ssl/*: revert "remove SSL_RECORD->orig_len" and merge "fix IV".

Revert is appropriate because binary compatibility is not an issue in 1.1.
author: Andy Polyakov <appro@openssl.org> 2013-02-08 10:20:48 +0100
committer: Andy Polyakov <appro@openssl.org> 2013-02-08 10:20:48 +0100
commit: dd7e60bd70730da4c9f8f542a6bd8951746ac2ca (patch)
tree: 8d78bd05712c52527f1552f2bb9ce8de53308888 /ssl/ssl3.h
parent: 32620fe9d15749dc35aa0c96fe38f9b431229f90 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/ssl/ssl3.h b/ssl/ssl3.h
index d2a5208824..2486011bb5 100644
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -366,6 +366,10 @@ typedef struct ssl3_record_st
 	{
 /*r */	int type;               /* type of record */
 /*rw*/	unsigned int length;    /* How many bytes available */
+/*rw*/	unsigned int orig_len;  /* How many bytes were available before padding
+				   was removed? This is used to implement the
+				   MAC check in constant time for CBC records.
+				 */
 /*r */	unsigned int off;       /* read/write offset into 'buf' */
 /*rw*/	unsigned char *data;    /* pointer to the record data */
 /*rw*/	unsigned char *input;   /* where the decode bytes are */
author	Andy Polyakov <appro@openssl.org>	2013-02-08 10:20:48 +0100
committer	Andy Polyakov <appro@openssl.org>	2013-02-08 10:20:48 +0100
commit	dd7e60bd70730da4c9f8f542a6bd8951746ac2ca (patch)
tree	8d78bd05712c52527f1552f2bb9ce8de53308888 /ssl/ssl3.h
parent	32620fe9d15749dc35aa0c96fe38f9b431229f90 (diff)