Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ssl: Make sure handshake messages are handled correctly during versio… #6037

Conversation

IngelaAndin
Copy link
Contributor

…n negotiation

Handshake messages MAY be coalesced into a single TLSPlaintext record
or fragmented across several records. There are also stricter conditions
that must be met for TLS-1.3 "see RFC 8446 section 5.1. Record Layer"

This means that when supporting both TLS-1.2 and TLS-1.3 as a client we need to
make sure that only the server hello message is handled initially so that
possible coalesced TLS-1.2 handshake messages will be handled by TLS-1.2 code
when the negotiated version has been established.

Closes #5961

@IngelaAndin IngelaAndin added team:PS Assigned to OTP team PS testing currently being tested, tag is used by OTP internal CI labels May 31, 2022
lib/ssl/src/tls_gen_connection.erl Outdated Show resolved Hide resolved
lib/ssl/src/tls_gen_connection.erl Outdated Show resolved Hide resolved
…n negotiation

Handshake messages MAY be coalesced into a single TLSPlaintext record
or fragmented across several records. There are also stricter conditions
that must be met for TLS-1.3 "see RFC 8446 section 5.1.  Record Layer"

This means that when supporting both TLS-1.2 and TLS-1.3 as a client we need to
make sure that only the server hello message is handled initially so that
possible coalesced TLS-1.2 handshake messages will be handled by TLS-1.2 code
when the negotiated version has been established.

Closes erlang#5961
@IngelaAndin IngelaAndin force-pushed the ingela/ssl/tls-record-handling/GH-5961/OTP-18087 branch from f696264 to 3192d81 Compare June 1, 2022 08:00
@github-actions
Copy link
Contributor

github-actions bot commented Jun 1, 2022

CT Test Results

       2 files       64 suites   44m 28s ⏱️
   710 tests    632 ✔️   78 💤 0
3 431 runs  2 651 ✔️ 780 💤 0

Results for commit 85c88e8.

♻️ This comment has been updated with latest results.

To speed up review, make sure that you have read Contributing to Erlang/OTP and that all checks pass.

See the TESTING and DEVELOPMENT HowTo guides for details about how to run test locally.

Artifacts

// Erlang/OTP Github Action Bot

@IngelaAndin
Copy link
Contributor Author

@KennethL I made some clarifying changes in the code in my new version of the PR.

@IngelaAndin IngelaAndin self-assigned this Jun 1, 2022
@IngelaAndin
Copy link
Contributor Author

I merged my local branch containing this change as I did want to solve the merge conflict via github.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
team:PS Assigned to OTP team PS testing currently being tested, tag is used by OTP internal CI
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants