write sequence number

Matt Caswell matt at openssl.org
Thu Sep 26 10:55:56 UTC 2019

On 26/09/2019 10:26, ratheesh kannoth wrote:
>> I assume you are using OpenSSL 1.0.2?
>> s->s2 has nothing to do with TLSv1.2. That's for SSLv2 and has been removed from
>> later versions. In 1.0.2 you need to be looking at s->s3->write_sequence and
>> s->s3->write_sequence. It's changed location in later releases.
>> Matt
> Sorry for confusion.
> Openssl version = 1_0_1r

This version is very old and out of support. You should upgrade.

> TLS protocol =  Tls 1.2
> i modified s->s3->write_sequence only.  when i composed this email, i
> added wrong text.

I assume you are modifying the increment code in tls1_mac. That codepath is only
hit in certain circumstances:
1) You're not using AEAD based ciphersuites (i.e. GCM or CCM)
2) You're not using "stitched" ciphersuites. These are optimised implementations
which do the encrypt+mac operation all in one go. For test purposes I suggest
you build with no-asm to avoid these optimised versions


More information about the openssl-users mailing list