Add helper function

2 files changed, 8 insertions, 7 deletions

diff --git a/src/tls/tls_channel.cpp b/src/tls/tls_channel.cpp
index 3c8caddcd..bab407ed0 100644
--- a/src/tls/tls_channel.cpp
+++ b/src/tls/tls_channel.cpp
@@ -359,19 +359,17 @@ void Channel::send_record_array(byte type, const byte input[], size_t length)
       return;
 
    /*
-   * If using CBC mode in SSLv3/TLS v1.0, send a single byte of
-   * plaintext to randomize the (implicit) IV of the following main
-   * block. If using a stream cipher, or TLS v1.1 or higher, this
-   * isn't necessary.
+   * If using CBC mode without an explicit IV (SSL v3 or TLS v1.0),
+   * send a single byte of plaintext to randomize the (implicit) IV of
+   * the following main block. If using a stream cipher, or TLS v1.1
+   * or higher, this isn't necessary.
    *
    * An empty record also works but apparently some implementations do
    * not like this (https://bugzilla.mozilla.org/show_bug.cgi?id=665814)
    *
    * See http://www.openssl.org/~bodo/tls-cbc.txt for background.
    */
-   if((type == APPLICATION_DATA) &&
-      (m_write_cipherstate->block_size() > 0) &&
-      (m_write_cipherstate->iv_size() == 0))
+   if(type == APPLICATION_DATA && m_write_cipherstate->cbc_without_explicit_iv())
       {
       write_record(type, &input[0], 1);
       input += 1;
diff --git a/src/tls/tls_record.h b/src/tls/tls_record.h
index e27d8d577..75aafa6fe 100644
--- a/src/tls/tls_record.h
+++ b/src/tls/tls_record.h
@@ -56,6 +56,9 @@ class Connection_Cipher_State
       bool mac_includes_record_version() const { return !m_is_ssl3; }
 
       bool cipher_padding_single_byte() const { return m_is_ssl3; }
+
+      bool cbc_withiout_explicit_iv() const
+         { return (m_block_size > 0) && (m_iv_size == 0); }
    private:
       std::unique_ptr<BlockCipher> m_block_cipher;
       secure_vector<byte> m_block_cipher_cbc_state;