From 9a0dba9f6be22dea02c323e4d3a7d4a5dde36ea4 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Wed, 13 Jan 2021 18:20:54 +0000
Subject: Clean up sequence number handing in the new TLSv1.2 record layer.

Handle protocol specific (DTLS vs TLS) sequence number differences in the
open/seal record functions and propagate the sequence number through to
the called functions. This means that DTLS specific knowledge is limited
to two functions and also avoids building sequence numbers multiple times
over. As a result, the DTLS explicit sequence number is now extracted from
the record header and passed through for processing, which makes the read
epoch handling redundant.

ok inoguchi@ tb@
---
 src/lib/libssl/d1_pkt.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'src/lib/libssl/d1_pkt.c')

diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index 30ce78414d..4c450d2cb9 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_pkt.c,v 1.85 2020/10/03 17:35:16 jsing Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.86 2021/01/13 18:20:54 jsing Exp $ */
 /*
  * DTLS implementation written by Nagendra Modadugu
  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -316,7 +316,6 @@ dtls1_process_record(SSL *s)
 	size_t out_len;
 
 	tls12_record_layer_set_version(s->internal->rl, s->version);
-	tls12_record_layer_set_read_epoch(s->internal->rl, rr->epoch);
 
 	if (!tls12_record_layer_open_record(s->internal->rl, s->internal->packet,
 	    s->internal->packet_length, &out, &out_len)) {
-- 
cgit v1.2.3-55-g6feb