boringssl/ssl
Steven Valdez 2a0707210a Prevent Channel ID and Custom Extensions on 0-RTT.
Channel ID is incompatible with 0-RTT, so we gracefully decline 0-RTT
as a server and forbid their combination as a client. We'll keep this
logic around until Channel ID is removed.

Channel ID will be replaced by tokbind which currently uses custom
extensions. Those will need additional logic to work with 0-RTT.
This is not implemented yet so, for now, fail if both are ever
configured together at all. A later change will allow the two to
combine.

BUG=183

Change-Id: I46c5ba883ccd47930349691fb08074a1fab13d5f
Reviewed-on: https://boringssl-review.googlesource.com/14370
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-03-26 18:13:57 +00:00
..
test Prevent Channel ID and Custom Extensions on 0-RTT. 2017-03-26 18:13:57 +00:00
bio_ssl.c Move the SSL BIO into ssl/ from decrepit/. 2017-02-03 21:08:10 +00:00
CMakeLists.txt Convert bio_test to GTest. 2017-03-21 17:39:57 +00:00
custom_extensions.c Prevent Channel ID and Custom Extensions on 0-RTT. 2017-03-26 18:13:57 +00:00
d1_both.c Trim x509.h includes. 2017-03-07 23:13:49 +00:00
d1_lib.c Don't use long for timestamps. 2017-03-01 21:58:38 +00:00
d1_pkt.c Remove support for blocking DTLS timeout handling. 2017-03-01 19:59:28 +00:00
d1_srtp.c Fix ssl_ctx_make_profiles error handling. 2016-09-27 13:27:06 +00:00
dtls_method.c Add Data-less Zero-RTT support. 2017-03-25 21:00:18 +00:00
dtls_record.c Don't use the buffer BIO in DTLS. 2017-01-25 23:35:32 +00:00
handshake_client.c Add Data-less Zero-RTT support. 2017-03-25 21:00:18 +00:00
handshake_server.c Name |select_certificate_cb| return values 2017-03-22 01:27:00 +00:00
internal.h Send half-RTT tickets when negotiating 0-RTT. 2017-03-26 18:10:07 +00:00
s3_both.c Add Data-less Zero-RTT support. 2017-03-25 21:00:18 +00:00
s3_lib.c Move new_cipher and new_session to SSL_HANDSHAKE. 2017-02-17 20:48:31 +00:00
s3_pkt.c Add Data-less Zero-RTT support. 2017-03-25 21:00:18 +00:00
ssl_aead_ctx.c Adding version to AEAD. 2017-03-08 19:12:39 +00:00
ssl_asn1.c Don't use long for timestamps. 2017-03-01 21:58:38 +00:00
ssl_buffer.c Work around language and compiler bug in memcpy, etc. 2016-12-21 20:34:47 +00:00
ssl_cert.c Add |SSL[_CTX]_set_chain_and_key|. 2017-03-08 19:11:57 +00:00
ssl_cipher.c Remove DHE ciphersuites from TLS. 2017-03-21 23:55:10 +00:00
ssl_ecdh.c Remove New Hope key agreement. 2016-12-10 01:06:31 +00:00
ssl_file.c Remove |X509| things from SSL_SESSION. 2017-02-10 19:12:04 +00:00
ssl_lib.c Add a comment around the set_{min,max}_version logic. 2017-03-25 23:28:45 +00:00
ssl_privkey_cc.cc Rename ssl_rsa.c to ssl_privkey.c. 2017-02-09 18:45:11 +00:00
ssl_privkey.c Add |SSL[_CTX]_set_chain_and_key|. 2017-03-08 19:11:57 +00:00
ssl_session.c Support asynchronous ticket decryption with TLS 1.0–1.2. 2017-03-11 00:04:18 +00:00
ssl_stat.c Unexport the handshake's internal state. 2017-02-13 19:44:30 +00:00
ssl_test.cc Name |select_certificate_cb| return values 2017-03-22 01:27:00 +00:00
ssl_transcript.c Moving transcript and PRF functions to SSL_TRANSCRIPT. 2017-02-10 16:33:42 +00:00
ssl_x509.c Move ssl_verify_alarm_type into ssl_x509.c. 2017-03-07 23:14:16 +00:00
t1_enc.c Move tmp.extended_master_secret to SSL_HANDSHAKE. 2017-02-17 21:36:37 +00:00
t1_lib.c Make RI on TLS 1.3 alert with ILLEGAL_PARAMETER. 2017-03-26 18:10:37 +00:00
tls13_both.c Send half-RTT tickets when negotiating 0-RTT. 2017-03-26 18:10:07 +00:00
tls13_client.c Prevent Channel ID and Custom Extensions on 0-RTT. 2017-03-26 18:13:57 +00:00
tls13_enc.c Send half-RTT tickets when negotiating 0-RTT. 2017-03-26 18:10:07 +00:00
tls13_server.c Prevent Channel ID and Custom Extensions on 0-RTT. 2017-03-26 18:13:57 +00:00
tls_method.c Add Data-less Zero-RTT support. 2017-03-25 21:00:18 +00:00
tls_record.c Add Data-less Zero-RTT support. 2017-03-25 21:00:18 +00:00