Split the record protection from the TLSv1.2 record layer. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2021-01-12 17:47:20 +0000
committer	jsing <>	2021-01-12 17:47:20 +0000
commit	a9864af3fa4190508eeeffa233186b78e71a546e (patch)
tree	474ed0fd24f30e1b31ec20e307711f01b1e54444 /src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c
parent	3da30c9a9770c0ad6b44c01265d934e1863c8222 (diff)
download	openbsd-a9864af3fa4190508eeeffa233186b78e71a546e.tar.gz openbsd-a9864af3fa4190508eeeffa233186b78e71a546e.tar.bz2 openbsd-a9864af3fa4190508eeeffa233186b78e71a546e.zip

Split the record protection from the TLSv1.2 record layer.

When changing cipher state, DTLS requires that the previous write protection state remain available so that messages can be retransmitted. Currently, this is done by DTLS saving and restoring various pointers, along with special casing to not free the cipher and hash where it would normally be freed for TLS (and requiring DTLS to free things at the appropriate times). This can be handled in a much cleaner manner by splitting the record protection from the record layer. This allows for the previous write state to be retained and restored by swapping a single pointer. Additionally, it also results in more readable and manageable code. This diff simply splits the record protection from the record layer - future changes will add support for maintaining and switching between write states. ok inoguchi@ tb@

Diffstat (limited to 'src/regress/lib/libssl/unit/ssl_get_shared_ciphers.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: