From 3d88d8851a7368b3eb8681eec179552dcc7d85a9 Mon Sep 17 00:00:00 2001
From: toddouska <todd@yassl.com>
Date: Sat, 29 Dec 2012 13:11:31 -0800
Subject: [PATCH] sslv3 may have bad padding, can't verify

---
 src/internal.c | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index 532899d09..d759caac2 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -3446,9 +3446,20 @@ int DoApplicationData(CYASSL* ssl, byte* input, word32* inOutIdx)
             ivExtra = ssl->specs.block_size;
         pad = *(input + idx + msgSz - ivExtra - 1);
         padByte = 1;
-        ret = TimingPadVerify(ssl, input + idx, pad, digestSz, msgSz - ivExtra);
-        if (ret != 0)
-            return ret;
+
+        if (ssl->options.tls) {
+            ret = TimingPadVerify(ssl, input + idx, pad, digestSz,
+                                  msgSz - ivExtra);
+            if (ret != 0)
+                return ret;
+        }
+        else {  /* sslv3, some implementations have pad padding */
+            ssl->hmac(ssl, verify, rawData, msgSz - digestSz - pad - 1,
+                      application_data, 1);
+            if (ConstantCompare(verify,rawData + msgSz - digestSz - pad - 1,
+                                digestSz) != 0)
+                return VERIFY_MAC_ERROR;
+        }
     }
     else if (ssl->specs.cipher_type == stream) {
         ssl->hmac(ssl, verify, rawData, msgSz - digestSz, application_data, 1);