Branch: refs/heads/master Home: https://github.com/openssl/openssl Commit: 2c50d7fb06e34c5ab562bf890c49cc00cbd52a56 https://github.com/openssl/openssl/commit/2c50d7fb06e34c5ab562bf890c49cc00cbd52a56 Author: Matt Caswell <m...@openssl.org> Date: 2022-10-12 (Wed, 12 Oct 2022)
Changed paths: M ssl/record/methods/ktls_meth.c M ssl/record/methods/tls13_meth.c M ssl/record/methods/tls_common.c M ssl/record/rec_layer_s3.c M ssl/ssl_local.h M ssl/statem/statem_clnt.c M ssl/t1_enc.c M ssl/tls13_enc.c M test/sslapitest.c Log Message: ----------- Convert the TLSv1.3 crypto code to the new write record layer We also clean up some of the KTLS code while we are doing it now that all users of KTLS have been moved to the new write record layer. Reviewed-by: Hugo Landau <hlan...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19343) Commit: bfda3aeec5986d9374e1ceb33b823a2d82bd29ca https://github.com/openssl/openssl/commit/bfda3aeec5986d9374e1ceb33b823a2d82bd29ca Author: Matt Caswell <m...@openssl.org> Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/tls_common.c Log Message: ----------- Remove most of the DTLS special casing from the write record code Most of this was unnecessary anyway since DTLS isn't using these codepaths. Reviewed-by: Hugo Landau <hlan...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19343) Commit: 2f6e24eb5bd6a3ea4c5e18ff003acc4e812b527f https://github.com/openssl/openssl/commit/2f6e24eb5bd6a3ea4c5e18ff003acc4e812b527f Author: Matt Caswell <m...@openssl.org> Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/tls_common.c Log Message: ----------- Remove some unneeded usage of the SSL_CONNECTION object Reviewed-by: Hugo Landau <hlan...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19343) Commit: 4bf610bdce3b0e474c5ce7db5be77e152f3649b6 https://github.com/openssl/openssl/commit/4bf610bdce3b0e474c5ce7db5be77e152f3649b6 Author: Matt Caswell <m...@openssl.org> Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/recmethod_local.h M ssl/record/methods/tls_common.c M ssl/s3_enc.c M ssl/statem/statem.c M ssl/statem/statem.h M ssl/t1_enc.c M ssl/tls13_enc.c Log Message: ----------- Remove enc_write_state This field was used to track whether a cipher ctx was valid for writing or not, and also whether we should write out plaintext alerts. With the new record layer design we no longer need to track whether a cipher ctx is valid since the whole record layer will be aborted if it is not. Also we have a different mechanism for tracking whether we should write out plaintext alerts. Therefore this field is removed from the SSL object. Reviewed-by: Hugo Landau <hlan...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19343) Commit: 435d88d70813825533c8789faa71c6287e0d43c9 https://github.com/openssl/openssl/commit/435d88d70813825533c8789faa71c6287e0d43c9 Author: Matt Caswell <m...@openssl.org> Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/dtls_meth.c M ssl/record/methods/ktls_meth.c M ssl/record/methods/recmethod_local.h M ssl/record/methods/tls_common.c M ssl/record/rec_layer_s3.c M ssl/record/recordmethod.h M ssl/ssl_lib.c M ssl/statem/extensions.c Log Message: ----------- Use the configured max_send_fragment value in the write record layer Reviewed-by: Hugo Landau <hlan...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19343) Commit: f93c0f546423eab65be3bc50a8cdfc3d5eb6b2e1 https://github.com/openssl/openssl/commit/f93c0f546423eab65be3bc50a8cdfc3d5eb6b2e1 Author: Matt Caswell <m...@openssl.org> Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/rec_layer_s3.c Log Message: ----------- Remove an old TODO from the code Reviewed-by: Hugo Landau <hlan...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19343) Commit: 91fe8ff02a323eddb0404f975d5c9a03c024593b https://github.com/openssl/openssl/commit/91fe8ff02a323eddb0404f975d5c9a03c024593b Author: Matt Caswell <m...@openssl.org> Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/ktls_meth.c M ssl/record/methods/recmethod_local.h M ssl/record/methods/ssl3_meth.c M ssl/record/methods/tls13_meth.c M ssl/record/methods/tls1_meth.c M ssl/record/methods/tls_common.c M ssl/record/methods/tlsany_meth.c Log Message: ----------- Defer write buffer and WPACKET allocation/initialisation to protocol code We move some protocol specific code for write buffer and WPACKET allocation and initialisation out of tls_common.c and into the protocol specific files. Reviewed-by: Hugo Landau <hlan...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19343) Commit: 7ca61d63e99726ef7874b88b96892dae75f51156 https://github.com/openssl/openssl/commit/7ca61d63e99726ef7874b88b96892dae75f51156 Author: Matt Caswell <m...@openssl.org> Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/ktls_meth.c M ssl/record/methods/recmethod_local.h M ssl/record/methods/ssl3_meth.c M ssl/record/methods/tls13_meth.c M ssl/record/methods/tls1_meth.c M ssl/record/methods/tls_common.c M ssl/record/methods/tlsany_meth.c Log Message: ----------- Abstract out the record type processing Remove TLSv1.3 specific processing of the record type out of tls_common.c and into tls13_meth.c Reviewed-by: Hugo Landau <hlan...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19343) Commit: aca70ca81c6fcf38554aa95a3a2c75e1eeb1a085 https://github.com/openssl/openssl/commit/aca70ca81c6fcf38554aa95a3a2c75e1eeb1a085 Author: Matt Caswell <m...@openssl.org> Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/ktls_meth.c M ssl/record/methods/recmethod_local.h M ssl/record/methods/ssl3_meth.c M ssl/record/methods/tls13_meth.c M ssl/record/methods/tls1_meth.c M ssl/record/methods/tls_common.c M ssl/record/methods/tlsany_meth.c Log Message: ----------- Defer record header preparation to the protocol methods We introduce a new function to prepare the record header. KTLS has its own version since this is done by the kernel. Reviewed-by: Hugo Landau <hlan...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19343) Commit: b6f7519bc4b645809b3dcf97478fabbb3037f3e2 https://github.com/openssl/openssl/commit/b6f7519bc4b645809b3dcf97478fabbb3037f3e2 Author: Matt Caswell <m...@openssl.org> Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/tls_common.c Log Message: ----------- Don't check whether we are using KTLS before calling the cipher function The KTLS cipher function is a no-op so it doesn't matter if we call it. We shouldn't special case KTLS in tls_common.c Reviewed-by: Hugo Landau <hlan...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19343) Commit: 2582de25902510cdb934c5ff59845fc26a7f2e28 https://github.com/openssl/openssl/commit/2582de25902510cdb934c5ff59845fc26a7f2e28 Author: Matt Caswell <m...@openssl.org> Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/ktls_meth.c M ssl/record/methods/recmethod_local.h M ssl/record/methods/ssl3_meth.c M ssl/record/methods/tls13_meth.c M ssl/record/methods/tls1_meth.c M ssl/record/methods/tls_common.c M ssl/record/methods/tlsany_meth.c Log Message: ----------- Move record padding out of tls_common.c Only tls13_meth.c needs to handle adding record padding. All other *_meth.c files can ignore it. Reviewed-by: Hugo Landau <hlan...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19343) Commit: 757ef3bab02e976500ffd2b1ae2229ed62f85a61 https://github.com/openssl/openssl/commit/757ef3bab02e976500ffd2b1ae2229ed62f85a61 Author: Matt Caswell <m...@openssl.org> Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/ktls_meth.c M ssl/record/methods/recmethod_local.h M ssl/record/methods/ssl3_meth.c M ssl/record/methods/tls13_meth.c M ssl/record/methods/tls1_meth.c M ssl/record/methods/tls_common.c M ssl/record/methods/tlsany_meth.c Log Message: ----------- Add a prepare for encryption step This applies any mac that might be necessary, ensures that we have enough space in the WPACKET to perform the encryption and sets up the SSL3_RECORD ready for that encryption. Reviewed-by: Hugo Landau <hlan...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19343) Commit: 2a354d54632cccf7d76130712d068a3ef188a356 https://github.com/openssl/openssl/commit/2a354d54632cccf7d76130712d068a3ef188a356 Author: Matt Caswell <m...@openssl.org> Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/ktls_meth.c M ssl/record/methods/recmethod_local.h M ssl/record/methods/ssl3_meth.c M ssl/record/methods/tls13_meth.c M ssl/record/methods/tls1_meth.c M ssl/record/methods/tls_common.c M ssl/record/methods/tlsany_meth.c Log Message: ----------- Add a post encryption processing step For example in this we add the MAC if we are doing encrypt-then-mac. Reviewed-by: Hugo Landau <hlan...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19343) Commit: 5bc226ab3217525584a553ff1729567219d00e78 https://github.com/openssl/openssl/commit/5bc226ab3217525584a553ff1729567219d00e78 Author: Matt Caswell <m...@openssl.org> Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/tls_common.c Log Message: ----------- Remove ktls specific code from tls_setup_write_buffers The KTLS code no longer calls this function so this is not necessary. Reviewed-by: Hugo Landau <hlan...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19343) Commit: ace3819506d8d6bd298dd8448fefcbd62b63580c https://github.com/openssl/openssl/commit/ace3819506d8d6bd298dd8448fefcbd62b63580c Author: Matt Caswell <m...@openssl.org> Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/ktls_meth.c M ssl/record/methods/recmethod_local.h M ssl/record/methods/ssl3_meth.c M ssl/record/methods/tls13_meth.c M ssl/record/methods/tls1_meth.c M ssl/record/methods/tls_common.c M ssl/record/methods/tlsany_meth.c Log Message: ----------- Introduce a step to prepare the BIO before writing This removes some KTLS specific code from tls_retry_write_records(). Reviewed-by: Hugo Landau <hlan...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19343) Commit: f78c51995e35889d39cb0bdadcbfa3e144bd8a29 https://github.com/openssl/openssl/commit/f78c51995e35889d39cb0bdadcbfa3e144bd8a29 Author: Matt Caswell <m...@openssl.org> Date: 2022-10-12 (Wed, 12 Oct 2022) Changed paths: M ssl/record/methods/tls_common.c Log Message: ----------- Fix a return value in tls_default_read_n Reviewed-by: Hugo Landau <hlan...@openssl.org> Reviewed-by: Tomas Mraz <to...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19343) Compare: https://github.com/openssl/openssl/compare/ef917549f586...f78c51995e35