boringssl/ssl
David Benjamin a6bae93bf8 Never set not_resumable on an immutable session.
Once passed to the outside world, an SSL_SESSION is immutable. It is not
thread-safe to set not_resumable. In most cases, the session is already
expired anyway. In other cases, making all this remove session be unlink rather than
destroy is sound and consistent with how we treat sessions elsewhere.

In particular, SSL_CTX_free calls SSL_CTX_flush_sessions(0), and
bulk-invalidating everything like this is interfering with some
follow-up changes to improve the fuzzer.

Change-Id: I2a19b8ce32d9effc1efaa72e934e015ebbbfbf9a
Reviewed-on: https://boringssl-review.googlesource.com/17530
Reviewed-by: David Benjamin <davidben@google.com>
2017-07-05 20:32:47 +00:00
..
test Revise version negotiation on the Go half. 2017-07-05 20:18:09 +00:00
bio_ssl.c
CMakeLists.txt Revise version negotiation logic on the C side. 2017-07-05 19:13:17 +00:00
custom_extensions.c Support enabling early data on SSL 2017-04-03 20:25:29 +00:00
d1_both.c Trim x509.h includes. 2017-03-07 23:13:49 +00:00
d1_lib.c Don't use long for timestamps. 2017-03-01 21:58:38 +00:00
d1_pkt.c Adding support for sending early data on the client. 2017-06-15 19:34:59 +00:00
d1_srtp.c
dtls_method.c Revise version negotiation logic on the C side. 2017-07-05 19:13:17 +00:00
dtls_record.c
handshake_client.c Revise version negotiation logic on the C side. 2017-07-05 19:13:17 +00:00
handshake_server.c Revise version negotiation logic on the C side. 2017-07-05 19:13:17 +00:00
internal.h Revise version negotiation logic on the C side. 2017-07-05 19:13:17 +00:00
s3_both.c Unwind V2ClientHello counters. 2017-06-16 20:24:00 +00:00
s3_lib.c Really remove DHE ciphersuites from TLS. 2017-04-11 23:41:31 +00:00
s3_pkt.c Detect WatchGuard's TLS 1.3 interference failure mode. 2017-06-22 19:49:23 +00:00
ssl_aead_ctx.c Enforce incrementing counter for TLS 1.2 AES-GCM. 2017-05-26 20:06:36 +00:00
ssl_asn1.c Revise version negotiation logic on the C side. 2017-07-05 19:13:17 +00:00
ssl_buffer.c Size TLS read buffers based on the size requested. 2017-06-23 23:08:35 +00:00
ssl_cert.c Really remove DHE ciphersuites from TLS. 2017-04-11 23:41:31 +00:00
ssl_cipher.c Support standard RFC cipher suite names alongside OpenSSL ones. 2017-06-22 02:45:37 +00:00
ssl_ecdh.c Fix some malloc failure handling. 2017-06-15 19:38:59 +00:00
ssl_file.c
ssl_lib.c Revise version negotiation logic on the C side. 2017-07-05 19:13:17 +00:00
ssl_privkey_cc.cc
ssl_privkey.c Simplify ssl_private_key_* state machine points. 2017-06-20 19:37:05 +00:00
ssl_session.c Never set not_resumable on an immutable session. 2017-07-05 20:32:47 +00:00
ssl_stat.c Simplify ssl_private_key_* state machine points. 2017-06-20 19:37:05 +00:00
ssl_test.cc Fix SSL_set_{min,max}_proto_version APIs in invalid versions. 2017-07-05 19:43:26 +00:00
ssl_transcript.c
ssl_versions.c Fix SSL_set_{min,max}_proto_version APIs in invalid versions. 2017-07-05 19:43:26 +00:00
ssl_x509.c Move ssl_verify_alarm_type into ssl_x509.c. 2017-03-07 23:14:16 +00:00
t1_enc.c Enforce incrementing counter for TLS 1.2 AES-GCM. 2017-05-26 20:06:36 +00:00
t1_lib.c Revise version negotiation logic on the C side. 2017-07-05 19:13:17 +00:00
tls13_both.c Simplify ssl_private_key_* state machine points. 2017-06-20 19:37:05 +00:00
tls13_client.c Simplify ssl_private_key_* state machine points. 2017-06-20 19:37:05 +00:00
tls13_enc.c Revise version negotiation logic on the C side. 2017-07-05 19:13:17 +00:00
tls13_server.c Simplify ssl_private_key_* state machine points. 2017-06-20 19:37:05 +00:00
tls_method.c Revise version negotiation logic on the C side. 2017-07-05 19:13:17 +00:00
tls_record.c Revise version negotiation logic on the C side. 2017-07-05 19:13:17 +00:00