Page MenuHomeFreeBSD
Differential D34975

OpenSSL: KTLS: Handle TLS 1.3 in ssl3_get_record.
ClosedPublic
Actions

Authored by jhb on Apr 19 2022, 9:33 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, May 25, 8:25 AM
Unknown Object (File)
May 22 2024, 7:49 AM
Unknown Object (File)
May 22 2024, 4:39 AM
Unknown Object (File)
May 19 2024, 4:39 AM
Unknown Object (File)
Apr 25 2024, 2:06 AM
Unknown Object (File)
Mar 11 2024, 9:55 AM
Unknown Object (File)
Mar 11 2024, 9:43 AM
Unknown Object (File)
Mar 11 2024, 9:43 AM
View All 44 Files
Subscribers
gallatin
imp

Details

Reviewers
jkim
Commits
rG44aacbc98185: OpenSSL: KTLS: Handle TLS 1.3 in ssl3_get_record.
rGc0f977bfb6d9: OpenSSL: KTLS: Handle TLS 1.3 in ssl3_get_record.
Summary
  • Don't unpad records, check the outer record type, or extract the inner record type from TLS 1.3 records handled by the kernel. KTLS performs all of these steps and returns the inner record type in the TLS header.
  • When checking the length of a received TLS 1.3 record don't allow for the extra byte for the nested record type when KTLS is used.
  • Pass a pointer to the record type in the TLS header to the SSL3_RT_INNER_CONTENT_TYPE message callback. For KTLS, the old pointer pointed to the last byte of payload rather than the record type. For the non-KTLS case, the TLS header has been updated with the inner type before this callback is invoked.

Obtained from: OpenSSL commit a5fb9605329fb939abb536c1604d44a511741624
MFC after: 1 week
Sponsored by: Netflix

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
No Lint Coverage
Unit
No Test Coverage
Build Status
Buildable 45245
Build 42133: arc lint + arc unit

Revision Contents
Changeset List

PathSize
crypto/
openssl/
ssl/
record/
50 lines

Diff 105193

View Options

crypto/openssl/ssl/record/ssl3_record.c

Loading...