[openssl/openssl] b718f6: Add a test for TLS pipelining
Matt Caswell
noreply at github.com
Wed Nov 2 10:14:56 UTC 2022
Branch: refs/heads/master
Home: https://github.com/openssl/openssl
Commit: b718f6fcc4bbf48cfc6ab3fa64e6cb95453299b3
https://github.com/openssl/openssl/commit/b718f6fcc4bbf48cfc6ab3fa64e6cb95453299b3
Author: Matt Caswell <matt at openssl.org>
Date: 2022-11-02 (Wed, 02 Nov 2022)
Changed paths:
M ssl/record/methods/tls_common.c
M test/sslapitest.c
Log Message:
-----------
Add a test for TLS pipelining
TLS pipelining provides the ability for libssl to read or write multiple
records in parallel. It requires special ciphers to do this, and there are
currently no built-in ciphers that provide this capability. However, the
dasync engine does have such a cipher, so we add a test for this capability
using that engine.
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Todd Short <todd.short at me.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19456)
Commit: 3961af375e1522a3d37d2af8628bff43103ab4f5
https://github.com/openssl/openssl/commit/3961af375e1522a3d37d2af8628bff43103ab4f5
Author: Matt Caswell <matt at openssl.org>
Date: 2022-11-02 (Wed, 02 Nov 2022)
Changed paths:
M ssl/record/methods/tls1_meth.c
Log Message:
-----------
Pipeline output/input buf arrays must live until the EVP_Cipher is called
The pipeline input/output buf arrays must remain accessible to the
EVP_CIPHER_CTX until EVP_Cipher is subsequently called. This fixes an
asan error discovered by the newly added pipeline test.
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Todd Short <todd.short at me.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19456)
Commit: 8ccde3fc78b8db0acf8c11454b5dc4fb01485f4c
https://github.com/openssl/openssl/commit/8ccde3fc78b8db0acf8c11454b5dc4fb01485f4c
Author: Matt Caswell <matt at openssl.org>
Date: 2022-11-02 (Wed, 02 Nov 2022)
Changed paths:
M ssl/record/methods/tls_common.c
Log Message:
-----------
Fix read pipelining
During read pipelining we must ensure that the buffer is sufficiently large
to read enough data to fill our pipelines. We also remove some code that
moved data to the start of the packet if we can. This was unnecessary
because of later code which would end up moving it anyway. The earlier move
was also incorrect in the case that |clearold| was 0. This would cause the
read pipelining code to fail with sufficiently large records.
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Todd Short <todd.short at me.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19456)
Commit: 3929345ee49f6b3a04f446c9589bb338f12e71ac
https://github.com/openssl/openssl/commit/3929345ee49f6b3a04f446c9589bb338f12e71ac
Author: Matt Caswell <matt at openssl.org>
Date: 2022-11-02 (Wed, 02 Nov 2022)
Changed paths:
M doc/man3/SSL_CTX_set_split_send_fragment.pod
Log Message:
-----------
Update the pipelining docs
Document the effect on the internal read buffer when using pipelining.
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Todd Short <todd.short at me.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19456)
Compare: https://github.com/openssl/openssl/compare/a88e97fcace0...3929345ee49f
More information about the openssl-commits
mailing list