Add support for moving data from one epoch to the next

Sometimes data read by a record layer in one epoch is actually intended for the next epoch. For example in a TLS with read_ahead, the read_ahead data could contain a KeyUpdate message followed by application data encrypted with new keys. Therefore we implement a mechanism for passing this data across the epochs. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
author: Matt Caswell <matt@openssl.org> 2022-05-17 16:16:40 +0100
committer: Matt Caswell <matt@openssl.org> 2022-08-18 16:38:12 +0100
commit: 359affdead3af497f1673204c5c34061d28dfa7b (patch)
tree: fd1e0a8e72431305421949c308aca51879c7dbaa /ssl/ssl_lib.c
parent: f7565348c22785f69239883feb1f3c91d1cfd675 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 9905a188b9..402ae157b5 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -656,6 +656,8 @@ int ossl_ssl_connection_reset(SSL *s)
     }
 
     RECORD_LAYER_clear(&sc->rlayer);
+    BIO_free(sc->rrlnext);
+    sc->rrlnext = NULL;
 
     /*
      * TODO(RECLAYER): The record method should probably initialy come from the
@@ -1351,6 +1353,10 @@ void ossl_ssl_connection_free(SSL *ssl)
     if (s == NULL)
         return;
 
+    if (s->rrlmethod != NULL)
+        s->rrlmethod->free(s->rrl); /* Ignore return value */
+    BIO_free(s->rrlnext);
+
     X509_VERIFY_PARAM_free(s->param);
     dane_final(&s->dane);
author	Matt Caswell <matt@openssl.org>	2022-05-17 16:16:40 +0100
committer	Matt Caswell <matt@openssl.org>	2022-08-18 16:38:12 +0100
commit	359affdead3af497f1673204c5c34061d28dfa7b (patch)
tree	fd1e0a8e72431305421949c308aca51879c7dbaa /ssl/ssl_lib.c
parent	f7565348c22785f69239883feb1f3c91d1cfd675 (diff)