Move r_epoch and w_epoch from s->d1 to s->rlayer.d

Reviewed-by: Richard Levitte <levitte@openssl.org>

3 files changed, 24 insertions, 14 deletions

diff --git a/ssl/record/d1_pkt.c b/ssl/record/d1_pkt.c
index 02b0f52eb1..2550b1dc7d 100644
--- a/ssl/record/d1_pkt.c
+++ b/ssl/record/d1_pkt.c
@@ -332,7 +332,7 @@ int dtls1_process_buffered_records(SSL *s)
     item = pqueue_peek(s->d1->unprocessed_rcds.q);
     if (item) {
         /* Check if epoch is current. */
-        if (s->d1->unprocessed_rcds.epoch != s->d1->r_epoch)
+        if (s->d1->unprocessed_rcds.epoch != s->rlayer.d->r_epoch)
             return (1);         /* Nothing to do. */
 
         /* Process all the records. */
@@ -350,8 +350,8 @@ int dtls1_process_buffered_records(SSL *s)
      * sync epoch numbers once all the unprocessed records have been
      * processed
      */
-    s->d1->processed_rcds.epoch = s->d1->r_epoch;
-    s->d1->unprocessed_rcds.epoch = s->d1->r_epoch + 1;
+    s->d1->processed_rcds.epoch = s->rlayer.d->r_epoch;
+    s->d1->unprocessed_rcds.epoch = s->rlayer.d->r_epoch + 1;
 
     return (1);
 }
@@ -909,7 +909,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
 
         /* this may just be a stale retransmit */
         dtls1_get_message_header(rr->data, &msg_hdr);
-        if (rr->epoch != s->d1->r_epoch) {
+        if (rr->epoch != s->rlayer.d->r_epoch) {
             rr->length = 0;
             goto start;
         }
@@ -1201,7 +1201,7 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
 
     /* there's only one epoch between handshake and app data */
 
-    s2n(s->d1->w_epoch, pseq);
+    s2n(s->rlayer.d->w_epoch, pseq);
 
     /* XDTLS: ?? */
     /*
@@ -1301,12 +1301,12 @@ DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr,
     *is_next_epoch = 0;
 
     /* In current epoch, accept HM, CCS, DATA, & ALERT */
-    if (rr->epoch == s->d1->r_epoch)
+    if (rr->epoch == s->rlayer.d->r_epoch)
         return &s->d1->bitmap;
 
     /* Only HM and ALERT messages can be from the next epoch */
-    else if (rr->epoch == (unsigned long)(s->d1->r_epoch + 1) &&
-             (rr->type == SSL3_RT_HANDSHAKE || rr->type == SSL3_RT_ALERT)) {
+    else if (rr->epoch == (unsigned long)(s->rlayer.d->r_epoch + 1) &&
+            (rr->type == SSL3_RT_HANDSHAKE || rr->type == SSL3_RT_ALERT)) {
         *is_next_epoch = 1;
         return &s->d1->next_bitmap;
     }
@@ -1321,14 +1321,14 @@ void dtls1_reset_seq_numbers(SSL *s, int rw)
 
     if (rw & SSL3_CC_READ) {
         seq = s->rlayer.read_sequence;
-        s->d1->r_epoch++;
+        s->rlayer.d->r_epoch++;
         memcpy(&(s->d1->bitmap), &(s->d1->next_bitmap), sizeof(DTLS1_BITMAP));
         memset(&(s->d1->next_bitmap), 0x00, sizeof(DTLS1_BITMAP));
     } else {
         seq = s->rlayer.write_sequence;
         memcpy(s->d1->last_write_sequence, seq,
                sizeof(s->rlayer.write_sequence));
-        s->d1->w_epoch++;
+        s->rlayer.d->w_epoch++;
     }
 
     memset(seq, 0x00, seq_bytes);
diff --git a/ssl/record/rec_layer.h b/ssl/record/rec_layer.h
index c64468f5f4..00abf24f8f 100644
--- a/ssl/record/rec_layer.h
+++ b/ssl/record/rec_layer.h
@@ -143,8 +143,13 @@ typedef struct dtls1_record_data_st {
 } DTLS1_RECORD_DATA;
 
 typedef struct dtls_record_layer_st {
-    /* Temporary member to be removed by subsequent commits */
-    int dummy;
+    /*
+     * The current data and handshake epoch.  This is initially
+     * undefined, and starts at zero once the initial handshake is
+     * completed
+     */
+    unsigned short r_epoch;
+    unsigned short w_epoch;
 } DTLS_RECORD_LAYER;
 
 typedef struct record_layer_st {
@@ -212,6 +217,8 @@ typedef struct record_layer_st {
 #define RECORD_LAYER_add_packet_length(rl, inc) ((rl)->packet_length += (inc))
 #define RECORD_LAYER_get_read_sequence(rl)      ((rl)->read_sequence)
 #define RECORD_LAYER_get_write_sequence(rl)     ((rl)->write_sequence)
+#define DTLS_RECORD_LAYER_get_w_epoch(rl)       ((rl)->d->w_epoch)
+#define DTLS_RECORD_LAYER_set_w_epoch(rl, e)    ((rl)->d->w_epoch = (e))
 
 void RECORD_LAYER_init(RECORD_LAYER *rl, SSL *s);
 void RECORD_LAYER_clear(RECORD_LAYER *rl);
@@ -255,6 +262,7 @@ void dtls1_reset_seq_numbers(SSL *s, int rw);
 #define RECORD_LAYER_reset_packet_length(rl)    ((rl)->packet_length = 0)
 #define RECORD_LAYER_get_rstate(rl)             ((rl)->rstate)
 #define RECORD_LAYER_set_rstate(rl, st)         ((rl)->rstate = (st))
+#define DTLS_RECORD_LAYER_get_r_epoch(rl)       ((rl)->d->r_epoch)
 
 __owur int ssl3_read_n(SSL *s, int n, int max, int extend);
 __owur int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c
index dde18cc4df..e3652705ea 100644
--- a/ssl/record/ssl3_record.c
+++ b/ssl/record/ssl3_record.c
@@ -665,7 +665,8 @@ int tls1_enc(SSL *s, int send)
             if (SSL_IS_DTLS(s)) {
                 unsigned char dtlsseq[9], *p = dtlsseq;
 
-                s2n(send ? s->d1->w_epoch : s->d1->r_epoch, p);
+                s2n(send ? DTLS_RECORD_LAYER_get_w_epoch(&s->rlayer) :
+                    DTLS_RECORD_LAYER_get_r_epoch(&s->rlayer), p);
                 memcpy(p, &seq[2], 6);
                 memcpy(buf, dtlsseq, 8);
             } else {
@@ -894,7 +895,8 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
     if (SSL_IS_DTLS(ssl)) {
         unsigned char dtlsseq[8], *p = dtlsseq;
 
-        s2n(send ? ssl->d1->w_epoch : ssl->d1->r_epoch, p);
+        s2n(send ? DTLS_RECORD_LAYER_get_w_epoch(&ssl->rlayer) :
+            DTLS_RECORD_LAYER_get_r_epoch(&ssl->rlayer), p);
         memcpy(p, &seq[2], 6);
 
         memcpy(header, dtlsseq, 8);