From 5f79670f7b9b0354a5f6ccac9474f7a12f86407e Mon Sep 17 00:00:00 2001
From: Frederik Wedel-Heinen <frederik.wedel-heinen@dencrypt.dk>
Date: Mon, 2 Oct 2023 12:00:58 +0200
Subject: Print record version for DTLSv1_listen()

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22241)
---
 ssl/d1_lib.c | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

(limited to 'ssl')

diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index 8bbabd8f41..be4ff02a89 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -411,7 +411,7 @@ int DTLSv1_listen(SSL *ssl, BIO_ADDR *client)
     const unsigned char *data;
     unsigned char *buf = NULL, *wbuf;
     size_t fragoff, fraglen, msglen;
-    unsigned int rectype, versmajor, msgseq, msgtype, clientvers, cookielen;
+    unsigned int rectype, versmajor, versminor, msgseq, msgtype, clientvers, cookielen;
     BIO *rbio, *wbio;
     BIO_ADDR *tmpclient = NULL;
     PACKET pkt, msgpkt, msgpayload, session, cookiepkt;
@@ -496,17 +496,18 @@ int DTLSv1_listen(SSL *ssl, BIO_ADDR *client)
             goto end;
         }
 
-        if (s->msg_callback)
-            s->msg_callback(0, 0, SSL3_RT_HEADER, buf,
-                            DTLS1_RT_HEADER_LENGTH, ssl, s->msg_callback_arg);
-
         /* Get the record header */
         if (!PACKET_get_1(&pkt, &rectype)
-            || !PACKET_get_1(&pkt, &versmajor)) {
+            || !PACKET_get_1(&pkt, &versmajor)
+            || !PACKET_get_1(&pkt, &versminor)) {
             ERR_raise(ERR_LIB_SSL, SSL_R_LENGTH_MISMATCH);
             goto end;
         }
 
+        if (s->msg_callback)
+            s->msg_callback(0, (versmajor << 8) | versminor, SSL3_RT_HEADER, buf,
+                            DTLS1_RT_HEADER_LENGTH, ssl, s->msg_callback_arg);
+
         if (rectype != SSL3_RT_HANDSHAKE) {
             ERR_raise(ERR_LIB_SSL, SSL_R_UNEXPECTED_MESSAGE);
             goto end;
@@ -521,9 +522,8 @@ int DTLSv1_listen(SSL *ssl, BIO_ADDR *client)
             goto end;
         }
 
-        if (!PACKET_forward(&pkt, 1)
-            /* Save the sequence number: 64 bits, with top 2 bytes = epoch */
-            || !PACKET_copy_bytes(&pkt, seq, SEQ_NUM_SIZE)
+        /* Save the sequence number: 64 bits, with top 2 bytes = epoch */
+        if (!PACKET_copy_bytes(&pkt, seq, SEQ_NUM_SIZE)
             || !PACKET_get_length_prefixed_2(&pkt, &msgpkt)) {
             ERR_raise(ERR_LIB_SSL, SSL_R_LENGTH_MISMATCH);
             goto end;
-- 
cgit v1.2.3