Defer sending a KeyUpdate until after pending writes are complete
If we receive a KeyUpdate message (update requested) from the peer while we are in the middle of a write, we should defer sending the responding KeyUpdate message until after the current write is complete. We do this by waiting to send the KeyUpdate until the next time we write and there is no pending write data. This does imply a subtle change in behaviour. Firstly the responding KeyUpdate message won't be sent straight away as it is now. Secondly if the peer sends multiple KeyUpdates without us doing any writing then we will only send one response, as opposed to previously where we sent a response for each KeyUpdate received. Fixes #8677 Reviewed-by:Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/8773)
parent
b6db5b3d
Please register or sign in to comment