From 44d89b2d53a66fd31f770e16ffd6a0599438626d Mon Sep 17 00:00:00 2001
From: Hanno Becker <hanno.becker@arm.com>
Date: Fri, 12 Jul 2019 09:40:44 +0100
Subject: [PATCH] Move update of in_xxx fields in ssl_get_next_record()

ssl_get_next_record() updates the legacy in_xxx fields in two places,
once before record decryption and once after. Now that record decryption
doesn't use or affect the in_xxx fields anymore, setting up the these
legacy fields can entirely be moved to the end of ssl_get_next_record(),
which is what this comit does.

This commit solely moves existing code, but doesn't yet simplify the
now partially redundant settings of the in_xxx fields. This will be
done in a separate commit.
---
 library/ssl_tls.c | 27 ++++++++++++++-------------
 1 file changed, 14 insertions(+), 13 deletions(-)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index fec43fe39b..fb3a4a0902 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -6056,19 +6056,6 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl )
         }
     }
 
-    /* Reset in pointers to default state for TLS/DTLS records,
-     * assuming no CID and no offset between record content and
-     * record plaintext. */
-    ssl_update_in_pointers( ssl );
-
-    /* Setup internal message pointers from record structure. */
-    ssl->in_msgtype = rec.type;
-#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    ssl->in_len = ssl->in_cid + rec.cid_len;
-#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
-    ssl->in_iv  = ssl->in_msg = ssl->in_len + 2;
-    ssl->in_msglen = rec.data_len;
-
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
     if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
     {
@@ -6161,6 +6148,20 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl )
         }
     }
 
+
+    /* Reset in pointers to default state for TLS/DTLS records,
+     * assuming no CID and no offset between record content and
+     * record plaintext. */
+    ssl_update_in_pointers( ssl );
+
+    /* Setup internal message pointers from record structure. */
+    ssl->in_msgtype = rec.type;
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
+    ssl->in_len = ssl->in_cid + rec.cid_len;
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+    ssl->in_iv  = ssl->in_msg = ssl->in_len + 2;
+    ssl->in_msglen = rec.data_len;
+
     /* The record content type may change during decryption,
      * so re-read it. */
     ssl->in_msgtype = rec.type;