Rename ssl3_record_sequence_update() to ssl3_record_sequence_increment(),

so that it reflects what it is actually doing. Use this function in a
number of places that still have the hand rolled version.

ok beck@ miod@

lib/libssl/d1_pkt.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_pkt.c,v 1.28 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.29 2014/06/15 15:29:25 jsing Exp $ */
 /* 
  * DTLS implementation written by Nagendra Modadugu
  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
@@ -1433,7 +1433,7 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
 	wr->type=type; /* not needed but helps for debugging */
 	wr->length += DTLS1_RT_HEADER_LENGTH;
 
-	ssl3_record_sequence_update(&(s->s3->write_sequence[0]));
+	ssl3_record_sequence_increment(s->s3->write_sequence);
 
 	/* now let's set up wb */
 	wb->left = prefix_len + wr->length;

lib/libssl/src/ssl/d1_pkt.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_pkt.c,v 1.28 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.29 2014/06/15 15:29:25 jsing Exp $ */
 /* 
  * DTLS implementation written by Nagendra Modadugu
  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
@@ -1433,7 +1433,7 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
 	wr->type=type; /* not needed but helps for debugging */
 	wr->length += DTLS1_RT_HEADER_LENGTH;
 
-	ssl3_record_sequence_update(&(s->s3->write_sequence[0]));
+	ssl3_record_sequence_increment(s->s3->write_sequence);
 
 	/* now let's set up wb */
 	wb->left = prefix_len + wr->length;

lib/libssl/src/ssl/s3_enc.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_enc.c,v 1.48 2014/06/13 16:08:03 jsing Exp $ */
+/* $OpenBSD: s3_enc.c,v 1.49 2014/06/15 15:29:25 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -807,12 +807,13 @@ n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
 		EVP_MD_CTX_cleanup(&md_ctx);
 	}
 
-	ssl3_record_sequence_update(seq);
+	ssl3_record_sequence_increment(seq);
+
 	return (md_size);
 }
 
 void
-ssl3_record_sequence_update(unsigned char *seq)
+ssl3_record_sequence_increment(unsigned char *seq)
 {
 	int i;
 

lib/libssl/src/ssl/ssl_locl.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.51 2014/06/13 13:28:53 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.52 2014/06/15 15:29:25 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -721,18 +721,18 @@ long	ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void));
 long	ssl3_ctx_callback_ctrl(SSL_CTX *s, int cmd, void (*fp)(void));
 int	ssl3_pending(const SSL *s);
 
-void ssl3_record_sequence_update(unsigned char *seq);
+void ssl3_record_sequence_increment(unsigned char *seq);
 int ssl3_do_change_cipher_spec(SSL *ssl);
-long ssl3_default_timeout(void );
+long ssl3_default_timeout(void);
 
-int ssl23_num_ciphers(void );
+int ssl23_num_ciphers(void);
 const SSL_CIPHER *ssl23_get_cipher(unsigned int u);
 int ssl23_read(SSL *s, void *buf, int len);
 int ssl23_peek(SSL *s, void *buf, int len);
 int ssl23_write(SSL *s, const void *buf, int len);
 int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
 const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p);
-long ssl23_default_timeout(void );
+long ssl23_default_timeout(void);
 
 long tls1_default_timeout(void);
 int dtls1_do_write(SSL *s, int type);

lib/libssl/src/ssl/t1_enc.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_enc.c,v 1.59 2014/06/13 16:09:15 jsing Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.60 2014/06/15 15:29:25 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -803,11 +803,7 @@ tls1_enc(SSL *s, int send)
 			memcpy(ad, dtlsseq, 8);
 		} else {
 			memcpy(ad, seq, SSL3_SEQUENCE_SIZE);
-			for (i = 7; i >= 0; i--) {
-				++seq[i];
-				if (seq[i] != 0)
-					break;
-			}
+			ssl3_record_sequence_increment(seq);
 		}
 
 		ad[8] = rec->type;
@@ -964,11 +960,7 @@ tls1_enc(SSL *s, int send)
 				memcpy(buf, dtlsseq, 8);
 			} else {
 				memcpy(buf, seq, SSL3_SEQUENCE_SIZE);
-				for (i = 7; i >= 0; i--) {	/* increment */
-					++seq[i];
-					if (seq[i] != 0)
-						break;
-				}
+				ssl3_record_sequence_increment(seq);
 			}
 
 			buf[8] = rec->type;
@@ -1117,7 +1109,6 @@ tls1_mac(SSL *ssl, unsigned char *md, int send)
 	unsigned char *seq;
 	EVP_MD_CTX *hash;
 	size_t md_size, orig_len;
-	int i;
 	EVP_MD_CTX hmac, *mac_ctx;
 	unsigned char header[13];
 	int stream_mac = (send ?
@@ -1191,13 +1182,8 @@ tls1_mac(SSL *ssl, unsigned char *md, int send)
 	if (!stream_mac)
 		EVP_MD_CTX_cleanup(&hmac);
 
-	if (!SSL_IS_DTLS(ssl)) {
-		for (i = 7; i >= 0; i--) {
-			++seq[i];
-			if (seq[i] != 0)
-				break;
-		}
-	}
+	if (!SSL_IS_DTLS(ssl))
+		ssl3_record_sequence_increment(seq);
 
 	return (md_size);
 }

lib/libssl/ssl_locl.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.51 2014/06/13 13:28:53 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.52 2014/06/15 15:29:25 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -721,18 +721,18 @@ long	ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void));
 long	ssl3_ctx_callback_ctrl(SSL_CTX *s, int cmd, void (*fp)(void));
 int	ssl3_pending(const SSL *s);
 
-void ssl3_record_sequence_update(unsigned char *seq);
+void ssl3_record_sequence_increment(unsigned char *seq);
 int ssl3_do_change_cipher_spec(SSL *ssl);
-long ssl3_default_timeout(void );
+long ssl3_default_timeout(void);
 
-int ssl23_num_ciphers(void );
+int ssl23_num_ciphers(void);
 const SSL_CIPHER *ssl23_get_cipher(unsigned int u);
 int ssl23_read(SSL *s, void *buf, int len);
 int ssl23_peek(SSL *s, void *buf, int len);
 int ssl23_write(SSL *s, const void *buf, int len);
 int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
 const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p);
-long ssl23_default_timeout(void );
+long ssl23_default_timeout(void);
 
 long tls1_default_timeout(void);
 int dtls1_do_write(SSL *s, int type);

lib/libssl/t1_enc.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_enc.c,v 1.59 2014/06/13 16:09:15 jsing Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.60 2014/06/15 15:29:25 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -803,11 +803,7 @@ tls1_enc(SSL *s, int send)
 			memcpy(ad, dtlsseq, 8);
 		} else {
 			memcpy(ad, seq, SSL3_SEQUENCE_SIZE);
-			for (i = 7; i >= 0; i--) {
-				++seq[i];
-				if (seq[i] != 0)
-					break;
-			}
+			ssl3_record_sequence_increment(seq);
 		}
 
 		ad[8] = rec->type;
@@ -964,11 +960,7 @@ tls1_enc(SSL *s, int send)
 				memcpy(buf, dtlsseq, 8);
 			} else {
 				memcpy(buf, seq, SSL3_SEQUENCE_SIZE);
-				for (i = 7; i >= 0; i--) {	/* increment */
-					++seq[i];
-					if (seq[i] != 0)
-						break;
-				}
+				ssl3_record_sequence_increment(seq);
 			}
 
 			buf[8] = rec->type;
@@ -1117,7 +1109,6 @@ tls1_mac(SSL *ssl, unsigned char *md, int send)
 	unsigned char *seq;
 	EVP_MD_CTX *hash;
 	size_t md_size, orig_len;
-	int i;
 	EVP_MD_CTX hmac, *mac_ctx;
 	unsigned char header[13];
 	int stream_mac = (send ?
@@ -1191,13 +1182,8 @@ tls1_mac(SSL *ssl, unsigned char *md, int send)
 	if (!stream_mac)
 		EVP_MD_CTX_cleanup(&hmac);
 
-	if (!SSL_IS_DTLS(ssl)) {
-		for (i = 7; i >= 0; i--) {
-			++seq[i];
-			if (seq[i] != 0)
-				break;
-		}
-	}
+	if (!SSL_IS_DTLS(ssl))
+		ssl3_record_sequence_increment(seq);
 
 	return (md_size);
 }