Commit Graph

305 Commits

Author SHA1 Message Date
David Benjamin
37d924640a Disallow all special operators once groups are used.
+ and - should also be forbidden. Any operation other than appending will mix
up the in_group bits and give unexpected behavior.

Change-Id: Ieaebb9ee6393aa36243d0765e45cae667f977ef5
Reviewed-on: https://boringssl-review.googlesource.com/1803
Reviewed-by: Adam Langley <agl@google.com>
2014-09-22 17:22:56 +00:00
David Benjamin
2a5ea98a46 Remove redundant check in cipher rule parsing.
It's redundant with the check at the top of the loop.

Change-Id: If64e5396658ca28cad937411c6fc8671a2abfdcd
Reviewed-on: https://boringssl-review.googlesource.com/1802
Reviewed-by: Adam Langley <agl@google.com>
2014-09-22 17:22:47 +00:00
David Benjamin
bb0a17c5e1 Add a set of tests for cipher string parsing.
Change-Id: I4f9cdfa443bc5916f1899a7fc90aca2bf3c6027c
Reviewed-on: https://boringssl-review.googlesource.com/1801
Reviewed-by: Adam Langley <agl@google.com>
2014-09-22 16:47:44 +00:00
David Benjamin
e113608a1c Switch the reason code check to a compile-time assert.
It's just checking some constants. Also the comment's off now.

Change-Id: I934d32b76c705758ae7c18009d867e9820a4c5a8
Reviewed-on: https://boringssl-review.googlesource.com/1800
Reviewed-by: Adam Langley <agl@google.com>
2014-09-22 16:43:56 +00:00
David Benjamin
d7c5368a0f Add missing errors codes for alerts.
This gives inappropriate_fallback and close_notify sent during the handshake
error strings. It'd also avoid having to write
  case SSL_AD_REASON_OFFSET + SSL_AD_CLOSE_NOTIFY:
in Chromium.

Change-Id: I42123d5452eb7843ead883d112e58b3f087d3067
Reviewed-on: https://boringssl-review.googlesource.com/1780
Reviewed-by: Adam Langley <agl@google.com>
2014-09-17 16:42:14 +00:00
David Benjamin
fc7b086305 Test that ALPN is preferred over NPN.
Change-Id: Ia9d10f672c8a83f507b46f75869b7c00fe1a4fda
Reviewed-on: https://boringssl-review.googlesource.com/1755
Reviewed-by: Adam Langley <agl@google.com>
2014-09-15 21:10:59 +00:00
David Benjamin
ae2888fbdc Add tests for ALPN support.
Both as client and as server. Also tests that ALPN causes False Start to kick
in.

Change-Id: Ib570346f3c511834152cd2df2ef29541946d3ab4
Reviewed-on: https://boringssl-review.googlesource.com/1753
Reviewed-by: Adam Langley <agl@google.com>
2014-09-15 21:10:46 +00:00
David Benjamin
fa055a2b77 Implement ALPN in runner.go.
Imported from upstream's https://codereview.appspot.com/108710046.

Change-Id: I66c879dcc9fd09446ac1a8380f796b1d68c89e4e
Reviewed-on: https://boringssl-review.googlesource.com/1751
Reviewed-by: Adam Langley <agl@google.com>
2014-09-15 21:09:45 +00:00
David Benjamin
812152aa3b Don't deadlock if a resume test fails the first half.
Otherwise the child is busy waiting for its second handshake.

Change-Id: Ic613eeb04c5d6c1ec1e1bbcb13946d3ac31d05f1
Reviewed-on: https://boringssl-review.googlesource.com/1752
Reviewed-by: Adam Langley <agl@google.com>
2014-09-15 21:08:11 +00:00
David Benjamin
e78bfded9f Improve test coverage for server_name extension.
Notably, this would have caught ed8270a55c
(although, apart from staring at code coverage, knowing to set resumeSession on
the server test isn't exactly obvious). Perhaps we should systematically set it
on all extension server tests; ClientHello extension parsing happens after
resumption has been determined and is often sensitive to it.

Change-Id: Ie83f294a26881a6a41969e9dbd102d0a93cb68b5
Reviewed-on: https://boringssl-review.googlesource.com/1750
Reviewed-by: Adam Langley <agl@google.com>
2014-09-15 21:07:57 +00:00
David Benjamin
594a58e078 Remove remnants of export cipher suite selection.
Splitting the strength mask between SSL_EXP_MASK and SSL_STRONG_MASK no longer
does anything. Also remove the SSL_NOT_EXP bit and condense the strength bits.

Change-Id: I9e61acdde008c3ce06bb37f78a72099fc53ed080
Reviewed-on: https://boringssl-review.googlesource.com/1757
Reviewed-by: Adam Langley <agl@google.com>
2014-09-15 21:06:24 +00:00
David Benjamin
d633d6303c Remove indirection in loading ciphers.
Simplify all the cipher gathering logic. The set of supported ciphers is known,
so there is no need to determine if some cipher exists but doesn't work.

Change-Id: Idcaae67e7bfc40a3deb925d85ee1a99a931b67e7
Reviewed-on: https://boringssl-review.googlesource.com/1756
Reviewed-by: Adam Langley <agl@google.com>
2014-09-15 21:06:10 +00:00
David Benjamin
172fc2c427 Fix some OPENSSL_PUT_ERROR calls.
Change-Id: I6a49eb5225208eed160f9bce7cb9af5145ae0df1
Reviewed-on: https://boringssl-review.googlesource.com/1754
Reviewed-by: Adam Langley <agl@google.com>
2014-09-15 19:02:28 +00:00
David Benjamin
a70c75cfc0 Add a CRYPTO_library_init and static-initializer-less build option.
Chromium does not like static initializers, and the CPU logic uses one to
initialize CPU bits. However, the crypto library lacks an explicit
initialization function, which could complicate (no compile-time errors)
porting existing code which uses crypto/, but not ssl/.

Add an explicit CRYPTO_library_init function, but make it a no-op by default.
It only does anything (and is required) if building with
BORINGSSL_NO_STATIC_INITIALIZER.

Change-Id: I6933bdc3447fb382b1f87c788e5b8142d6f3fe39
Reviewed-on: https://boringssl-review.googlesource.com/1770
Reviewed-by: Adam Langley <agl@google.com>
2014-09-12 00:10:53 +00:00
David Benjamin
f7768e43b2 Test SHA-256 and SHA-384 CBC-mode cipher suites.
These were added in TLS 1.2. They are like the standard AES-CBC cipher suites,
but use different HMACs.

Change-Id: Ib89ddebd1aa398b1347f8285f5d827068b1bd181
Reviewed-on: https://boringssl-review.googlesource.com/1730
Reviewed-by: Adam Langley <agl@google.com>
2014-09-06 00:17:08 +00:00
David Benjamin
c92c2d7a07 Prune some dead quirks and document the SSL_OP_ALL ones.
Update SSL_OP_ALL to account for SSL_OP_CRYPTOPRO_TLSEXT_BUG being gone,
and update ssl3_setup_write_buffer to account for SSL_MODE_CBC_RECORD_SPLITTING
rather than the now defunct SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS.

Also remove SSL_OP_TLS_BLOCK_PADDING_BUG. This is to allow for a buggy peer
which pads CBC with N bytes of value N rather than N+1 bytes of value N. This
quirk has been broken since CBC padding checks became constant-time, as
demonstrated by this attempt at a test. (Instead of just decrementing
padding_length, it needs to also keep track of a separate padding_value and not
decrement that one.)

https://boringssl-review.googlesource.com/#/c/1690/

(The quirk would also fall over anyway if the buggy client ever did a session
resumption; then the server speaks first rather than the client, and the quirk
triggered on reading the first encrypted record from the peer.)

Change-Id: I19942dc629a47832aead77a46bb50e0b0a9780b3
Reviewed-on: https://boringssl-review.googlesource.com/1694
Reviewed-by: Adam Langley <agl@google.com>
2014-09-03 20:17:45 +00:00
David Benjamin
859ec3cc09 Add SSL_CTX_set_keylog_bio.
Configures the SSL stack to log session information to a BIO. The intent is to
support NSS's SSLKEYLOGFILE environment variable. Add support for the same
environment variable to tool/client.cc.

Tested against Wireshark 1.12.0.

BUG=393477

Change-Id: I4c231f9abebf194eb2df4aaeeafa337516774c95
Reviewed-on: https://boringssl-review.googlesource.com/1699
Reviewed-by: Adam Langley <agl@google.com>
2014-09-03 20:15:55 +00:00
David Benjamin
df90a64483 Remove MD5, SHA-224, and SHA-512 handling from s3_cbc.c.
The only MD5 CBC-mode cipher suites are TLS_KRB5_WITH_DES_CBC_MD5,
TLS_KRB5_WITH_3DES_EDE_CBC_MD5, and TLS_KRB5_WITH_IDEA_CBC_MD5. We do not
support those, and it seems quite safe to assume that list will not grow.

No current cipher suites use SHA-224 or SHA-512 MACs. We can restore those
cases if that ever changes, but hopefully any future cipher suites we care
about will be using the AEAD construction.

Change-Id: I7f2d30238e2156a59b5fed1e48fabe6660fc9b67
Reviewed-on: https://boringssl-review.googlesource.com/1697
Reviewed-by: Adam Langley <agl@google.com>
2014-09-02 23:42:15 +00:00
David Benjamin
39ebf53dd3 Check the server did not use a TLS 1.2 cipher suite pre-TLS 1.2.
This check got refactored in OpenSSL 1.0.2 and broke in the process. Fix this
and add a test. Otherwise things like client auth can get slightly confused; it
will try to sign the MD5/SHA-1 hash, but the TLS 1.2 cipher suite may not use
SSL_HANDSHAKE_MAC_DEFAULT, so those digests won't be available.

Based on upstream's 226751ae4a1f3e00021c43399d7bb51a99c22c17.

Change-Id: I5b864d3a696f3187b849c53b872c24fb7df27924
Reviewed-on: https://boringssl-review.googlesource.com/1696
Reviewed-by: Adam Langley <agl@google.com>
2014-09-02 23:41:34 +00:00
David Benjamin
120a674c00 Fix the return values for most of SRTP.
Switch all of SRTP code to the standard return value convention with two
exceptions. Unfortunately, OpenSSL exposed API with the wrong error code. Keep
the public API flipped and document.

Change-Id: I43ac82513f4f52bb36a0b54aba9b9e0fa285730e
Reviewed-on: https://boringssl-review.googlesource.com/1691
Reviewed-by: Adam Langley <agl@google.com>
2014-09-02 23:41:22 +00:00
David Benjamin
5c24a1d6b6 Add a test for SSL_OP_TLS_D5_BUG.
If this is part of SSL_OP_ALL, we should have a test for it.

Change-Id: Ia72422beb2da6434726e78e174f3416f90f7c897
Reviewed-on: https://boringssl-review.googlesource.com/1695
Reviewed-by: Adam Langley <agl@google.com>
2014-09-02 22:43:54 +00:00
David Benjamin
f0fd37323b Remove remnants of EVP_CIPHER-based AES_GCM cipher.
Those codepaths are never hit.

Change-Id: Ib6908ebe90ab667774785298fdc3f96acc4b50df
Reviewed-on: https://boringssl-review.googlesource.com/1693
Reviewed-by: Adam Langley <agl@google.com>
2014-09-02 22:42:26 +00:00
Adam Langley
b2cb0ece76 Fix minor issues found by Clang's analysis.
Thanks to Denis Denisov for running the analysis.

Change-Id: I80810261e013423e746fd8d8afefb3581cffccc0
Reviewed-on: https://boringssl-review.googlesource.com/1701
Reviewed-by: Adam Langley <agl@google.com>
2014-09-02 22:39:41 +00:00
Adam Langley
ed8270a55c Fix crash as server when resuming with SNI.
Thanks to Denis Denisov for noting that |host_name| could be used while
uninitialised in the resumption case.

While in the area, this change also renames |servername_done| to
something more reasonable and removes a documented value that was never
used. Additionally, the SNI ack was only sent when not resuming so
calculating whether it should be sent when processing ClientHello
extensions (which is after s->hit has been set) is superfluous.

Lastly, since SNI is only acked by servers, there's no need to worry
about the SNI callback returning NOACK in the client case.

Change-Id: Ie4ecfc347bd7afaf93b12526ff9311cc45da4df6
Reviewed-on: https://boringssl-review.googlesource.com/1700
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2014-09-02 21:30:50 +00:00
Alex Chernyakhovsky
04dbb7f1d1 Add tests for pqueue
Reorder the tests in all_tests.sh to be in alphabetical order.

Change-Id: Idc6df6ab4a25709312a6f58635061bb643582c70
Reviewed-on: https://boringssl-review.googlesource.com/1680
Reviewed-by: Adam Langley <agl@google.com>
2014-09-02 20:09:23 +00:00
David Benjamin
6c7aed048c Client-side OCSP stapling support.
Remove the old implementation which was excessively general. This mirrors the
SCT support and adds a single boolean flag to request an OCSP response with no
responder IDs, extensions, or frills. The response, if received, is stored on
the SSL_SESSION so that it is available for (re)validation on session
resumption; Chromium revalidates the saved auth parameters on resume.

Server support is unimplemented for now. This API will also need to be adjusted
in the future if we implement RFC 6961.

Change-Id: I533c029b7f7ea622d814d05f934fdace2da85cb1
Reviewed-on: https://boringssl-review.googlesource.com/1671
Reviewed-by: Adam Langley <agl@google.com>
2014-08-29 00:39:33 +00:00
David Benjamin
e098ec2460 Test client auth under TLS 1.2 hash mismatch and SSL 3.
Maintain a handshake buffer in prf.go to implement TLS 1.2 client auth. Also
use it for SSL 3. This isn't strictly necessary as we know the hash functions,
but Go's hash.Hash interface lacks a Copy method.

Also fix the server-side tests which failed to test every TLS version.

Change-Id: I98492c334fbb9f2f0f89ee9c5c8345cafc025600
Reviewed-on: https://boringssl-review.googlesource.com/1664
Reviewed-by: Adam Langley <agl@google.com>
2014-08-29 00:23:50 +00:00
David Benjamin
041b58a668 Remove session_ctx macro.
Don't pollute the embedder's namespace with a session_ctx macro. It looks like
the difference was that, without TLS extensions, session_ctx was ctx rather
than initial_ctx. Now it's always initial_ctx. Retain the semantics of
switching SSL_CTX's out after the fact, until/unless we decide to replace that
with something less scary-sounding.

Change-Id: Ie5df5138aec25218ca80031cf645671968b8a54a
Reviewed-on: https://boringssl-review.googlesource.com/1663
Reviewed-by: Adam Langley <agl@google.com>
2014-08-28 00:42:20 +00:00
David Benjamin
457112e197 unifdef a bunch of OPENSSL_NO_* ifdefs.
Get all this stuff out of the way.

- OPENSSL_NO_MD5
- OPENSSL_NO_SHA
- OPENSSL_NO_EC
- OPENSSL_NO_ECDSA
- OPENSSL_NO_ECDH
- OPENSSL_NO_NEXTPROTONEG
- OPENSSL_NO_DH
- OPENSSL_NO_SSL3
- OPENSSL_NO_RC4
- OPENSSL_NO_RSA

Also manually removed a couple instances of OPENSSL_NO_DSA that seemed to be
confused anyway. Did some minor manual cleanup. (Removed a few now-pointless
'if (0)'s.)

Change-Id: Id540ba97ee22ff2309ab20ceb24c7eabe766d4c4
Reviewed-on: https://boringssl-review.googlesource.com/1662
Reviewed-by: Adam Langley <agl@google.com>
2014-08-28 00:41:34 +00:00
David Benjamin
854dd654d1 Refactor server-side CertificateVerify handling.
This moves CertificateVerify digest processing to the new
SSL_GET_MESSAGE_DONT_HASH_MESSAGE flag. It also refactors it similarly to
ssl3_send_cert_verify and moves that logic to a common ssl3_cert_verify_hash
function to compute the handshake hash.

This removes a large chunk of duplicate (and divergent!) logic between TLS and
DTLS. It also removes TLS1_FLAGS_KEEP_HANDSHAKE.

Change-Id: Ia63c94f7d76d901bc9c4c33454fbfede411adf63
Reviewed-on: https://boringssl-review.googlesource.com/1633
Reviewed-by: Adam Langley <agl@google.com>
2014-08-27 01:55:27 +00:00
David Benjamin
5b8f104ee8 Revise hash management for reading the Finished message.
Upstream originally sampled the Finished message's hash at ChangeCipherSpec,
but our patches to add messages between the two complicated this. Move DTLS to
this path, but use the new SSL_GET_MESSAGE_DONT_HASH_MESSAGE flag to avoid
special-casing message types in ssl3_get_message.

Change-Id: I9c8ddd9cc500c94dff2ec2f696f89d50ab01b3ad
Reviewed-on: https://boringssl-review.googlesource.com/1632
Reviewed-by: Adam Langley <agl@google.com>
2014-08-27 01:55:17 +00:00
David Benjamin
880b14e98c Compute the Channel ID hash after ssl_get_message.
This avoids needing the save the hash on the SSL* (and use some field for two
purposes). Instead, use the new SSL_GET_MESSAGE_DONT_HASH_MESSAGE flag (which
actually was already used here, but at the time, pointlessly). Also fix a minor
bug where the hash would be recomputed in non-blocking mode because init_num
may stay zero for a few state machine iterations.

Change-Id: I3d8331cf3134c5f9a3eda9e988bba5bcebe40933
Reviewed-on: https://boringssl-review.googlesource.com/1631
Reviewed-by: Adam Langley <agl@google.com>
2014-08-27 01:55:06 +00:00
David Benjamin
590cbe970c Introduce a hash_message parameter to ssl_get_message.
This replaces the special-case in ssl3_get_message for Channel ID. Also add
ssl3_hash_current_message to hash the current message, taking TLS vs DTLS
handshake header size into account.

One subtlety with this flag is that a message intended to be processed with
SSL_GET_MESSAGE_DONT_HASH_MESSAGE cannot follow an optional message
(reprocessed with reuse_message, etc.).  There is an assertion to that effect.
If need be, we can loosen it to requiring that the preceeding optional message
also pass SSL_GET_MESSAGE_DONT_HASH_MESSAGE and then maintain some state to
perform the more accurate assertion, but this is sufficient for now.

Change-Id: If8c87342b291ac041a35885b9b5ee961aee86eab
Reviewed-on: https://boringssl-review.googlesource.com/1630
Reviewed-by: Adam Langley <agl@google.com>
2014-08-27 01:54:50 +00:00
Adam Langley
3cb50e0699 Move a variable declaration to function start.
(Fixes the Windows build.)

Change-Id: Ibc7e3fe7cee275c8bc24198e996e4f92100ea9fc
Reviewed-on: https://boringssl-review.googlesource.com/1642
Reviewed-by: Adam Langley <agl@google.com>
2014-08-26 22:07:33 +00:00
David Benjamin
8da990677b Rename some message functions for consistency.
Make the get/send functions match.

ssl3_client_hello -> ssl3_send_client_hello.
ssl3_send_newsession_ticket -> ssl3_send_new_session_ticket.
ssl3_send_client_verify -> ssl3_send_cert_verify

Change-Id: Iea5579479b8a8f392167b8fb3b7e9fe961d0f007
Reviewed-on: https://boringssl-review.googlesource.com/1613
Reviewed-by: Adam Langley <agl@google.com>
2014-08-26 21:09:40 +00:00
David Benjamin
e58c4f5321 Add a test to ensure False Start occurs.
This adds the missing test coverage for
7e3305eebd.

Change-Id: I8c9f1dc998afa9bb1f6fb2a7872a651037bb4844
Reviewed-on: https://boringssl-review.googlesource.com/1610
Reviewed-by: Adam Langley <agl@google.com>
2014-08-26 17:41:53 +00:00
David Benjamin
ef86550537 Remove logic for non-signing client certificates.
Now that only RSA and ECDSA certificates are supported, the server should just
reject non-signing ones outright, rather than allowing them to skip
CertificateVerify.

Change-Id: I7fe5ed3adde14481016ee841ed241faba18c26f0
Reviewed-on: https://boringssl-review.googlesource.com/1609
Reviewed-by: Adam Langley <agl@google.com>
2014-08-26 17:41:08 +00:00
David Benjamin
a08e49d17a Add basic TLS Channel ID tests.
Change-Id: I7ccf2b8282dfa8f3985775e8b67edcf3c2949752
Reviewed-on: https://boringssl-review.googlesource.com/1606
Reviewed-by: Adam Langley <agl@google.com>
2014-08-26 17:40:36 +00:00
David Benjamin
4e99c52bf6 Fix FalseStart-SessionTicketsDisabled tests.
They weren't inheriting async settings.

Change-Id: I5e9c04914926910dce63f93462cce4024627fb26
Reviewed-on: https://boringssl-review.googlesource.com/1605
Reviewed-by: Adam Langley <agl@google.com>
2014-08-25 23:00:59 +00:00
David Benjamin
2561dc335a Introduce a mechanism for base64 options.
We may wish to pass data to the runner that contains NULs.

Change-Id: Id78dad0ad0b5b6d0537481c818e3febdf1740cc9
Reviewed-on: https://boringssl-review.googlesource.com/1603
Reviewed-by: Adam Langley <agl@google.com>
2014-08-25 23:00:44 +00:00
David Benjamin
3a66e2838c Update ssl3_get_channel_id for the simpler ECDSA_do_verify.
The return values are now 1/0, not 1/0/-1.

Change-Id: If65bb08a229c7944cb439ec779df461904d0ec19
Reviewed-on: https://boringssl-review.googlesource.com/1607
Reviewed-by: Adam Langley <agl@google.com>
2014-08-25 22:54:26 +00:00
David Benjamin
d30a990850 Implement TLS Channel ID in runner.go
Change-Id: Ia349c7a7cdcfd49965cd0c4d6cf81a76fbffb696
Reviewed-on: https://boringssl-review.googlesource.com/1604
Reviewed-by: Adam Langley <agl@google.com>
2014-08-25 22:48:18 +00:00
David Benjamin
f9b96fa493 Fix flipped DTLS checks.
09bd58d1f1 flipped a condition. Doing that
memset in the DTLS case breaks retransmits across a CCS and fails to memset in
the TLS case.

Strangely, it didn't break any tests, but I think that's a function of us
lacking renego tests. The sequence number doesn't seem to be used in the
initial handshake for TLS, so it stayed at zero. After a renego, that codepath
is relevant.

Change-Id: I369a524021857a82e181af7798c7a10fe6279550
Reviewed-on: https://boringssl-review.googlesource.com/1601
Reviewed-by: Adam Langley <agl@google.com>
2014-08-25 21:49:36 +00:00
David Benjamin
2a0c496ab3 Fix duplicate test name.
Change-Id: I16be575e4a6a13c74bd45a8fe3e1473502a80c86
Reviewed-on: https://boringssl-review.googlesource.com/1600
Reviewed-by: Adam Langley <agl@google.com>
2014-08-25 21:47:25 +00:00
Håvard Molland
9169c96458 Implement client side of TLS signed certificate stamps extension.
https://crbug.com/389420 and 3.3 in rfc6962.

Change-Id: Ib22bcd4e4bde5a314ed33e123e19a76cdb714da4
Reviewed-on: https://boringssl-review.googlesource.com/1491
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2014-08-21 16:21:46 +00:00
David Benjamin
c44d2f4cb8 Convert all zero-argument functions to '(void)'
Otherwise, in C, it becomes a K&R function declaration which doesn't actually
type-check the number of arguments.

Change-Id: I0731a9fefca46fb1c266bfb1c33d464cf451a22e
Reviewed-on: https://boringssl-review.googlesource.com/1582
Reviewed-by: Adam Langley <agl@google.com>
2014-08-21 01:06:07 +00:00
David Benjamin
5213df4e9e Prefer AES-GCM when hardware support is available.
BUG=396787

Change-Id: I72ddb0ec3c71dbc70054403163930cbbde4b6009
Reviewed-on: https://boringssl-review.googlesource.com/1581
Reviewed-by: Adam Langley <agl@google.com>
2014-08-20 20:53:31 +00:00
David Benjamin
92909a6206 Remove MS SGC support on the the server.
It doesn't appear to have ever been implemented on the client. The server code
stopped working anyway because it now skips the ssl_get_message call, so we
never cash in on the reuse_message, attempt to reprocess the repeated
ClientHello, and reject it thinking it's a second MS SGC restart.

Change-Id: Id536846e08460143f6fc0a550bdcc1b26b506b04
Reviewed-on: https://boringssl-review.googlesource.com/1580
Reviewed-by: Adam Langley <agl@google.com>
2014-08-20 19:06:01 +00:00
David Benjamin
b52e3dded2 Move common code between two branches.
Some follow-up cleanup to bd30f8e34a.

Change-Id: Id996c6c43f42f4db410e1e612ee1e5e8e0233356
Reviewed-on: https://boringssl-review.googlesource.com/1569
Reviewed-by: Adam Langley <agl@google.com>
2014-08-20 19:05:02 +00:00
David Benjamin
422d3a4015 Remove some unused state and code.
Change-Id: I1f917d1fe70ef5046eeea8fed27cc402bcd674b9
Reviewed-on: https://boringssl-review.googlesource.com/1568
Reviewed-by: Adam Langley <agl@google.com>
2014-08-20 19:04:32 +00:00