diff options
author | Ofer Heifetz <oferh@marvell.com> | 2023-02-02 06:57:26 -0800 |
---|---|---|
committer | Florin Coras <florin.coras@gmail.com> | 2023-02-02 18:36:29 +0000 |
commit | 905ec8797790380e134714e15ff3341eeeabb05e (patch) | |
tree | a9d388e1990bd88fe8b457e6f58a54f0c66b90ae /src/vnet/ip/ip4_punt_drop.c | |
parent | 9b02f72fedfdce4dbd64539cb41870347eb67d1d (diff) |
tls: openssl: fix SSL_read partial read scenario
When application performs SSL_read from the app rx-fifo, it can
pre-allocate multiple segments, but there is an issue if the OpenSSL
manages to partially fill in the first segment, in this case, since
data is assumed to be copied over by OpenSSL to the pre-allocated
segments(s), vpp uses svm_fifo_enqueue_nocopy API which performs
zero copy by passing the pre-allocated segment to SSL_read.
If the decrypted data size is smaller than the pre-allocated fifo
segment buffer size, application will fetch buffers including zero
in the area not filled in by SSL_read.
Type: fix
Signed-off-by: Ofer Heifetz <oferh@marvell.com>
Change-Id: I941a89b17d567d86e5bd2c35785f1df043c33f38
Diffstat (limited to 'src/vnet/ip/ip4_punt_drop.c')
0 files changed, 0 insertions, 0 deletions