Use a fetched MD if appropriate in ssl3_cbc_digest_record

HMACs used via the legacy EVP_DigestSign interface are strange in
that they use legacy codepath's which eventually (under the covers)
transform the operation into a new style EVP_MAC. This can mean the
digest in use can be a legacy one, so we need to be careful with any
digest we extract from the ctx.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11511)

1 files changed, 2 insertions, 2 deletions

diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c
index a5ef78dec9..23bbc952ee 100644
--- a/ssl/record/ssl3_record.c
+++ b/ssl/record/ssl3_record.c
@@ -1270,7 +1270,7 @@ int n_ssl3_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int sending)
         header[j++] = (unsigned char)(rec->length & 0xff);
 
         /* Final param == is SSLv3 */
-        if (ssl3_cbc_digest_record(hash,
+        if (ssl3_cbc_digest_record(ssl, hash,
                                    md, &md_size,
                                    header, rec->input,
                                    rec->length + md_size, rec->orig_len,
@@ -1374,7 +1374,7 @@ int tls1_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int sending)
          * are hashing because that gives an attacker a timing-oracle.
          */
         /* Final param == not SSLv3 */
-        if (ssl3_cbc_digest_record(mac_ctx,
+        if (ssl3_cbc_digest_record(ssl, mac_ctx,
                                    md, &md_size,
                                    header, rec->input,
                                    rec->length + md_size, rec->orig_len,