From 5360e22ba5aeda343324da8a6b5a2279c6964ef9 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Thu, 7 Jan 2016 13:18:01 -0800 Subject: [PATCH] fix a sequence number issue with DTLS epoch 0 messages earlier in the handshake --- src/internal.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/internal.c b/src/internal.c index 440d768fc..b96725c15 100644 --- a/src/internal.c +++ b/src/internal.c @@ -2373,10 +2373,13 @@ int DtlsPoolSend(WOLFSSL* ssl) for (i = 0, buf = pool->buf; i < pool->used; i++, buf++) { if (pool->epoch[i] == 0) { DtlsRecordLayerHeader* dtls; + word32* seqNumber; dtls = (DtlsRecordLayerHeader*)buf->buffer; - c32to48(ssl->keys.dtls_prev_sequence_number++, - dtls->sequence_number); + seqNumber = (ssl->keys.dtls_epoch == 0) ? + &ssl->keys.dtls_sequence_number : + &ssl->keys.dtls_prev_sequence_number; + c32to48((*seqNumber)++, dtls->sequence_number); if ((ret = CheckAvailableSize(ssl, buf->length)) != 0) return ret;