[openssl/openssl] 830eae: Fix the ceiling on how much encryption growth we c...

Matt Caswell noreply at github.com
Mon Nov 7 11:09:03 UTC 2022 

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 830eae60a61876a5bcd267f47e224269852dcc29
      https://github.com/openssl/openssl/commit/830eae60a61876a5bcd267f47e224269852dcc29
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-11-07 (Mon, 07 Nov 2022)

  Changed paths:
    M ssl/record/methods/tls_common.c

  Log Message:
  -----------
  Fix the ceiling on how much encryption growth we can have

Stitched ciphersuites can grow by more during encryption than the code
allowed for. We fix the calculation and add an assert to check we go it
right.

Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19516)


  Commit: b05fbac1fc4f9c54a4e7a71728396e8f1b18707e
      https://github.com/openssl/openssl/commit/b05fbac1fc4f9c54a4e7a71728396e8f1b18707e
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-11-07 (Mon, 07 Nov 2022)

  Changed paths:
    M ssl/record/methods/dtls_meth.c
    M ssl/record/methods/recmethod_local.h
    M ssl/record/methods/tls13_meth.c
    M ssl/record/methods/tls_common.c
    M ssl/t1_enc.c

  Log Message:
  -----------
  Fix dtls_get_max_record_overhead()

We fix dtls_get_max_record_overhead() to give a better value for the max
record overhead. We can't realistically handle the compression case so we
just ignore that.

Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19516)


  Commit: 351ad225b3758f96a5875eb11ac3acda006a1c00
      https://github.com/openssl/openssl/commit/351ad225b3758f96a5875eb11ac3acda006a1c00
  Author: Matt Caswell <matt at openssl.org>
  Date:   2022-11-07 (Mon, 07 Nov 2022)

  Changed paths:
    M ssl/statem/statem_dtls.c

  Log Message:
  -----------
  Assert that we do not exceed the DTLS MTU

Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19516)


Compare: https://github.com/openssl/openssl/compare/3840271e9840...351ad225b375

More information about the openssl-commits mailing list