When KTLS is enabled, multiple client's handshake will lead to unexpected eof while reading and data corrupt(possible memory leak).
Tested OpenSSL version: master, 3.0.0-alpha1
Kernel version: 5.4.43-1-MANJARO
Reproduce step(using docker):
You will see like this
Tested OpenSSL version: master, 3.0.0-alpha1
Kernel version: 5.4.43-1-MANJARO
Reproduce step(using docker):
sudo modprobe tls
git clone https://github.com/openssl/openssl.git
sudo docker run -it -v $(pwd)/openssl:/openssl archlinux
# [In docker]
pacman -Sy make gcc vim
cd openssl
./config enable-ktls
make build_sw -j4
pacman -Rdd openssl
make install_sw
cd /
vim server.cpp
# https://paste.ubuntu.com/p/fyhr6dDR7G/
vim client.cpp
# https://paste.ubuntu.com/p/P2DjwWhTkf/
vim server.pem
# https://paste.ubuntu.com/p/QttnVGsVSm/
vim serverkey.pem
# https://paste.ubuntu.com/p/g6QR84wSfw/
g++ -c -o client.o client.cpp
g++ -o client client.o -lssl -lcrypto
g++ -c -o server.o server.cpp
g++ -o server server.o -lssl -lcrypto
export LD_LIBRARY_PATH=/usr/local/lib
./server &
./client
You will see like this
FP
Vtest test
test
test
Mljtest test
test
test
test
test
test
test
Error creating SSL connection. err=ffffffff
error:14000126:SSL routines::unexpected eof while reading
When OpenSSL is compiled without ktls, the client will print test infinitely, but when enable ktls, some data are corrupted and sometimes result in unexpected eof while reading.
Even when you remove SSL_write(ssl, reply, strlen(reply)); in server and RecvPacket(); in client, it will also result in unexpected eof while reading so I think there is something wrong with handshake procedure when ktls is enabled, maybe memory leak or UAF.
Even when you remove SSL_write(ssl, reply, strlen(reply)); in server and RecvPacket(); in client, it will also result in unexpected eof while reading so I think there is something wrong with handshake procedure when ktls is enabled, maybe memory leak or UAF.
