Connections to MS Exchange appear to have been broken by this commit, or at least bisection leaves me with a working alpine before this commit and one that hangs during the handshake after this.
Philip Guenther On Sat, Oct 3, 2020 at 8:35 AM Joel Sing <js...@openbsd.org> wrote: > CVSROOT: /cvs > Module name: src > Changes by: js...@cvs.openbsd.org 2020/10/03 11:35:17 > > Modified files: > lib/libssl : d1_pkt.c s3_cbc.c ssl_locl.h ssl_pkt.c t1_enc.c > tls12_record_layer.c > > Log message: > Reimplement the TLSv1.2 record handling for the read side. > > This is the next step in replacing the TLSv1.2 record layer. > > The existing record handling code does decryption and processing in > place, which is not ideal for various reasons, however it is retained > for now as other code depends on this behaviour. Additionally, CBC > requires special handling to avoid timing oracles - for now the > existing timing safe code is largely retained. > > ok beck@ inoguchi@ tb@ > >