From: Matt Caswell <matt@openssl.org>
Date: Mon, 17 Oct 2022 13:42:09 +0000 (+0100)
Subject: Move sequence increment to post encryption processing
X-Git-Tag: openssl-3.2.0-alpha1~1878
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=421386e392151c267ac7d3de6a2dd23c0ab62aed;p=thirdparty%2Fopenssl.git

Move sequence increment to post encryption processing

This change make dtls_write_records virtuall the same as
tls_write_records_default, which will enable us to merge them in a
subsequent commit.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19424)
---

diff --git a/ssl/record/methods/dtls_meth.c b/ssl/record/methods/dtls_meth.c
index d810ed7a28f..9a24d5f8ad5 100644
--- a/ssl/record/methods/dtls_meth.c
+++ b/ssl/record/methods/dtls_meth.c
@@ -720,6 +720,21 @@ int dtls_prepare_record_header(OSSL_RECORD_LAYER *rl,
     return 1;
 }
 
+int dtls_post_encryption_processing(OSSL_RECORD_LAYER *rl,
+                                    size_t mac_size,
+                                    OSSL_RECORD_TEMPLATE *thistempl,
+                                    WPACKET *thispkt,
+                                    SSL3_RECORD *thiswr)
+{
+    if (!tls_post_encryption_processing_default(rl, mac_size, thistempl,
+                                                thispkt, thiswr)) {
+        /* RLAYERfatal() already called */
+        return 0;
+    }
+
+    return tls_increment_sequence_ctr(rl);
+}
+
 int dtls_write_records(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE *templates,
                        size_t numtempl)
 {
@@ -810,11 +825,6 @@ int dtls_write_records(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE *templates,
         goto err;
     }
 
-    if (!tls_increment_sequence_ctr(rl)) {
-        /* RLAYERfatal() already called */
-        goto err;
-    }
-
     /* now let's set up wb */
     SSL3_BUFFER_set_left(wb, SSL3_RECORD_get_length(&wr));
 
diff --git a/ssl/record/methods/recmethod_local.h b/ssl/record/methods/recmethod_local.h
index e1267500cff..a25dd9d70fb 100644
--- a/ssl/record/methods/recmethod_local.h
+++ b/ssl/record/methods/recmethod_local.h
@@ -356,6 +356,11 @@ int dtls_prepare_record_header(OSSL_RECORD_LAYER *rl,
                                OSSL_RECORD_TEMPLATE *templ,
                                unsigned int rectype,
                                unsigned char **recdata);
+int dtls_post_encryption_processing(OSSL_RECORD_LAYER *rl,
+                                    size_t mac_size,
+                                    OSSL_RECORD_TEMPLATE *thistempl,
+                                    WPACKET *thispkt,
+                                    SSL3_RECORD *thiswr);
 int dtls_write_records(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE *templates,
                        size_t numtempl);
 
diff --git a/ssl/record/methods/tls1_meth.c b/ssl/record/methods/tls1_meth.c
index 6917fd897b2..232f055c520 100644
--- a/ssl/record/methods/tls1_meth.c
+++ b/ssl/record/methods/tls1_meth.c
@@ -682,6 +682,6 @@ struct record_functions_st dtls_1_funcs = {
     dtls_prepare_record_header,
     NULL,
     tls_prepare_for_encryption_default,
-    tls_post_encryption_processing_default,
+    dtls_post_encryption_processing,
     NULL
 };
diff --git a/ssl/record/methods/tlsany_meth.c b/ssl/record/methods/tlsany_meth.c
index ff08c11d0dd..c2a1e0d0902 100644
--- a/ssl/record/methods/tlsany_meth.c
+++ b/ssl/record/methods/tlsany_meth.c
@@ -190,6 +190,6 @@ struct record_functions_st dtls_any_funcs = {
     dtls_prepare_record_header,
     NULL,
     tls_prepare_for_encryption_default,
-    tls_post_encryption_processing_default,
+    dtls_post_encryption_processing,
     NULL
 };