kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
163c95691a
boringssl/include/openssl
History
David Benjamin 163c95691a Forbid EMS from changing during renegotation. 
Changing parameters on renegotiation makes all our APIs confusing. This
one has no reason to change, so lock it down. In particular, our
preference to forbid Token Binding + renego may be overridden at the
IETF, even though it's insane. Loosening it will be a bit less of a
headache if EMS can't change.

https://www.ietf.org/mail-archive/web/unbearable/current/msg00690.html
claims that this is already in the specification and enforced by NSS. I
can't find anything to this effect in the specification. It just says
the client MUST disable renegotiation when EMS is missing, which is
wishful thinking. At a glance, NSS doesn't seem to check, though I could
be misunderstanding the code.

Nonetheless, locking this down is a good idea anyway. Accurate or not,
take the email as an implicit endorsement of this from Mozilla.

Change-Id: I236b05991d28bed199763dcf2f47bbfb9d0322d7
Reviewed-on: https://boringssl-review.googlesource.com/10721
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2016-08-30 15:43:35 +00:00
..
c++ Move remaining ScopedContext types out of scoped_types.h 2016-08-11 01:15:45 +00:00
aead.h Revert scoped_types.h change. 2016-07-12 08:05:38 -07:00
aes.h
arm_arch.h Remove CRYPTO_set_NEON_functional. 2016-02-23 23:19:46 +00:00
asn1_mac.h Purge the remainder of asn1_mac.h. 2016-08-03 21:37:31 +00:00
asn1.h Remove M_i2d_* and M_d2i_*. 2016-08-26 19:28:56 +00:00
asn1t.h Remove ASN.1 print hooks. 2016-06-14 17:38:31 +00:00
base64.h Replace base64 decoding. 2016-05-26 17:59:10 +00:00
base.h Move some typedefs to base.h. 2016-07-22 21:12:18 +00:00
bio.h Finish aligning up_ref functions with OpenSSL 1.1.0. 2016-08-11 16:51:52 +00:00
blowfish.h
bn.h Fix bn_wexpand's documentation. 2016-08-23 17:49:47 +00:00
buf.h Add BUF_MEM_reserve. 2016-05-18 19:09:06 +00:00
buffer.h
bytestring.h Clarify CBS/CBB with respect to high tag number form. 2016-08-26 17:48:48 +00:00
cast.h
chacha.h Require in == out for in-place encryption. 2016-06-09 19:49:03 +00:00
cipher.h Revert scoped_types.h change. 2016-07-12 08:05:38 -07:00
cmac.h Revert scoped_types.h change. 2016-07-12 08:05:38 -07:00
conf.h Fix the shared library build. 2016-03-09 20:13:41 +00:00
cpu.h Make CRYPTO_is_NEON_capable aware of the buggy CPU. 2016-04-28 16:42:21 +00:00
crypto.h Add no-op function ENGINE_register_all_complete. 2016-07-12 17:54:41 +00:00
curve25519.h Revert scoped_types.h change. 2016-07-12 08:05:38 -07:00
des.h Fix shared library build on OS X. 2015-10-26 23:39:47 +00:00
dh.h Finish aligning up_ref functions with OpenSSL 1.1.0. 2016-08-11 16:51:52 +00:00
digest.h Promise more accurate bounds than EVP_MD_MAX_SIZE. 2016-08-01 23:24:04 +00:00
dsa.h Finish aligning up_ref functions with OpenSSL 1.1.0. 2016-08-11 16:51:52 +00:00
dtls1.h
ec_key.h Finish aligning up_ref functions with OpenSSL 1.1.0. 2016-08-11 16:51:52 +00:00
ec.h Move some typedefs to base.h. 2016-07-22 21:12:18 +00:00
ecdh.h Clean up |ECDH_compute_key|. 2015-10-27 17:00:25 +00:00
ecdsa.h Revert scoped_types.h change. 2016-07-12 08:05:38 -07:00
engine.h Unwind DH_METHOD and DSA_METHOD. 2015-11-03 22:54:36 +00:00
err.h Have doc.go parse struct comments. 2016-01-26 23:23:23 +00:00
evp.h Add various 1.1.0 accessors. 2016-08-10 16:52:15 +00:00
ex_data.h Skip free callbacks on empty CRYPTO_EX_DATAs. 2015-12-15 21:32:14 +00:00
hkdf.h Const-correct HKDF_expand. 2016-07-16 07:55:19 +00:00
hmac.h Update comments for HMAC to give a more accurate bound than EVP_MD_MAX_SIZE 2016-08-02 18:20:42 +00:00
lhash_macros.h
lhash.h Style: fix some header guards 2015-10-26 18:47:51 +00:00
md4.h Add one-shot |MD4| function. 2016-03-09 01:13:55 +00:00
md5.h Store the partial block as uint8_t, not uint32_t. 2015-12-16 19:59:29 +00:00
mem.h Revert "Move C++ helpers into |bssl| namespace." 2016-07-12 08:09:33 -07:00
newhope.h Revert scoped_types.h change. 2016-07-12 08:05:38 -07:00
nid.h Elliptic curve + post-quantum key exchange 2016-05-19 22:19:14 +00:00
obj_mac.h Rename obj_mac.h to nid.h and make it a multiply-includable header. 2016-03-31 20:45:35 +00:00
obj.h Rename the |dont_return_name| flag of |OBJ_obj2txt| to |always_return_oid|. 2016-08-10 17:18:25 +00:00
objects.h
opensslconf.h Rename opensslfeatures.h to opensslconf.h. 2016-02-26 01:32:50 +00:00
opensslv.h
ossl_typ.h
pem.h Include crypto.h from pem.h. 2016-05-20 15:31:26 +00:00
pkcs7.h
pkcs8.h Revert scoped_types.h change. 2016-07-12 08:05:38 -07:00
pkcs12.h
poly1305.h Revert "Enable upstream's Poly1305 code." 2016-03-29 22:47:11 +00:00
rand.h Add a deterministic PRNG for fuzzing. 2016-03-03 01:36:19 +00:00
rc4.h Add |RC4_options| to decrepit. 2016-03-09 01:14:30 +00:00
ripemd.h Add RIPEMD160 support in decrepit. 2016-03-09 19:37:14 +00:00
rsa.h Finish aligning up_ref functions with OpenSSL 1.1.0. 2016-08-11 16:51:52 +00:00
safestack.h
sha.h Fix the comments for |SHA[256|384|512]_Transform|. 2016-07-28 21:49:48 +00:00
srtp.h
ssl3.h Insert a state before cert_cb. 2016-08-11 15:45:00 +00:00
ssl.h Forbid EMS from changing during renegotation. 2016-08-30 15:43:35 +00:00
stack_macros.h Remove STACK_OF(OPENSSL_BLOCK). 2016-08-16 19:38:02 +00:00
stack.h Remove STACK_OF(OPENSSL_BLOCK). 2016-08-16 19:38:02 +00:00
thread.h Add missing 'does nothing' comments for consistency. 2016-06-28 20:40:45 +00:00
time_support.h Include time.h in time_support.h. 2016-03-17 17:27:27 +00:00
tls1.h Add TLS 1.3 1-RTT. 2016-07-18 09:54:46 +00:00
type_check.h
x509_vfy.h Finish aligning up_ref functions with OpenSSL 1.1.0. 2016-08-11 16:51:52 +00:00
x509.h Finish aligning up_ref functions with OpenSSL 1.1.0. 2016-08-11 16:51:52 +00:00
x509v3.h Move some typedefs to base.h. 2016-07-22 21:12:18 +00:00