From ac77aa9a1c247ef8fe0726b3eceb95a26eba292e Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Wed, 14 Dec 2016 17:27:15 +0000
Subject: [PATCH] Ensure the record sequence number gets incremented

We were not incrementing the sequence number every time we sent/received
a record.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157)
---
 ssl/record/ssl3_record_tls13.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/ssl/record/ssl3_record_tls13.c b/ssl/record/ssl3_record_tls13.c
index 44c08b014b..2099e79022 100644
--- a/ssl/record/ssl3_record_tls13.c
+++ b/ssl/record/ssl3_record_tls13.c
@@ -80,6 +80,17 @@ int tls13_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int send)
     for (loop = 0; loop < SEQ_NUM_SIZE; loop++)
         iv[offset + loop] = staticiv[offset + loop] ^ seq[loop];
 
+    /* Increment the sequence counter */
+    for (loop = SEQ_NUM_SIZE; loop > 0; loop--) {
+        ++seq[loop - 1];
+        if (seq[loop - 1] != 0)
+            break;
+    }
+    if (loop == 0) {
+        /* Sequence has wrapped */
+        return -1;
+    }
+
     /* TODO(size_t): lenu/lenf should be a size_t but EVP doesn't support it */
     if (EVP_CipherInit_ex(ctx, NULL, NULL, NULL, iv, send) <= 0
             || EVP_CipherUpdate(ctx, rec->data, &lenu, rec->input,
-- 
2.40.0