Clean up dtls1_reset_seq_numbers().

Rather than doing flag gymnastics, split dtls1_reset_seq_numbers() into separate read and write functions. Move the calls of these functions into tls1_change_cipher_state() so they directly follow the change of cipher state in the record layer, which avoids having to duplicate the calls in the client and server. ok inoguchi@ tb@
author: jsing <> 2021-05-02 17:18:10 +0000
committer: jsing <> 2021-05-02 17:18:10 +0000
commit: 74ea211ec5e7b4700067e49d7703512760086ab8 (patch)
tree: 635d2be6e673bbc73bbd4e14d51b19d0a5a629a1 /src/lib
parent: fd4dbd5fe6f9115e21352ba8bf2af64733fefecd (diff)
download: openbsd-74ea211ec5e7b4700067e49d7703512760086ab8.tar.gz
openbsd-74ea211ec5e7b4700067e49d7703512760086ab8.tar.bz2
openbsd-74ea211ec5e7b4700067e49d7703512760086ab8.zip
5 files changed, 22 insertions, 26 deletions
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index 7f4261e47e..4cb26d7ea1 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_pkt.c,v 1.93 2021/02/20 14:14:16 tb Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.94 2021/05/02 17:18:10 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -869,9 +869,6 @@ dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
                if (!ssl3_do_change_cipher_spec(s))
                        goto err;
-                /* do this whenever CCS is processed */
-                dtls1_reset_seq_numbers(s, SSL3_CC_READ);
                goto start;
        }
@@ -1219,15 +1216,16 @@ dtls1_get_bitmap(SSL *s, SSL3_RECORD_INTERNAL *rr, unsigned int *is_next_epoch)
 }
 void
-dtls1_reset_seq_numbers(SSL *s, int rw)
+dtls1_reset_read_seq_numbers(SSL *s)
 {
-        if (rw & SSL3_CC_READ) {
+        D1I(s)->r_epoch++;
-                D1I(s)->r_epoch++;
+        memcpy(&(D1I(s)->bitmap), &(D1I(s)->next_bitmap), sizeof(DTLS1_BITMAP));
-                memcpy(&(D1I(s)->bitmap), &(D1I(s)->next_bitmap),
+        memset(&(D1I(s)->next_bitmap), 0, sizeof(DTLS1_BITMAP));
-                    sizeof(DTLS1_BITMAP));
+}
-                memset(&(D1I(s)->next_bitmap), 0, sizeof(DTLS1_BITMAP));
-        } else {
+void
-                D1I(s)->w_epoch++;
+dtls1_reset_write_seq_numbers(SSL *s)
-                tls12_record_layer_set_write_epoch(s->internal->rl, D1I(s)->w_epoch);
+{
-        }
+        D1I(s)->w_epoch++;
+        tls12_record_layer_set_write_epoch(s->internal->rl, D1I(s)->w_epoch);
 }
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index a38d1f1ed4..022efd8b3b 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.94 2021/04/30 19:26:44 jsing Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.95 2021/05/02 17:18:10 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -486,10 +486,6 @@ ssl3_connect(SSL *s)
                                ret = -1;
                                goto end;
                        }
-                        if (SSL_is_dtls(s))
-                                dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
                        break;
                case SSL3_ST_CW_FINISHED_A:
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index c55dada70f..38b6838464 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.339 2021/04/30 19:26:44 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.340 2021/05/02 17:18:10 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1293,7 +1293,8 @@ void dtls1_clear_record_buffer(SSL *s);
 int dtls1_get_message_header(unsigned char *data,
    struct hm_header_st *msg_hdr);
 void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr);
-void dtls1_reset_seq_numbers(SSL *s, int rw);
+void dtls1_reset_read_seq_numbers(SSL *s);
+void dtls1_reset_write_seq_numbers(SSL *s);
 struct timeval* dtls1_get_timeout(SSL *s, struct timeval* timeleft);
 int dtls1_check_timeout_num(SSL *s);
 int dtls1_handle_timeout(SSL *s);
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index 32ffa88f15..2d1af2f86f 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_srvr.c,v 1.105 2021/04/30 19:26:45 jsing Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.106 2021/05/02 17:18:10 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -659,9 +659,6 @@ ssl3_accept(SSL *s)
                                ret = -1;
                                goto end;
                        }
-                        if (SSL_is_dtls(s))
-                                dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
                        break;
                case SSL3_ST_SW_FINISHED_A:
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index 642c210900..6cdae0caed 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_enc.c,v 1.140 2021/04/30 19:26:45 jsing Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.141 2021/05/02 17:18:10 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -369,12 +369,16 @@ tls1_change_cipher_state(SSL *s, int which)
                if (!tls12_record_layer_change_read_cipher_state(s->internal->rl,
                    mac_secret, mac_secret_size, key, key_len, iv, iv_len))
                        goto err;
+                if (SSL_is_dtls(s))
+                        dtls1_reset_read_seq_numbers(s);
                tls12_record_layer_read_cipher_hash(s->internal->rl,
                    &s->enc_read_ctx, &s->read_hash);
        } else {
                if (!tls12_record_layer_change_write_cipher_state(s->internal->rl,
                    mac_secret, mac_secret_size, key, key_len, iv, iv_len))
                        goto err;
+                if (SSL_is_dtls(s))
+                        dtls1_reset_write_seq_numbers(s);
        }
        return (1);
author	jsing <>	2021-05-02 17:18:10 +0000
committer	jsing <>	2021-05-02 17:18:10 +0000
commit	74ea211ec5e7b4700067e49d7703512760086ab8 (patch)
tree	635d2be6e673bbc73bbd4e14d51b19d0a5a629a1 /src/lib
parent	fd4dbd5fe6f9115e21352ba8bf2af64733fefecd (diff)
download	openbsd-74ea211ec5e7b4700067e49d7703512760086ab8.tar.gz openbsd-74ea211ec5e7b4700067e49d7703512760086ab8.tar.bz2 openbsd-74ea211ec5e7b4700067e49d7703512760086ab8.zip

diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c index 7f4261e47e..4cb26d7ea1 100644 --- a/src/lib/libssl/d1_pkt.c +++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: d1_pkt.c,v 1.93 2021/02/20 14:14:16 tb Exp $ */	1	/* $OpenBSD: d1_pkt.c,v 1.94 2021/05/02 17:18:10 jsing Exp $ */
2	/*	2	/*
3	* DTLS implementation written by Nagendra Modadugu	3	* DTLS implementation written by Nagendra Modadugu
4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.	4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -869,9 +869,6 @@ dtls1_read_bytes(SSL s, int type, unsigned char buf, int len, int peek)
869	if (!ssl3_do_change_cipher_spec(s))	869	if (!ssl3_do_change_cipher_spec(s))
870	goto err;	870	goto err;
871		871
872	/* do this whenever CCS is processed */
873	dtls1_reset_seq_numbers(s, SSL3_CC_READ);
874
875	goto start;	872	goto start;
876	}	873	}
877		874
@@ -1219,15 +1216,16 @@ dtls1_get_bitmap(SSL s, SSL3_RECORD_INTERNAL rr, unsigned int *is_next_epoch)
1219	}	1216	}
1220		1217
1221	void	1218	void
1222	dtls1_reset_seq_numbers(SSL *s, int rw)	1219	dtls1_reset_read_seq_numbers(SSL *s)
1223	{	1220	{
1224	if (rw & SSL3_CC_READ) {	1221	D1I(s)->r_epoch++;
1225	D1I(s)->r_epoch++;	1222	memcpy(&(D1I(s)->bitmap), &(D1I(s)->next_bitmap), sizeof(DTLS1_BITMAP));
1226	memcpy(&(D1I(s)->bitmap), &(D1I(s)->next_bitmap),	1223	memset(&(D1I(s)->next_bitmap), 0, sizeof(DTLS1_BITMAP));
1227	sizeof(DTLS1_BITMAP));	1224	}
1228	memset(&(D1I(s)->next_bitmap), 0, sizeof(DTLS1_BITMAP));	1225
1229	} else {	1226	void
1230	D1I(s)->w_epoch++;	1227	dtls1_reset_write_seq_numbers(SSL *s)
1231	tls12_record_layer_set_write_epoch(s->internal->rl, D1I(s)->w_epoch);	1228	{
1232	}	1229	D1I(s)->w_epoch++;
		1230	tls12_record_layer_set_write_epoch(s->internal->rl, D1I(s)->w_epoch);
1233	}	1231	}


diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index a38d1f1ed4..022efd8b3b 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_clnt.c,v 1.94 2021/04/30 19:26:44 jsing Exp $ */	1	/* $OpenBSD: ssl_clnt.c,v 1.95 2021/05/02 17:18:10 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -486,10 +486,6 @@ ssl3_connect(SSL *s)
486	ret = -1;	486	ret = -1;
487	goto end;	487	goto end;
488	}	488	}
489
490	if (SSL_is_dtls(s))
491	dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
492
493	break;	489	break;
494		490
495	case SSL3_ST_CW_FINISHED_A:	491	case SSL3_ST_CW_FINISHED_A:


diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index c55dada70f..38b6838464 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_locl.h,v 1.339 2021/04/30 19:26:44 jsing Exp $ */	1	/* $OpenBSD: ssl_locl.h,v 1.340 2021/05/02 17:18:10 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1293,7 +1293,8 @@ void dtls1_clear_record_buffer(SSL *s);
1293	int dtls1_get_message_header(unsigned char *data,	1293	int dtls1_get_message_header(unsigned char *data,
1294	struct hm_header_st *msg_hdr);	1294	struct hm_header_st *msg_hdr);
1295	void dtls1_get_ccs_header(unsigned char data, struct ccs_header_st ccs_hdr);	1295	void dtls1_get_ccs_header(unsigned char data, struct ccs_header_st ccs_hdr);
1296	void dtls1_reset_seq_numbers(SSL *s, int rw);	1296	void dtls1_reset_read_seq_numbers(SSL *s);
		1297	void dtls1_reset_write_seq_numbers(SSL *s);
1297	struct timeval* dtls1_get_timeout(SSL s, struct timeval timeleft);	1298	struct timeval* dtls1_get_timeout(SSL s, struct timeval timeleft);
1298	int dtls1_check_timeout_num(SSL *s);	1299	int dtls1_check_timeout_num(SSL *s);
1299	int dtls1_handle_timeout(SSL *s);	1300	int dtls1_handle_timeout(SSL *s);


diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c index 32ffa88f15..2d1af2f86f 100644 --- a/src/lib/libssl/ssl_srvr.c +++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_srvr.c,v 1.105 2021/04/30 19:26:45 jsing Exp $ */	1	/* $OpenBSD: ssl_srvr.c,v 1.106 2021/05/02 17:18:10 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -659,9 +659,6 @@ ssl3_accept(SSL *s)
659	ret = -1;	659	ret = -1;
660	goto end;	660	goto end;
661	}	661	}
662
663	if (SSL_is_dtls(s))
664	dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
665	break;	662	break;
666		663
667	case SSL3_ST_SW_FINISHED_A:	664	case SSL3_ST_SW_FINISHED_A:


diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 642c210900..6cdae0caed 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: t1_enc.c,v 1.140 2021/04/30 19:26:45 jsing Exp $ */	1	/* $OpenBSD: t1_enc.c,v 1.141 2021/05/02 17:18:10 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -369,12 +369,16 @@ tls1_change_cipher_state(SSL *s, int which)
369	if (!tls12_record_layer_change_read_cipher_state(s->internal->rl,	369	if (!tls12_record_layer_change_read_cipher_state(s->internal->rl,
370	mac_secret, mac_secret_size, key, key_len, iv, iv_len))	370	mac_secret, mac_secret_size, key, key_len, iv, iv_len))
371	goto err;	371	goto err;
		372	if (SSL_is_dtls(s))
		373	dtls1_reset_read_seq_numbers(s);
372	tls12_record_layer_read_cipher_hash(s->internal->rl,	374	tls12_record_layer_read_cipher_hash(s->internal->rl,
373	&s->enc_read_ctx, &s->read_hash);	375	&s->enc_read_ctx, &s->read_hash);
374	} else {	376	} else {
375	if (!tls12_record_layer_change_write_cipher_state(s->internal->rl,	377	if (!tls12_record_layer_change_write_cipher_state(s->internal->rl,
376	mac_secret, mac_secret_size, key, key_len, iv, iv_len))	378	mac_secret, mac_secret_size, key, key_len, iv, iv_len))
377	goto err;	379	goto err;
		380	if (SSL_is_dtls(s))
		381	dtls1_reset_write_seq_numbers(s);
378	}	382	}
379	return (1);	383	return (1);
380		384