Move last_write_sequence from s->d1 to s->rlayer.d.

Also push some usage of last_write_sequence out of dtls1_retransmit_message
and into the record layer.

Reviewed-by: Richard Levitte <levitte@openssl.org>

ssl/d1_both.c

@@ -1144,7 +1144,6 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
     unsigned long header_length;
     unsigned char seq64be[8];
     struct dtls1_retransmit_state saved_state;
-    unsigned char save_write_sequence[8];
 
     /*-
       OPENSSL_assert(s->init_num == 0);
@@ -1194,17 +1193,9 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
     s->write_hash = frag->msg_header.saved_retransmit_state.write_hash;
     s->compress = frag->msg_header.saved_retransmit_state.compress;
     s->session = frag->msg_header.saved_retransmit_state.session;
-    DTLS_RECORD_LAYER_set_w_epoch(&s->rlayer,
+    DTLS_RECORD_LAYER_set_saved_w_epoch(&s->rlayer,
         frag->msg_header.saved_retransmit_state.epoch);
 
-    if (frag->msg_header.saved_retransmit_state.epoch ==
-        saved_state.epoch - 1) {
-
-        memcpy(save_write_sequence, RECORD_LAYER_get_write_sequence(&s->rlayer),
-               sizeof(save_write_sequence));
-        RECORD_LAYER_set_write_sequence(&s->rlayer, s->d1->last_write_sequence);
-    }
-
     ret = dtls1_do_write(s, frag->msg_header.is_ccs ?
                          SSL3_RT_CHANGE_CIPHER_SPEC : SSL3_RT_HANDSHAKE);
 
@@ -1213,15 +1204,7 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
     s->write_hash = saved_state.write_hash;
     s->compress = saved_state.compress;
     s->session = saved_state.session;
-    DTLS_RECORD_LAYER_set_w_epoch(&s->rlayer, saved_state.epoch);
+    DTLS_RECORD_LAYER_set_saved_w_epoch(&s->rlayer, saved_state.epoch);
-
-    if (frag->msg_header.saved_retransmit_state.epoch ==
-        saved_state.epoch - 1) {
-        memcpy(s->d1->last_write_sequence,
-            RECORD_LAYER_get_write_sequence(&s->rlayer),
-            sizeof(s->d1->last_write_sequence));
-        RECORD_LAYER_set_write_sequence(&s->rlayer, save_write_sequence);
-    }
 
     s->d1->retransmitting = 0;
 

ssl/record/d1_pkt.c

@@ -211,6 +211,26 @@ void DTLS_RECORD_LAYER_clear(RECORD_LAYER *rl)
     d->buffered_app_data.q = buffered_app_data;
 }
 
+void DTLS_RECORD_LAYER_set_saved_w_epoch(RECORD_LAYER *rl, unsigned short e)
+{
+    if (e == rl->d->w_epoch - 1) {
+        memcpy(rl->d->curr_write_sequence,
+               rl->write_sequence,
+               sizeof(rl->write_sequence));
+        memcpy(rl->write_sequence,
+               rl->d->last_write_sequence,
+               sizeof(rl->write_sequence));
+    } else if (e == rl->d->w_epoch + 1) {
+        memcpy(rl->d->last_write_sequence,
+               rl->write_sequence,
+               sizeof(unsigned char[8]));
+        memcpy(rl->write_sequence,
+               rl->d->curr_write_sequence,
+               sizeof(rl->write_sequence));
+    }
+    rl->d->w_epoch = e;
+}
+
 static int have_handshake_fragment(SSL *s, int type, unsigned char *buf,
                                    int len, int peek);
 
@@ -1289,7 +1309,7 @@ void dtls1_reset_seq_numbers(SSL *s, int rw)
         memset(&(s->rlayer.d->next_bitmap), 0x00, sizeof(DTLS1_BITMAP));
     } else {
         seq = s->rlayer.write_sequence;
-        memcpy(s->d1->last_write_sequence, seq,
+        memcpy(s->rlayer.d->last_write_sequence, seq,
                sizeof(s->rlayer.write_sequence));
         s->rlayer.d->w_epoch++;
     }

ssl/record/rec_layer.h

@@ -165,6 +165,10 @@ typedef struct dtls_record_layer_st {
     unsigned int alert_fragment_len;
     unsigned char handshake_fragment[DTLS1_HM_HEADER_LENGTH];
     unsigned int handshake_fragment_len;
+
+    /* save last and current sequence numbers for retransmissions */
+    unsigned char last_write_sequence[8];
+    unsigned char curr_write_sequence[8];
 } DTLS_RECORD_LAYER;
 
 typedef struct record_layer_st {
@@ -231,9 +235,7 @@ typedef struct record_layer_st {
 #define RECORD_LAYER_get_packet_length(rl)      ((rl)->packet_length)
 #define RECORD_LAYER_add_packet_length(rl, inc) ((rl)->packet_length += (inc))
 #define RECORD_LAYER_get_read_sequence(rl)      ((rl)->read_sequence)
-#define RECORD_LAYER_get_write_sequence(rl)     ((rl)->write_sequence)
 #define DTLS_RECORD_LAYER_get_w_epoch(rl)       ((rl)->d->w_epoch)
-#define DTLS_RECORD_LAYER_set_w_epoch(rl, e)    ((rl)->d->w_epoch = (e))
 #define DTLS_RECORD_LAYER_get_processed_rcds(rl) \
                                                 ((rl)->d->processed_rcds)
 #define DTLS_RECORD_LAYER_get_unprocessed_rcds(rl) \
@@ -259,6 +261,7 @@ __owur int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int pe
 int DTLS_RECORD_LAYER_new(RECORD_LAYER *rl);
 void DTLS_RECORD_LAYER_free(RECORD_LAYER *rl);
 void DTLS_RECORD_LAYER_clear(RECORD_LAYER *rl);
+void DTLS_RECORD_LAYER_set_saved_w_epoch(RECORD_LAYER *rl, unsigned short e);
 __owur int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
 __owur int dtls1_write_bytes(SSL *s, int type, const void *buf, int len);
 __owur int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
@@ -281,6 +284,7 @@ void dtls1_reset_seq_numbers(SSL *s, int rw);
 #define RECORD_LAYER_reset_packet_length(rl)    ((rl)->packet_length = 0)
 #define RECORD_LAYER_get_rstate(rl)             ((rl)->rstate)
 #define RECORD_LAYER_set_rstate(rl, st)         ((rl)->rstate = (st))
+#define RECORD_LAYER_get_write_sequence(rl)     ((rl)->write_sequence)
 #define DTLS_RECORD_LAYER_get_r_epoch(rl)       ((rl)->d->r_epoch)
 
 __owur int ssl3_read_n(SSL *s, int n, int max, int extend);

ssl/ssl_locl.h

@@ -1409,8 +1409,7 @@ typedef struct dtls1_state_st {
     unsigned short handshake_write_seq;
     unsigned short next_handshake_write_seq;
     unsigned short handshake_read_seq;
-    /* save last sequence number for retransmissions */
+
-    unsigned char last_write_sequence[8];
     /* Buffered handshake messages */
     pqueue buffered_messages;
     /* Buffered (sent) handshake records */