git: 81b6dba1a08b - stable/13 - ktls: Fix assertion for TLS 1.0 CBC when using non-zero starting seqno.

The branch stable/13 has been updated by jhb:

URL: https://cgit.FreeBSD.org/src/commit/?id=81b6dba1a08b031bdf7463c1704d27ae1e0daa0f

commit 81b6dba1a08b031bdf7463c1704d27ae1e0daa0f
Author:     John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2021-10-27 23:35:56 +0000
Commit:     John Baldwin <jhb@FreeBSD.org>
CommitDate: 2021-11-23 23:11:45 +0000

    ktls: Fix assertion for TLS 1.0 CBC when using non-zero starting seqno.
    
    The starting sequence number used to verify that TLS 1.0 CBC records
    are encrypted in-order in the OCF layer was always set to 0 and not to
    the initial sequence number from the struct tls_enable.
    
    In practice, OpenSSL always starts TLS transmit offload with a
    sequence number of zero, so this only matters for tests that use a
    random starting sequence number.
    
    Reviewed by:    markj
    Sponsored by:   Netflix
    Differential Revision:  https://reviews.freebsd.org/D32676
    
    (cherry picked from commit 4827bf76bce8814b9d9a0d883467a3d2366e59a2)
---
 sys/opencrypto/ktls_ocf.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/sys/opencrypto/ktls_ocf.c b/sys/opencrypto/ktls_ocf.c
index 78331b76abd7..71f6339e02ad 100644
--- a/sys/opencrypto/ktls_ocf.c
+++ b/sys/opencrypto/ktls_ocf.c
@@ -756,6 +756,9 @@ ktls_ocf_try(struct socket *so, struct ktls_session *tls, int direction)
 		if (tls->params.tls_vminor == TLS_MINOR_VER_ZERO) {
 			os->implicit_iv = true;
 			memcpy(os->iv, tls->params.iv, AES_BLOCK_LEN);
+#ifdef INVARIANTS
+			os->next_seqno = tls->next_seqno;
+#endif
 		}
 	}
 	tls->free = ktls_ocf_free;