aboutsummaryrefslogtreecommitdiffstats
path: root/ssl/d1_pkt.c
diff options
context:
space:
mode:
authorXin LI <delphij@FreeBSD.org>2013-03-21 22:24:54 +0000
committerXin LI <delphij@FreeBSD.org>2013-03-21 22:24:54 +0000
commitba41f50577c8e3dd55fc4ca3950a7124fd3231db (patch)
treee20adadf0620400d399941b2695c191bed6a4bfe /ssl/d1_pkt.c
parent1e086defa5742bfee714119793aa1a068b17702d (diff)
downloadsrc-ba41f50577c8e3dd55fc4ca3950a7124fd3231db.tar.gz
src-ba41f50577c8e3dd55fc4ca3950a7124fd3231db.zip
- Integrate OpenSSL revisions
fb092ef4fca897344daf7189526f5f26be6487ce, a93cc7c57333f4538cbcdedd2e961a5a38caa52d, and 76c61a5d1adb92388f39e585e4af860a20feb9bb. This removes the newly added orig_len field of SSL3_RECORD and restored ABI. Approved by: benl
Notes
Notes: svn path=/vendor-crypto/openssl/dist-0.9.8/; revision=248595
Diffstat (limited to 'ssl/d1_pkt.c')
-rw-r--r--ssl/d1_pkt.c14
1 files changed, 7 insertions, 7 deletions
diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index 3f0f9836981f..9db44c95f9bd 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -330,8 +330,8 @@ dtls1_process_record(SSL *s)
int i,al;
int enc_err;
SSL_SESSION *sess;
- SSL3_RECORD *rr;
- unsigned int mac_size;
+ SSL3_RECORD *rr;
+ unsigned int mac_size, orig_len;
unsigned char md[EVP_MAX_MD_SIZE];
rr= &(s->s3->rrec);
@@ -362,7 +362,7 @@ dtls1_process_record(SSL *s)
/* decrypt in place in 'rr->input' */
rr->data=rr->input;
- rr->orig_len=rr->length;
+ orig_len=rr->length;
enc_err = s->method->ssl3_enc->enc(s,0);
/* enc_err is:
@@ -399,10 +399,10 @@ printf("\n");
* therefore we can safely process the record in a different
* amount of time if it's too short to possibly contain a MAC.
*/
- if (rr->orig_len < mac_size ||
+ if (orig_len < mac_size ||
/* CBC records must have a padding length byte too. */
(EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
- rr->orig_len < mac_size+1))
+ orig_len < mac_size+1))
{
al=SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_DTLS1_PROCESS_RECORD,SSL_R_LENGTH_TOO_SHORT);
@@ -417,12 +417,12 @@ printf("\n");
* without leaking the contents of the padding bytes.
* */
mac = mac_tmp;
- ssl3_cbc_copy_mac(mac_tmp, rr, mac_size);
+ ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);
rr->length -= mac_size;
}
else
{
- /* In this case there's no padding, so |rec->orig_len|
+ /* In this case there's no padding, so |orig_len|
* equals |rec->length| and we checked that there's
* enough bytes for |mac_size| above. */
rr->length -= mac_size;