1diff -burN android-openssl.orig/openssl.config android-openssl/openssl.config 2--- android-openssl.orig/openssl.config 2014-04-07 17:25:12.555281256 -0700 3+++ android-openssl/openssl.config 2014-04-07 17:20:18.040941329 -0700 4@@ -1015,6 +1015,7 @@ 5 use_aead_for_aes_gcm.patch \ 6 chacha20poly1305.patch \ 7 neon_runtime.patch \ 8+paddingext.patch \ 9 " 10 11 OPENSSL_PATCHES_progs_SOURCES="\ 12diff -burN android-openssl.orig/patches/paddingext.patch android-openssl/patches/paddingext.patch 13--- android-openssl.orig/patches/paddingext.patch 1969-12-31 16:00:00.000000000 -0800 14+++ android-openssl/patches/paddingext.patch 2014-04-07 17:20:18.040941329 -0700 15@@ -0,0 +1,80 @@ 16+diff -burN android-openssl.orig/ssl/s23_clnt.c android-openssl/ssl/s23_clnt.c 17+--- android-openssl.orig/ssl/s23_clnt.c 2014-04-07 16:18:43.296502203 -0700 18++++ android-openssl/ssl/s23_clnt.c 2014-04-07 16:20:18.887922518 -0700 19+@@ -466,7 +466,10 @@ 20+ { 21+ /* create Client Hello in SSL 3.0/TLS 1.0 format */ 22+ 23+- /* do the record header (5 bytes) and handshake message header (4 bytes) last */ 24++ /* do the record header (5 bytes) and handshake message 25++ * header (4 bytes) last. Note: the code to add the 26++ * padding extension in t1_lib.c depends on the size of 27++ * this prefix. */ 28+ d = p = &(buf[9]); 29+ 30+ *(p++) = version_major; 31+diff -burN android-openssl.orig/ssl/s3_clnt.c android-openssl/ssl/s3_clnt.c 32+--- android-openssl.orig/ssl/s3_clnt.c 2014-04-07 16:18:43.346502948 -0700 33++++ android-openssl/ssl/s3_clnt.c 2014-04-07 16:20:18.897922665 -0700 34+@@ -758,7 +758,9 @@ 35+ if (RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4) <= 0) 36+ goto err; 37+ 38+- /* Do the message type and length last */ 39++ /* Do the message type and length last. 40++ * Note: the code to add the padding extension in t1_lib.c 41++ * depends on the size of this prefix. */ 42+ d=p= &(buf[4]); 43+ 44+ /* version indicates the negotiated version: for example from 45+diff -burN android-openssl.orig/ssl/t1_lib.c android-openssl/ssl/t1_lib.c 46+--- android-openssl.orig/ssl/t1_lib.c 2014-04-07 16:18:43.306502352 -0700 47++++ android-openssl/ssl/t1_lib.c 2014-04-07 16:20:18.897922665 -0700 48+@@ -680,6 +680,31 @@ 49+ } 50+ #endif 51+ 52++ /* Add padding to workaround bugs in F5 terminators. 53++ * See https://tools.ietf.org/html/draft-agl-tls-padding-02 */ 54++ { 55++ int hlen = ret - (unsigned char *)s->init_buf->data; 56++ /* The code in s23_clnt.c to build ClientHello messages includes the 57++ * 5-byte record header in the buffer, while the code in s3_clnt.c does 58++ * not. */ 59++ if (s->state == SSL23_ST_CW_CLNT_HELLO_A) 60++ hlen -= 5; 61++ if (hlen > 0xff && hlen < 0x200) 62++ { 63++ hlen = 0x200 - hlen; 64++ if (hlen >= 4) 65++ hlen -= 4; 66++ else 67++ hlen = 0; 68++ 69++ s2n(TLSEXT_TYPE_padding, ret); 70++ s2n(hlen, ret); 71++ memset(ret, 0, hlen); 72++ ret += hlen; 73++ } 74++ } 75++ 76++ 77+ if ((extdatalen = ret-p-2)== 0) 78+ return p; 79+ 80+diff -burN android-openssl.orig/ssl/tls1.h android-openssl/ssl/tls1.h 81+--- android-openssl.orig/ssl/tls1.h 2014-04-07 16:18:43.306502352 -0700 82++++ android-openssl/ssl/tls1.h 2014-04-07 16:28:54.045542987 -0700 83+@@ -230,6 +230,12 @@ 84+ /* ExtensionType value from RFC5620 */ 85+ #define TLSEXT_TYPE_heartbeat 15 86+ 87++/* ExtensionType value for TLS padding extension. 88++ * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml 89++ * http://tools.ietf.org/html/draft-agl-tls-padding-03 90++ */ 91++#define TLSEXT_TYPE_padding 21 92++ 93+ /* ExtensionType value from RFC4507 */ 94+ #define TLSEXT_TYPE_session_ticket 35 95+ 96