Check record layer callbacks are non-null

The current libssl code always ensures that the callbacks are non-null.
However, the record layer itself wasn't checkthing this. We ensure it do

Check record layer callbacks are non-null

The current libssl code always ensures that the callbacks are non-null.
However, the record layer itself wasn't checkthing this. We ensure it does.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Formatting cleanups

Some minor formatting cleanups and other minor tweaks.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged

Formatting cleanups

Some minor formatting cleanups and other minor tweaks.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Remove redefinition of macros

Some macros were redefined in ssl3_cbc.c. We remove the redefinitions

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas

Remove redefinition of macros

Some macros were redefined in ssl3_cbc.c. We remove the redefinitions

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Remove redefinition of SSL_AD_NO_ALERT

The SSL_AD_NO_ALERT value was defined in two places. We centralise its
definition.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Revi

Remove redefinition of SSL_AD_NO_ALERT

The SSL_AD_NO_ALERT value was defined in two places. We centralise its
definition.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Ensure the rrl object is set to NULL after it is freed

Once we free the rrl object we should NULL it to prevent a dangling ref
to it. Otherwise we could get a double free.

Revie

Ensure the rrl object is set to NULL after it is freed

Once we free the rrl object we should NULL it to prevent a dangling ref
to it. Otherwise we could get a double free.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Rename some functions to be more consistent

Some functions in the record layer were called rlayer_*, but most were
called tls_*. We standardise on the latter.

Reviewed-by: Hugo

Rename some functions to be more consistent

Some functions in the record layer were called rlayer_*, but most were
called tls_*. We standardise on the latter.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Rename DTLS1_BITMAP to DTLS_BITMAP

The 1 in DTLS1 is confusing and is removed. We also tweak the structure
to always be able to track 64 packets regardless of whether we are on a
32

Rename DTLS1_BITMAP to DTLS_BITMAP

The 1 in DTLS1 is confusing and is removed. We also tweak the structure
to always be able to track 64 packets regardless of whether we are on a
32 bit or 64 bit system.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Remove ssl/record/README.md

This file contains design details for the old record layer and is no
longer relevant for the new design.

Reviewed-by: Hugo Landau <hlandau@openssl.or

Remove ssl/record/README.md

This file contains design details for the old record layer and is no
longer relevant for the new design.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Standardise type for epoch

The value for epoch was being represented internally via various types:
uint16_t, unsigned short, unsigned int, unsigned long

We standardise on uint16

Standardise type for epoch

The value for epoch was being represented internally via various types:
uint16_t, unsigned short, unsigned int, unsigned long

We standardise on uint16_t

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Remove the SSL3_RECORD read field

The read field is no longer used and can be safely removed.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@opens

Remove the SSL3_RECORD read field

The read field is no longer used and can be safely removed.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Add a CHANGES.md entry for the record layer changes

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl

Add a CHANGES.md entry for the record layer changes

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Clean up some SCTP releated issues

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/181

Clean up some SCTP releated issues

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Ensure various record layer options can be updated

We would like the capability for the options/mode/read_ahead settings
to be updateable after the record layer object has been instantia

Ensure various record layer options can be updated

We would like the capability for the options/mode/read_ahead settings
to be updateable after the record layer object has been instantiated.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Remove some redundant code

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

Update the tls13encryptiontest for new read record layer

The tls13encryption is an internal test that reaches inside libssl
to test encryption/decryption of records. It needs to be amend

Update the tls13encryptiontest for new read record layer

The tls13encryption is an internal test that reaches inside libssl
to test encryption/decryption of records. It needs to be amended for the
new code structure so that it is testing the equivalent things as before.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Implement a human readable state function for the record layer

This allows querying of the record layer to get a human readable state
string out. This resolves two outstanding TODO comme

Implement a human readable state function for the record layer

This allows querying of the record layer to get a human readable state
string out. This resolves two outstanding TODO comments and enables us
to remove the rstate variable from s->rlayer.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Correct some formatting errors in tls1_meth.c

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/opens

Correct some formatting errors in tls1_meth.c

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Move SSL_MODE_RELEASE_BUFFERS into the read record layer

This resolves an outstanding "TODO" item.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@

Move SSL_MODE_RELEASE_BUFFERS into the read record layer

This resolves an outstanding "TODO" item.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Remove a redundant TODO

If read_ahead data is left over when a record layer closes down, there is
already code present to push into the "next" BIO. So the TODO removed here
is no lon

Remove a redundant TODO

If read_ahead data is left over when a record layer closes down, there is
already code present to push into the "next" BIO. So the TODO removed here
is no longer relevant.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Cleanse the SSLv3 MAC secret when we clean up the read record layer

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://gi

Cleanse the SSLv3 MAC secret when we clean up the read record layer

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Move some fields out of the SSL object and into the record layer object

Fields such as rrlmethod and rrl are entirely related to the record layer,
and so should be in that object.

Move some fields out of the SSL object and into the record layer object

Fields such as rrlmethod and rrl are entirely related to the record layer,
and so should be in that object.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Remove an unnecessary setup of the read buffer

Now everything has been moved to the record layer the additional check
for setting up the read buffer is not needed and can be removed.

Remove an unnecessary setup of the read buffer

Now everything has been moved to the record layer the additional check
for setting up the read buffer is not needed and can be removed.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Clear away some unused fields and cruft in the record layer

Now that the read record layer has moved to the new architecture we can
clear some of the old stuff away.

Reviewed-by

Clear away some unused fields and cruft in the record layer

Now that the read record layer has moved to the new architecture we can
clear some of the old stuff away.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Remove some references to rlayer.rstate

This also fixes ssl3_pending while we are at it

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org

Remove some references to rlayer.rstate

This also fixes ssl3_pending while we are at it

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...

Ensure we use a dgram mem BIO for the DTLS record layer

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/ope

Ensure we use a dgram mem BIO for the DTLS record layer

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

show more ...