From 716ca530e1c4515d8683c9d5be3d56b301758b66 Mon Sep 17 00:00:00 2001
From: James <>
Date: Wed, 4 Nov 2015 11:49:21 +0000
Subject: trunk-47381

---
 .../patches/120-polarssl-disable-record-splitting.patch    | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 package/network/services/openvpn/patches/120-polarssl-disable-record-splitting.patch

(limited to 'package/network/services/openvpn/patches/120-polarssl-disable-record-splitting.patch')

diff --git a/package/network/services/openvpn/patches/120-polarssl-disable-record-splitting.patch b/package/network/services/openvpn/patches/120-polarssl-disable-record-splitting.patch
new file mode 100644
index 0000000..b05592e
--- /dev/null
+++ b/package/network/services/openvpn/patches/120-polarssl-disable-record-splitting.patch
@@ -0,0 +1,14 @@
+--- a/src/openvpn/ssl_polarssl.c
++++ b/src/openvpn/ssl_polarssl.c
+@@ -707,6 +707,11 @@ void key_state_ssl_init(struct key_state
+       if (ssl_ctx->allowed_ciphers)
+ 	ssl_set_ciphersuites (ks_ssl->ctx, ssl_ctx->allowed_ciphers);
+ 
++      /* Disable record splitting (breaks current ssl handling) */
++#if defined(POLARSSL_SSL_CBC_RECORD_SPLITTING)
++      ssl_set_cbc_record_splitting (ks_ssl->ctx, SSL_CBC_RECORD_SPLITTING_DISABLED);
++#endif /* POLARSSL_SSL_CBC_RECORD_SPLITTING */
++
+       /* Initialise authentication information */
+       if (is_server)
+ 	ssl_set_dh_param_ctx (ks_ssl->ctx, ssl_ctx->dhm_ctx );
-- 
cgit v1.2.3