[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Y9Bbz60sAwkmrsrt@hog>
Date: Tue, 24 Jan 2023 23:29:35 +0100
From: Sabrina Dubroca <sd@...asysnail.net>
To: Marcel Holtmann <marcel@...tmann.org>
Cc: Ilya Lesokhin <ilyal@...lanox.com>,
Dave Watson <davejwatson@...com>, netdev@...r.kernel.org
Subject: Re: Setting TLS_RX and TLS_TX crypto info more than once?
Hi Marcel,
2023-01-24, 18:48:56 +0100, Marcel Holtmann wrote:
> Hi Ilya,
>
> in commit 196c31b4b5447 you limited setsockopt for TLS_RX and TLS_TX
> crypto info to just one time.
Looking at commit 196c31b4b5447, that check was already there, it only
got moved.
>
> + crypto_info = &ctx->crypto_send;
> + /* Currently we don't support set crypto info more than one time */
> + if (TLS_CRYPTO_INFO_READY(crypto_info))
> + goto out;
>
> This is a bit unfortunate for TLS 1.3 where the majority of the TLS
> handshake is actually encrypted with handshake traffic secrets and
> only after a successful handshake, the application traffic secrets
> are applied.
>
> I am hitting this issue since I am just sending ClientHello and only
> reading ServerHello and then switching on TLS_RX right away to receive
> the rest of the handshake via TLS_GET_RECORD_TYPE. This works pretty
> nicely in my code.
>
> Since this limitation wasn’t there in the first place, can we get it
> removed again and allow setting the crypto info more than once? At
> least updating the key material (the cipher obviously has to match).
>
> I think this is also needed when having to do any re-keying since I
> have seen patches for that, but it seems they never got applied.
The patches are still under discussion (I only posted them a week ago
so "never got applied" seems a bit harsh):
https://lore.kernel.org/all/cover.1673952268.git.sd@queasysnail.net/T/#u
--
Sabrina
Powered by blists - more mailing lists