ssl/*: remove SSL3_RECORD->orig_len to restore binary compatibility.

Kludge alert. This is arranged by passing padding length in unused bits of SSL3_RECORD->type, so that orig_len can be reconstructed. (cherry picked from commit 413cbfe68d83f9afc726b7234c49bd5ccddb97b4)
author: Andy Polyakov <appro@openssl.org> 2013-02-01 15:31:50 +0100
committer: Dr. Stephen Henson <steve@openssl.org> 2013-02-07 15:03:00 +0000
commit: fb092ef4fca897344daf7189526f5f26be6487ce (patch)
tree: 2e9b3c96f01998331bebec59a333ef7eb2c9ca2e /ssl/t1_enc.c
parent: 6351adecb4726476def5f5ad904a7d2e63480d53 (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index e75a66ba9d..3dd36b8142 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -689,7 +689,7 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
 	SSL3_RECORD *rec;
 	unsigned char *mac_sec,*seq;
 	const EVP_MD *hash;
-	size_t md_size;
+	size_t md_size, orig_len;
 	int i;
 	HMAC_CTX hmac;
 	unsigned char header[13];
@@ -727,6 +727,10 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
 	else
 		memcpy(header, seq, 8);
 
+	/* kludge: tls1_cbc_remove_padding passes padding length in rec->type */
+	orig_len = rec->length+md_size+((unsigned int)rec->type>>8);
+	rec->type &= 0xff;
+
 	header[8]=rec->type;
 	header[9]=(unsigned char)(ssl->version>>8);
 	header[10]=(unsigned char)(ssl->version);
@@ -745,7 +749,7 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
 		        hash,
 			md, &md_size,
 			header, rec->input,
-			rec->length + md_size, rec->orig_len,
+			rec->length + md_size, orig_len,
 			ssl->s3->read_mac_secret,
 			EVP_MD_size(ssl->read_hash),
 			0 /* not SSLv3 */);
author	Andy Polyakov <appro@openssl.org>	2013-02-01 15:31:50 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	2013-02-07 15:03:00 +0000
commit	fb092ef4fca897344daf7189526f5f26be6487ce (patch)
tree	2e9b3c96f01998331bebec59a333ef7eb2c9ca2e /ssl/t1_enc.c
parent	6351adecb4726476def5f5ad904a7d2e63480d53 (diff)