Diffusion FreeBSD src repository 4d85e7386f77

KTLS: Handle TLS 1.3 in ssl3_get_record.
4d85e7386f77
Actions

Tags

None

Referenced Files

None

Subscribers

None

Description

KTLS: Handle TLS 1.3 in ssl3_get_record.

Don't unpad records, check the outer record type, or extract the inner record type from TLS 1.3 records handled by the kernel. KTLS performs all of these steps and returns the inner record type in the TLS header.

When checking the length of a received TLS 1.3 record don't allow for the extra byte for the nested record type when KTLS is used.

Pass a pointer to the record type in the TLS header to the SSL3_RT_INNER_CONTENT_TYPE message callback. For KTLS, the old pointer pointed to the last byte of payload rather than the record type. For the non-KTLS case, the TLS header has been updated with the inner type before this callback is invoked.

Obtained from: OpenSSL commit a5fb9605329fb939abb536c1604d44a511741624)

(cherry picked from commit c085ca5245797ae17fc69353bbdf7584acb2feaa)

Details

Provenance

Daiki Ueno <dueno@redhat.com>	Authored on Oct 10 2021, 6:54 AM
jhb	Committed on Oct 24 2023, 7:02 PM

Parents

rG65e292cdf155: KTLS: Add using_ktls helper variable in ssl3_get_record().

Branches

Unknown

Tags

Unknown

Event Timeline

jhb committed rG4d85e7386f77: KTLS: Handle TLS 1.3 in ssl3_get_record. (authored by Daiki Ueno <dueno@redhat.com>).Oct 24 2023, 7:02 PM

jhb mentioned this in rG03282b36fd45: KTLS: Handle TLS 1.3 in ssl3_get_record..Oct 25 2023, 12:43 AM

Changes (1)

Path

Size

crypto/

openssl/

ssl/

record/

rG4d85e7386f77

crypto/openssl/ssl/record/ssl3_record.c

Loading...