diff options
| author | Matt Caswell <matt@openssl.org> | 2021-04-07 16:53:28 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2021-04-12 11:32:05 +0100 |
| commit | a3a54179b6754fbed6d88e434baac710a83aaf80 (patch) | |
| tree | 91364237de70c506616c3c92dabf0f5cf9267147 /ssl/tls13_enc.c | |
| parent | 4ec4b063e0d4cc3d58c709e309b1ec5a9aea3379 (diff) | |
Only enable KTLS if it is explicitly configured
It has always been the case that KTLS is not compiled by default. However
if it is compiled then it was automatically used unless specifically
configured not to. This is problematic because it avoids any crypto
implementations from providers. A user who configures all crypto to use
the FIPS provider may unexpectedly find that TLS related crypto is actually
being performed outside of the FIPS boundary.
Instead we change KTLS so that it is disabled by default.
We also swap to using a single "option" (i.e. SSL_OP_ENABLE_KTLS) rather
than two separate "modes", (i.e. SSL_MODE_NO_KTLS_RX and
SSL_MODE_NO_KTLS_TX).
Fixes #13794
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14799)
Diffstat (limited to 'ssl/tls13_enc.c')
| -rw-r--r-- | ssl/tls13_enc.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index d48f305b01..f88d59948d 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -751,8 +751,9 @@ int tls13_change_cipher_state(SSL *s, int which) s->statem.enc_write_state = ENC_WRITE_STATE_VALID; #ifndef OPENSSL_NO_KTLS # if defined(OPENSSL_KTLS_TLS13) - if (!(which & SSL3_CC_WRITE) || !(which & SSL3_CC_APPLICATION) - || ((which & SSL3_CC_WRITE) && (s->mode & SSL_MODE_NO_KTLS_TX))) + if (!(which & SSL3_CC_WRITE) + || !(which & SSL3_CC_APPLICATION) + || (s->options & SSL_OP_ENABLE_KTLS) == 0) goto skip_ktls; /* ktls supports only the maximum fragment size */ |