From eeb486a5f41a6d71708f02bb32b07f023f5d5ea7 Mon Sep 17 00:00:00 2001
From: Andy Polyakov <appro@openssl.org>
Date: Fri, 1 Feb 2013 15:31:50 +0100
Subject: ssl/*: remove SSL3_RECORD->orig_len to restore binary compatibility.

Kludge alert. This is arranged by passing padding length in unused
bits of SSL3_RECORD->type, so that orig_len can be reconstructed.
(cherry picked from commit 8bfd4c659f180a6ce34f21c0e62956b362067fba)
---
 ssl/s3_enc.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'ssl/s3_enc.c')

diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 0282ef4620..196f0739d5 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -730,7 +730,7 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
 	EVP_MD_CTX md_ctx;
 	const EVP_MD_CTX *hash;
 	unsigned char *p,rec_char;
-	size_t md_size;
+	size_t md_size, orig_len;
 	int npad;
 	int t;
 
@@ -755,6 +755,10 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
 	md_size=t;
 	npad=(48/md_size)*md_size;
 
+	/* kludge: ssl3_cbc_remove_padding passes padding length in rec->type */
+	orig_len = rec->length+md_size+((unsigned int)rec->type>>8);
+	rec->type &= 0xff;
+
 	if (!send &&
 	    EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
 	    ssl3_cbc_record_digest_supported(hash))
@@ -786,7 +790,7 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
 			hash,
 			md, &md_size,
 			header, rec->input,
-			rec->length + md_size, rec->orig_len,
+			rec->length + md_size, orig_len,
 			mac_sec, md_size,
 			1 /* is SSLv3 */);
 		}
-- 
cgit v1.2.3