[openssl/openssl] 34c2f9: KTLS: enable the CCM mode of ktls
Simo Sorce
noreply at github.com
Wed Nov 16 16:07:59 UTC 2022
Branch: refs/heads/master
Home: https://github.com/openssl/openssl
Commit: 34c2f90d8ed325a892618ce0e42ebe916966d4d8
https://github.com/openssl/openssl/commit/34c2f90d8ed325a892618ce0e42ebe916966d4d8
Author: Tianjia Zhang <tianjia.zhang at linux.alibaba.com>
Date: 2022-11-16 (Wed, 16 Nov 2022)
Changed paths:
M CHANGES.md
M ssl/record/methods/ktls_meth.c
Log Message:
-----------
KTLS: enable the CCM mode of ktls
The latest kernel (including stable kernel) has fixed the issue
of decryption failure in CCM mode in TLS 1.3. It is necessary to
reenable CCM mode for KTLS.
Signed-off-by: Tianjia Zhang <tianjia.zhang at linux.alibaba.com>
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17207)
Commit: 2fea56832780248af2aba2e4433ece2d18428515
https://github.com/openssl/openssl/commit/2fea56832780248af2aba2e4433ece2d18428515
Author: Simo Sorce <simo at redhat.com>
Date: 2022-11-16 (Wed, 16 Nov 2022)
Changed paths:
M apps/lib/apps.c
A test/recipes/20-test_legacy_okay.t
Log Message:
-----------
Drop explicit check for engines in opt_legacy_okay
The providers indication should always indicate that this is not a
legacy request.
This makes a check for engines redundant as the default return is that
legacy is ok if there are no explicit providers.
Fixes #19662
Signed-off-by: Simo Sorce <simo at redhat.com>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19671)
Compare: https://github.com/openssl/openssl/compare/3b6154ccaf3e...2fea56832780
More information about the openssl-commits
mailing list