projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b6db5b3) | patch
Defer sending a KeyUpdate until after pending writes are complete
authorMatt Caswell <matt@openssl.org>
Wed, 17 Apr 2019 10:09:05 +0000 (11:09 +0100)
committerMatt Caswell <matt@openssl.org>
Mon, 3 Jun 2019 10:51:14 +0000 (11:51 +0100)
commitfeb9e31c40c49de6384dd0413685e9b5a15adc99
tree689a49a4a3e50a0bf568c3ef3baf1bd6db150a38tree | snapshot
parentb6db5b3d50a827ae3e6824370c541c33ae87e250commit | diff
Defer sending a KeyUpdate until after pending writes are complete

If we receive a KeyUpdate message (update requested) from the peer while
we are in the middle of a write, we should defer sending the responding
KeyUpdate message until after the current write is complete. We do this
by waiting to send the KeyUpdate until the next time we write and there is
no pending write data.

This does imply a subtle change in behaviour. Firstly the responding
KeyUpdate message won't be sent straight away as it is now. Secondly if
the peer sends multiple KeyUpdates without us doing any writing then we
will only send one response, as opposed to previously where we sent a
response for each KeyUpdate received.

Fixes #8677

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/8773)
ssl/record/rec_layer_s3.c diff | blob | history
ssl/statem/statem_clnt.c diff | blob | history
ssl/statem/statem_lib.c diff | blob | history
ssl/statem/statem_srvr.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.