Page MenuHomeFreeBSD

Fix downgrading of TOE TLS sockets to plain TOE.
ClosedPublic

Authored by jhb on Dec 3 2020, 9:31 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Oct 10, 8:25 PM
Unknown Object (File)
Tue, Oct 7, 2:25 PM
Unknown Object (File)
Fri, Sep 26, 2:30 AM
Unknown Object (File)
Aug 8 2025, 3:18 PM
Unknown Object (File)
Jul 5 2025, 4:21 AM
Unknown Object (File)
Jun 26 2025, 3:46 PM
Unknown Object (File)
Jun 25 2025, 4:38 PM
Unknown Object (File)
Jun 25 2025, 1:24 AM
Subscribers

Details

Summary

If a TOE TLS socket ends up using an unsupported TLS version or
ciphersuite, it must be downgraded to a "plain" TOE socket with
TLS encryption/decryption performed on the host. The previous
implementation of this fallback was incomplete and resulted in
hung connections.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable