> Here is an experimental patch I wrote that implements the 1/n-1
> record splitting technique for OpenSSL. I am sending it here for
> consideration by OpenSSL upstream developers.
>
> By default the 0/n split is used but in case the
> SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS flag is set, we split the first
> record with 1/n-1.
What would you [and others] say about this alternative? Non-committed,
relative to HEAD...
Index: ssl/s3_pkt.c
===================================================================
RCS file: /e/openssl/cvs/openssl/ssl/s3_pkt.c,v
retrieving revision 1.94
diff -u -w -r1.94 s3_pkt.c
--- ssl/s3_pkt.c 15 Apr 2012 14:14:22 -0000 1.94
+++ ssl/s3_pkt.c 15 Apr 2012 14:41:08 -0000
@@ -685,13 +685,14 @@
/* countermeasure against known-IV weakness in CBC ciphersuites
* (see http://www.openssl.org/~bodo/tls-cbc.txt) */
- if (s->s3->need_empty_fragments && type ==
SSL3_RT_APPLICATION_DATA)
+ if (s->s3->need_empty_fragments && type ==
SSL3_RT_APPLICATION_DATA && len>1)
{
/* recursive function call with 'create_empty_fragment'
set;
* this prepares and buffers the data for an empty
fragment
* (these 'prefix_len' bytes are sent out later
* together with the actual payload) */
- prefix_len = do_ssl3_write(s, type, buf, 0, 1);
+ prefix_len = do_ssl3_write(s, type, buf, 1, 1);
+ buf++, len--;
if (prefix_len <= 0)
goto err;
@@ -827,6 +828,10 @@
*/
return wr->length;
}
+ else if (prefix_len)
+ {
+ buf--, len++;
+ }
/* now let's set up wb */
wb->left = prefix_len + wr->length;
