Remove versions test from dtls1_buffer_message

[openssl.git] / ssl / s2_pkt.c

diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c
index 9c1d1313c1fd4e919f13a475cd4db971f5bddaf1..8bb6ab8baa33501dcd6f0991d53ad80b3d9361aa 100644 (file)
--- a/ssl/s2_pkt.c
+++ b/ssl/s2_pkt.c
@@ -263,14 +263,13 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
                /* added a check for length > max_size in case
                 * encryption was not turned on yet due to an error */
                if ((!s->s2->clear_text) &&
-                       (s->s2->rlength >= mac_size))
+                       (s->s2->rlength >= (unsigned int)mac_size))
                        {
                        ssl2_enc(s,0);
                        s->s2->ract_data_length-=mac_size;
                        ssl2_mac(s,mac,0);
                        s->s2->ract_data_length-=s->s2->padding;
-                       if (    (memcmp(mac,s->s2->mac_data,
-                               (unsigned int)mac_size) != 0) ||
+                       if (    (CRYPTO_memcmp(mac,s->s2->mac_data,mac_size) != 0) ||
                                (s->s2->rlength%EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0))
                                {
                                SSLerr(SSL_F_SSL2_READ_INTERNAL,SSL_R_BAD_MAC_DECODE);
@@ -515,7 +514,8 @@ static int write_pending(SSL *s, const unsigned char *buf, unsigned int len)
 
 static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
        {
-       unsigned int j,k,olen,p,mac_size,bs;
+       unsigned int j,k,olen,p,bs;
+       int mac_size;
        register unsigned char *pp;
 
        olen=len;