[PROTON-2586] TLS OpenSSL library: incomplete decryption/encryption of staged buffers - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: proton-c-0.37.0
Fix Version/s: proton-c-0.38.0
Component/s: proton-c
Labels:
None

Description

OpenSSL processes TLS records one at time. It does its conversion work in buffers just larger than a maximum sized TLS record (16K). When processing large sized input and output buffers in a single pn_tls_process() call, the Proton TLS library has to loop inserting unprocessed data into the small OpenSSL buffer and extract the encrypted/decrypted data into the output buffer and free space for the next iteration. The code currently can exit the loop prematurely.

Attachments

Activity

People

Assignee:: Clifford Jansen

Reporter:: Clifford Jansen

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 03/Aug/22 05:54

Updated:: 11/Nov/22 14:37

Resolved:: 01/Nov/22 06:08