1 files changed, 6 insertions, 17 deletions
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index aefb2c9dfb..5558c0e872 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_pkt.c,v 1.67 2020/02/21 16:06:26 jsing Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.68 2020/02/21 16:13:16 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -1272,33 +1272,22 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
        wr->input = p;
        wr->data = p;
+        /* bs != 0 in case of CBC */
-        /* ssl3_enc can only have an error on read */
+        if (bs) {
-        if (bs) /* bs != 0 in case of CBC */
-        {
                arc4random_buf(p, bs);
                /* master IV and last CBC residue stand for
                 * the rest of randomness */
                wr->length += bs;
        }
+        /* ssl3_enc can only have an error on read */
        s->method->internal->ssl3_enc->enc(s, 1);
-        /* record length after mac and block padding */
-/*      if (type == SSL3_RT_APPLICATION_DATA ||
-        (type == SSL3_RT_ALERT && ! SSL_in_init(s))) */
-        /* there's only one epoch between handshake and app data */
        s2n(D1I(s)->w_epoch, pseq);
-        /* XDTLS: ?? */
-/*      else
-        s2n(D1I(s)->handshake_epoch, pseq);
-*/
        memcpy(pseq, &(S3I(s)->write_sequence[2]), 6);
        pseq += 6;
+        /* record length after mac and block padding */
        s2n(wr->length, pseq);
        /* we should now have

diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c index aefb2c9dfb..5558c0e872 100644 --- a/src/lib/libssl/d1_pkt.c +++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: d1_pkt.c,v 1.67 2020/02/21 16:06:26 jsing Exp $ */	1	/* $OpenBSD: d1_pkt.c,v 1.68 2020/02/21 16:13:16 jsing Exp $ */
2	/*	2	/*
3	* DTLS implementation written by Nagendra Modadugu	3	* DTLS implementation written by Nagendra Modadugu
4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.	4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -1272,33 +1272,22 @@ do_dtls1_write(SSL s, int type, const unsigned char buf, unsigned int len)
1272	wr->input = p;	1272	wr->input = p;
1273	wr->data = p;	1273	wr->data = p;
1274		1274
1275		1275	/* bs != 0 in case of CBC */
1276	/* ssl3_enc can only have an error on read */	1276	if (bs) {
1277	if (bs) /* bs != 0 in case of CBC */
1278	{
1279	arc4random_buf(p, bs);	1277	arc4random_buf(p, bs);
1280	/* master IV and last CBC residue stand for	1278	/* master IV and last CBC residue stand for
1281	* the rest of randomness */	1279	* the rest of randomness */
1282	wr->length += bs;	1280	wr->length += bs;
1283	}	1281	}
1284		1282
		1283	/* ssl3_enc can only have an error on read */
1285	s->method->internal->ssl3_enc->enc(s, 1);	1284	s->method->internal->ssl3_enc->enc(s, 1);
1286		1285
1287	/* record length after mac and block padding */
1288	/* if (type == SSL3_RT_APPLICATION_DATA \|\|
1289	(type == SSL3_RT_ALERT && ! SSL_in_init(s))) */
1290
1291	/* there's only one epoch between handshake and app data */
1292
1293	s2n(D1I(s)->w_epoch, pseq);	1286	s2n(D1I(s)->w_epoch, pseq);
1294
1295	/* XDTLS: ?? */
1296	/* else
1297	s2n(D1I(s)->handshake_epoch, pseq);
1298	*/
1299
1300	memcpy(pseq, &(S3I(s)->write_sequence[2]), 6);	1287	memcpy(pseq, &(S3I(s)->write_sequence[2]), 6);
1301	pseq += 6;	1288	pseq += 6;
		1289
		1290	/* record length after mac and block padding */
1302	s2n(wr->length, pseq);	1291	s2n(wr->length, pseq);
1303		1292
1304	/* we should now have	1293	/* we should now have