[openssl/openssl] 79abf0: Remove spurious error queue entries on early data
Matt Caswell
noreply at github.com
Sun Mar 5 21:37:30 UTC 2023
Branch: refs/heads/master
Home: https://github.com/openssl/openssl
Commit: 79abf0dff90d54840b8afa6270ea816ee2edd345
https://github.com/openssl/openssl/commit/79abf0dff90d54840b8afa6270ea816ee2edd345
Author: Matt Caswell <matt at openssl.org>
Date: 2023-03-06 (Mon, 06 Mar 2023)
Changed paths:
M ssl/record/methods/tls_common.c
Log Message:
-----------
Remove spurious error queue entries on early data
Early data decryption is expected to fail sometimes. If it does we should
not leave spurious error entries on the queue.
Fixes #20377
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20401)
Commit: 10836921e52ff9110c12b4b9f984e7c5ef1c89cc
https://github.com/openssl/openssl/commit/10836921e52ff9110c12b4b9f984e7c5ef1c89cc
Author: Matt Caswell <matt at openssl.org>
Date: 2023-03-06 (Mon, 06 Mar 2023)
Changed paths:
M test/sslapitest.c
Log Message:
-----------
Test that there are no errors on the stack for rejected early data
If we reject early data then it is normal for decryption operations to
fail. We should ensure there are no spurious errors on the stack in that
case. This adds a test for that scenario.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20401)
Compare: https://github.com/openssl/openssl/compare/b1cd268c0342...10836921e52f
More information about the openssl-commits
mailing list