D35170.diff
No OneTemporary
Actions

Size

1 KB

Referenced Files

None

Subscribers

None

D35170.diff
View Options

	diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c
	--- a/sys/kern/uipc_socket.c
	+++ b/sys/kern/uipc_socket.c
	@@ -2127,8 +2127,8 @@
	struct tls_get_record tgr;

	/*
	- * For MSG_TLSAPPDATA, check for a non-application data
	- * record. If found, return ENXIO without removing
	+ * For MSG_TLSAPPDATA, check for an alert record.
	+ * If found, return ENXIO without removing
	* it from the receive queue. This allows a subsequent
	* call without MSG_TLSAPPDATA to receive it.
	* Note that, for TLS, there should only be a single
	@@ -2139,8 +2139,8 @@
	if (cmsg->cmsg_type == TLS_GET_RECORD &&
	cmsg->cmsg_len == CMSG_LEN(sizeof(tgr))) {
	memcpy(&tgr, CMSG_DATA(cmsg), sizeof(tgr));
	- /* This will need to change for TLS 1.3. */
	- if (tgr.tls_type != TLS_RLTYPE_APP) {
	+ if (__predict_false(tgr.tls_type ==
	+ TLS_RLTYPE_ALERT)) {
	SOCKBUF_UNLOCK(&so->so_rcv);
	error = ENXIO;
	goto release;
	diff --git a/sys/sys/ktls.h b/sys/sys/ktls.h
	--- a/sys/sys/ktls.h
	+++ b/sys/sys/ktls.h
	@@ -50,6 +50,8 @@
	#define TLS_CBC_IMPLICIT_IV_LEN 16

	/* Type values for the record layer */
	+#define TLS_RLTYPE_ALERT 21
	+#define TLS_RLTYPE_HANDSHAKE 22
	#define TLS_RLTYPE_APP 23

	/*
	diff --git a/sys/sys/socket.h b/sys/sys/socket.h
	--- a/sys/sys/socket.h
	+++ b/sys/sys/socket.h
	@@ -470,7 +470,7 @@
	#endif
	#ifdef _KERNEL
	#define MSG_MORETOCOME 0x00100000 /* additional data pending */
	-#define MSG_TLSAPPDATA 0x00200000 /* only soreceive() app. data (TLS) */
	+#define MSG_TLSAPPDATA 0x00200000 /* do not soreceive() alert rec. (TLS) */
	#endif

	/*