[openssl/openssl] 4074e6: Add a KTLS test where we write long app data records

Matt Caswell noreply at github.com
Thu Jan 18 15:24:01 UTC 2024


  Branch: refs/heads/openssl-3.2
  Home:   https://github.com/openssl/openssl
  Commit: 4074e6308860077bdd3b85b084ad63d3007e20e3
      https://github.com/openssl/openssl/commit/4074e6308860077bdd3b85b084ad63d3007e20e3
  Author: Matt Caswell <matt at openssl.org>
  Date:   2024-01-18 (Thu, 18 Jan 2024)

  Changed paths:
    M test/sslapitest.c

  Log Message:
  -----------
  Add a KTLS test where we write long app data records

Check that we can write and read back long app data records when using
KTLS.

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Neil Horman <nhorman at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23182)

(cherry picked from commit 563f4be8976ea776ec4fb90d084e2ce80c92f0d1)


  Commit: 523d1233f1feda9d7561441b332600148a468d8a
      https://github.com/openssl/openssl/commit/523d1233f1feda9d7561441b332600148a468d8a
  Author: Matt Caswell <matt at openssl.org>
  Date:   2024-01-18 (Thu, 18 Jan 2024)

  Changed paths:
    M include/internal/ktls.h

  Log Message:
  -----------
  Fix a FreeBSD build failure when KTLS is enabled

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Neil Horman <nhorman at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23182)

(cherry picked from commit 2cac2feff2612c0a324675d8151fea3e2d03397c)


  Commit: 141365d1b4ab9d2ea4c76938f83b26429f0fb8ad
      https://github.com/openssl/openssl/commit/141365d1b4ab9d2ea4c76938f83b26429f0fb8ad
  Author: Matt Caswell <matt at openssl.org>
  Date:   2024-01-18 (Thu, 18 Jan 2024)

  Changed paths:
    M ssl/record/methods/tls_common.c

  Log Message:
  -----------
  Don't apply max_frag_len checking if no Max Fragment Length extension

Don't check the Max Fragment Length if the it hasn't been negotiated. We
were checking it anyway, and using the default value
(SSL3_RT_MAX_PLAIN_LENGTH). This works in most cases but KTLS can cause the
record length to actually exceed this in some cases.

Fixes #23169

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Neil Horman <nhorman at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23182)

(cherry picked from commit c1decd62460072082833909a962892e5042b16bb)


Compare: https://github.com/openssl/openssl/compare/8c1f9de1d551...141365d1b4ab


More information about the openssl-commits mailing list