[rtems-libbsd commit] uipc_socket.c: Modify MSG_TLSAPPDATA to only do Alert Records
Sebastian Huber
sebh at rtems.org
Mon Jul 11 11:46:14 UTC 2022
Module: rtems-libbsd
Branch: 6-freebsd-12
Commit: 5f0e04113f2c62b638698f52b37655b9f9357ddd
Changeset: http://git.rtems.org/rtems-libbsd/commit/?id=5f0e04113f2c62b638698f52b37655b9f9357ddd
Author: Rick Macklem <rmacklem at FreeBSD.org>
Date: Sat May 14 12:56:50 2022 -0700
uipc_socket.c: Modify MSG_TLSAPPDATA to only do Alert Records
Without this patch, the MSG_TLSAPPDATA flag would cause
soreceive_generic() to return ENXIO for any non-application
data record in a TLS receive stream.
This works ok for TLS1.2, since Alert records appear to be
the only non-application data records received.
However, for TLS1.3, there can be post-handshake handshake
records, such as NewSessionKey sent to the client from the
server. These handshake records cannot be handled by the
upcall which does an SSL_read() with length == 0.
It appears that the client can simply throw away these
NewSessionKey records, but to do so, it needs to receive
them within the kernel.
This patch modifies the semantics of MSG_TLSAPPDATA slightly,
so that it only applies to Alert records and not Handshake
records. It is needed to allow the krpc to work with KTLS1.3.
Reviewed by: hselasky
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D35170
---
rtemsbsd/include/machine/_kernel_socket.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/rtemsbsd/include/machine/_kernel_socket.h b/rtemsbsd/include/machine/_kernel_socket.h
index dba4694f..3acee460 100644
--- a/rtemsbsd/include/machine/_kernel_socket.h
+++ b/rtemsbsd/include/machine/_kernel_socket.h
@@ -46,7 +46,7 @@
#define MSG_SOCALLBCK 0x00010000 /* for use by socket callbacks - soreceive (TCP) */
#define MSG_MORETOCOME 0x00100000 /* additional data pending */
-#define MSG_TLSAPPDATA 0x00200000 /* only soreceive() app. data (TLS) */
+#define MSG_TLSAPPDATA 0x00200000 /* do not soreceive() alert rec. (TLS) */
#define CMSG_ALIGN(n) _ALIGN(n)
More information about the vc
mailing list