package/network/services/openvpn/patches/120-polarssl-disable-record-splitting.patch

   1 Index: openvpn-2.3.6/src/openvpn/ssl_polarssl.c
   2 ===================================================================
   3 --- openvpn-2.3.6.orig/src/openvpn/ssl_polarssl.c
   4 +++ openvpn-2.3.6/src/openvpn/ssl_polarssl.c
   5 @@ -707,6 +707,11 @@ void key_state_ssl_init(struct key_state
   6        if (ssl_ctx->allowed_ciphers)
   7         ssl_set_ciphersuites (ks_ssl->ctx, ssl_ctx->allowed_ciphers);
   8
   9 +      /* Disable record splitting (breaks current ssl handling) */
  10 +#if defined(POLARSSL_SSL_CBC_RECORD_SPLITTING)
  11 +      ssl_set_cbc_record_splitting (ks_ssl->ctx, SSL_CBC_RECORD_SPLITTING_DISABLED);
  12 +#endif /* POLARSSL_SSL_CBC_RECORD_SPLITTING */
  13 +
  14        /* Initialise authentication information */
  15        if (is_server)
  16         ssl_set_dh_param_ctx (ks_ssl->ctx, ssl_ctx->dhm_ctx );