comments

author Bodo Möller <bodo@openssl.org>

Wed, 12 Feb 2003 14:17:41 +0000 (14:17 +0000)

committer Bodo Möller <bodo@openssl.org>

Wed, 12 Feb 2003 14:17:41 +0000 (14:17 +0000)
author Bodo Möller <bodo@openssl.org>
Wed, 12 Feb 2003 14:17:41 +0000 (14:17 +0000)
committer Bodo Möller <bodo@openssl.org>
Wed, 12 Feb 2003 14:17:41 +0000 (14:17 +0000)
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c

index 35fde29c8a5f4b65d1bf093a0af7ffad52887bce..559924d3681b1fc8f3ba6fa968fa33ccfbdebd05 100644 (file)
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -474,6 +474,7 @@ int ssl3_enc(SSL *s, int send)
                                 ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
                                 return 0;
                                 }
+                       /* otherwise, rec->length >= bs */
                         }
                 
                 EVP_Cipher(ds,rec->data,rec->input,l);
@@ -482,7 +483,7 @@ int ssl3_enc(SSL *s, int send)
                         {
                         i=rec->data[l-1]+1;
                         /* SSL 3.0 bounds the number of padding bytes by the block size;
-                        * padding bytes (except that last) are arbitrary */
+                        * padding bytes (except the last one) are arbitrary */
                         if (i > bs)
                                 {
                                 /* Incorrect padding. SSLerr() and ssl3_alert are done
@@ -491,6 +492,7 @@ int ssl3_enc(SSL *s, int send)
                                  * (see http://www.openssl.org/~bodo/tls-cbc.txt) */
                                 return -1;
                                 }
+                       /* now i <= bs <= rec->length */
                         rec->length-=i;
                         }
                 }
author	Bodo Möller <bodo@openssl.org>
	Wed, 12 Feb 2003 14:17:41 +0000 (14:17 +0000)
committer	Bodo Möller <bodo@openssl.org>
	Wed, 12 Feb 2003 14:17:41 +0000 (14:17 +0000)