diff options
Diffstat (limited to 'lib/libssl/s3_cbc.c')
| -rw-r--r-- | lib/libssl/s3_cbc.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/libssl/s3_cbc.c b/lib/libssl/s3_cbc.c index e8f7df572f3..9ba9896a52f 100644 --- a/lib/libssl/s3_cbc.c +++ b/lib/libssl/s3_cbc.c @@ -148,8 +148,9 @@ tls1_cbc_remove_padding(const SSL* s, SSL3_RECORD *rec, unsigned block_size, { unsigned padding_length, good, to_check, i; const unsigned overhead = 1 /* padding length byte */ + mac_size; + /* Check if version requires explicit IV */ - if (s->version >= TLS1_1_VERSION || s->version == DTLS1_BAD_VER) { + if (SSL_USE_EXPLICIT_IV(s)) { /* These lengths are all public so we can test them in * non-constant time. */ |