Page MenuHomeFreeBSD
Differential D34975

OpenSSL: KTLS: Handle TLS 1.3 in ssl3_get_record.
ClosedPublic
Actions

Authored by jhb on Apr 19 2022, 9:33 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, May 25, 8:25 AM
Unknown Object (File)
Wed, May 22, 7:49 AM
Unknown Object (File)
Wed, May 22, 4:39 AM
Unknown Object (File)
Sun, May 19, 4:39 AM
Unknown Object (File)
Apr 25 2024, 2:06 AM
Unknown Object (File)
Mar 11 2024, 9:55 AM
Unknown Object (File)
Mar 11 2024, 9:43 AM
Unknown Object (File)
Mar 11 2024, 9:43 AM
View All 44 Files
Subscribers
gallatin
imp

Details

Reviewers
jkim
Commits
rG44aacbc98185: OpenSSL: KTLS: Handle TLS 1.3 in ssl3_get_record.
rGc0f977bfb6d9: OpenSSL: KTLS: Handle TLS 1.3 in ssl3_get_record.
Summary
  • Don't unpad records, check the outer record type, or extract the inner record type from TLS 1.3 records handled by the kernel. KTLS performs all of these steps and returns the inner record type in the TLS header.
  • When checking the length of a received TLS 1.3 record don't allow for the extra byte for the nested record type when KTLS is used.
  • Pass a pointer to the record type in the TLS header to the SSL3_RT_INNER_CONTENT_TYPE message callback. For KTLS, the old pointer pointed to the last byte of payload rather than the record type. For the non-KTLS case, the TLS header has been updated with the inner type before this callback is invoked.

Obtained from: OpenSSL commit a5fb9605329fb939abb536c1604d44a511741624
MFC after: 1 week
Sponsored by: Netflix

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
crypto/
openssl/
ssl/
record/
48 lines

Diff 105687

View Options

crypto/openssl/ssl/record/ssl3_record.c

Loading...