[openssl/openssl] 79a1f3: Add the recordmethod header from the draft design

Matt Caswell noreply at github.com
Thu Aug 18 15:48:14 UTC 2022


  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 79a1f3e4bb62c10d9604718f6814bb8bdde4ffd6
      https://github.com/openssl/openssl/commit/79a1f3e4bb62c10d9604718f6814bb8bdde4ffd6
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    A ssl/record/recordmethod.h

  Log Message:
  -----------
  Add the recordmethod header from the draft design

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 11653dcd6ecbc7ff3c53f694474ece08ce4473aa
      https://github.com/openssl/openssl/commit/11653dcd6ecbc7ff3c53f694474ece08ce4473aa
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/recordmethod.h

  Log Message:
  -----------
  Fix compilation issues in the imported recordmethod.h

Also, rename the "new" function pointer to "new_record_layer" to avoid a
C++ reserved name

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 34a4068cc402c38e2134a6b46d9633ad3112bfa5
      https://github.com/openssl/openssl/commit/34a4068cc402c38e2134a6b46d9633ad3112bfa5
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/build.info
    A ssl/record/tlsrecord.c

  Log Message:
  -----------
  Add a skeleton TLS record method

It doesn't yet do anything. This is a placeholder which will be filled in
by susbsequent commits.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 0c974fc754e4b0525819ca9f6c3e124141b690ad
      https://github.com/openssl/openssl/commit/0c974fc754e4b0525819ca9f6c3e124141b690ad
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/recordmethod.h

  Log Message:
  -----------
  Make settings and options parameters const in recordmethod.h

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: e2d5742b1460c45bf39094ea08e4e85a8f507ea8
      https://github.com/openssl/openssl/commit/e2d5742b1460c45bf39094ea08e4e85a8f507ea8
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M crypto/err/openssl.txt
    M include/openssl/core_names.h
    M include/openssl/sslerr.h
    M ssl/d1_lib.c
    M ssl/ktls.c
    M ssl/record/rec_layer_d1.c
    M ssl/record/rec_layer_s3.c
    M ssl/record/record_local.h
    M ssl/record/recordmethod.h
    M ssl/record/ssl3_buffer.c
    M ssl/record/ssl3_record.c
    M ssl/record/tlsrecord.c
    M ssl/ssl_err.c
    M ssl/ssl_lib.c
    M ssl/ssl_local.h
    M ssl/sslerr.h
    M ssl/t1_enc.c

  Log Message:
  -----------
  Transfer the functionality from ssl3_read_n to the new record layer

This transfers the low level function ssl3_read_n to the new record layer.
We temporarily make the read_n function a top level record layer function.
Eventually, in later commits in this refactor, we will remove it as a top
level function and it will just be called from read_record.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 26dad42e9ca609569073463165263173ab2a27ab
      https://github.com/openssl/openssl/commit/26dad42e9ca609569073463165263173ab2a27ab
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M test/dtlstest.c
    M test/helpers/ssltestlib.c
    M test/helpers/ssltestlib.h
    M test/quicapitest.c
    M test/sslapitest.c

  Log Message:
  -----------
  Add a DTLSv1_listen() test

Add a test to ensure that a connection started via DTLSv1_listen() can
be completed through to handshake success. Previous DTLSv1_listen()
testing only tested the function itself and did not confirm that a
connection can actually be achieved using it.

This is important to test some codepaths being affected by the record layer
refactor.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 4030869d24309bfb5292e7bec41cd2b3012ba99d
      https://github.com/openssl/openssl/commit/4030869d24309bfb5292e7bec41cd2b3012ba99d
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M crypto/err/openssl.txt
    M include/openssl/sslerr.h
    M ssl/record/rec_layer_s3.c
    M ssl/record/record.h
    M ssl/record/record_local.h
    M ssl/record/recordmethod.h
    M ssl/record/ssl3_record.c
    M ssl/record/tlsrecord.c
    M ssl/ssl_err.c
    M ssl/statem/statem_lib.c
    M test/sslapitest.c

  Log Message:
  -----------
  Convert ssl3_get_record to tls_read_record

We move the old ssl3_get_record function to conform with the new record
layer design.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: aedbb71b6334a6cb616cf31cbb5de02109a2c5ed
      https://github.com/openssl/openssl/commit/aedbb71b6334a6cb616cf31cbb5de02109a2c5ed
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/d1_lib.c
    M ssl/record/record.h
    M ssl/record/recordmethod.h
    M ssl/record/ssl3_record.c
    M ssl/record/tlsrecord.c
    M ssl/ssl_lib.c
    M ssl/t1_enc.c
    M ssl/t1_lib.c

  Log Message:
  -----------
  Move the TLS1.0/1.1/1.2 record crypto code into the new record layer

Only done for the read side so far. Still need to do TLS1.3 and SSL3.0.
Also need to separate out KTLS.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 4840c2a5e6c412a09dbb1c3c76f3117e5721bb76
      https://github.com/openssl/openssl/commit/4840c2a5e6c412a09dbb1c3c76f3117e5721bb76
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/build.info
    A ssl/record/build.info
    A ssl/record/methods/build.info
    A ssl/record/methods/tlsrecord.c
    R ssl/record/tlsrecord.c

  Log Message:
  -----------
  Move Record layer methods code into a sub-directory

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 10560aed15dd71601b89c8f0308f30b70744c914
      https://github.com/openssl/openssl/commit/10560aed15dd71601b89c8f0308f30b70744c914
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/tlsrecord.c
    M ssl/s3_enc.c

  Log Message:
  -----------
  Convert SSLv3 code to use the new read side record layer

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 2b891e30ce1839a27f6a47f4c668d5810a15f847
      https://github.com/openssl/openssl/commit/2b891e30ce1839a27f6a47f4c668d5810a15f847
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/tlsrecord.c
    M ssl/tls13_enc.c

  Log Message:
  -----------
  Convert TLSv1.3 code to use the new read side record layer

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 79eebb08434e31aede316d934b53e4096c131b8f
      https://github.com/openssl/openssl/commit/79eebb08434e31aede316d934b53e4096c131b8f
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/tlsrecord.c
    M ssl/record/rec_layer_s3.c
    M ssl/record/record.h
    M ssl/record/recordmethod.h
    M ssl/s3_enc.c
    M ssl/ssl_lib.c
    M ssl/t1_enc.c
    M ssl/tls13_enc.c
    M test/tls13secretstest.c

  Log Message:
  -----------
  Ensure various SSL options are passed down to the record layer

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 50023e9b7e2253c27e1a731c8bace64224aae0b8
      https://github.com/openssl/openssl/commit/50023e9b7e2253c27e1a731c8bace64224aae0b8
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M providers/implementations/macs/hmac_prov.c
    M ssl/build.info
    M ssl/record/methods/build.info
    A ssl/record/methods/recmethod_local.h
    A ssl/record/methods/ssl3_cbc.c
    A ssl/record/methods/ssl3_meth.c
    A ssl/record/methods/tls13_meth.c
    A ssl/record/methods/tls1_meth.c
    A ssl/record/methods/tls_common.c
    A ssl/record/methods/tlsany_meth.c
    R ssl/record/methods/tlsrecord.c
    M ssl/record/ssl3_record.c
    R ssl/s3_cbc.c
    M ssl/ssl_local.h

  Log Message:
  -----------
  Move protocol version specific code into separate files

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: cc110a0aaebd627a9e61e2c8d68b02e3e0a4e76b
      https://github.com/openssl/openssl/commit/cc110a0aaebd627a9e61e2c8d68b02e3e0a4e76b
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M crypto/err/openssl.txt
    M include/openssl/sslerr.h
    M ssl/ktls.c
    M ssl/record/methods/build.info
    A ssl/record/methods/ktls_meth.c
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/tls_common.c
    M ssl/record/rec_layer_s3.c
    M ssl/record/record.h
    M ssl/record/recordmethod.h
    M ssl/s3_enc.c
    M ssl/ssl_err.c
    M ssl/ssl_lib.c
    M ssl/ssl_local.h
    M ssl/t1_enc.c
    M ssl/tls13_enc.c
    M test/tls13secretstest.c

  Log Message:
  -----------
  Implement KTLS in the new read record layer code

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 7c2939999f8e43d996d846867ba326b052f821d6
      https://github.com/openssl/openssl/commit/7c2939999f8e43d996d846867ba326b052f821d6
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/ktls_meth.c
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/ssl3_meth.c
    M ssl/record/methods/tls13_meth.c
    M ssl/record/methods/tls1_meth.c
    M ssl/record/methods/tls_common.c
    M ssl/record/methods/tlsany_meth.c
    M ssl/record/rec_layer_s3.c
    M ssl/record/recordmethod.h
    M ssl/s3_enc.c
    M ssl/ssl_lib.c
    M ssl/t1_enc.c
    M ssl/tls13_enc.c

  Log Message:
  -----------
  Distinguish between fatal and non-fatal errors when creating a record layer

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 5b24990ba4b81ea576aac6c8711f7e9420bbee50
      https://github.com/openssl/openssl/commit/5b24990ba4b81ea576aac6c8711f7e9420bbee50
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/build.info
    R ssl/ktls.c
    M ssl/record/methods/build.info
    M ssl/record/methods/ktls_meth.c

  Log Message:
  -----------
  Move ktls.c into the record layer

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 1853d20a008a85d327f4faa9e07be40a85549f8e
      https://github.com/openssl/openssl/commit/1853d20a008a85d327f4faa9e07be40a85549f8e
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/ktls_meth.c
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/ssl3_meth.c
    M ssl/record/methods/tls13_meth.c
    M ssl/record/methods/tls1_meth.c
    M ssl/record/methods/tls_common.c
    M ssl/record/methods/tlsany_meth.c
    M ssl/record/rec_layer_s3.c
    M ssl/record/recordmethod.h
    M ssl/statem/statem.h
    M ssl/statem/statem_lib.c
    M ssl/statem/statem_srvr.c

  Log Message:
  -----------
  Remove unneccesary KTLS code from non-KTLS specific files

This also moves other protocol specific code to the protocol specific
files.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: f7565348c22785f69239883feb1f3c91d1cfd675
      https://github.com/openssl/openssl/commit/f7565348c22785f69239883feb1f3c91d1cfd675
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M test/sslapitest.c

  Log Message:
  -----------
  Add a test for read_ahead data crossing a key change

If read_ahead is switched on, it should still work even if the data that
is read cross epochs.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 359affdead3af497f1673204c5c34061d28dfa7b
      https://github.com/openssl/openssl/commit/359affdead3af497f1673204c5c34061d28dfa7b
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/ktls_meth.c
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/tls_common.c
    M ssl/record/rec_layer_s3.c
    M ssl/record/recordmethod.h
    M ssl/ssl_lib.c
    M ssl/ssl_local.h

  Log Message:
  -----------
  Add support for moving data from one epoch to the next

Sometimes data read by a record layer in one epoch is actually intended for
the next epoch. For example in a TLS with read_ahead, the read_ahead data
could contain a KeyUpdate message followed by application data encrypted
with new keys. Therefore we implement a mechanism for passing this data
across the epochs.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 976b263d0a8581059c21fb34653df3375667f050
      https://github.com/openssl/openssl/commit/976b263d0a8581059c21fb34653df3375667f050
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/tls_common.c
    M ssl/s3_enc.c
    M ssl/t1_enc.c

  Log Message:
  -----------
  Fix some no-comp compilation failures

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 014baa8a6dec5956416baad5af4ddda13bf74341
      https://github.com/openssl/openssl/commit/014baa8a6dec5956416baad5af4ddda13bf74341
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/tls_common.c

  Log Message:
  -----------
  Disallow SSL2_VERSION record version in an SSLv3 record header

When validate_record_header() gets called it should be able to rely on
the fact that an SSLv2 record version means that the record was received in
SSLv2 format.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: ac837d4d2eb542a9119bd8ed0ade7242887c531b
      https://github.com/openssl/openssl/commit/ac837d4d2eb542a9119bd8ed0ade7242887c531b
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M oqs-provider
    M test/recipes/95-test_external_oqsprovider_data/oqsprovider.sh

  Log Message:
  -----------
  Update the oqs-provider submodule to a more recent commit

Also update the oqsprovider.sh file to not run the preptests.sh script
which is no longer required

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 9cd9e0978b237ebb6cc4110532d95903b1c6bf5c
      https://github.com/openssl/openssl/commit/9cd9e0978b237ebb6cc4110532d95903b1c6bf5c
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/tls_common.c
    M ssl/statem/extensions_clnt.c
    M ssl/statem/statem_clnt.c

  Log Message:
  -----------
  Remove some use of SSL object from record layer

Remove SSL_IS_TLS13() and hello_retry_request

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 88d616805cab4fd052bcff890627668a8f4bae33
      https://github.com/openssl/openssl/commit/88d616805cab4fd052bcff890627668a8f4bae33
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/tls1_meth.c
    M ssl/record/methods/tls_common.c

  Log Message:
  -----------
  Remove SSL_USE_EXPLICT_IV() from the record layer methods

Instead we introduce RLAYER_USE_EXPLICIT_IV(). This removes a dependency
on the SSL object.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 7f2f0ac7bfdd676cd919dd94b971874eade41830
      https://github.com/openssl/openssl/commit/7f2f0ac7bfdd676cd919dd94b971874eade41830
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M crypto/err/openssl.txt
    M include/openssl/core_names.h
    M include/openssl/sslerr.h
    M ssl/record/methods/ktls_meth.c
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/ssl3_meth.c
    M ssl/record/methods/tls1_meth.c
    M ssl/record/methods/tls_common.c
    M ssl/record/rec_layer_s3.c
    M ssl/ssl_err.c
    M ssl/ssl_local.h
    M ssl/t1_enc.c
    M ssl/tls13_enc.c
    M util/mkerr.pl

  Log Message:
  -----------
  Make the record layer directly aware of EtM

We no longer have to go through the SSL object to discover whether EtM has
been negotiated.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 651216dd54199c64bf9afd1256bbdde3990e1dfc
      https://github.com/openssl/openssl/commit/651216dd54199c64bf9afd1256bbdde3990e1dfc
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/tls_common.c

  Log Message:
  -----------
  Remove use of ossl_statem_in_error() from the record layer

We remove the dependency on the SSL object. Instead we check if the
record layer has already set an alert code.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: ffbd6e67874475e025e942e0ee9f51badfea42b5
      https://github.com/openssl/openssl/commit/ffbd6e67874475e025e942e0ee9f51badfea42b5
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M include/openssl/core_names.h
    M ssl/record/methods/ktls_meth.c
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/tls_common.c
    M ssl/record/rec_layer_s3.c

  Log Message:
  -----------
  Remove use of SSL object for fragment length checking in record layer

Pass the max fragment length to the record layer when it is applicable
to avoid the need to go through the SSL object.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 0755722c28309a52f29573221e411a2b37175e37
      https://github.com/openssl/openssl/commit/0755722c28309a52f29573221e411a2b37175e37
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/ktls_meth.c
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/ssl3_meth.c
    M ssl/record/methods/tls13_meth.c
    M ssl/record/methods/tls1_meth.c
    M ssl/record/methods/tls_common.c
    M test/sslapitest.c

  Log Message:
  -----------
  Move the sequence number into the OSSL_RECORD_LAYER object

This removes some references to the SSL object from the record layer.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 9dd90232d537f0ccd457fe1e23f4cbe83917c70a
      https://github.com/openssl/openssl/commit/9dd90232d537f0ccd457fe1e23f4cbe83917c70a
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M include/openssl/core_names.h
    M ssl/record/methods/ktls_meth.c
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/tls_common.c
    M ssl/record/rec_layer_s3.c
    M ssl/record/record.h
    M ssl/record/record_local.h
    M ssl/record/recordmethod.h
    M ssl/record/ssl3_record.c

  Log Message:
  -----------
  Move early data counting out of the SSL object and into the record layer

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 3c7b9ef9c56a8066e0e6f4c61bc2ac2648bb1e42
      https://github.com/openssl/openssl/commit/3c7b9ef9c56a8066e0e6f4c61bc2ac2648bb1e42
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/tls_common.c
    M ssl/record/rec_layer_s3.c
    M ssl/record/record.h

  Log Message:
  -----------
  Use a record layer specific message callback

Don't use the message callback from the SSL object. Instead we use a
wrapper callback so that the record layer does not need to be aware of the
SSL object.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: ed0e298fb8a3864b232e1d3801e849935a7a7f7e
      https://github.com/openssl/openssl/commit/ed0e298fb8a3864b232e1d3801e849935a7a7f7e
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/tls_common.c
    M ssl/record/rec_layer_s3.c
    M ssl/record/record.h

  Log Message:
  -----------
  Enable the record layer to call the ssl_security callback

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 6366bdd9be281984d675865ed5467bcf523640c5
      https://github.com/openssl/openssl/commit/6366bdd9be281984d675865ed5467bcf523640c5
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/ssl3_meth.c
    M ssl/record/methods/tls13_meth.c
    M ssl/record/methods/tls1_meth.c
    M ssl/record/methods/tls_common.c

  Log Message:
  -----------
  Remove the separation betweeen enc_read_ctx and enc_write_ctx

Similarly with read_hash and write_hash. In the new model we have a
separate record layer object for reading and writing. Therefore we don't
need to distinguish between reading and writing inside the record layer
object in the encryption and md ctxs.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 8124ab56d4e8985151c5a0c4dca6af128fa89f2c
      https://github.com/openssl/openssl/commit/8124ab56d4e8985151c5a0c4dca6af128fa89f2c
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M include/openssl/core_names.h
    M ssl/record/methods/ktls_meth.c
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/ssl3_meth.c
    M ssl/record/methods/tls13_meth.c
    M ssl/record/methods/tls1_meth.c
    M ssl/record/methods/tls_common.c
    M ssl/record/methods/tlsany_meth.c
    M ssl/record/rec_layer_s3.c
    M ssl/record/recordmethod.h
    M ssl/ssl_lib.c
    M ssl/ssl_local.h
    M ssl/t1_enc.c
    M ssl/tls13_enc.c

  Log Message:
  -----------
  Remove some final references to the SSL object in the record layer

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: eddb067e2ce82bc2ea104b3ab5286fe334c0525d
      https://github.com/openssl/openssl/commit/eddb067e2ce82bc2ea104b3ab5286fe334c0525d
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/d1_lib.c
    M ssl/record/build.info
    M ssl/record/methods/build.info
    A ssl/record/methods/dtls_meth.c
    M ssl/record/methods/ktls_meth.c
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/ssl3_meth.c
    M ssl/record/methods/tls13_meth.c
    M ssl/record/methods/tls1_meth.c
    M ssl/record/methods/tls_common.c
    M ssl/record/methods/tlsany_meth.c
    M ssl/record/rec_layer_d1.c
    M ssl/record/rec_layer_s3.c
    M ssl/record/record.h
    M ssl/record/record_local.h
    M ssl/record/ssl3_record.c
    M ssl/ssl_lib.c
    M ssl/statem/statem_dtls.c
    M test/sslapitest.c

  Log Message:
  -----------
  Move some DTLS read code into the read record layer

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 222cf410d5e7bdd58dd50a0a3f1f0805707808ef
      https://github.com/openssl/openssl/commit/222cf410d5e7bdd58dd50a0a3f1f0805707808ef
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/d1_lib.c
    M ssl/record/methods/dtls_meth.c
    M ssl/record/methods/ktls_meth.c
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/tls1_meth.c
    M ssl/record/methods/tls_common.c
    M ssl/record/methods/tlsany_meth.c
    M ssl/record/rec_layer_s3.c
    M ssl/record/record.h
    M ssl/record/recordmethod.h
    M ssl/ssl_lib.c
    M ssl/statem/statem_lib.c
    M ssl/t1_enc.c

  Log Message:
  -----------
  Remove reliance on the SSL object from the DTLS read record layer code

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 7a15ed64fa5387dfbf1db391b84ddc7b1bf25571
      https://github.com/openssl/openssl/commit/7a15ed64fa5387dfbf1db391b84ddc7b1bf25571
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/dtls_meth.c

  Log Message:
  -----------
  Push unprocessed DTLS records from one record layer object to next

We add unprocessed DTLS records to the unprocessed record queue. When
the record layer closes down we write the unprocessed records to the
next record layer object.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: bfc0f10d0640fddbe63c0828389247691ab617f0
      https://github.com/openssl/openssl/commit/bfc0f10d0640fddbe63c0828389247691ab617f0
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/quic/quic_impl.c
    M ssl/record/methods/dtls_meth.c
    M ssl/record/methods/ktls_meth.c
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/tls1_meth.c
    M ssl/record/methods/tls_common.c
    M ssl/record/recordmethod.h
    M ssl/statem/statem.c

  Log Message:
  -----------
  Remove some remaining SSL object references from DTLS record layer

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 3a7a539ec542b239efd375f63da070a5230f4ae0
      https://github.com/openssl/openssl/commit/3a7a539ec542b239efd375f63da070a5230f4ae0
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/dtls_meth.c

  Log Message:
  -----------
  Standardise some DTLS record layer naming

Remove references to dtls1_* and just use dtls_*

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 81c9ebd9099e7aac92a8c855a9ae1a30bad1d9cc
      https://github.com/openssl/openssl/commit/81c9ebd9099e7aac92a8c855a9ae1a30bad1d9cc
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M include/openssl/core_names.h
    M ssl/d1_lib.c
    M ssl/record/methods/dtls_meth.c
    M ssl/record/methods/ktls_meth.c
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/tls_common.c
    M ssl/record/rec_layer_d1.c
    M ssl/record/rec_layer_s3.c
    M ssl/record/record.h
    M ssl/record/record_local.h
    M ssl/record/recordmethod.h
    M ssl/record/ssl3_buffer.c
    M ssl/ssl_lib.c
    M ssl/ssl_local.h

  Log Message:
  -----------
  Remove some unnecessary function pointers from OSSL_RECORD_METHOD

We had some temporary function pointers in OSSL_RECORD_METHOD which were
only necessary during the process of refactoring the read record layer.
These are no longer required so can be removed.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 4564b47d7546a2225e1565715030981387b8e393
      https://github.com/openssl/openssl/commit/4564b47d7546a2225e1565715030981387b8e393
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/dtls_meth.c
    M ssl/record/methods/ktls_meth.c
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/ssl3_meth.c
    M ssl/record/methods/tls13_meth.c
    M ssl/record/methods/tls1_meth.c
    M ssl/record/methods/tls_common.c
    M ssl/record/methods/tlsany_meth.c
    M ssl/record/recordmethod.h
    M ssl/ssl_lib.c
    M ssl/t1_enc.c
    M ssl/tls13_enc.c

  Log Message:
  -----------
  Remove some TODO(RECLAYER) comments

Some TODO(RECLAYER) comments are no longer necessary and can be removed.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 51ccad3f40e5f000da8364b1bb4bddd41657c96e
      https://github.com/openssl/openssl/commit/51ccad3f40e5f000da8364b1bb4bddd41657c96e
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/ssl3_record.c

  Log Message:
  -----------
  Resolve a TODO(RECLAYER) in the SSLv3 code

We remove some code outside of the record layer which is no longer
relevant since its functions are now performed by the new record layer
code. This removes a TODO(RECLAYER) as a result.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 499b2c4654a28838924b60cab754fffa7b9f5609
      https://github.com/openssl/openssl/commit/499b2c4654a28838924b60cab754fffa7b9f5609
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/tls1_meth.c
    M ssl/record/rec_layer_d1.c
    M ssl/record/rec_layer_s3.c

  Log Message:
  -----------
  Remove some more redundant TODO(RECLAYER) comments

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: db1a505ced696b104b03a072079e663cceecf692
      https://github.com/openssl/openssl/commit/db1a505ced696b104b03a072079e663cceecf692
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/rec_layer_s3.c

  Log Message:
  -----------
  Ensure we use a dgram mem BIO for the DTLS record layer

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 8bbf7ef63f95e0ef99e235eab777878d134ed302
      https://github.com/openssl/openssl/commit/8bbf7ef63f95e0ef99e235eab777878d134ed302
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/tls_common.c
    M ssl/record/rec_layer_d1.c
    M ssl/record/rec_layer_s3.c

  Log Message:
  -----------
  Remove some references to rlayer.rstate

This also fixes ssl3_pending while we are at it

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: b0a9042e0f1e6bc18d1d945771903d0132766909
      https://github.com/openssl/openssl/commit/b0a9042e0f1e6bc18d1d945771903d0132766909
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/tls_common.c
    M ssl/record/rec_layer_d1.c
    M ssl/record/rec_layer_s3.c
    M ssl/record/record.h
    M ssl/record/record_local.h

  Log Message:
  -----------
  Clear away some unused fields and cruft in the record layer

Now that the read record layer has moved to the new architecture we can
clear some of the old stuff away.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 2f90f85cc018c55d2b73c691f192909e402d1416
      https://github.com/openssl/openssl/commit/2f90f85cc018c55d2b73c691f192909e402d1416
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/tls_common.c

  Log Message:
  -----------
  Remove an unnecessary setup of the read buffer

Now everything has been moved to the record layer the additional check
for setting up the read buffer is not needed and can be removed.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: cffafb5f57da07d90b23d0bc215371078d1ecbef
      https://github.com/openssl/openssl/commit/cffafb5f57da07d90b23d0bc215371078d1ecbef
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/d1_lib.c
    M ssl/record/rec_layer_d1.c
    M ssl/record/rec_layer_s3.c
    M ssl/record/record.h
    M ssl/ssl_lib.c
    M ssl/ssl_local.h
    M ssl/statem/extensions_clnt.c
    M ssl/statem/statem.c
    M ssl/statem/statem_clnt.c
    M ssl/statem/statem_lib.c
    M ssl/statem/statem_srvr.c
    M test/sslapitest.c

  Log Message:
  -----------
  Move some fields out of the SSL object and into the record layer object

Fields such as rrlmethod and rrl are entirely related to the record layer,
and so should be in that object.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: c77d4556732e2e41e975211498406c777136fbaa
      https://github.com/openssl/openssl/commit/c77d4556732e2e41e975211498406c777136fbaa
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/tls_common.c

  Log Message:
  -----------
  Cleanse the SSLv3 MAC secret when we clean up the read record layer

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 1b285ac13726f443d1d737a1e2389ba6e17ba98f
      https://github.com/openssl/openssl/commit/1b285ac13726f443d1d737a1e2389ba6e17ba98f
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/tls_common.c

  Log Message:
  -----------
  Remove a redundant TODO

If read_ahead data is left over when a record layer closes down, there is
already code present to push into the "next" BIO. So the TODO removed here
is no longer relevant.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 3de7695928478bce22dcf6bf87883688d895dc43
      https://github.com/openssl/openssl/commit/3de7695928478bce22dcf6bf87883688d895dc43
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/tls_common.c
    M ssl/record/rec_layer_s3.c

  Log Message:
  -----------
  Move SSL_MODE_RELEASE_BUFFERS into the read record layer

This resolves an outstanding "TODO" item.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: d4ee3456e98b1137a1ba013cf01f1052891dd3db
      https://github.com/openssl/openssl/commit/d4ee3456e98b1137a1ba013cf01f1052891dd3db
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/tls1_meth.c

  Log Message:
  -----------
  Correct some formatting errors in tls1_meth.c

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: d0b17ea025477ce13ebe5d802ada232a57e1a2f2
      https://github.com/openssl/openssl/commit/d0b17ea025477ce13ebe5d802ada232a57e1a2f2
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/dtls_meth.c
    M ssl/record/methods/ktls_meth.c
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/tls_common.c
    M ssl/record/rec_layer_s3.c
    M ssl/record/record.h
    M ssl/record/recordmethod.h

  Log Message:
  -----------
  Implement a human readable state function for the record layer

This allows querying of the record layer to get a human readable state
string out. This resolves two outstanding TODO comments and enables us
to remove the rstate variable from s->rlayer.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: a16f9d3366a4b4e8c8014bbf39b86baaf1a04047
      https://github.com/openssl/openssl/commit/a16f9d3366a4b4e8c8014bbf39b86baaf1a04047
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/tls_common.c
    M test/tls13encryptiontest.c

  Log Message:
  -----------
  Update the tls13encryptiontest for new read record layer

The tls13encryption is an internal test that reaches inside libssl
to test encryption/decryption of records. It needs to be amended for the
new code structure so that it is testing the equivalent things as before.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 19d00444488c0a5861911ac8ba6b71c5c1f6c19a
      https://github.com/openssl/openssl/commit/19d00444488c0a5861911ac8ba6b71c5c1f6c19a
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/rec_layer_d1.c
    M ssl/record/rec_layer_s3.c
    M ssl/record/record.h
    M ssl/record/record_local.h
    M ssl/record/ssl3_record.c
    M ssl/record/ssl3_record_tls13.c
    M ssl/statem/statem_dtls.c
    M ssl/t1_enc.c
    M ssl/tls13_enc.c
    M test/tls13secretstest.c

  Log Message:
  -----------
  Remove some redundant code

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 4566dae7236b5c90364e963fd02b2ee533e0d712
      https://github.com/openssl/openssl/commit/4566dae7236b5c90364e963fd02b2ee533e0d712
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/dtls_meth.c
    M ssl/record/methods/ktls_meth.c
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/tls_common.c
    M ssl/record/recordmethod.h
    M ssl/ssl_lib.c

  Log Message:
  -----------
  Ensure various record layer options can be updated

We would like the capability for the options/mode/read_ahead settings
to be updateable after the record layer object has been instantiated.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: d3192c2643e4de2e2c36e107b7759f845a6e2bff
      https://github.com/openssl/openssl/commit/d3192c2643e4de2e2c36e107b7759f845a6e2bff
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/dtls_meth.c
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/tls_common.c
    M ssl/record/rec_layer_d1.c
    M ssl/record/rec_layer_s3.c
    M ssl/record/record.h

  Log Message:
  -----------
  Clean up some SCTP releated issues

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 4a532de98d6100d9e0643d5b61d8716539c8a7cd
      https://github.com/openssl/openssl/commit/4a532de98d6100d9e0643d5b61d8716539c8a7cd
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M CHANGES.md

  Log Message:
  -----------
  Add a CHANGES.md entry for the record layer changes

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 9007412c1e1fd4bb9298901dae36064cd279c02a
      https://github.com/openssl/openssl/commit/9007412c1e1fd4bb9298901dae36064cd279c02a
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/dtls_meth.c
    M ssl/record/methods/tls_common.c
    M ssl/record/record.h

  Log Message:
  -----------
  Remove the SSL3_RECORD read field

The read field is no longer used and can be safely removed.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 279754d4199f6e80e17b3e08fa261fbfd3e646c5
      https://github.com/openssl/openssl/commit/279754d4199f6e80e17b3e08fa261fbfd3e646c5
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/dtls_meth.c
    M ssl/record/methods/ktls_meth.c
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/tls_common.c
    M ssl/record/record.h
    M ssl/record/recordmethod.h
    M ssl/ssl_local.h
    M test/helpers/ssltestlib.c

  Log Message:
  -----------
  Standardise type for epoch

The value for epoch was being represented internally via various types:
uint16_t, unsigned short, unsigned int, unsigned long

We standardise on uint16_t

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: df60982574338309856d4f746a2b641c108b1276
      https://github.com/openssl/openssl/commit/df60982574338309856d4f746a2b641c108b1276
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    R ssl/record/README.md

  Log Message:
  -----------
  Remove ssl/record/README.md

This file contains design details for the old record layer and is no
longer relevant for the new design.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: f6aab7b1e1410cf28ec45410aa4ee54f40baf13d
      https://github.com/openssl/openssl/commit/f6aab7b1e1410cf28ec45410aa4ee54f40baf13d
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/dtls_meth.c
    M ssl/record/methods/recmethod_local.h
    M ssl/record/record.h
    M util/indent.pro

  Log Message:
  -----------
  Rename DTLS1_BITMAP to DTLS_BITMAP

The 1 in DTLS1 is confusing and is removed. We also tweak the structure
to always be able to track 64 packets regardless of whether we are on a
32 bit or 64 bit system.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 9b7fb65e1520f398344ea8b7f3b4b097ae2617d7
      https://github.com/openssl/openssl/commit/9b7fb65e1520f398344ea8b7f3b4b097ae2617d7
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/dtls_meth.c
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/tls_common.c

  Log Message:
  -----------
  Rename some functions to be more consistent

Some functions in the record layer were called rlayer_*, but most were
called tls_*. We standardise on the latter.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: efc84eacb7a500306c7cb55e4e2d707dfd9d1ac1
      https://github.com/openssl/openssl/commit/efc84eacb7a500306c7cb55e4e2d707dfd9d1ac1
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/rec_layer_s3.c

  Log Message:
  -----------
  Ensure the rrl object is set to NULL after it is freed

Once we free the rrl object we should NULL it to prevent a dangling ref
to it. Otherwise we could get a double free.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 226ed5fb390f8cfc8b80cea79f57ae7837bc9b96
      https://github.com/openssl/openssl/commit/226ed5fb390f8cfc8b80cea79f57ae7837bc9b96
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/tls_common.c
    M ssl/ssl_local.h
    M ssl/statem/statem.h

  Log Message:
  -----------
  Remove redefinition of SSL_AD_NO_ALERT

The SSL_AD_NO_ALERT value was defined in two places. We centralise its
definition.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 7f7b0be8e3d452ecf5154203c5669f72683fde3f
      https://github.com/openssl/openssl/commit/7f7b0be8e3d452ecf5154203c5669f72683fde3f
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/ssl3_cbc.c

  Log Message:
  -----------
  Remove redefinition of macros

Some macros were redefined in ssl3_cbc.c. We remove the redefinitions

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: 1704961cf085a64b0e104bd0c9cb81188f061698
      https://github.com/openssl/openssl/commit/1704961cf085a64b0e104bd0c9cb81188f061698
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/dtls_meth.c
    M ssl/record/methods/ktls_meth.c
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/ssl3_cbc.c
    M ssl/record/methods/ssl3_meth.c
    M ssl/record/methods/tls13_meth.c
    M ssl/record/methods/tls1_meth.c
    M ssl/record/methods/tls_common.c
    M ssl/record/recordmethod.h

  Log Message:
  -----------
  Formatting cleanups

Some minor formatting cleanups and other minor tweaks.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


  Commit: b85ebc4b279ff0abe81c3a64eafc4f3c6c00605e
      https://github.com/openssl/openssl/commit/b85ebc4b279ff0abe81c3a64eafc4f3c6c00605e
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-08-18 (Thu, 18 Aug 2022)

  Changed paths:
    M ssl/record/methods/dtls_meth.c
    M ssl/record/methods/tls_common.c

  Log Message:
  -----------
  Check record layer callbacks are non-null

The current libssl code always ensures that the callbacks are non-null.
However, the record layer itself wasn't checkthing this. We ensure it does.

Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)


Compare: https://github.com/openssl/openssl/compare/340fe504e42e...b85ebc4b279f


More information about the openssl-commits mailing list