diff options
author | John Baldwin <jhb@FreeBSD.org> | 2020-10-07 14:34:19 -0700 |
---|---|---|
committer | Benjamin Kaduk <kaduk@mit.edu> | 2020-11-28 18:36:15 -0800 |
commit | 410f5bb18908d89e5e35339049adf4070925faec (patch) | |
tree | 44e5a5fe61c978f8790469c72862b6871b3d4793 /ssl/record | |
parent | d27a8e922ba0b5357abf435cca75b5fe133cfe94 (diff) |
Allow zero-byte writes to be reported as success.
When using KTLS, empty fragments sent as a mitigation for known-IV
weakenesses in TLS 1.0 are sent as writes of 0 bytes. The TLS header
and trailer are added to the empty fragment by the kernel.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/13090)
Diffstat (limited to 'ssl/record')
-rw-r--r-- | ssl/record/rec_layer_s3.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index 0d9228c670..9fadeba62d 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -1206,7 +1206,15 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, size_t len, SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_R_BIO_NOT_SET); i = -1; } - if (i > 0 && tmpwrit == SSL3_BUFFER_get_left(&wb[currbuf])) { + + /* + * When an empty fragment is sent on a connection using KTLS, + * it is sent as a write of zero bytes. If this zero byte + * write succeeds, i will be 0 rather than a non-zero value. + * Treat i == 0 as success rather than an error for zero byte + * writes to permit this case. + */ + if (i >= 0 && tmpwrit == SSL3_BUFFER_get_left(&wb[currbuf])) { SSL3_BUFFER_set_left(&wb[currbuf], 0); SSL3_BUFFER_add_offset(&wb[currbuf], tmpwrit); if (currbuf + 1 < s->rlayer.numwpipes) |