CVSROOT: /cvs
Module name: src
Changes by: js...@cvs.openbsd.org 2022/02/06 09:08:14
Modified files:
lib/libssl : tls13_legacy.c
Log message:
Handle zero byte reads/writes that trigger handshakes in the TLSv1.3 stack.
With the legaacy stack, it is possible to do a zero byte SSL_read() or
SSL_write() that triggers the handshake, but then returns zero without
SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE being flagged. This currently
works in the TLSv1.3 stack by returning TLS_IO_WANT_POLLIN or
TLS_IO_WANT_POLLOUT, which is then hidden by SSL_get_error().
However, due to upcoming changes to SSL_get_error() this will no longer be
the case. In order to maintain the existing legacy behaviour, explicitly
handle zero byte reads and writes in the TLSv1.3 stack, following
completion of a handshake.
ok inoguchi@ tb@
