Prepare for checking incoming handshake seqnum
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index e97bd2a..dce8b74 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1292,7 +1292,10 @@
* Copy the client's handshake message_seq on initial handshakes
*/
if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE )
- ssl->handshake->msg_seq = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5];
+ {
+ ssl->handshake->out_msg_seq = ( ssl->in_msg[4] << 8 ) |
+ ssl->in_msg[5];
+ }
// TODO: DTLS: check message_seq on non-initial handshakes?
// (or already done in ssl_read_record?)
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index d73333a..7b47766 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2033,9 +2033,9 @@
/* Write message_seq and update it, except for HelloRequest */
if( ssl->out_msg[0] != SSL_HS_HELLO_REQUEST )
{
- ssl->out_msg[4] = ( ssl->handshake->msg_seq >> 8 ) & 0xFF;
- ssl->out_msg[5] = ( ssl->handshake->msg_seq ) & 0xFF;
- ++( ssl->handshake->msg_seq );
+ ssl->out_msg[4] = ( ssl->handshake->out_msg_seq >> 8 ) & 0xFF;
+ ssl->out_msg[5] = ( ssl->handshake->out_msg_seq ) & 0xFF;
+ ++( ssl->handshake->out_msg_seq );
}
else
{
@@ -4784,7 +4784,7 @@
ssl->endpoint == SSL_IS_SERVER &&
ssl->renegotiation == SSL_RENEGOTIATION_PENDING )
{
- ssl->handshake->msg_seq = 1;
+ ssl->handshake->out_msg_seq = 1;
}
#endif