Date: Tue, 23 Nov 2021 23:12:56 GMT From: John Baldwin <jhb@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: 81b6dba1a08b - stable/13 - ktls: Fix assertion for TLS 1.0 CBC when using non-zero starting seqno. Message-ID: <202111232312.1ANNCu3f037740@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/13 has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=81b6dba1a08b031bdf7463c1704d27ae1e0daa0f commit 81b6dba1a08b031bdf7463c1704d27ae1e0daa0f Author: John Baldwin <jhb@FreeBSD.org> AuthorDate: 2021-10-27 23:35:56 +0000 Commit: John Baldwin <jhb@FreeBSD.org> CommitDate: 2021-11-23 23:11:45 +0000 ktls: Fix assertion for TLS 1.0 CBC when using non-zero starting seqno. The starting sequence number used to verify that TLS 1.0 CBC records are encrypted in-order in the OCF layer was always set to 0 and not to the initial sequence number from the struct tls_enable. In practice, OpenSSL always starts TLS transmit offload with a sequence number of zero, so this only matters for tests that use a random starting sequence number. Reviewed by: markj Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D32676 (cherry picked from commit 4827bf76bce8814b9d9a0d883467a3d2366e59a2) --- sys/opencrypto/ktls_ocf.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sys/opencrypto/ktls_ocf.c b/sys/opencrypto/ktls_ocf.c index 78331b76abd7..71f6339e02ad 100644 --- a/sys/opencrypto/ktls_ocf.c +++ b/sys/opencrypto/ktls_ocf.c @@ -756,6 +756,9 @@ ktls_ocf_try(struct socket *so, struct ktls_session *tls, int direction) if (tls->params.tls_vminor == TLS_MINOR_VER_ZERO) { os->implicit_iv = true; memcpy(os->iv, tls->params.iv, AES_BLOCK_LEN); +#ifdef INVARIANTS + os->next_seqno = tls->next_seqno; +#endif } } tls->free = ktls_ocf_free;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202111232312.1ANNCu3f037740>