kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Never send SNI warning alerts. 

TLS 1.3 forbids warning alerts, and sending these is a bad idea. Per RFC
6066:

   If the server understood the ClientHello extension but
   does not recognize the server name, the server SHOULD take one of two
   actions: either abort the handshake by sending a fatal-level
   unrecognized_name(112) alert or continue the handshake.  It is NOT
   RECOMMENDED to send a warning-level unrecognized_name(112) alert,
   because the client's behavior in response to warning-level alerts is
   unpredictable.

The motivation is to cut down on the number of places where we send
non-closing alerts. We can't remove them yet (SSL 3.0 and TLS 1.3 draft
18 need to go), but eventually this can be a simplifying assumption.
Already this means DTLS never sends warning alerts, which is good
because DTLS can't retransmit them.

Change-Id: I577a1eb9c23e66d28235c0fbe913f00965e19486
Reviewed-on: https://boringssl-review.googlesource.com/13221
Reviewed-by: Adam Langley <agl@google.com>
kris/onging/CECPQ3_patch15
David Benjamin 7 years ago
committed by Adam Langley
parent
a8c8b387f1
commit
6752efdeaf
2 changed files with 3 additions and 6 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +3
    -2
      include/openssl/ssl.h
  2. +0
    -4
      ssl/t1_lib.c

+ 3
- 2
include/openssl/ssl.h View File

@@ -2359,8 +2359,9 @@ OPENSSL_EXPORT int SSL_get_servername_type(const SSL *ssl);
*
* If the callback returns |SSL_TLSEXT_ERR_NOACK|, the server_name extension is
* not acknowledged in the ServerHello. If the return value is
* |SSL_TLSEXT_ERR_ALERT_FATAL| or |SSL_TLSEXT_ERR_ALERT_WARNING| then
* |*out_alert| must be set to the alert value to send. */
* |SSL_TLSEXT_ERR_ALERT_FATAL|, then |*out_alert| is the alert to send,
* defaulting to |SSL_AD_UNRECOGNIZED_NAME|. |SSL_TLSEXT_ERR_ALERT_WARNING| is
* ignored and treated as |SSL_TLSEXT_ERR_OK|. */
OPENSSL_EXPORT int SSL_CTX_set_tlsext_servername_callback(
SSL_CTX *ctx, int (*callback)(SSL *ssl, int *out_alert, void *arg));



+ 0
- 4
ssl/t1_lib.c View File

@@ -3122,10 +3122,6 @@ static int ssl_check_clienthello_tlsext(SSL_HANDSHAKE *hs) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, al);
return -1;

case SSL_TLSEXT_ERR_ALERT_WARNING:
ssl3_send_alert(ssl, SSL3_AL_WARNING, al);
return 1;

case SSL_TLSEXT_ERR_NOACK:
hs->should_ack_sni = 0;
return 1;


Write Preview
Loading…
Cancel
Save