New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix BIO_get_ktls_send/recv to return 0 or 1 only #18178
Conversation
# define BIO_get_ktls_recv(b) \ | ||
BIO_ctrl(b, BIO_CTRL_GET_KTLS_RECV, 0, NULL) | ||
(BIO_ctrl(b, BIO_CTRL_GET_KTLS_RECV, 0, NULL) > 0) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is actually slightly problematic. This changes the meaning of a public macro. Applications compiled against old headers may behave incorrectly even if they are linked against an up-to-date and fully patched library.
I'm not sure how we should handle that.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IMO we can add documentation of that. The change is backwards compatible itself. I.e., if the app handles -1 return it won't be broken by this change.
doc/man3/BIO_ctrl.pod
Outdated
@@ -167,7 +167,7 @@ the case of BIO_seek() on a file BIO for a successful operation. | |||
=head1 HISTORY | |||
|
|||
The BIO_get_ktls_send() and BIO_get_ktls_recv() macros were added in | |||
OpenSSL 3.0. | |||
OpenSSL 3.0. They were modified to never return -1 in OpenSSL 3.0.3. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
3.0.3 in already out without this, so I think it will be 3.0.4
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point! Thanks for the heads up. I'll update the PR.
@mattcaswell assuming still OK. Ping for the second review. |
This pull request is ready to merge |
Merged to master and openssl-3.0 branches. Thank you for the reviews. |
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
Fixes #18176 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from openssl/openssl#18178)
We use it as a boolean everywhere in the code and there is no reason to distinguish between the 0 and -1 return.
Fixes #18176
Checklist