Commit ac77aa9a authored by Matt Caswell's avatar Matt Caswell
Browse files

Ensure the record sequence number gets incremented 



We were not incrementing the sequence number every time we sent/received
a record.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157)
parent 63c1df09

ssl/record/ssl3_record_tls13.c

+11 −0
Original line number Diff line number Diff line
@@ -80,6 +80,17 @@ int tls13_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int send) 
    for (loop = 0; loop < SEQ_NUM_SIZE; loop++)

        iv[offset + loop] = staticiv[offset + loop] ^ seq[loop];



    /* Increment the sequence counter */

    for (loop = SEQ_NUM_SIZE; loop > 0; loop--) {

        ++seq[loop - 1];

        if (seq[loop - 1] != 0)

            break;

    }

    if (loop == 0) {

        /* Sequence has wrapped */

        return -1;

    }



    /* TODO(size_t): lenu/lenf should be a size_t but EVP doesn't support it */

    if (EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, send) <= 0

            || EVP_CipherUpdate(ctx, rec->data, &lenu, rec->input,