X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=ssl%2Fs3_pkt.c;h=f2c413e0ef1dac371b203520613ca24c67ed1425;hb=b05561c4b75f332698505b99921489d00b0a6b1e;hp=64cef2abfae205e50d1bc55c280e20862d46ed7f;hpb=b7355af4216305d62e167bc867989192ed3465ad;p=oweals%2Fopenssl.git

diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 64cef2abfa..f2c413e0ef 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -400,7 +400,6 @@ fprintf(stderr, "Record type=%d, Length=%d\n", rr->type, rr->length);
 
 	/* decrypt in place in 'rr->input' */
 	rr->data=rr->input;
-	orig_len=rr->length;
 
 	enc_err = s->method->ssl3_enc->enc(s,0);
 	/* enc_err is:
@@ -431,6 +430,9 @@ printf("\n");
 		mac_size=EVP_MD_CTX_size(s->read_hash);
 		OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);
 
+		/* kludge: *_cbc_remove_padding passes padding length in rr->type */
+		orig_len = rr->length+((unsigned int)rr->type>>8);
+
 		/* orig_len is the length of the record before any padding was
 		 * removed. This is public information, as is the MAC in use,
 		 * therefore we can safely process the record in a different