boringssl/ssl
David Benjamin 4792110b2b Forbid interleaving app data in a HelloRequest.
We already forbid renego/app-data interleave. Forbid it within a
HelloRequest too because that's nonsense. No one would ever send:

   [hs:HelloReq-] [app:Hello world] [hs:-uest]

Add tests for this case.

This is in preparation for our more complex TLS 1.3 post-handshake logic
which is going to go through the usual handshake reassembly logic and,
for sanity, will want to enforce this anyway.

BUG=83

Change-Id: I80eb9f3333da3d751f98f25d9469860d1993a97a
Reviewed-on: https://boringssl-review.googlesource.com/9000
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2016-07-29 15:44:42 +00:00
..
test Forbid interleaving app data in a HelloRequest. 2016-07-29 15:44:42 +00:00
CMakeLists.txt Add TLS 1.3 1-RTT. 2016-07-18 09:54:46 +00:00
custom_extensions.c Align the SSL stack on #include style. 2015-09-15 23:32:07 +00:00
d1_both.c Switch finish_handshake to release_current_message. 2016-07-28 22:59:18 +00:00
d1_lib.c Stop using the word 'buffer' everywhere. 2016-06-27 22:15:22 +00:00
d1_pkt.c Switch finish_handshake to release_current_message. 2016-07-28 22:59:18 +00:00
d1_srtp.c Make kSRTPProfiles static. 2016-05-13 14:12:22 +00:00
dtls_method.c Switch finish_handshake to release_current_message. 2016-07-28 22:59:18 +00:00
dtls_record.c Fix the alias checks in dtls_record.c. 2016-06-09 21:11:22 +00:00
handshake_client.c Switch finish_handshake to release_current_message. 2016-07-28 22:59:18 +00:00
handshake_server.c Switch finish_handshake to release_current_message. 2016-07-28 22:59:18 +00:00
internal.h Switch finish_handshake to release_current_message. 2016-07-28 22:59:18 +00:00
s3_both.c Switch finish_handshake to release_current_message. 2016-07-28 22:59:18 +00:00
s3_enc.c Don't call tls12_get_hash in the server handshake. 2016-07-12 16:30:10 +00:00
s3_lib.c Add TLS 1.3 1-RTT. 2016-07-18 09:54:46 +00:00
s3_pkt.c Forbid interleaving app data in a HelloRequest. 2016-07-29 15:44:42 +00:00
ssl_aead_ctx.c Fixing iv_length for TLS 1.3. 2016-06-16 17:04:14 +00:00
ssl_asn1.c Disconnect handshake message creation from init_buf. 2016-06-27 22:15:01 +00:00
ssl_buffer.c Remove in-place TLS record assembly for now. 2016-06-09 19:47:44 +00:00
ssl_cert.c Factor out the client_cert_cb code. 2016-07-20 09:25:52 +00:00
ssl_cipher.c Forbid PSK ciphers in TLS 1.3 for now. 2016-07-13 16:49:46 +00:00
ssl_ecdh.c Add TLS 1.3 1-RTT. 2016-07-18 09:54:46 +00:00
ssl_file.c Banish SSL_add_dir_cert_subjects_to_stack and OPENSSL_DIR_CTX to decrepit. 2016-04-27 18:40:25 +00:00
ssl_lib.c Clear init_msg/init_num whenever we clear the backing store. 2016-07-28 21:44:39 +00:00
ssl_rsa.c Give SSL_PRIVATE_KEY_METHOD a message-based API. 2016-07-15 18:26:45 +00:00
ssl_session.c Split unlock functions into read/write variants. 2016-05-31 21:09:29 +00:00
ssl_stat.c Factor out the client_cert_cb code. 2016-07-20 09:25:52 +00:00
ssl_test.cc Revert "Add tests to ensure our ClientHello does not change." 2016-07-20 09:18:11 +00:00
t1_enc.c Add TLS 1.3 1-RTT. 2016-07-18 09:54:46 +00:00
t1_lib.c Tweak ssl_early_callback_init. 2016-07-20 17:18:44 +00:00
tls13_both.c Call expect_flight and received_flight in the 1.3 logic. 2016-07-25 15:00:17 +00:00
tls13_client.c Call expect_flight and received_flight in the 1.3 logic. 2016-07-25 15:00:17 +00:00
tls13_enc.c Implement SSLKEYLOGFILE support for TLS 1.3. 2016-07-19 08:32:04 +00:00
tls13_server.c Call expect_flight and received_flight in the 1.3 logic. 2016-07-25 15:00:17 +00:00
tls_method.c Switch finish_handshake to release_current_message. 2016-07-28 22:59:18 +00:00
tls_record.c Check for buffered handshake messages on cipher change in DTLS. 2016-07-16 08:25:02 +00:00