Add support for moving data from one epoch to the next

Sometimes data read by a record layer in one epoch is actually intended for the next epoch. For example in a TLS with read_ahead, the read_ahead data could contain a KeyUpdate message followed by application data encrypted with new keys. Therefore we implement a mechanism for passing this data across the epochs. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
author: Matt Caswell <matt@openssl.org> 2022-05-17 16:16:40 +0100
committer: Matt Caswell <matt@openssl.org> 2022-08-18 16:38:12 +0100
commit: 359affdead3af497f1673204c5c34061d28dfa7b (patch)
tree: fd1e0a8e72431305421949c308aca51879c7dbaa /ssl/ssl_local.h
parent: f7565348c22785f69239883feb1f3c91d1cfd675 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h
index 90fb9516ab..b4920a1c12 100644
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@@ -1771,7 +1771,8 @@ struct ssl_connection_st {
     const OSSL_RECORD_METHOD *rrlmethod;
     /* The read direction record layer */
     OSSL_RECORD_LAYER *rrl;
-
+    /* BIO to store data destined for the next record layer epoch */
+    BIO *rrlnext;
 
     /* Default password callback. */
     pem_password_cb *default_passwd_callback;
author	Matt Caswell <matt@openssl.org>	2022-05-17 16:16:40 +0100
committer	Matt Caswell <matt@openssl.org>	2022-08-18 16:38:12 +0100
commit	359affdead3af497f1673204c5c34061d28dfa7b (patch)
tree	fd1e0a8e72431305421949c308aca51879c7dbaa /ssl/ssl_local.h
parent	f7565348c22785f69239883feb1f3c91d1cfd675 (diff)