boringssl

History

David Benjamin 0ab3f0ca25 Notice earlier if a server echoes the TLS 1.3 compatibility session ID. Mono's legacy TLS 1.0 stack, as a server, does not implement any form of resumption, but blindly echos the ClientHello session ID in the ServerHello for no particularly good reason. This is invalid, but due to quirks of how our client checked session ID equality, we only noticed on the second connection, rather than the first. Flaky failures do no one any good, so break deterministically on the first connection, when we realize something strange is going on. Bug: chromium:796910 Change-Id: I1f255e915fcdffeafb80be481f6c0acb3c628846 Reviewed-on: https://boringssl-review.googlesource.com/25424 Commit-Queue: Steven Valdez <svaldez@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Reviewed-by: Steven Valdez <svaldez@google.com>	2018-01-26 21:53:27 +00:00
..
openssl	Notice earlier if a server echoes the TLS 1.3 compatibility session ID.	2018-01-26 21:53:27 +00:00

David Benjamin 0ab3f0ca25 Notice earlier if a server echoes the TLS 1.3 compatibility session ID.

Mono's legacy TLS 1.0 stack, as a server, does not implement any form of
resumption, but blindly echos the ClientHello session ID in the
ServerHello for no particularly good reason.

This is invalid, but due to quirks of how our client checked session ID
equality, we only noticed on the second connection, rather than the
first. Flaky failures do no one any good, so break deterministically on
the first connection, when we realize something strange is going on.

Bug: chromium:796910
Change-Id: I1f255e915fcdffeafb80be481f6c0acb3c628846
Reviewed-on: https://boringssl-review.googlesource.com/25424
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: Steven Valdez <svaldez@google.com>

2018-01-26 21:53:27 +00:00

openssl

Notice earlier if a server echoes the TLS 1.3 compatibility session ID.

2018-01-26 21:53:27 +00:00