From a9d8853125301b55e45f0243ec734a0fb4f3a8f3 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Sat, 4 Sep 2021 14:15:52 +0000
Subject: Improve DTLS record header parsing.

Rather than pulling out the epoch and then six bytes of sequence number,
pull out SSL3_SEQUENCE_SIZE for the sequence number, then pull the epoch
off the start of the sequence number.

ok inoguchi@ tb@
---
 src/lib/libssl/d1_pkt.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index 22f0167c75..11e6d7f8f8 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_pkt.c,v 1.109 2021/08/31 13:34:55 jsing Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.110 2021/09/04 14:15:52 jsing Exp $ */
 /*
  * DTLS implementation written by Nagendra Modadugu
  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -393,18 +393,18 @@ dtls1_get_record(SSL *s)
 		if (!CBS_get_u16(&header, &ssl_version))
 			goto again;
 
-		/* sequence number is 64 bits, with top 2 bytes = epoch */
-		if (!CBS_get_u16(&header, &epoch) ||
-		    !CBS_get_bytes(&header, &seq_no, 6))
+		/* Sequence number is 64 bits, with top 2 bytes = epoch. */
+		if (!CBS_get_bytes(&header, &seq_no, SSL3_SEQUENCE_SIZE))
 			goto again;
-
-		if (!CBS_get_u16(&header, &len))
+		if (!CBS_get_u16(&seq_no, &epoch))
 			goto again;
-
 		if (!CBS_write_bytes(&seq_no, &rr->seq_num[2],
 		    sizeof(rr->seq_num) - 2, NULL))
 			goto again;
 
+		if (!CBS_get_u16(&header, &len))
+			goto again;
+
 		rr->type = type;
 		rr->epoch = epoch;
 		rr->length = len;
-- 
cgit v1.2.3-55-g6feb