From owner-dev-commits-src-all@freebsd.org  Tue Feb  9 17:39:47 2021
Return-Path: <owner-dev-commits-src-all@freebsd.org>
Delivered-To: dev-commits-src-all@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 37EF8545D33
 for <dev-commits-src-all@mailman.nyi.freebsd.org>;
 Tue,  9 Feb 2021 17:39:47 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4DZqsH18wfz3LCr;
 Tue,  9 Feb 2021 17:39:47 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 1B0B76DBD;
 Tue,  9 Feb 2021 17:39:47 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 119HdlXl018652;
 Tue, 9 Feb 2021 17:39:47 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 119HdkSQ018651;
 Tue, 9 Feb 2021 17:39:46 GMT (envelope-from git)
Date: Tue, 9 Feb 2021 17:39:46 GMT
Message-Id: <202102091739.119HdkSQ018651@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org
From: John Baldwin <jhb@FreeBSD.org>
Subject: git: f69cd089ccf4 - releng/13.0 - serf: Fix the default return value
 of the BIO control method.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: jhb
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/13.0
X-Git-Reftype: branch
X-Git-Commit: f69cd089ccf4bf6afbb61fe84e1df2af2b037ec4
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-all@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commit messages for all branches of the src repository
 <dev-commits-src-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-all>, 
 <mailto:dev-commits-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-all/>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Help: <mailto:dev-commits-src-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all>, 
 <mailto:dev-commits-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Feb 2021 17:39:47 -0000

The branch releng/13.0 has been updated by jhb:

URL: https://cgit.FreeBSD.org/src/commit/?id=f69cd089ccf4bf6afbb61fe84e1df2af2b037ec4

commit f69cd089ccf4bf6afbb61fe84e1df2af2b037ec4
Author:     John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2021-02-03 22:59:32 +0000
Commit:     John Baldwin <jhb@FreeBSD.org>
CommitDate: 2021-02-09 17:35:21 +0000

    serf: Fix the default return value of the BIO control method.
    
    OpenSSL BIO classes provide an abstraction for dealing with I/O.
    OpenSSL provides BIO classes for commonly used I/O primitives backed
    by file descriptors, sockets, etc. as well as permitting consumers
    of OpenSSL to define custom BIO classes.
    
    One of the methods BIO classes implement is a control method invoked
    by BIO_ctrl() for various ancilliary tasks somewhat analgous to
    fcntl() and ioctl() on file descriptors.  According to the BIO_ctrl(3)
    manual page, control methods should return 0 for unknown control
    requests.
    
    KTLS support in OpenSSL adds new control requests.  Two of those new
    requests are queries to determine if KTLS is enabled for either
    reading or writing.  These control reuquest return 1 if KTLS is
    enabled and 0 if it is not.
    
    serf includes two custom BIO classes for wrapping I/O requests from
    files and from a buffer in memory.  These BIO classes both use a
    custom control method.  However, this custom control method was
    returning 1 for unknown or unsupported control requests instead of 0.
    As a result, OpenSSL with KTLS believed that these BIOs were using
    KTLS and were thus adding headers and doing encryption/decryption in
    the BIO.  Correcting the return value removes this confusion.
    
    PR:             253135
    Reported by:    Guido Falsi <mad@madpilot.net>
    Approved by:    re (gjb)
    Sponsored by:   Netflix
    
    (cherry picked from commit cb7cc72c546e0f87598961c3860e17391f42866c)
    (cherry picked from commit b122886de25a51e3587d94ab2988a6ccb1e6a4e7)
---
 contrib/serf/buckets/ssl_buckets.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/contrib/serf/buckets/ssl_buckets.c b/contrib/serf/buckets/ssl_buckets.c
index b01e5359db08..3c8b7e2a685f 100644
--- a/contrib/serf/buckets/ssl_buckets.c
+++ b/contrib/serf/buckets/ssl_buckets.c
@@ -407,7 +407,7 @@ static int bio_bucket_destroy(BIO *bio)
 
 static long bio_bucket_ctrl(BIO *bio, int cmd, long num, void *ptr)
 {
-    long ret = 1;
+    long ret = 0;
 
     switch (cmd) {
     default:
@@ -415,6 +415,7 @@ static long bio_bucket_ctrl(BIO *bio, int cmd, long num, void *ptr)
         break;
     case BIO_CTRL_FLUSH:
         /* At this point we can't force a flush. */
+        ret = 1;
         break;
     case BIO_CTRL_PUSH:
     case BIO_CTRL_POP: