kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
0c40a96455
boringssl/ssl
History
David Benjamin 0c40a96455 Send unsupported_extension on unexpected ServerHello extensions. 
We were sending decode_error, but the spec explicitly says (RFC 5246):

   unsupported_extension
      sent by clients that receive an extended server hello containing
      an extension that they did not put in the corresponding client
      hello.  This message is always fatal.

Also add a test for this when it's a known but unoffered extension. We
actually end up putting these in different codepaths now due to the
custom extensions stuff.

Thanks to Eric Rescorla for pointing this out.

Change-Id: If6c8033d4cfe69ef8af5678b873b25e0dbadfc4f
Reviewed-on: https://boringssl-review.googlesource.com/9061
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2016-08-01 18:56:31 +00:00
..
test Send unsupported_extension on unexpected ServerHello extensions. 2016-08-01 18:56:31 +00:00
CMakeLists.txt Add TLS 1.3 1-RTT. 2016-07-18 09:54:46 +00:00
custom_extensions.c Send unsupported_extension on unexpected ServerHello extensions. 2016-08-01 18:56:31 +00:00
d1_both.c Switch finish_handshake to release_current_message. 2016-07-28 22:59:18 +00:00
d1_lib.c Stop using the word 'buffer' everywhere. 2016-06-27 22:15:22 +00:00
d1_pkt.c Move post-handshake message handling out of read_app_data. 2016-07-29 21:05:49 +00:00
d1_srtp.c Make kSRTPProfiles static. 2016-05-13 14:12:22 +00:00
dtls_method.c Switch finish_handshake to release_current_message. 2016-07-28 22:59:18 +00:00
dtls_record.c Fix the alias checks in dtls_record.c. 2016-06-09 21:11:22 +00:00
handshake_client.c Don't have the default value of |verify_result| be X509_V_OK. 2016-08-01 18:11:39 +00:00
handshake_server.c Splitting SSL session state. 2016-07-29 21:22:46 +00:00
internal.h Adding handling for KeyUpdate post-handshake message. 2016-07-29 23:06:09 +00:00
s3_both.c Splitting SSL session state. 2016-07-29 21:22:46 +00:00
s3_enc.c Splitting SSL session state. 2016-07-29 21:22:46 +00:00
s3_lib.c Splitting SSL session state. 2016-07-29 21:22:46 +00:00
s3_pkt.c Move post-handshake message handling out of read_app_data. 2016-07-29 21:05:49 +00:00
ssl_aead_ctx.c Fixing iv_length for TLS 1.3. 2016-06-16 17:04:14 +00:00
ssl_asn1.c Disconnect handshake message creation from init_buf. 2016-06-27 22:15:01 +00:00
ssl_buffer.c Remove in-place TLS record assembly for now. 2016-06-09 19:47:44 +00:00
ssl_cert.c Factor out the client_cert_cb code. 2016-07-20 09:25:52 +00:00
ssl_cipher.c Forbid PSK ciphers in TLS 1.3 for now. 2016-07-13 16:49:46 +00:00
ssl_ecdh.c Add BN_rand_range_ex and use internally. 2016-07-29 16:09:26 +00:00
ssl_file.c Banish SSL_add_dir_cert_subjects_to_stack and OPENSSL_DIR_CTX to decrepit. 2016-04-27 18:40:25 +00:00
ssl_lib.c Don't have the default value of |verify_result| be X509_V_OK. 2016-08-01 18:11:39 +00:00
ssl_rsa.c Give SSL_PRIVATE_KEY_METHOD a message-based API. 2016-07-15 18:26:45 +00:00
ssl_session.c Don't have the default value of |verify_result| be X509_V_OK. 2016-08-01 18:11:39 +00:00
ssl_stat.c Factor out the client_cert_cb code. 2016-07-20 09:25:52 +00:00
ssl_test.cc Splitting SSL session state. 2016-07-29 21:22:46 +00:00
t1_enc.c Splitting SSL session state. 2016-07-29 21:22:46 +00:00
t1_lib.c Send unsupported_extension on unexpected ServerHello extensions. 2016-08-01 18:56:31 +00:00
tls13_both.c Adding handling for KeyUpdate post-handshake message. 2016-07-29 23:06:09 +00:00
tls13_client.c Splitting SSL session state. 2016-07-29 21:22:46 +00:00
tls13_enc.c Adding handling for KeyUpdate post-handshake message. 2016-07-29 23:06:09 +00:00
tls13_server.c Splitting SSL session state. 2016-07-29 21:22:46 +00:00
tls_method.c Switch finish_handshake to release_current_message. 2016-07-28 22:59:18 +00:00
tls_record.c Check for buffered handshake messages on cipher change in DTLS. 2016-07-16 08:25:02 +00:00