Clean up sequence number handing in the new TLSv1.2 record layer.

Handle protocol specific (DTLS vs TLS) sequence number differences in the
open/seal record functions and propagate the sequence number through to
the called functions. This means that DTLS specific knowledge is limited
to two functions and also avoids building sequence numbers multiple times
over. As a result, the DTLS explicit sequence number is now extracted from
the record header and passed through for processing, which makes the read
epoch handling redundant.

ok inoguchi@ tb@

1 files changed, 1 insertions, 2 deletions

diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index 30ce78414d..4c450d2cb9 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_pkt.c,v 1.85 2020/10/03 17:35:16 jsing Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.86 2021/01/13 18:20:54 jsing Exp $ */
 /*
  * DTLS implementation written by Nagendra Modadugu
  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -316,7 +316,6 @@ dtls1_process_record(SSL *s)
         size_t out_len;
 
         tls12_record_layer_set_version(s->internal->rl, s->version);
-        tls12_record_layer_set_read_epoch(s->internal->rl, rr->epoch);
 
         if (!tls12_record_layer_open_record(s->internal->rl, s->internal->packet,
             s->internal->packet_length, &out, &out_len)) {