[openssl/openssl] 24c7d3: Add a test for TLS pipelining
Matt Caswell
noreply at github.com
Fri Feb 24 00:00:33 UTC 2023
Branch: refs/heads/openssl-3.1
Home: https://github.com/openssl/openssl
Commit: 24c7d367b612fc5a4a84571da1e54a01a6ee813f
https://github.com/openssl/openssl/commit/24c7d367b612fc5a4a84571da1e54a01a6ee813f
Author: Matt Caswell <matt at openssl.org>
Date: 2023-02-24 (Fri, 24 Feb 2023)
Changed paths:
M test/sslapitest.c
Log Message:
-----------
Add a test for TLS pipelining
TLS pipelining provides the ability for libssl to read or write multiple
records in parallel. It requires special ciphers to do this, and there are
currently no built-in ciphers that provide this capability. However, the
dasync engine does have such a cipher, so we add a test for this capability
using that engine.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20208)
Commit: df9c7ceefef59cc870c80346906471fabec62494
https://github.com/openssl/openssl/commit/df9c7ceefef59cc870c80346906471fabec62494
Author: Matt Caswell <matt at openssl.org>
Date: 2023-02-24 (Fri, 24 Feb 2023)
Changed paths:
M ssl/record/ssl3_record.c
Log Message:
-----------
Pipeline output/input buf arrays must live until the EVP_Cipher is called
The pipeline input/output buf arrays must remain accessible to the
EVP_CIPHER_CTX until EVP_Cipher is subsequently called. This fixes an
asan error discovered by the newly added pipeline test.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20208)
Commit: 1d06598f0e9d9e39f9c206a2520777e696150257
https://github.com/openssl/openssl/commit/1d06598f0e9d9e39f9c206a2520777e696150257
Author: Matt Caswell <matt at openssl.org>
Date: 2023-02-24 (Fri, 24 Feb 2023)
Changed paths:
M ssl/record/rec_layer_s3.c
M ssl/record/ssl3_buffer.c
Log Message:
-----------
Fix read pipelining
During read pipelining we must ensure that the buffer is sufficiently large
to read enough data to fill our pipelines. We also remove some code that
moved data to the start of the packet if we can. This was unnecessary
because of later code which would end up moving it anyway. The earlier move
was also incorrect in the case that |clearold| was 0. This would cause the
read pipelining code to fail with sufficiently large records.
Fixes #20197
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20208)
Commit: 89ed54456ec79bfc3c2f8c5e216efb5976a07525
https://github.com/openssl/openssl/commit/89ed54456ec79bfc3c2f8c5e216efb5976a07525
Author: Matt Caswell <matt at openssl.org>
Date: 2023-02-24 (Fri, 24 Feb 2023)
Changed paths:
M doc/man3/SSL_CTX_set_split_send_fragment.pod
Log Message:
-----------
Update the pipelining docs
Document the effect on the internal read buffer when using pipelining.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20208)
Commit: 2c4b1c7b7b09c0e3f9f4246e8d6747678ea90363
https://github.com/openssl/openssl/commit/2c4b1c7b7b09c0e3f9f4246e8d6747678ea90363
Author: Matt Caswell <matt at openssl.org>
Date: 2023-02-24 (Fri, 24 Feb 2023)
Changed paths:
M ssl/record/rec_layer_s3.c
Log Message:
-----------
Do not have more data in a pipeline than the split_send_fragment
We shouldn't be putting more data into a pipeline than the value of
split_send_fragment.
This is a backport of a fix which was included in a much larger commit in
master (c6186792b98) related to moving the pipelining code into the new
record layer that exists there.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20208)
Compare: https://github.com/openssl/openssl/compare/a92dd651abfc...2c4b1c7b7b09
More information about the openssl-commits
mailing list