Fix a record layer mem leak

Make sure we free the record layer before we free the connection BIOs

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <le

Fix a record layer mem leak

Make sure we free the record layer before we free the connection BIOs

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

Restructure the write code

Move the multiblock code into a separate file and introduce the usage of
record_functions_st for some write functions.

Reviewed-by: Hugo Landau <hland

Restructure the write code

Move the multiblock code into a separate file and introduce the usage of
record_functions_st for some write functions.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

Remove some outstanding TODOs

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1

Remove some outstanding TODOs

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

Ensure that prefix records use a small buffer

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openss

Ensure that prefix records use a small buffer

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

Move the pipelining code into the record layer

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/opens

Move the pipelining code into the record layer

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

Resove some outstanding TODOs

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1

Resove some outstanding TODOs

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

Re-enable the multiblock code and move it into the record layer

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https:/

Re-enable the multiblock code and move it into the record layer

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

Make sure we call get_max_records() in the record layer code

We use the returned data to decide how to split the data we want to write
into records.

Reviewed-by: Hugo Landau <hl

Make sure we call get_max_records() in the record layer code

We use the returned data to decide how to split the data we want to write
into records.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

Convert the write record layer to supply proper return values

This also means we can convert SSLfatal calls to RLAYERfatal

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewe

Convert the write record layer to supply proper return values

This also means we can convert SSLfatal calls to RLAYERfatal

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

Remove some miscellaneous references to SSL_CONNECTION

There were a small number of references to the SSL_CONNECTION that can
be removed easily and replaced with record layer equivalents

Remove some miscellaneous references to SSL_CONNECTION

There were a small number of references to the SSL_CONNECTION that can
be removed easily and replaced with record layer equivalents.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

Move the record block_padding capability fully into the record layer

Previously we were referencing the block_padding value through the
SSL_CONNECTION. Now it is held within OSSL_RECORD_

Move the record block_padding capability fully into the record layer

Previously we were referencing the block_padding value through the
SSL_CONNECTION. Now it is held within OSSL_RECORD_LAYER.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

Move the record padding callback fully into the record layer

We wrap the callback and pass it to the record layer via the dispatch
array, in order to avoid accessing it directly via SSL_

Move the record padding callback fully into the record layer

We wrap the callback and pass it to the record layer via the dispatch
array, in order to avoid accessing it directly via SSL_CONNECTION.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

Remove use of SSL_CONNECTION_TREAT_AS_TLS13() from the record layer

In all cases we should be able to replace this with a simple check
against rl->version.

Reviewed-by: Hugo Lan

Remove use of SSL_CONNECTION_TREAT_AS_TLS13() from the record layer

In all cases we should be able to replace this with a simple check
against rl->version.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

Move need_empty_fragments inside the record layer

This flag can now be managed entirely by the new record layer code so we
move it into ossl_record_layer_st.

Reviewed-by: Hugo L

Move need_empty_fragments inside the record layer

This flag can now be managed entirely by the new record layer code so we
move it into ossl_record_layer_st.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

Remove empty_fragment_done

Now that we are no longer recursively addinng the prefix record this
doesn't seem necessary any more. We always add it every time we do
tls_write_records.

Remove empty_fragment_done

Now that we are no longer recursively addinng the prefix record this
doesn't seem necessary any more. We always add it every time we do
tls_write_records.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

Move logic for figuring out the record version out of record layer

This calculation is based on lots of information from state machine and
elsewhere that the record layer cannot access.

Move logic for figuring out the record version out of record layer

This calculation is based on lots of information from state machine and
elsewhere that the record layer cannot access. In reality it is sufficient
to simply tell the record layer what version to use.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

Move numwpipes in the write record layer

We retain a numwpipes for now in the old record layer structure for use
by DTLS. This will eventually be removed when DTLS moves over to the new

Move numwpipes in the write record layer

We retain a numwpipes for now in the old record layer structure for use
by DTLS. This will eventually be removed when DTLS moves over to the new
way of doing things.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

Move write buffer management into the write record layer

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github

Move write buffer management into the write record layer

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

Replace references to s->wbio with rl->bio

We use the record layer reference to the BIO rather than the SSL object
reference. This removes an unneeded SSL object usage.

Reviewed

Replace references to s->wbio with rl->bio

We use the record layer reference to the BIO rather than the SSL object
reference. This removes an unneeded SSL object usage.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

Use the record layer msg_callback not the SSL object msg_callback

This removes unnecessary usage of the SSL object from the record layer.

Reviewed-by: Hugo Landau <hlandau@openssl.o

Use the record layer msg_callback not the SSL object msg_callback

This removes unnecessary usage of the SSL object from the record layer.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

Move checking for alerts to dispatch out of the record layer

This isn't a record layer responsibility so should be removed from
write_records.

Reviewed-by: Hugo Landau <hlandau@

Move checking for alerts to dispatch out of the record layer

This isn't a record layer responsibility so should be removed from
write_records.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

Create the write record layer method and object and use it

Make sure we set the write record layer method and create the object
where appropriate. Move the newly restructured writing cod

Create the write record layer method and object and use it

Make sure we set the write record layer method and create the object
where appropriate. Move the newly restructured writing code into the
record layer object.

For now we are cheating and still accessing the underlying SSL_CONNECTION
object. This will be removed in subsequent commits.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

Move initial TLS write record layer code into new structure

The new write record layer architecture splits record writing into
a "write_records" call and a "retry_write_records" call - w

Move initial TLS write record layer code into new structure

The new write record layer architecture splits record writing into
a "write_records" call and a "retry_write_records" call - where multiple
records can be sent to "write_records" in one go. We restructure the code
into that format in order that future commits can move these functions into
the new record layer more easily.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19198)

show more ...

test: Fix memory leak of asynctest

ASYNC_init_thread() will be called automatically by ASYNC_start_job(),
so ASYNC_cleanup_thread() must be called at last, otherwise it will
cause me

test: Fix memory leak of asynctest

ASYNC_init_thread() will be called automatically by ASYNC_start_job(),
so ASYNC_cleanup_thread() must be called at last, otherwise it will
cause memory leak.

Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16703)

show more ...

Maximum return value of BIO_ctrl_(w)pending is SIZE_MAX

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@open

Maximum return value of BIO_ctrl_(w)pending is SIZE_MAX

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19240)

show more ...