aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/tls/tls_channel.cpp9
-rw-r--r--src/tls/tls_record.cpp15
-rw-r--r--src/tls/tls_record.h1
3 files changed, 13 insertions, 12 deletions
diff --git a/src/tls/tls_channel.cpp b/src/tls/tls_channel.cpp
index 9fb41c9f6..6fa75766a 100644
--- a/src/tls/tls_channel.cpp
+++ b/src/tls/tls_channel.cpp
@@ -185,7 +185,7 @@ size_t Channel::received_data(const byte buf[], size_t buf_size)
{
byte rec_type = NO_RECORD;
std::vector<byte> record;
- u64bit record_number = 0;
+ u64bit record_sequence = 0;
Protocol_Version record_version;
size_t consumed = 0;
@@ -199,6 +199,7 @@ size_t Channel::received_data(const byte buf[], size_t buf_size)
rec_type,
record,
record_version,
+ record_sequence,
m_sequence_numbers.get(),
m_read_cipherstate.get());
@@ -226,11 +227,11 @@ size_t Channel::received_data(const byte buf[], size_t buf_size)
if(!m_pending_state)
{
create_handshake_state(record_version);
- sequence_numbers().read_accept(0);
+ sequence_numbers().read_accept(record_sequence);
}
m_pending_state->handshake_io().add_input(
- rec_type, &record[0], record.size(), record_number);
+ rec_type, &record[0], record.size(), record_sequence);
while(m_pending_state)
{
@@ -316,7 +317,7 @@ size_t Channel::received_data(const byte buf[], size_t buf_size)
}
else
throw Unexpected_Message("Unknown record type " +
- std::to_string(readbuf[0]) +
+ std::to_string(rec_type) +
" from counterparty");
}
diff --git a/src/tls/tls_record.cpp b/src/tls/tls_record.cpp
index e77974a58..b2c32e5f9 100644
--- a/src/tls/tls_record.cpp
+++ b/src/tls/tls_record.cpp
@@ -277,6 +277,7 @@ size_t read_record(std::vector<byte>& readbuf,
byte& msg_type,
std::vector<byte>& msg,
Protocol_Version& record_version,
+ u64bit& record_sequence,
Connection_Sequence_Numbers* sequence_numbers,
Connection_Cipher_State* cipherstate)
{
@@ -344,14 +345,12 @@ size_t read_record(std::vector<byte>& readbuf,
const size_t header_size =
(record_version.is_datagram_protocol()) ? DTLS_HEADER_SIZE : TLS_HEADER_SIZE;
- u64bit msg_sequence = 0;
-
if(record_version.is_datagram_protocol())
- msg_sequence = load_be<u64bit>(&readbuf[3], 0);
+ record_sequence = load_be<u64bit>(&readbuf[3], 0);
else if(sequence_numbers)
- msg_sequence = sequence_numbers->next_read_sequence();
+ record_sequence = sequence_numbers->next_read_sequence();
else
- msg_sequence = 0; // server initial handshake case
+ record_sequence = 0; // server initial handshake case
const size_t record_len = make_u16bit(readbuf[header_size-2],
readbuf[header_size-1]);
@@ -369,7 +368,7 @@ size_t read_record(std::vector<byte>& readbuf,
readbuf_pos,
"Have the full record");
- if(sequence_numbers && sequence_numbers->already_seen(msg_sequence))
+ if(sequence_numbers && sequence_numbers->already_seen(record_sequence))
return 0;
byte* record_contents = &readbuf[header_size];
@@ -437,7 +436,7 @@ size_t read_record(std::vector<byte>& readbuf,
if(record_len < mac_pad_iv_size)
throw Decoding_Error("Record sent with invalid length");
- cipherstate->mac()->update_be(msg_sequence);
+ cipherstate->mac()->update_be(record_sequence);
cipherstate->mac()->update(readbuf[0]); // msg_type
if(cipherstate->mac_includes_record_version())
@@ -464,7 +463,7 @@ size_t read_record(std::vector<byte>& readbuf,
throw TLS_Exception(Alert::BAD_RECORD_MAC, "Message authentication failure");
if(sequence_numbers)
- sequence_numbers->read_accept(msg_sequence);
+ sequence_numbers->read_accept(record_sequence);
msg_type = readbuf[0];
msg.assign(&record_contents[iv_size],
diff --git a/src/tls/tls_record.h b/src/tls/tls_record.h
index 841244733..5ed6ede10 100644
--- a/src/tls/tls_record.h
+++ b/src/tls/tls_record.h
@@ -97,6 +97,7 @@ size_t read_record(std::vector<byte>& read_buffer,
byte& msg_type,
std::vector<byte>& msg,
Protocol_Version& record_version,
+ u64bit& record_sequence,
Connection_Sequence_Numbers* sequence_numbers,
Connection_Cipher_State* cipherstate);