OpenSSL: Cleanup record length checks for KTLS
ClosedPublic
Actions

Authored by jhb on Apr 19 2022, 9:33 PM.

Details

Reviewers

Commits

rG2d6f628ab54a: OpenSSL: Cleanup record length checks for KTLS
rGf6e5fcdc848f: OpenSSL: Cleanup record length checks for KTLS

Summary

In some corner cases the check for packets
which exceed the allowed record length was missing
when KTLS is initially enabled, when some
unprocessed packets are still pending.

Obtained from: OpenSSL commit 8fff986d52606e1a33f9404504535e2e2aee3e8b
MFC after: 1 week
Sponsored by: Netflix

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

jhb created this revision.Apr 19 2022, 9:33 PM

Herald added a subscriber: imp. · View Herald TranscriptApr 19 2022, 9:33 PM

jhb requested review of this revision.Apr 19 2022, 9:33 PM

jhb added a child revision: D34973: OpenSSL: KTLS: Check for unprocessed receive records in ktls_configure_crypto..

Harbormaster completed remote builds in B45242: Diff 105190.Apr 19 2022, 9:33 PM

This revision was not accepted when it landed; it landed in state Needs Review.May 4 2022, 8:34 PM

Closed by commit rGf6e5fcdc848f: OpenSSL: Cleanup record length checks for KTLS (authored by jhb). · Explain Why

This revision was automatically updated to reflect the committed changes.

jhb added a commit: rGf6e5fcdc848f: OpenSSL: Cleanup record length checks for KTLS.

jhb added a commit: rG2d6f628ab54a: OpenSSL: Cleanup record length checks for KTLS.May 14 2022, 12:10 AM

Revision Contents
Changeset List

Path

Size

crypto/

openssl/

ssl/

record/

ssl3_record.c

28 lines

Diff 105684

View Options

crypto/openssl/ssl/record/ssl3_record.c

OpenSSL: Cleanup record length checks for KTLSClosedPublicActions