From bd492eb839500458fccd26df2dca5107611b6277 Mon Sep 17 00:00:00 2001
From: Frederik Wedel-Heinen <frederik.wedel-heinen@dencrypt.dk>
Date: Wed, 7 Aug 2024 11:04:16 +0200
Subject: [PATCH] fixup! fixup! fixup! Adds DTLS 1.3 ACK message functionality

---
 doc/designs/dtlsv1_3/dtlsv1_3-main.md |  1 +
 ssl/pqueue.c                          | 24 ++++++------------------
 ssl/record/methods/ssl3_meth.c        |  2 +-
 3 files changed, 8 insertions(+), 19 deletions(-)

diff --git a/doc/designs/dtlsv1_3/dtlsv1_3-main.md b/doc/designs/dtlsv1_3/dtlsv1_3-main.md
index 96cc7ed85bd667..c99c6ac6b597f9 100644
--- a/doc/designs/dtlsv1_3/dtlsv1_3-main.md
+++ b/doc/designs/dtlsv1_3/dtlsv1_3-main.md
@@ -70,6 +70,7 @@ section 5.9.
 ACK's are sent for KeyUpdates, NewSessionTicket and Finish (client).
 
 Notes on RFC9147 Section 7.1:
+
 * The implementation does not offer any logic to determine that there is disruption
 when receiving messages which means it will not send ACKs for the example given
 in RFC9147 Figure 12.
diff --git a/ssl/pqueue.c b/ssl/pqueue.c
index 3785c3609d76cd..8dcd39df4b25e6 100644
--- a/ssl/pqueue.c
+++ b/ssl/pqueue.c
@@ -32,18 +32,13 @@ pitem *pitem_new(unsigned char *prio64be, void *data)
 pitem *pitem_new_ex(uint64_t prio64be, void *data)
 {
     pitem *item = OPENSSL_malloc(sizeof(*item));
+    unsigned char *p_item_prio;
 
     if (item == NULL)
         return NULL;
 
-    item->priority[0] = prio64be >> 56;
-    item->priority[1] = prio64be >> 48;
-    item->priority[2] = prio64be >> 40;
-    item->priority[3] = prio64be >> 32;
-    item->priority[4] = prio64be >> 24;
-    item->priority[5] = prio64be >> 16;
-    item->priority[6] = prio64be >> 8;
-    item->priority[7] = prio64be;
+    p_item_prio = item->priority;
+    l2n8(prio64be, p_item_prio);
     item->data = data;
     item->next = NULL;
 
@@ -144,16 +139,9 @@ pitem *pqueue_find(pqueue *pq, unsigned char *prio64be)
 }
 
 pitem *pqueue_find_ex(pqueue *pq, uint64_t prio64be) {
-    unsigned char prio[8];
-
-    prio[7] = prio64be;
-    prio[6] = prio64be >> 8;
-    prio[5] = prio64be >> 16;
-    prio[4] = prio64be >> 24;
-    prio[3] = prio64be >> 32;
-    prio[2] = prio64be >> 40;
-    prio[1] = prio64be >> 48;
-    prio[0] = prio64be >> 56;
+    unsigned char prio[8], *p_prio = prio;
+
+    l2n8(prio64be, p_prio);
 
     return pqueue_find(pq, prio);
 }
diff --git a/ssl/record/methods/ssl3_meth.c b/ssl/record/methods/ssl3_meth.c
index c4b6238a612d08..4ea87f6d20bcdb 100644
--- a/ssl/record/methods/ssl3_meth.c
+++ b/ssl/record/methods/ssl3_meth.c
@@ -250,7 +250,7 @@ static int ssl3_mac(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *rec, unsigned char *md
             || !WPACKET_memcpy(&hdr, rl->mac_secret, md_size)
             || !WPACKET_memcpy(&hdr, ssl3_pad_1, npad)
             || !WPACKET_put_bytes_u64(&hdr, rl->sequence)
-            || (!cbc_encrypted && !WPACKET_put_bytes_u8(&hdr, rec->type))
+            || !WPACKET_put_bytes_u8(&hdr, rec->type)
             || !WPACKET_put_bytes_u16(&hdr, rec->length)
             || !WPACKET_finish(&hdr)
             || !WPACKET_get_total_written(&hdr, &hdr_written))