From d4302cc71be92db08ae4efcdf186801fe84c9c46 Mon Sep 17 00:00:00 2001
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
Date: Thu, 4 Mar 2021 12:27:35 +0100
Subject: [PATCH] Correctly reset the Tx sequence number

All DTLS records after the ClientHello should try to start from the sequence number of the ClientHello if it is available.
---
 src/internal.c                    | 10 +++-------
 tests/include.am                  |  1 +
 tests/suites.c                    | 14 ++++++++++++++
 tests/test-dtls-fails-cipher.conf |  9 +++++++++
 4 files changed, 27 insertions(+), 7 deletions(-)
 create mode 100644 tests/test-dtls-fails-cipher.conf

diff --git a/src/internal.c b/src/internal.c
index 20df4f998..274a14cf5 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -29785,13 +29785,8 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ],
         /* are we in scr */
         if (IsEncryptionOn(ssl, 1)) {
             byte* input;
-            int   inputSz = HANDSHAKE_HEADER_SZ + length; /* build msg adds rec hdr */
-            int   recordHeaderSz = RECORD_HEADER_SZ;
-
-            if (ssl->options.dtls) {
-                recordHeaderSz += DTLS_RECORD_EXTRA;
-                inputSz += DTLS_HANDSHAKE_EXTRA;
-            }
+            int   inputSz = DTLS_HANDSHAKE_HEADER_SZ + length; /* build msg adds rec hdr */
+            int   recordHeaderSz = DTLS_RECORD_HEADER_SZ;
 
             input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER);
             if (input == NULL)
@@ -29807,6 +29802,7 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ],
         }
 
         ssl->buffers.outputBuffer.length += sendSz;
+        DtlsSEQIncrement(ssl, CUR_ORDER);
 
         return SendBuffered(ssl);
     }
diff --git a/tests/include.am b/tests/include.am
index 17443dcf1..39b668c06 100644
--- a/tests/include.am
+++ b/tests/include.am
@@ -31,6 +31,7 @@ EXTRA_DIST += tests/test.conf \
               tests/test-psk-no-id-sha2.conf \
               tests/test-dtls.conf \
               tests/test-dtls-fails.conf \
+              tests/test-dtls-fails-cipher.conf \
               tests/test-dtls-group.conf \
               tests/test-dtls-reneg-client.conf \
               tests/test-dtls-reneg-server.conf \
diff --git a/tests/suites.c b/tests/suites.c
index 7d02f4223..7828b273b 100644
--- a/tests/suites.c
+++ b/tests/suites.c
@@ -1003,6 +1003,20 @@ int SuiteTest(int argc, char** argv)
     }
     strcpy(argv0[2], "");
 #endif
+#ifdef WOLFSSL_EXTRA_ALERTS
+    /* failure tests */
+    args.argc = 3;
+    strcpy(argv0[1], "tests/test-dtls-fails-cipher.conf");
+    strcpy(argv0[2], "expFail"); /* tests are expected to fail */
+    printf("starting dtls cipher mismatch tests that expect failure\n");
+    test_harness(&args);
+    if (args.return_code != 0) {
+        printf("error from script %d\n", args.return_code);
+        args.return_code = EXIT_FAILURE;
+        goto exit;
+    }
+    strcpy(argv0[2], "");
+#endif
 #endif
 #ifdef WOLFSSL_SCTP
     /* add dtls-sctp extra suites */
diff --git a/tests/test-dtls-fails-cipher.conf b/tests/test-dtls-fails-cipher.conf
new file mode 100644
index 000000000..70a587612
--- /dev/null
+++ b/tests/test-dtls-fails-cipher.conf
@@ -0,0 +1,9 @@
+# server DTLSv1.2 cipher mismatch
+-v 3
+-u
+-l DHE-RSA-AES128-SHA256
+
+# client DTLSv1.2 cipher mismatch
+-v 3
+-u
+-l DHE-RSA-AES256-SHA256