Hopefully resolve signed vs unsigned issue.

diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c
index db725f20cad0a95291673c6b4cb7c183c0160b9c..393cf1d6e43c8b3d431f6997a372a4bdc21877ab 100644 (file)
--- a/ssl/s2_pkt.c
+++ b/ssl/s2_pkt.c
@@ -515,7 +515,8 @@ static int write_pending(SSL *s, const unsigned char *buf, unsigned int len)
 
 static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
        {
-       unsigned int j,k,olen,p,mac_size,bs;
+       unsigned int j,k,olen,size,bs;
+       int mac_size;
        register unsigned char *pp;
 
        olen=len;

diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index e6c68b339b7b2736a8b49243277107e9876c4ee9..ce7dc366fb413508cbc28ec0374919c409882f78 100644 (file)
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -272,7 +272,7 @@ static int ssl3_get_record(SSL *s)
        unsigned char *p;
        unsigned char md[EVP_MAX_MD_SIZE];
        short version;
-       unsigned int mac_size;
+       int mac_size;
        int clear=0;
        size_t extra;
        int decryption_failed_or_bad_record_mac = 0;
@@ -427,7 +427,7 @@ printf("\n");
 #endif                 
                        }
                /* check the MAC for rr->input (it's in mac_size bytes at the tail) */
-               if (rr->length >= mac_size)
+               if (rr->length >= (unsigned int)mac_size)
                        {
                        rr->length -= mac_size;
                        mac = &rr->data[rr->length];
@@ -445,7 +445,7 @@ printf("\n");
 #endif
                        }
                i=s->method->ssl3_enc->mac(s,md,0);
-               if (i < 0 || mac == NULL || memcmp(md, mac, mac_size) != 0)
+               if (i < 0 || mac == NULL || memcmp(md, mac, (size_t)mac_size) != 0)
                        {
                        decryption_failed_or_bad_record_mac = 1;
                        }