wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/ssl
History
Matt Caswell 6c2f347c78 Defer sending a KeyUpdate until after pending writes are complete 
If we receive a KeyUpdate message (update requested) from the peer while
we are in the middle of a write, we should defer sending the responding
KeyUpdate message until after the current write is complete. We do this
by waiting to send the KeyUpdate until the next time we write and there is
no pending write data.

This does imply a subtle change in behaviour. Firstly the responding
KeyUpdate message won't be sent straight away as it is now. Secondly if
the peer sends multiple KeyUpdates without us doing any writing then we
will only send one response, as opposed to previously where we sent a
response for each KeyUpdate received.

Fixes #8677

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/8773)

(cherry picked from commit feb9e31c40)
2019-06-03 11:57:31 +01:00
..
record Defer sending a KeyUpdate until after pending writes are complete 2019-06-03 11:57:31 +01:00
statem Defer sending a KeyUpdate until after pending writes are complete 2019-06-03 11:57:31 +01:00
bio_ssl.c Add comments to NULL func ptrs in bio_method_st 2017-12-18 07:04:48 +10:00
build.info
d1_lib.c Update copyright year 2018-11-20 13:27:36 +00:00
d1_msg.c issue-8998: Ensure that the alert is generated and reaches the remote 2019-05-30 11:37:42 +01:00
d1_srtp.c
methods.c Drop support for OPENSSL_NO_TLS1_3_METHOD 2017-06-30 09:41:46 +01:00
packet.c Update copyright year 2018-04-17 15:18:40 +02:00
packet_locl.h Update copyright year 2018-09-11 13:45:17 +01:00
pqueue.c Use void in all function definitions that do not take any arguments 2018-05-11 14:37:48 +02:00
s3_cbc.c Update copyright year 2018-11-20 13:27:36 +00:00
s3_enc.c Update copyright year 2019-02-26 14:05:09 +00:00
s3_lib.c Fix wrong return value in ssl3_ctx_ctrl 2018-11-22 01:05:43 +08:00
s3_msg.c Update copyright year 2018-02-13 13:59:25 +00:00
ssl_asn1.c Don't use OPENSSL_strdup() for copying alpn_selected 2018-06-21 11:07:45 +01:00
ssl_cert.c Separate ca_names handling for client and server 2018-11-12 14:38:47 +00:00
ssl_cert_table.h Update copyright year 2018-03-20 13:08:46 +00:00
ssl_ciph.c Update copyright year 2019-02-26 14:05:09 +00:00
ssl_conf.c Add the ability to configure anti-replay via SSL_CONF 2018-07-02 15:06:12 +01:00
ssl_err.c Don't interleave handshake and other record types in TLSv1.3 2019-02-19 09:37:29 +00:00
ssl_init.c Update copyright year 2019-02-26 14:05:09 +00:00
ssl_lib.c Change SSL parameter SSL_session_reused const 2019-05-21 09:59:40 +10:00
ssl_locl.h Fix typos 2019-04-10 13:24:14 +02:00
ssl_mcnf.c Move the loading of the ssl_conf module to libcrypto 2018-04-05 15:30:12 +01:00
ssl_rsa.c Update copyright year 2018-03-20 13:08:46 +00:00
ssl_sess.c ssl/*: switch to switch to Thread-Sanitizer-friendly primitives. 2018-08-07 09:08:23 +02:00
ssl_stat.c Merge HRR into ServerHello 2017-12-14 15:06:37 +00:00
ssl_txt.c Address coverity-reported NULL dereference in SSL_SESSION_print() 2018-07-01 18:20:11 -05:00
ssl_utst.c
t1_enc.c Update copyright year 2019-02-26 14:05:09 +00:00
t1_lib.c Honour mandatory digest on private key in has_usable_cert() 2018-11-24 08:49:32 +02:00
t1_trce.c Fix ssl/t1_trce.c to parse certificate chains 2018-09-01 08:58:42 +08:00
tls13_enc.c Update copyright year 2019-02-26 14:05:09 +00:00
tls_srp.c Use the private RNG for data that is not public 2018-04-02 22:22:43 +02:00