Move r_epoch and w_epoch from s->d1 to s->rlayer.d

Reviewed-by: Richard Levitte <levitte@openssl.org>

ssl/d1_both.c

@@ -1110,7 +1110,8 @@ int dtls1_buffer_message(SSL *s, int is_ccs)
     frag->msg_header.saved_retransmit_state.write_hash = s->write_hash;
     frag->msg_header.saved_retransmit_state.compress = s->compress;
     frag->msg_header.saved_retransmit_state.session = s->session;
-    frag->msg_header.saved_retransmit_state.epoch = s->d1->w_epoch;
+    frag->msg_header.saved_retransmit_state.epoch =
+        DTLS_RECORD_LAYER_get_w_epoch(&s->rlayer);
 
     memset(seq64be, 0, sizeof(seq64be));
     seq64be[6] =
@@ -1184,8 +1185,7 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
     saved_state.write_hash = s->write_hash;
     saved_state.compress = s->compress;
     saved_state.session = s->session;
-    saved_state.epoch = s->d1->w_epoch;
-    saved_state.epoch = s->d1->w_epoch;
+    saved_state.epoch = DTLS_RECORD_LAYER_get_w_epoch(&s->rlayer);
 
     s->d1->retransmitting = 1;
 
@@ -1194,7 +1194,8 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
     s->write_hash = frag->msg_header.saved_retransmit_state.write_hash;
     s->compress = frag->msg_header.saved_retransmit_state.compress;
     s->session = frag->msg_header.saved_retransmit_state.session;
-    s->d1->w_epoch = frag->msg_header.saved_retransmit_state.epoch;
+    DTLS_RECORD_LAYER_set_w_epoch(&s->rlayer,
+        frag->msg_header.saved_retransmit_state.epoch);
 
     if (frag->msg_header.saved_retransmit_state.epoch ==
         saved_state.epoch - 1) {
@@ -1212,7 +1213,7 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
     s->write_hash = saved_state.write_hash;
     s->compress = saved_state.compress;
     s->session = saved_state.session;
-    s->d1->w_epoch = saved_state.epoch;
+    DTLS_RECORD_LAYER_set_w_epoch(&s->rlayer, saved_state.epoch);
 
     if (frag->msg_header.saved_retransmit_state.epoch ==
         saved_state.epoch - 1) {

ssl/d1_lib.c

@@ -138,8 +138,6 @@ int dtls1_new(SSL *s)
         return 0;
     }
 
-    /* d1->handshake_epoch=0; */
-
     d1->unprocessed_rcds.q = pqueue_new();
     d1->processed_rcds.q = pqueue_new();
     d1->buffered_messages = pqueue_new();

ssl/record/d1_pkt.c

@@ -332,7 +332,7 @@ int dtls1_process_buffered_records(SSL *s)
     item = pqueue_peek(s->d1->unprocessed_rcds.q);
     if (item) {
         /* Check if epoch is current. */
-        if (s->d1->unprocessed_rcds.epoch != s->d1->r_epoch)
+        if (s->d1->unprocessed_rcds.epoch != s->rlayer.d->r_epoch)
             return (1);         /* Nothing to do. */
 
         /* Process all the records. */
@@ -350,8 +350,8 @@ int dtls1_process_buffered_records(SSL *s)
      * sync epoch numbers once all the unprocessed records have been
      * processed
      */
-    s->d1->processed_rcds.epoch = s->d1->r_epoch;
-    s->d1->unprocessed_rcds.epoch = s->d1->r_epoch + 1;
+    s->d1->processed_rcds.epoch = s->rlayer.d->r_epoch;
+    s->d1->unprocessed_rcds.epoch = s->rlayer.d->r_epoch + 1;
 
     return (1);
 }
@@ -909,7 +909,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
 
         /* this may just be a stale retransmit */
         dtls1_get_message_header(rr->data, &msg_hdr);
-        if (rr->epoch != s->d1->r_epoch) {
+        if (rr->epoch != s->rlayer.d->r_epoch) {
             rr->length = 0;
             goto start;
         }
@@ -1201,7 +1201,7 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
 
     /* there's only one epoch between handshake and app data */
 
-    s2n(s->d1->w_epoch, pseq);
+    s2n(s->rlayer.d->w_epoch, pseq);
 
     /* XDTLS: ?? */
     /*
@@ -1301,12 +1301,12 @@ DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr,
     *is_next_epoch = 0;
 
     /* In current epoch, accept HM, CCS, DATA, & ALERT */
-    if (rr->epoch == s->d1->r_epoch)
+    if (rr->epoch == s->rlayer.d->r_epoch)
         return &s->d1->bitmap;
 
     /* Only HM and ALERT messages can be from the next epoch */
-    else if (rr->epoch == (unsigned long)(s->d1->r_epoch + 1) &&
-             (rr->type == SSL3_RT_HANDSHAKE || rr->type == SSL3_RT_ALERT)) {
+    else if (rr->epoch == (unsigned long)(s->rlayer.d->r_epoch + 1) &&
+            (rr->type == SSL3_RT_HANDSHAKE || rr->type == SSL3_RT_ALERT)) {
         *is_next_epoch = 1;
         return &s->d1->next_bitmap;
     }
@@ -1321,14 +1321,14 @@ void dtls1_reset_seq_numbers(SSL *s, int rw)
 
     if (rw & SSL3_CC_READ) {
         seq = s->rlayer.read_sequence;
-        s->d1->r_epoch++;
+        s->rlayer.d->r_epoch++;
         memcpy(&(s->d1->bitmap), &(s->d1->next_bitmap), sizeof(DTLS1_BITMAP));
         memset(&(s->d1->next_bitmap), 0x00, sizeof(DTLS1_BITMAP));
     } else {
         seq = s->rlayer.write_sequence;
         memcpy(s->d1->last_write_sequence, seq,
                sizeof(s->rlayer.write_sequence));
-        s->d1->w_epoch++;
+        s->rlayer.d->w_epoch++;
     }
 
     memset(seq, 0x00, seq_bytes);

ssl/record/rec_layer.h

@@ -143,8 +143,13 @@ typedef struct dtls1_record_data_st {
 } DTLS1_RECORD_DATA;
 
 typedef struct dtls_record_layer_st {
-    /* Temporary member to be removed by subsequent commits */
-    int dummy;
+    /*
+     * The current data and handshake epoch.  This is initially
+     * undefined, and starts at zero once the initial handshake is
+     * completed
+     */
+    unsigned short r_epoch;
+    unsigned short w_epoch;
 } DTLS_RECORD_LAYER;
 
 typedef struct record_layer_st {
@@ -212,6 +217,8 @@ typedef struct record_layer_st {
 #define RECORD_LAYER_add_packet_length(rl, inc) ((rl)->packet_length += (inc))
 #define RECORD_LAYER_get_read_sequence(rl)      ((rl)->read_sequence)
 #define RECORD_LAYER_get_write_sequence(rl)     ((rl)->write_sequence)
+#define DTLS_RECORD_LAYER_get_w_epoch(rl)       ((rl)->d->w_epoch)
+#define DTLS_RECORD_LAYER_set_w_epoch(rl, e)    ((rl)->d->w_epoch = (e))
 
 void RECORD_LAYER_init(RECORD_LAYER *rl, SSL *s);
 void RECORD_LAYER_clear(RECORD_LAYER *rl);
@@ -255,6 +262,7 @@ void dtls1_reset_seq_numbers(SSL *s, int rw);
 #define RECORD_LAYER_reset_packet_length(rl)    ((rl)->packet_length = 0)
 #define RECORD_LAYER_get_rstate(rl)             ((rl)->rstate)
 #define RECORD_LAYER_set_rstate(rl, st)         ((rl)->rstate = (st))
+#define DTLS_RECORD_LAYER_get_r_epoch(rl)       ((rl)->d->r_epoch)
 
 __owur int ssl3_read_n(SSL *s, int n, int max, int extend);
 __owur int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,

ssl/record/ssl3_record.c

@@ -665,7 +665,8 @@ int tls1_enc(SSL *s, int send)
             if (SSL_IS_DTLS(s)) {
                 unsigned char dtlsseq[9], *p = dtlsseq;
 
-                s2n(send ? s->d1->w_epoch : s->d1->r_epoch, p);
+                s2n(send ? DTLS_RECORD_LAYER_get_w_epoch(&s->rlayer) :
+                    DTLS_RECORD_LAYER_get_r_epoch(&s->rlayer), p);
                 memcpy(p, &seq[2], 6);
                 memcpy(buf, dtlsseq, 8);
             } else {
@@ -894,7 +895,8 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
     if (SSL_IS_DTLS(ssl)) {
         unsigned char dtlsseq[8], *p = dtlsseq;
 
-        s2n(send ? ssl->d1->w_epoch : ssl->d1->r_epoch, p);
+        s2n(send ? DTLS_RECORD_LAYER_get_w_epoch(&ssl->rlayer) :
+            DTLS_RECORD_LAYER_get_r_epoch(&ssl->rlayer), p);
         memcpy(p, &seq[2], 6);
 
         memcpy(header, dtlsseq, 8);

ssl/ssl_locl.h

@@ -1403,13 +1403,7 @@ typedef struct dtls1_state_st {
     unsigned char cookie[DTLS1_COOKIE_LENGTH];
     unsigned char rcvd_cookie[DTLS1_COOKIE_LENGTH];
     unsigned int cookie_len;
-    /*
-     * The current data and handshake epoch.  This is initially
-     * undefined, and starts at zero once the initial handshake is
-     * completed
-     */
-    unsigned short r_epoch;
-    unsigned short w_epoch;
+
     /* records being received in the current epoch */
     DTLS1_BITMAP bitmap;
     /* renegotiation starts a new set of sequence numbers */