From b05561c4b75f332698505b99921489d00b0a6b1e Mon Sep 17 00:00:00 2001 From: Andy Polyakov Date: Thu, 7 Feb 2013 22:47:05 +0100 Subject: [PATCH] ssl/[d1|s3]_pkt.c: harmomize orig_len handling. (cherry picked from commit 8545f73b8919770a5d012fe7a82d6785b69baa27) --- ssl/d1_pkt.c | 4 +++- ssl/s3_pkt.c | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c index 0ad8b5f559..429649d253 100644 --- a/ssl/d1_pkt.c +++ b/ssl/d1_pkt.c @@ -410,7 +410,6 @@ dtls1_process_record(SSL *s) /* decrypt in place in 'rr->input' */ rr->data=rr->input; - orig_len=rr->length; enc_err = s->method->ssl3_enc->enc(s,0); /* enc_err is: @@ -442,6 +441,9 @@ printf("\n"); mac_size=EVP_MD_CTX_size(s->read_hash); OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE); + /* kludge: *_cbc_remove_padding passes padding length in rr->type */ + orig_len = rr->length+((unsigned int)rr->type>>8); + /* orig_len is the length of the record before any padding was * removed. This is public information, as is the MAC in use, * therefore we can safely process the record in a different diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index 64cef2abfa..f2c413e0ef 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -400,7 +400,6 @@ fprintf(stderr, "Record type=%d, Length=%d\n", rr->type, rr->length); /* decrypt in place in 'rr->input' */ rr->data=rr->input; - orig_len=rr->length; enc_err = s->method->ssl3_enc->enc(s,0); /* enc_err is: @@ -431,6 +430,9 @@ printf("\n"); mac_size=EVP_MD_CTX_size(s->read_hash); OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE); + /* kludge: *_cbc_remove_padding passes padding length in rr->type */ + orig_len = rr->length+((unsigned int)rr->type>>8); + /* orig_len is the length of the record before any padding was * removed. This is public information, as is the MAC in use, * therefore we can safely process the record in a different -- 2.40.0