Page MenuHomeFreeBSD
Differential D34975

OpenSSL: KTLS: Handle TLS 1.3 in ssl3_get_record.
ClosedPublic
Actions

Authored by jhb on Apr 19 2022, 9:33 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Jan 6, 9:54 PM
Unknown Object (File)
Thu, Jan 2, 2:49 PM
Unknown Object (File)
Nov 22 2024, 9:45 PM
Unknown Object (File)
Nov 14 2024, 1:31 PM
Unknown Object (File)
Oct 19 2024, 11:31 PM
Unknown Object (File)
Oct 9 2024, 2:25 AM
Unknown Object (File)
Oct 5 2024, 12:21 AM
Unknown Object (File)
Sep 24 2024, 5:22 PM
View All 63 Files
Subscribers
gallatin
imp

Details

Reviewers
jkim
Commits
rG44aacbc98185: OpenSSL: KTLS: Handle TLS 1.3 in ssl3_get_record.
rGc0f977bfb6d9: OpenSSL: KTLS: Handle TLS 1.3 in ssl3_get_record.
Summary
  • Don't unpad records, check the outer record type, or extract the inner record type from TLS 1.3 records handled by the kernel. KTLS performs all of these steps and returns the inner record type in the TLS header.
  • When checking the length of a received TLS 1.3 record don't allow for the extra byte for the nested record type when KTLS is used.
  • Pass a pointer to the record type in the TLS header to the SSL3_RT_INNER_CONTENT_TYPE message callback. For KTLS, the old pointer pointed to the last byte of payload rather than the record type. For the non-KTLS case, the TLS header has been updated with the inner type before this callback is invoked.

Obtained from: OpenSSL commit a5fb9605329fb939abb536c1604d44a511741624
MFC after: 1 week
Sponsored by: Netflix

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
crypto/
openssl/
ssl/
record/
48 lines

Diff 105687

View Options

crypto/openssl/ssl/record/ssl3_record.c

Loading...