From: Andy Polyakov <appro@openssl.org>
Date: Thu, 7 Feb 2013 21:47:05 +0000 (+0100)
Subject: ssl/[d1|s3]_pkt.c: harmomize orig_len handling.
X-Git-Tag: OpenSSL_0_9_8za~82
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=4ea7019165db53b92b4284461c5c88bfe7c6e57d;p=oweals%2Fopenssl.git

ssl/[d1|s3]_pkt.c: harmomize orig_len handling.
(cherry picked from commit 8545f73b8919770a5d012fe7a82d6785b69baa27)
---

diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index 9db44c95f9..55765d1cfb 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -362,7 +362,6 @@ dtls1_process_record(SSL *s)
 
 	/* decrypt in place in 'rr->input' */
 	rr->data=rr->input;
-	orig_len=rr->length;
 
 	enc_err = s->method->ssl3_enc->enc(s,0);
 	/* enc_err is:
@@ -394,6 +393,9 @@ printf("\n");
 		mac_size=EVP_MD_size(s->read_hash);
 		OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);
 
+		/* kludge: *_cbc_remove_padding passes padding length in rr->type */
+		orig_len = rr->length+((unsigned int)rr->type>>8);
+
 		/* orig_len is the length of the record before any padding was
 		 * removed. This is public information, as is the MAC in use,
 		 * therefore we can safely process the record in a different
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index 707738be94..ff54ab75fb 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -351,7 +351,6 @@ again:
 
 	/* decrypt in place in 'rr->input' */
 	rr->data=rr->input;
-	orig_len=rr->length;
 
 	enc_err = s->method->ssl3_enc->enc(s,0);
 	/* enc_err is:
@@ -382,6 +381,9 @@ printf("\n");
 		mac_size=EVP_MD_size(s->read_hash);
 		OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);
 
+		/* kludge: *_cbc_remove_padding passes padding length in rr->type */
+		orig_len = rr->length+((unsigned int)rr->type>>8);
+
 		/* orig_len is the length of the record before any padding was
 		 * removed. This is public information, as is the MAC in use,
 		 * therefore we can safely process the record in a different