From 4ac2dc4c0d48ca45da4f66c40e60d6b425fa94a3 Mon Sep 17 00:00:00 2001 From: David Benjamin Date: Fri, 12 Aug 2016 15:50:48 -0400 Subject: [PATCH] Add a comment about ServerHello.supported_groups. In TLS 1.2 and below, the server is not supposed to echo it, but I just came across a BigIP server which does. Document this so we know to take care before trying to flip it in the future. (It's actually kind of odd that it wasn't allowed to be sent given TLS 1.2 makes supported_groups interact with ECDSA client certificates. Ah well.) Change-Id: I4b97266f461e85bb1ad9bb935470e027f926d4df Reviewed-on: https://boringssl-review.googlesource.com/10320 CQ-Verified: CQ bot account: commit-bot@chromium.org Reviewed-by: Adam Langley Commit-Queue: Adam Langley --- ssl/t1_lib.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 5e790a48..bb345b4a 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -2193,7 +2193,8 @@ static int ext_supported_groups_add_clienthello(SSL *ssl, CBB *out) { static int ext_supported_groups_parse_serverhello(SSL *ssl, uint8_t *out_alert, CBS *contents) { - /* This extension is not expected to be echoed by servers and is ignored. */ + /* This extension is not expected to be echoed by servers in TLS 1.2, but some + * BigIP servers send it nonetheless, so do not enforce this. */ return 1; }