[ipxe-devel] [ipxe/ipxe] [tls] Add support for fragmented tls handshake packets (#116)

Omniproc notifications at github.com
Tue Apr 12 13:58:33 UTC 2022

> Time needed to verify correctness of this patch is one possible issue, maybe this could be lessened with proper tests, or at least something that can be used to verify the issue. But this is critical code that and we must be absolute certain does not introduce any new security issues.

Note that there's also https://github.com/chschenk/ipxe/tree/feature/tls_fragmentation_buildoption which add's a build option. By making this code optional and disable that build option by default it at least wouldn't break anything. Regarding security concerns: granted. But we're talking about ~50 lines of code here.

Reply to this email directly or view it on GitHub:
You are receiving this because you commented.

Message ID: <ipxe/ipxe/pull/116/c1096766788 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ipxe.org/pipermail/ipxe-devel/attachments/20220412/03abf282/attachment.htm>

More information about the ipxe-devel mailing list