ssl/*: remove SSL3_RECORD->orig_len to restore binary compatibility.
[openssl.git] / ssl / d1_pkt.c
index 02c881a..0ad8b5f 100644 (file)
@@ -379,7 +379,7 @@ dtls1_process_record(SSL *s)
        int enc_err;
        SSL_SESSION *sess;
        SSL3_RECORD *rr;
-       unsigned int mac_size;
+       unsigned int mac_size, orig_len;
        unsigned char md[EVP_MAX_MD_SIZE];
 
        rr= &(s->s3->rrec);
@@ -410,7 +410,7 @@ dtls1_process_record(SSL *s)
 
        /* decrypt in place in 'rr->input' */
        rr->data=rr->input;
-       rr->orig_len=rr->length;
+       orig_len=rr->length;
 
        enc_err = s->method->ssl3_enc->enc(s,0);
        /* enc_err is:
@@ -447,10 +447,10 @@ printf("\n");
                 * therefore we can safely process the record in a different
                 * amount of time if it's too short to possibly contain a MAC.
                 */
-               if (rr->orig_len < mac_size ||
+               if (orig_len < mac_size ||
                    /* CBC records must have a padding length byte too. */
                    (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
-                    rr->orig_len < mac_size+1))
+                    orig_len < mac_size+1))
                        {
                        al=SSL_AD_DECODE_ERROR;
                        SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);
@@ -465,12 +465,12 @@ printf("\n");
                         * without leaking the contents of the padding bytes.
                         * */
                        mac = mac_tmp;
-                       ssl3_cbc_copy_mac(mac_tmp, rr, mac_size);
+                       ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);
                        rr->length -= mac_size;
                        }
                else
                        {
-                       /* In this case there's no padding, so |rec->orig_len|
+                       /* In this case there's no padding, so |orig_len|
                         * equals |rec->length| and we checked that there's
                         * enough bytes for |mac_size| above. */
                        rr->length -= mac_size;