[openssl/openssl] 2c50d7: Convert the TLSv1.3 crypto code to the new write r...
Matt Caswell
noreply at github.com
Wed Oct 12 14:55:39 UTC 2022
Branch: refs/heads/master
Home: https://github.com/openssl/openssl
Commit: 2c50d7fb06e34c5ab562bf890c49cc00cbd52a56
https://github.com/openssl/openssl/commit/2c50d7fb06e34c5ab562bf890c49cc00cbd52a56
Author: Matt Caswell <matt at openssl.org>
Date: 2022-10-12 (Wed, 12 Oct 2022)
Changed paths:
M ssl/record/methods/ktls_meth.c
M ssl/record/methods/tls13_meth.c
M ssl/record/methods/tls_common.c
M ssl/record/rec_layer_s3.c
M ssl/ssl_local.h
M ssl/statem/statem_clnt.c
M ssl/t1_enc.c
M ssl/tls13_enc.c
M test/sslapitest.c
Log Message:
-----------
Convert the TLSv1.3 crypto code to the new write record layer
We also clean up some of the KTLS code while we are doing it now that all
users of KTLS have been moved to the new write record layer.
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)
Commit: bfda3aeec5986d9374e1ceb33b823a2d82bd29ca
https://github.com/openssl/openssl/commit/bfda3aeec5986d9374e1ceb33b823a2d82bd29ca
Author: Matt Caswell <matt at openssl.org>
Date: 2022-10-12 (Wed, 12 Oct 2022)
Changed paths:
M ssl/record/methods/tls_common.c
Log Message:
-----------
Remove most of the DTLS special casing from the write record code
Most of this was unnecessary anyway since DTLS isn't using these codepaths.
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)
Commit: 2f6e24eb5bd6a3ea4c5e18ff003acc4e812b527f
https://github.com/openssl/openssl/commit/2f6e24eb5bd6a3ea4c5e18ff003acc4e812b527f
Author: Matt Caswell <matt at openssl.org>
Date: 2022-10-12 (Wed, 12 Oct 2022)
Changed paths:
M ssl/record/methods/tls_common.c
Log Message:
-----------
Remove some unneeded usage of the SSL_CONNECTION object
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)
Commit: 4bf610bdce3b0e474c5ce7db5be77e152f3649b6
https://github.com/openssl/openssl/commit/4bf610bdce3b0e474c5ce7db5be77e152f3649b6
Author: Matt Caswell <matt at openssl.org>
Date: 2022-10-12 (Wed, 12 Oct 2022)
Changed paths:
M ssl/record/methods/recmethod_local.h
M ssl/record/methods/tls_common.c
M ssl/s3_enc.c
M ssl/statem/statem.c
M ssl/statem/statem.h
M ssl/t1_enc.c
M ssl/tls13_enc.c
Log Message:
-----------
Remove enc_write_state
This field was used to track whether a cipher ctx was valid for writing
or not, and also whether we should write out plaintext alerts. With the new
record layer design we no longer need to track whether a cipher ctx is valid
since the whole record layer will be aborted if it is not. Also we have a
different mechanism for tracking whether we should write out plaintext
alerts. Therefore this field is removed from the SSL object.
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)
Commit: 435d88d70813825533c8789faa71c6287e0d43c9
https://github.com/openssl/openssl/commit/435d88d70813825533c8789faa71c6287e0d43c9
Author: Matt Caswell <matt at openssl.org>
Date: 2022-10-12 (Wed, 12 Oct 2022)
Changed paths:
M ssl/record/methods/dtls_meth.c
M ssl/record/methods/ktls_meth.c
M ssl/record/methods/recmethod_local.h
M ssl/record/methods/tls_common.c
M ssl/record/rec_layer_s3.c
M ssl/record/recordmethod.h
M ssl/ssl_lib.c
M ssl/statem/extensions.c
Log Message:
-----------
Use the configured max_send_fragment value in the write record layer
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)
Commit: f93c0f546423eab65be3bc50a8cdfc3d5eb6b2e1
https://github.com/openssl/openssl/commit/f93c0f546423eab65be3bc50a8cdfc3d5eb6b2e1
Author: Matt Caswell <matt at openssl.org>
Date: 2022-10-12 (Wed, 12 Oct 2022)
Changed paths:
M ssl/record/rec_layer_s3.c
Log Message:
-----------
Remove an old TODO from the code
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)
Commit: 91fe8ff02a323eddb0404f975d5c9a03c024593b
https://github.com/openssl/openssl/commit/91fe8ff02a323eddb0404f975d5c9a03c024593b
Author: Matt Caswell <matt at openssl.org>
Date: 2022-10-12 (Wed, 12 Oct 2022)
Changed paths:
M ssl/record/methods/ktls_meth.c
M ssl/record/methods/recmethod_local.h
M ssl/record/methods/ssl3_meth.c
M ssl/record/methods/tls13_meth.c
M ssl/record/methods/tls1_meth.c
M ssl/record/methods/tls_common.c
M ssl/record/methods/tlsany_meth.c
Log Message:
-----------
Defer write buffer and WPACKET allocation/initialisation to protocol code
We move some protocol specific code for write buffer and WPACKET allocation
and initialisation out of tls_common.c and into the protocol specific files.
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)
Commit: 7ca61d63e99726ef7874b88b96892dae75f51156
https://github.com/openssl/openssl/commit/7ca61d63e99726ef7874b88b96892dae75f51156
Author: Matt Caswell <matt at openssl.org>
Date: 2022-10-12 (Wed, 12 Oct 2022)
Changed paths:
M ssl/record/methods/ktls_meth.c
M ssl/record/methods/recmethod_local.h
M ssl/record/methods/ssl3_meth.c
M ssl/record/methods/tls13_meth.c
M ssl/record/methods/tls1_meth.c
M ssl/record/methods/tls_common.c
M ssl/record/methods/tlsany_meth.c
Log Message:
-----------
Abstract out the record type processing
Remove TLSv1.3 specific processing of the record type out of tls_common.c
and into tls13_meth.c
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)
Commit: aca70ca81c6fcf38554aa95a3a2c75e1eeb1a085
https://github.com/openssl/openssl/commit/aca70ca81c6fcf38554aa95a3a2c75e1eeb1a085
Author: Matt Caswell <matt at openssl.org>
Date: 2022-10-12 (Wed, 12 Oct 2022)
Changed paths:
M ssl/record/methods/ktls_meth.c
M ssl/record/methods/recmethod_local.h
M ssl/record/methods/ssl3_meth.c
M ssl/record/methods/tls13_meth.c
M ssl/record/methods/tls1_meth.c
M ssl/record/methods/tls_common.c
M ssl/record/methods/tlsany_meth.c
Log Message:
-----------
Defer record header preparation to the protocol methods
We introduce a new function to prepare the record header. KTLS has its own
version since this is done by the kernel.
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)
Commit: b6f7519bc4b645809b3dcf97478fabbb3037f3e2
https://github.com/openssl/openssl/commit/b6f7519bc4b645809b3dcf97478fabbb3037f3e2
Author: Matt Caswell <matt at openssl.org>
Date: 2022-10-12 (Wed, 12 Oct 2022)
Changed paths:
M ssl/record/methods/tls_common.c
Log Message:
-----------
Don't check whether we are using KTLS before calling the cipher function
The KTLS cipher function is a no-op so it doesn't matter if we call it.
We shouldn't special case KTLS in tls_common.c
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)
Commit: 2582de25902510cdb934c5ff59845fc26a7f2e28
https://github.com/openssl/openssl/commit/2582de25902510cdb934c5ff59845fc26a7f2e28
Author: Matt Caswell <matt at openssl.org>
Date: 2022-10-12 (Wed, 12 Oct 2022)
Changed paths:
M ssl/record/methods/ktls_meth.c
M ssl/record/methods/recmethod_local.h
M ssl/record/methods/ssl3_meth.c
M ssl/record/methods/tls13_meth.c
M ssl/record/methods/tls1_meth.c
M ssl/record/methods/tls_common.c
M ssl/record/methods/tlsany_meth.c
Log Message:
-----------
Move record padding out of tls_common.c
Only tls13_meth.c needs to handle adding record padding. All other
*_meth.c files can ignore it.
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)
Commit: 757ef3bab02e976500ffd2b1ae2229ed62f85a61
https://github.com/openssl/openssl/commit/757ef3bab02e976500ffd2b1ae2229ed62f85a61
Author: Matt Caswell <matt at openssl.org>
Date: 2022-10-12 (Wed, 12 Oct 2022)
Changed paths:
M ssl/record/methods/ktls_meth.c
M ssl/record/methods/recmethod_local.h
M ssl/record/methods/ssl3_meth.c
M ssl/record/methods/tls13_meth.c
M ssl/record/methods/tls1_meth.c
M ssl/record/methods/tls_common.c
M ssl/record/methods/tlsany_meth.c
Log Message:
-----------
Add a prepare for encryption step
This applies any mac that might be necessary, ensures that we have
enough space in the WPACKET to perform the encryption and sets up the
SSL3_RECORD ready for that encryption.
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)
Commit: 2a354d54632cccf7d76130712d068a3ef188a356
https://github.com/openssl/openssl/commit/2a354d54632cccf7d76130712d068a3ef188a356
Author: Matt Caswell <matt at openssl.org>
Date: 2022-10-12 (Wed, 12 Oct 2022)
Changed paths:
M ssl/record/methods/ktls_meth.c
M ssl/record/methods/recmethod_local.h
M ssl/record/methods/ssl3_meth.c
M ssl/record/methods/tls13_meth.c
M ssl/record/methods/tls1_meth.c
M ssl/record/methods/tls_common.c
M ssl/record/methods/tlsany_meth.c
Log Message:
-----------
Add a post encryption processing step
For example in this we add the MAC if we are doing encrypt-then-mac.
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)
Commit: 5bc226ab3217525584a553ff1729567219d00e78
https://github.com/openssl/openssl/commit/5bc226ab3217525584a553ff1729567219d00e78
Author: Matt Caswell <matt at openssl.org>
Date: 2022-10-12 (Wed, 12 Oct 2022)
Changed paths:
M ssl/record/methods/tls_common.c
Log Message:
-----------
Remove ktls specific code from tls_setup_write_buffers
The KTLS code no longer calls this function so this is not necessary.
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)
Commit: ace3819506d8d6bd298dd8448fefcbd62b63580c
https://github.com/openssl/openssl/commit/ace3819506d8d6bd298dd8448fefcbd62b63580c
Author: Matt Caswell <matt at openssl.org>
Date: 2022-10-12 (Wed, 12 Oct 2022)
Changed paths:
M ssl/record/methods/ktls_meth.c
M ssl/record/methods/recmethod_local.h
M ssl/record/methods/ssl3_meth.c
M ssl/record/methods/tls13_meth.c
M ssl/record/methods/tls1_meth.c
M ssl/record/methods/tls_common.c
M ssl/record/methods/tlsany_meth.c
Log Message:
-----------
Introduce a step to prepare the BIO before writing
This removes some KTLS specific code from tls_retry_write_records().
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)
Commit: f78c51995e35889d39cb0bdadcbfa3e144bd8a29
https://github.com/openssl/openssl/commit/f78c51995e35889d39cb0bdadcbfa3e144bd8a29
Author: Matt Caswell <matt at openssl.org>
Date: 2022-10-12 (Wed, 12 Oct 2022)
Changed paths:
M ssl/record/methods/tls_common.c
Log Message:
-----------
Fix a return value in tls_default_read_n
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19343)
Compare: https://github.com/openssl/openssl/compare/ef917549f586...f78c51995e35
More information about the openssl-commits
mailing list