comments

author Bodo Möller <bodo@openssl.org>

Wed, 12 Feb 2003 14:17:33 +0000 (14:17 +0000)

committer Bodo Möller <bodo@openssl.org>

Wed, 12 Feb 2003 14:17:33 +0000 (14:17 +0000)
author Bodo Möller <bodo@openssl.org>
Wed, 12 Feb 2003 14:17:33 +0000 (14:17 +0000)
committer Bodo Möller <bodo@openssl.org>
Wed, 12 Feb 2003 14:17:33 +0000 (14:17 +0000)
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c

index e7743aba2a6142a75efee2e455da32b3ee6491e5..bbadac0d3705700508d2a23b9ac89bc2b0633cd2 100644 (file)
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -456,6 +456,7 @@ int ssl3_enc(SSL *s, int send)
                                 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
                                 return 0;
                                 }
+                       /* otherwise, rec->length >= bs */
                         }
                 
                 EVP_Cipher(ds,rec->data,rec->input,l);
@@ -464,7 +465,7 @@ int ssl3_enc(SSL *s, int send)
                         {
                         i=rec->data[l-1]+1;
                         /* SSL 3.0 bounds the number of padding bytes by the block size;
-                        * padding bytes (except that last) are arbitrary */
+                        * padding bytes (except the last one) are arbitrary */
                         if (i > bs)
                                 {
                                 /* Incorrect padding. SSLerr() and ssl3_alert are done
@@ -473,6 +474,7 @@ int ssl3_enc(SSL *s, int send)
                                  * (see http://www.openssl.org/~bodo/tls-cbc.txt) */
                                 return -1;
                                 }
+                       /* now i <= bs <= rec->length */
                         rec->length-=i;
                         }
                 }
author	Bodo Möller <bodo@openssl.org>
	Wed, 12 Feb 2003 14:17:33 +0000 (14:17 +0000)
committer	Bodo Möller <bodo@openssl.org>
	Wed, 12 Feb 2003 14:17:33 +0000 (14:17 +0000)