Remove support for the TLS padding extension.

This was added as a workaround for broken F5 TLS termination, which then
created issues talking to broken IronPorts. The size of the padding is
hardcoded so it cannot be used in any generic sense.

ok bcook@ beck@ doug@

1 files changed, 1 insertions, 35 deletions

diff --git a/lib/libssl/t1_lib.c b/lib/libssl/t1_lib.c
index b8b54484edb..c141dcef317 100644
--- a/lib/libssl/t1_lib.c
+++ b/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.132 2017/08/13 16:25:19 jsing Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.133 2017/08/13 16:28:45 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -720,40 +720,6 @@ ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
 	}
 #endif
 
-	/*
-	 * Add padding to workaround bugs in F5 terminators.
-	 * See https://tools.ietf.org/html/draft-agl-tls-padding-03
-	 *
-	 * Note that this seems to trigger issues with IronPort SMTP
-	 * appliances.
-	 *
-	 * NB: because this code works out the length of all existing
-	 * extensions it MUST always appear last.
-	 */
-	if (s->internal->options & SSL_OP_TLSEXT_PADDING) {
-		int hlen = ret - (unsigned char *)s->internal->init_buf->data;
-
-		/*
-		 * The code in s23_clnt.c to build ClientHello messages
-		 * includes the 5-byte record header in the buffer, while the
-		 * code in s3_clnt.c does not.
-		 */
-		if (S3I(s)->hs.state == SSL23_ST_CW_CLNT_HELLO_A)
-			hlen -= 5;
-		if (hlen > 0xff && hlen < 0x200) {
-			hlen = 0x200 - hlen;
-			if (hlen >= 4)
-				hlen -= 4;
-			else
-				hlen = 0;
-
-			s2n(TLSEXT_TYPE_padding, ret);
-			s2n(hlen, ret);
-			memset(ret, 0, hlen);
-			ret += hlen;
-		}
-	}
-
 	if ((extdatalen = ret - p - 2) == 0)
 		return p;