(D)TLS: fix type of record sequence number

The record sequence number is 64-bit, not 32-bit. This applies to all SSLv3/TLS/DTLS versions. Without this fix, after about four million records, the wrong MAC is calculated (for TLS 1.2) or decryption will fail (for TLS 1.3). Change-Id: I05e5e8bc4229ac443a1b06c5fe984fb885eab1ca Reviewed-on: https://code.wireshark.org/review/19824 Petri-Dish: Alexis La Goutte <alexis.lagoutte@gmail.com> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Peter Wu <peter@lekensteyn.nl>
author: Peter Wu <peter@lekensteyn.nl> 2017-01-27 22:30:34 +0100
committer: Peter Wu <peter@lekensteyn.nl> 2017-01-29 23:31:29 +0000
commit: b3035df88796e0e9058b315791861b03b3b59af7 (patch)
tree: 3bd634d05efcbf85297c658fda8741a074c75ea0 /epan/dissectors/packet-ssl-utils.h
parent: 9fb9bc52bbed0b8be199e0f3ea21c6e543cde2ab (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/epan/dissectors/packet-ssl-utils.h b/epan/dissectors/packet-ssl-utils.h
index 39875c6191..8760103922 100644
--- a/epan/dissectors/packet-ssl-utils.h
+++ b/epan/dissectors/packet-ssl-utils.h
@@ -302,7 +302,7 @@ typedef struct _SslDecoder {
     StringInfo write_iv; /* for AEAD ciphers (at least GCM, CCM) */
     SSL_CIPHER_CTX evp;
     SslDecompress *decomp;
-    guint32 seq;
+    guint64 seq;    /**< Implicit (TLS) or explicit (DTLS) record sequence number. */
     guint16 epoch;
     SslFlow *flow;
 } SslDecoder;
author	Peter Wu <peter@lekensteyn.nl>	2017-01-27 22:30:34 +0100
committer	Peter Wu <peter@lekensteyn.nl>	2017-01-29 23:31:29 +0000
commit	b3035df88796e0e9058b315791861b03b3b59af7 (patch)
tree	3bd634d05efcbf85297c658fda8741a074c75ea0 /epan/dissectors/packet-ssl-utils.h
parent	9fb9bc52bbed0b8be199e0f3ea21c6e543cde2ab (diff)