ssl/*: remove SSL3_RECORD->orig_len to restore binary compatibility.

author: Andy Polyakov <appro@openssl.org> 2013-02-01 15:31:50 +0100
committer: Andy Polyakov <appro@openssl.org> 2013-02-01 15:34:09 +0100
commit: ec07246a0835a36af9d892f1e28b594018be6da1 (patch)
tree: 955cb6700539d31dc4dd53b9aad1747313ce5261 /ssl/s3_enc.c
parent: 04e45b52ee3be81121359cc1198fd01e38096e9f (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index a0eac77d7d..e3cd4f062c 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -709,7 +709,7 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
 	EVP_MD_CTX md_ctx;
 	const EVP_MD_CTX *hash;
 	unsigned char *p,rec_char;
-	size_t md_size;
+	size_t md_size, orig_len;
 	int npad;
 	int t;
 
@@ -734,6 +734,10 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
 	md_size=t;
 	npad=(48/md_size)*md_size;
 
+	/* kludge: ssl3_cbc_remove_padding passes padding length in rec->type */
+	orig_len = rec->length+md_size+((unsigned int)rec->type>>8);
+	rec->type &= 0xff;
+
 	if (!send &&
 	    EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
 	    ssl3_cbc_record_digest_supported(hash))
@@ -765,7 +769,7 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
 			hash,
 			md, &md_size,
 			header, rec->input,
-			rec->length + md_size, rec->orig_len,
+			rec->length + md_size, orig_len,
 			mac_sec, md_size,
 			1 /* is SSLv3 */);
 		}
author	Andy Polyakov <appro@openssl.org>	2013-02-01 15:31:50 +0100
committer	Andy Polyakov <appro@openssl.org>	2013-02-01 15:34:09 +0100
commit	ec07246a0835a36af9d892f1e28b594018be6da1 (patch)
tree	955cb6700539d31dc4dd53b9aad1747313ce5261 /ssl/s3_enc.c
parent	04e45b52ee3be81121359cc1198fd01e38096e9f (diff)