-/* $OpenBSD: d1_pkt.c,v 1.93 2021/02/20 14:14:16 tb Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.94 2021/05/02 17:18:10 jsing Exp $ */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
if (!ssl3_do_change_cipher_spec(s))
goto err;
- /* do this whenever CCS is processed */
- dtls1_reset_seq_numbers(s, SSL3_CC_READ);
-
goto start;
}
}
void
-dtls1_reset_seq_numbers(SSL *s, int rw)
+dtls1_reset_read_seq_numbers(SSL *s)
{
- if (rw & SSL3_CC_READ) {
- D1I(s)->r_epoch++;
- memcpy(&(D1I(s)->bitmap), &(D1I(s)->next_bitmap),
- sizeof(DTLS1_BITMAP));
- memset(&(D1I(s)->next_bitmap), 0, sizeof(DTLS1_BITMAP));
- } else {
- D1I(s)->w_epoch++;
- tls12_record_layer_set_write_epoch(s->internal->rl, D1I(s)->w_epoch);
- }
+ D1I(s)->r_epoch++;
+ memcpy(&(D1I(s)->bitmap), &(D1I(s)->next_bitmap), sizeof(DTLS1_BITMAP));
+ memset(&(D1I(s)->next_bitmap), 0, sizeof(DTLS1_BITMAP));
+}
+
+void
+dtls1_reset_write_seq_numbers(SSL *s)
+{
+ D1I(s)->w_epoch++;
+ tls12_record_layer_set_write_epoch(s->internal->rl, D1I(s)->w_epoch);
}
-/* $OpenBSD: ssl_clnt.c,v 1.94 2021/04/30 19:26:44 jsing Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.95 2021/05/02 17:18:10 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
ret = -1;
goto end;
}
-
- if (SSL_is_dtls(s))
- dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
-
break;
case SSL3_ST_CW_FINISHED_A:
-/* $OpenBSD: ssl_locl.h,v 1.339 2021/04/30 19:26:44 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.340 2021/05/02 17:18:10 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
int dtls1_get_message_header(unsigned char *data,
struct hm_header_st *msg_hdr);
void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr);
-void dtls1_reset_seq_numbers(SSL *s, int rw);
+void dtls1_reset_read_seq_numbers(SSL *s);
+void dtls1_reset_write_seq_numbers(SSL *s);
struct timeval* dtls1_get_timeout(SSL *s, struct timeval* timeleft);
int dtls1_check_timeout_num(SSL *s);
int dtls1_handle_timeout(SSL *s);
-/* $OpenBSD: ssl_srvr.c,v 1.105 2021/04/30 19:26:45 jsing Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.106 2021/05/02 17:18:10 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
ret = -1;
goto end;
}
-
- if (SSL_is_dtls(s))
- dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
break;
case SSL3_ST_SW_FINISHED_A:
-/* $OpenBSD: t1_enc.c,v 1.140 2021/04/30 19:26:45 jsing Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.141 2021/05/02 17:18:10 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
if (!tls12_record_layer_change_read_cipher_state(s->internal->rl,
mac_secret, mac_secret_size, key, key_len, iv, iv_len))
goto err;
+ if (SSL_is_dtls(s))
+ dtls1_reset_read_seq_numbers(s);
tls12_record_layer_read_cipher_hash(s->internal->rl,
&s->enc_read_ctx, &s->read_hash);
} else {
if (!tls12_record_layer_change_write_cipher_state(s->internal->rl,
mac_secret, mac_secret_size, key, key_len, iv, iv_len))
goto err;
+ if (SSL_is_dtls(s))
+ dtls1_reset_write_seq_numbers(s);
}
return (1);