git: 4827bf76bce8 - main - ktls: Fix assertion for TLS 1.0 CBC when using non-zero starting seqno.
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 27 Oct 2021 23:36:28 UTC
The branch main has been updated by jhb:
URL: https://cgit.FreeBSD.org/src/commit/?id=4827bf76bce8814b9d9a0d883467a3d2366e59a2
commit 4827bf76bce8814b9d9a0d883467a3d2366e59a2
Author: John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2021-10-27 23:35:56 +0000
Commit: John Baldwin <jhb@FreeBSD.org>
CommitDate: 2021-10-27 23:35:56 +0000
ktls: Fix assertion for TLS 1.0 CBC when using non-zero starting seqno.
The starting sequence number used to verify that TLS 1.0 CBC records
are encrypted in-order in the OCF layer was always set to 0 and not to
the initial sequence number from the struct tls_enable.
In practice, OpenSSL always starts TLS transmit offload with a
sequence number of zero, so this only matters for tests that use a
random starting sequence number.
Reviewed by: markj
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D32676
---
sys/opencrypto/ktls_ocf.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/sys/opencrypto/ktls_ocf.c b/sys/opencrypto/ktls_ocf.c
index 0753f4bafb1a..0096b4189533 100644
--- a/sys/opencrypto/ktls_ocf.c
+++ b/sys/opencrypto/ktls_ocf.c
@@ -761,6 +761,9 @@ ktls_ocf_try(struct socket *so, struct ktls_session *tls, int direction)
if (tls->params.tls_vminor == TLS_MINOR_VER_ZERO) {
os->implicit_iv = true;
memcpy(os->iv, tls->params.iv, AES_BLOCK_LEN);
+#ifdef INVARIANTS
+ os->next_seqno = tls->next_seqno;
+#endif
}
}