From: Matt Caswell Date: Thu, 5 Feb 2015 13:54:37 +0000 (+0000) Subject: Ensure last_write_sequence is saved in DTLS1.2 X-Git-Tag: OpenSSL_1_1_0-pre1~1459 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=d5d0a1cb1347d4a8547e78aec56c50c528186e50;p=oweals%2Fopenssl.git Ensure last_write_sequence is saved in DTLS1.2 In DTLS, immediately prior to epoch change, the write_sequence is supposed to be stored in s->d1->last_write_sequence. The write_sequence is then reset back to 00000000. In the event of retransmits of records from the previous epoch, the last_write_sequence is restored. This commit fixes a bug in DTLS1.2 where the write_sequence was being reset before last_write_sequence was saved, and therefore retransmits are sent with incorrect sequence numbers. Reviewed-by: Richard Levitte --- diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index df97f19386..e4a689ebc3 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -404,9 +404,9 @@ int tls1_change_cipher_state(SSL *s, int which) } #endif /* - * this is done by dtls1_reset_seq_numbers for DTLS1_VERSION + * this is done by dtls1_reset_seq_numbers for DTLS */ - if (s->version != DTLS1_VERSION) + if (!SSL_IS_DTLS(s)) memset(&(s->s3->read_sequence[0]), 0, 8); mac_secret = &(s->s3->read_mac_secret[0]); mac_secret_size = &(s->s3->read_mac_secret_size); @@ -442,9 +442,9 @@ int tls1_change_cipher_state(SSL *s, int which) } #endif /* - * this is done by dtls1_reset_seq_numbers for DTLS1_VERSION + * this is done by dtls1_reset_seq_numbers for DTLS */ - if (s->version != DTLS1_VERSION) + if (!SSL_IS_DTLS(s)) memset(&(s->s3->write_sequence[0]), 0, 8); mac_secret = &(s->s3->write_mac_secret[0]); mac_secret_size = &(s->s3->write_mac_secret_size);