On 26/09/2019 10:26, ratheesh kannoth wrote: >> I assume you are using OpenSSL 1.0.2? >> >> s->s2 has nothing to do with TLSv1.2. That's for SSLv2 and has been removed from >> later versions. In 1.0.2 you need to be looking at s->s3->write_sequence and >> s->s3->write_sequence. It's changed location in later releases. >> >> Matt >> > > Sorry for confusion. > Openssl version = 1_0_1r This version is very old and out of support. You should upgrade. > TLS protocol = Tls 1.2 > > i modified s->s3->write_sequence only. when i composed this email, i > added wrong text. I assume you are modifying the increment code in tls1_mac. That codepath is only hit in certain circumstances: 1) You're not using AEAD based ciphersuites (i.e. GCM or CCM) 2) You're not using "stitched" ciphersuites. These are optimised implementations which do the encrypt+mac operation all in one go. For test purposes I suggest you build with no-asm to avoid these optimised versions Matt
