Skip to content

Commit

Permalink
ktls: Fix assertion for TLS 1.0 CBC when using non-zero starting seqno.
Browse files Browse the repository at this point in the history 
The starting sequence number used to verify that TLS 1.0 CBC records
are encrypted in-order in the OCF layer was always set to 0 and not to
the initial sequence number from the struct tls_enable.

In practice, OpenSSL always starts TLS transmit offload with a
sequence number of zero, so this only matters for tests that use a
random starting sequence number.

Reviewed by:	markj
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D32676

(cherry picked from commit 4827bf7)
  • Loading branch information
@bsdjhb
bsdjhb committed Nov 23, 2021
1 parent ba6b771 commit 81b6dba
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions sys/opencrypto/ktls_ocf.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -756,6 +756,9 @@ ktls_ocf_try(struct socket *so, struct ktls_session *tls, int direction)
if (tls->params.tls_vminor == TLS_MINOR_VER_ZERO) {
os->implicit_iv = true;
memcpy(os->iv, tls->params.iv, AES_BLOCK_LEN);
#ifdef INVARIANTS
os->next_seqno = tls->next_seqno;
#endif
}
}
tls->free = ktls_ocf_free;
Expand Down

0 comments on commit 81b6dba

Please sign in to comment.