diff options
-rw-r--r-- | src/tls/tls_channel.cpp | 9 | ||||
-rw-r--r-- | src/tls/tls_record.cpp | 15 | ||||
-rw-r--r-- | src/tls/tls_record.h | 1 |
3 files changed, 13 insertions, 12 deletions
diff --git a/src/tls/tls_channel.cpp b/src/tls/tls_channel.cpp index 9fb41c9f6..6fa75766a 100644 --- a/src/tls/tls_channel.cpp +++ b/src/tls/tls_channel.cpp @@ -185,7 +185,7 @@ size_t Channel::received_data(const byte buf[], size_t buf_size) { byte rec_type = NO_RECORD; std::vector<byte> record; - u64bit record_number = 0; + u64bit record_sequence = 0; Protocol_Version record_version; size_t consumed = 0; @@ -199,6 +199,7 @@ size_t Channel::received_data(const byte buf[], size_t buf_size) rec_type, record, record_version, + record_sequence, m_sequence_numbers.get(), m_read_cipherstate.get()); @@ -226,11 +227,11 @@ size_t Channel::received_data(const byte buf[], size_t buf_size) if(!m_pending_state) { create_handshake_state(record_version); - sequence_numbers().read_accept(0); + sequence_numbers().read_accept(record_sequence); } m_pending_state->handshake_io().add_input( - rec_type, &record[0], record.size(), record_number); + rec_type, &record[0], record.size(), record_sequence); while(m_pending_state) { @@ -316,7 +317,7 @@ size_t Channel::received_data(const byte buf[], size_t buf_size) } else throw Unexpected_Message("Unknown record type " + - std::to_string(readbuf[0]) + + std::to_string(rec_type) + " from counterparty"); } diff --git a/src/tls/tls_record.cpp b/src/tls/tls_record.cpp index e77974a58..b2c32e5f9 100644 --- a/src/tls/tls_record.cpp +++ b/src/tls/tls_record.cpp @@ -277,6 +277,7 @@ size_t read_record(std::vector<byte>& readbuf, byte& msg_type, std::vector<byte>& msg, Protocol_Version& record_version, + u64bit& record_sequence, Connection_Sequence_Numbers* sequence_numbers, Connection_Cipher_State* cipherstate) { @@ -344,14 +345,12 @@ size_t read_record(std::vector<byte>& readbuf, const size_t header_size = (record_version.is_datagram_protocol()) ? DTLS_HEADER_SIZE : TLS_HEADER_SIZE; - u64bit msg_sequence = 0; - if(record_version.is_datagram_protocol()) - msg_sequence = load_be<u64bit>(&readbuf[3], 0); + record_sequence = load_be<u64bit>(&readbuf[3], 0); else if(sequence_numbers) - msg_sequence = sequence_numbers->next_read_sequence(); + record_sequence = sequence_numbers->next_read_sequence(); else - msg_sequence = 0; // server initial handshake case + record_sequence = 0; // server initial handshake case const size_t record_len = make_u16bit(readbuf[header_size-2], readbuf[header_size-1]); @@ -369,7 +368,7 @@ size_t read_record(std::vector<byte>& readbuf, readbuf_pos, "Have the full record"); - if(sequence_numbers && sequence_numbers->already_seen(msg_sequence)) + if(sequence_numbers && sequence_numbers->already_seen(record_sequence)) return 0; byte* record_contents = &readbuf[header_size]; @@ -437,7 +436,7 @@ size_t read_record(std::vector<byte>& readbuf, if(record_len < mac_pad_iv_size) throw Decoding_Error("Record sent with invalid length"); - cipherstate->mac()->update_be(msg_sequence); + cipherstate->mac()->update_be(record_sequence); cipherstate->mac()->update(readbuf[0]); // msg_type if(cipherstate->mac_includes_record_version()) @@ -464,7 +463,7 @@ size_t read_record(std::vector<byte>& readbuf, throw TLS_Exception(Alert::BAD_RECORD_MAC, "Message authentication failure"); if(sequence_numbers) - sequence_numbers->read_accept(msg_sequence); + sequence_numbers->read_accept(record_sequence); msg_type = readbuf[0]; msg.assign(&record_contents[iv_size], diff --git a/src/tls/tls_record.h b/src/tls/tls_record.h index 841244733..5ed6ede10 100644 --- a/src/tls/tls_record.h +++ b/src/tls/tls_record.h @@ -97,6 +97,7 @@ size_t read_record(std::vector<byte>& read_buffer, byte& msg_type, std::vector<byte>& msg, Protocol_Version& record_version, + u64bit& record_sequence, Connection_Sequence_Numbers* sequence_numbers, Connection_Cipher_State* cipherstate); |