Ensure last_write_sequence is saved in DTLS1.2

In DTLS, immediately prior to epoch change, the write_sequence is supposed to be stored in s->d1->last_write_sequence. The write_sequence is then reset back to 00000000. In the event of retransmits of records from the previous epoch, the last_write_sequence is restored. This commit fixes a bug in DTLS1.2 where the write_sequence was being reset before last_write_sequence was saved, and therefore retransmits are sent with incorrect sequence numbers. Reviewed-by: Richard Levitte <levitte@openssl.org> (cherry picked from commit d5d0a1cb1347d4a8547e78aec56c50c528186e50)
2015-02-05 13:54:37 +00:00 · 2015-02-05 13:54:37 +00:00 · 4285b85163
commit 4285b85163
parent fe82be2b33
1 changed files with 4 additions and 4 deletions
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@ -404,9 +404,9 @@ int tls1_change_cipher_state(SSL *s, int which)
        }
 #endif
        /*
-         * this is done by dtls1_reset_seq_numbers for DTLS1_VERSION
+         * this is done by dtls1_reset_seq_numbers for DTLS
         */
-        if (s->version != DTLS1_VERSION)
+        if (!SSL_IS_DTLS(s))
            memset(&(s->s3->read_sequence[0]), 0, 8);
        mac_secret = &(s->s3->read_mac_secret[0]);
        mac_secret_size = &(s->s3->read_mac_secret_size);
@ -442,9 +442,9 @@ int tls1_change_cipher_state(SSL *s, int which)
        }
 #endif
        /*
-         * this is done by dtls1_reset_seq_numbers for DTLS1_VERSION
+         * this is done by dtls1_reset_seq_numbers for DTLS
         */
-        if (s->version != DTLS1_VERSION)
+        if (!SSL_IS_DTLS(s))
            memset(&(s->s3->write_sequence[0]), 0, 8);
        mac_secret = &(s->s3->write_mac_secret[0]);
        mac_secret_size = &(s->s3->write_mac_secret_size);