Fix SSL3 block calculation.

diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 13920053edb687ceed0ebd09277b08eec7dbb28c..b3bc1086cf89e1b55d97509c108e10b168c9fd6f 100644 (file)
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -743,7 +743,8 @@ static int ssl3_handshake_mac(SSL *s, int md_nid,
  * blocks = (data_length + digest_padding - 1)/block_len + 1
  * Since we're only interested in differences in block counts the constant
  * '1' can be ignored. For SHA1 and MD5 the digest_padding is 9 bytes and the
- * block length 64 bytes.
+ * block length 64 bytes. Giving:
+ * extra_blocks = (data_length + 8)/64
  * For the SSL 3 MACs the variable part is:
  * hash(MAC_write_secret + pad_1 + seq_num + SSLCompressed.type +              
  *     SSLCompressed.length + SSLCompressed.fragment)
@@ -761,8 +762,8 @@ static int ssl3_handshake_mac(SSL *s, int md_nid,
  * Discarding 64 (one complete block) and plugging the values into the
  * block calculation gives:
  *
- * MD5_blocks_SSL3 = (payload_length + 10)/64
- * SHA1_blocks_SSL3 = (payload_length + 7)/64
+ * MD5_blocks_SSL3 = (payload_length + 19)/64
+ * SHA1_blocks_SSL3 = (payload_length + 15)/64
  *
  */
 
@@ -776,9 +777,9 @@ static int ssl3_dummy_record(SSL *s, SSL3_RECORD *rec)
        /* Determine the algorithm in use */
        alg_mac = s->s3->tmp.new_cipher->algorithm_mac;
        if (alg_mac == SSL_MD5)
-               total_pad = 10;
+               total_pad = 19;
        else if (alg_mac == SSL_SHA1)
-               total_pad = 7;
+               total_pad = 15;
        else return 0;
        /* Work out number of blocks in original and padding removed record */
        blocks_orig = (rec->orig_len + total_pad) / 64;