OpenSSL: KTLS: Enable KTLS for receiving as well in TLS 1.3

This removes a guard condition that prevents KTLS being enabled for receiving in TLS 1.3. Use the correct sequence number and BIO for receive vs transmit offload. Approved by: jkim Obtained from: OpenSSL commit 7c78932b9a4330fb7c8db72b3fb37cbff1401f8b MFC after: 1 week Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D34976
2024-07-21 10:19:04 +00:00 · 2022-05-04 13:08:36 -07:00 · 2022-05-04 13:08:36 -07:00 · 913616b885
parent c0f977bfb6
commit 913616b885
1 changed files with 21 additions and 11 deletions
--- a/crypto/openssl/ssl/tls13_enc.c
+++ b/crypto/openssl/ssl/tls13_enc.c
@ -471,6 +471,7 @@ int tls13_change_cipher_state(SSL *s, int which)
    const EVP_CIPHER *cipher = NULL;
 #if !defined(OPENSSL_NO_KTLS) && defined(OPENSSL_KTLS_TLS13)
    ktls_crypto_info_t crypto_info;
+    void *rl_sequence;
    BIO *bio;
 #endif

@ -724,8 +725,7 @@ int tls13_change_cipher_state(SSL *s, int which)
        s->statem.enc_write_state = ENC_WRITE_STATE_VALID;
 #ifndef OPENSSL_NO_KTLS
 # if defined(OPENSSL_KTLS_TLS13)
-    if (!(which & SSL3_CC_WRITE)
-            || !(which & SSL3_CC_APPLICATION)
+    if (!(which & SSL3_CC_APPLICATION)
            || (s->options & SSL_OP_ENABLE_KTLS) == 0)
        goto skip_ktls;

@ -741,7 +741,10 @@ int tls13_change_cipher_state(SSL *s, int which)
    if (!ktls_check_supported_cipher(s, cipher, ciph_ctx))
        goto skip_ktls;

-    bio = s->wbio;
+    if (which & SSL3_CC_WRITE)
+        bio = s->wbio;
+    else
+        bio = s->rbio;

    if (!ossl_assert(bio != NULL)) {
        SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS13_CHANGE_CIPHER_STATE,
@ -750,19 +753,26 @@ int tls13_change_cipher_state(SSL *s, int which)
    }

    /* All future data will get encrypted by ktls. Flush the BIO or skip ktls */
-    if (BIO_flush(bio) <= 0)
-        goto skip_ktls;
+    if (which & SSL3_CC_WRITE) {
+        if (BIO_flush(bio) <= 0)
+            goto skip_ktls;
+    }

    /* configure kernel crypto structure */
-    if (!ktls_configure_crypto(s, cipher, ciph_ctx,
-                               RECORD_LAYER_get_write_sequence(&s->rlayer),
-                               &crypto_info, which & SSL3_CC_WRITE, iv, key,
-                               NULL, 0))
+    if (which & SSL3_CC_WRITE)
+        rl_sequence = RECORD_LAYER_get_write_sequence(&s->rlayer);
+    else
+        rl_sequence = RECORD_LAYER_get_read_sequence(&s->rlayer);
+
+    if (!ktls_configure_crypto(s, cipher, ciph_ctx, rl_sequence, &crypto_info,
+                               which & SSL3_CC_WRITE, iv, key, NULL, 0))
        goto skip_ktls;

    /* ktls works with user provided buffers directly */
-    if (BIO_set_ktls(bio, &crypto_info, which & SSL3_CC_WRITE))
-        ssl3_release_write_buffer(s);
+    if (BIO_set_ktls(bio, &crypto_info, which & SSL3_CC_WRITE)) {
+        if (which & SSL3_CC_WRITE)
+            ssl3_release_write_buffer(s);
+    }
 skip_ktls:
 # endif
 #endif