p++) = version_major; |
| +diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c |
| +index a657360..faa8d36 100644 |
| +--- a/ssl/s3_clnt.c |
| ++++ b/ssl/s3_clnt.c |
| +@@ -752,7 +752,9 @@ int ssl3_client_hello(SSL *s) |
| + if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0) |
| + goto err; |
| + |
| +- /* Do the message type and length last */ |
| ++ /* Do the message type and length last. |
| ++ * Note: the code to add the padding extension in t1_lib.c |
| ++ * depends on the size of this prefix. */ |
| + d=p= &(buf[4]); |
| + |
| + /* version indicates the negotiated version: for example from |
| +diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c |
| +index 5578056..f9ad9d9 100644 |
| +--- a/ssl/t1_lib.c |
| ++++ b/ssl/t1_lib.c |
| +@@ -695,6 +695,31 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha |
| + } |
| + #endif |
| + |
| ++ /* Add padding to workaround bugs in F5 terminators. |
| ++ * See https://tools.ietf.org/html/draft-agl-tls-padding-02 */ |
| ++ { |
| ++ int hlen = ret - (unsigned char *)s->init_buf->data; |
| ++ /* The code in s23_clnt.c to build ClientHello messages includes the |
| ++ * 5-byte record header in the buffer, while the code in s3_clnt.c does |
| ++ * not. */ |
| ++ if (s->state == SSL23_ST_CW_CLNT_HELLO_A) |
| ++ hlen -= 5; |
| ++ if (hlen > 0xff && hlen < 0x200) |
| ++ { |
| ++ hlen = 0x200 - hlen; |
| ++ if (hlen >= 4) |
| ++ hlen -= 4; |
| ++ else |
| ++ hlen = 0; |
| ++ |
| ++ s2n(TLSEXT_TYPE_padding, ret); |
| ++ s2n(hlen, ret); |
| ++ memset(ret, 0, hlen); |
| ++ ret += hlen; |
| ++ } |
| ++ } |
| ++ |
| ++ |
| + if ((extdatalen = ret-p-2)== 0) |
| + return p; |
| + |
| +diff --git a/ssl/tls1.h b/ssl/tls1.h |
| +index ecf5da7..df8f482 100644 |
| +--- a/ssl/tls1.h |
| ++++ b/ssl/tls1.h |
| +@@ -255,6 +255,10 @@ extern "C" { |
| + #define TLSEXT_TYPE_channel_id 30031 |
| + #define TLSEXT_TYPE_channel_id_new 30032 |
| + |
| ++/* See https://tools.ietf.org/html/draft-agl-tls-padding-02 |
| ++ * Number not yet IANA assigned. */ |
| ++#define TLSEXT_TYPE_padding 35655 |
| ++ |
| + /* NameType value from RFC 3546 */ |
| + #define TLSEXT_NAMETYPE_host_name 0 |
| + /* status request value from RFC 3546 */ |
| +-- |
| +1.8.5.1 |