diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c
index 1a54765fec2c354444251d40c63bb0c03f38e008..db725f20cad0a95291673c6b4cb7c183c0160b9c 100644
--- a/ssl/s2_pkt.c
+++ b/ssl/s2_pkt.c
@@ -130,7 +130,7 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
 	unsigned char mac[MAX_MAC_SIZE];
 	unsigned char *p;
 	int i;
-	unsigned int mac_size;
+	int mac_size;
 
  ssl2_read_again:
 	if (SSL_in_init(s) && !s->in_handshake)
@@ -263,7 +263,7 @@ static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
 		/* added a check for length > max_size in case
 		 * encryption was not turned on yet due to an error */
 		if ((!s->s2->clear_text) &&
-			(s->s2->rlength >= mac_size))
+			(s->s2->rlength >= (unsigned int)mac_size))
 			{
 			ssl2_enc(s,0);
 			s->s2->ract_data_length-=mac_size;
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index d9b93f585714553a0f50137596cb4dc7fc0a34cf..e35173823771e9303520f99e4c85b17daa20a1f8 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -805,8 +805,8 @@ int tls1_final_finish_mac(SSL *s,
 		{
 		if (mask & s->s3->tmp.new_cipher->algorithm2)
 			{
-			unsigned int hashsize = EVP_MD_size(md);
-			if (hashsize < 0 || hashsize > (sizeof buf - (size_t)(q-buf)))
+			int hashsize = EVP_MD_size(md);
+			if (hashsize < 0 || hashsize > (int)(sizeof buf - (size_t)(q-buf)))
 				{
 				/* internal error: 'buf' is too small for this cipersuite! */
 				err = 1;
@@ -815,7 +815,7 @@ int tls1_final_finish_mac(SSL *s,
 				{
 				EVP_MD_CTX_copy_ex(&ctx,s->s3->handshake_dgst[idx]);
 				EVP_DigestFinal_ex(&ctx,q,&i);
-				if (i != hashsize) /* can't really happen */
+				if (i != (unsigned int)hashsize) /* can't really happen */
 					err = 1;
 				q+=i;
 				}