kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Don't test |initial_handshake_complete| for dummy PQ padding status.

Browse Source 
Checking |initial_handshake_complete| was a mistake—it's not true for
False Start connections at the time when Chrome wants to measure whether
PQ padding was used or not.

Change-Id: I51757e00f3e02129666ee1ce31c30d63f1bcbe74
Reviewed-on: https://boringssl-review.googlesource.com/26444
Commit-Queue: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
Adam Langley 2018-03-07 12:03:35 -08:00 committed by CQ bot account: commit-bot@chromium.org
parent ec55dc15d3
commit 40cdb3b5da
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
include/openssl/ssl.h
View File

@ -2954,7 +2954,7 @@ OPENSSL_EXPORT int SSL_set_dummy_pq_padding_size(SSL *ssl, size_t num_bytes);
// SSL_dummy_pq_padding_used returns one if the server echoed a dummy PQ padding
// extension and zero otherwise. It may only be called on a client connection
// once the handshake has completed, otherwise it'll return zero.
// once the ServerHello has been processed, otherwise it'll return zero.
OPENSSL_EXPORT int SSL_dummy_pq_padding_used(SSL *ssl);

2
ssl/ssl_lib.cc
View File

@ -2441,7 +2441,7 @@ int SSL_set_dummy_pq_padding_size(SSL *ssl, size_t num_bytes) {
}
int SSL_dummy_pq_padding_used(SSL *ssl) {
if (ssl->server || !ssl->s3->initial_handshake_complete) {
if (ssl->server) {
return 0;
}