CVSROOT: /cvs
Module name: src
Changes by: js...@cvs.openbsd.org 2020/10/03 11:35:17
Modified files:
lib/libssl : d1_pkt.c s3_cbc.c ssl_locl.h ssl_pkt.c t1_enc.c
tls12_record_layer.c
Log message:
Reimplement the TLSv1.2 record handling for the read side.
This is the next step in replacing the TLSv1.2 record layer.
The existing record handling code does decryption and processing in
place, which is not ideal for various reasons, however it is retained
for now as other code depends on this behaviour. Additionally, CBC
requires special handling to avoid timing oracles - for now the
existing timing safe code is largely retained.
ok beck@ inoguchi@ tb@
