git.openssl.org Git - openssl.git/commit

author	Daiki Ueno <dueno@redhat.com>
	Sun, 10 Oct 2021 06:54:07 +0000 (08:54 +0200)
committer	Tomas Mraz <tomas@openssl.org>
	Wed, 6 Apr 2022 11:15:27 +0000 (13:15 +0200)
commit	a5fb9605329fb939abb536c1604d44a511741624
tree	a0e349fd5476fc8fb231a4b5d2e8503a43f8534d	tree \| snapshot
parent	031132c297e54cbc20404a0bf8de6ed863196399	commit \| diff

KTLS: Handle TLS 1.3 in ssl3_get_record.

- Don't unpad records, check the outer record type, or extract the
  inner record type from TLS 1.3 records handled by the kernel.  KTLS
  performs all of these steps and returns the inner record type in the
  TLS header.

- When checking the length of a received TLS 1.3 record don't allow
  for the extra byte for the nested record type when KTLS is used.

- Pass a pointer to the record type in the TLS header to the
  SSL3_RT_INNER_CONTENT_TYPE message callback.  For KTLS, the old
  pointer pointed to the last byte of payload rather than the record
  type.  For the non-KTLS case, the TLS header has been updated with
  the inner type before this callback is invoked.

Co-authored-by: John Baldwin <jhb@FreeBSD.org>
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17942)