Diffusion FreeBSD src repository 44aacbc98185

OpenSSL: KTLS: Handle TLS 1.3 in ssl3_get_record.
44aacbc98185
Actions

Tags

None

Referenced Files

None

Subscribers

None

Description

OpenSSL: KTLS: Handle TLS 1.3 in ssl3_get_record.

Don't unpad records, check the outer record type, or extract the inner record type from TLS 1.3 records handled by the kernel. KTLS performs all of these steps and returns the inner record type in the TLS header.

When checking the length of a received TLS 1.3 record don't allow for the extra byte for the nested record type when KTLS is used.

Pass a pointer to the record type in the TLS header to the SSL3_RT_INNER_CONTENT_TYPE message callback. For KTLS, the old pointer pointed to the last byte of payload rather than the record type. For the non-KTLS case, the TLS header has been updated with the inner type before this callback is invoked.

Approved by: jkim
Obtained from: OpenSSL commit a5fb9605329fb939abb536c1604d44a511741624
MFC after: 1 week
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D34975

(cherry picked from commit c0f977bfb6d9853fd6f762444310c23d8d7ec252)

Details

Provenance

jhb	Authored on May 4 2022, 8:08 PM

Differential Revision

D34975: OpenSSL: KTLS: Handle TLS 1.3 in ssl3_get_record.

Parents

rGa8333d4c62cb: OpenSSL: KTLS: Add using_ktls helper variable in ssl3_get_record().

Branches

Unknown

Tags

Unknown

Event Timeline

jhb committed rG44aacbc98185: OpenSSL: KTLS: Handle TLS 1.3 in ssl3_get_record. (authored by jhb).May 13 2022, 11:51 PM

jhb added an edge: D34975: OpenSSL: KTLS: Handle TLS 1.3 in ssl3_get_record..May 14 2022, 12:11 AM

Changes (1)

Path

Size

crypto/

openssl/

ssl/

record/

rG44aacbc98185

crypto/openssl/ssl/record/ssl3_record.c

Loading...