diff options
author | Matt Caswell <matt@openssl.org> | 2022-05-17 16:16:40 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2022-08-18 16:38:12 +0100 |
commit | 359affdead3af497f1673204c5c34061d28dfa7b (patch) | |
tree | fd1e0a8e72431305421949c308aca51879c7dbaa /ssl/ssl_lib.c | |
parent | f7565348c22785f69239883feb1f3c91d1cfd675 (diff) |
Add support for moving data from one epoch to the next
Sometimes data read by a record layer in one epoch is actually intended for
the next epoch. For example in a TLS with read_ahead, the read_ahead data
could contain a KeyUpdate message followed by application data encrypted
with new keys. Therefore we implement a mechanism for passing this data
across the epochs.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)
Diffstat (limited to 'ssl/ssl_lib.c')
-rw-r--r-- | ssl/ssl_lib.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 9905a188b9..402ae157b5 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -656,6 +656,8 @@ int ossl_ssl_connection_reset(SSL *s) } RECORD_LAYER_clear(&sc->rlayer); + BIO_free(sc->rrlnext); + sc->rrlnext = NULL; /* * TODO(RECLAYER): The record method should probably initialy come from the @@ -1351,6 +1353,10 @@ void ossl_ssl_connection_free(SSL *ssl) if (s == NULL) return; + if (s->rrlmethod != NULL) + s->rrlmethod->free(s->rrl); /* Ignore return value */ + BIO_free(s->rrlnext); + X509_VERIFY_PARAM_free(s->param); dane_final(&s->dane); |