diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c
index db725f20c..393cf1d6e 100644
--- a/ssl/s2_pkt.c
+++ b/ssl/s2_pkt.c
@@ -515,7 +515,8 @@ static int write_pending(SSL *s, const unsigned char *buf, unsigned int len)
 
 static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
 	{
-	unsigned int j,k,olen,p,mac_size,bs;
+	unsigned int j,k,olen,size,bs;
+	int mac_size;
 	register unsigned char *pp;
 
 	olen=len;
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index e6c68b339..ce7dc366f 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -272,7 +272,7 @@ static int ssl3_get_record(SSL *s)
 	unsigned char *p;
 	unsigned char md[EVP_MAX_MD_SIZE];
 	short version;
-	unsigned int mac_size;
+	int mac_size;
 	int clear=0;
 	size_t extra;
 	int decryption_failed_or_bad_record_mac = 0;
@@ -427,7 +427,7 @@ printf("\n");
 #endif			
 			}
 		/* check the MAC for rr->input (it's in mac_size bytes at the tail) */
-		if (rr->length >= mac_size)
+		if (rr->length >= (unsigned int)mac_size)
 			{
 			rr->length -= mac_size;
 			mac = &rr->data[rr->length];
@@ -445,7 +445,7 @@ printf("\n");
 #endif
 			}
 		i=s->method->ssl3_enc->mac(s,md,0);
-		if (i < 0 || mac == NULL || memcmp(md, mac, mac_size) != 0)
+		if (i < 0 || mac == NULL || memcmp(md, mac, (size_t)mac_size) != 0)
 			{
 			decryption_failed_or_bad_record_mac = 1;
 			}