kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
4ac2dc4c0d
boringssl/ssl
History
David Benjamin 4ac2dc4c0d Add a comment about ServerHello.supported_groups. 
In TLS 1.2 and below, the server is not supposed to echo it, but I just
came across a BigIP server which does. Document this so we know to take
care before trying to flip it in the future.

(It's actually kind of odd that it wasn't allowed to be sent given TLS
1.2 makes supported_groups interact with ECDSA client certificates. Ah
well.)

Change-Id: I4b97266f461e85bb1ad9bb935470e027f926d4df
Reviewed-on: https://boringssl-review.googlesource.com/10320
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
2016-08-12 20:21:39 +00:00
..
test Enforce the server ALPN protocol was advertised. 2016-08-11 16:46:34 +00:00
CMakeLists.txt Add TLS 1.3 1-RTT. 2016-07-18 09:54:46 +00:00
custom_extensions.c Send unsupported_extension on unexpected ServerHello extensions. 2016-08-01 18:56:31 +00:00
d1_both.c Switch finish_handshake to release_current_message. 2016-07-28 22:59:18 +00:00
d1_lib.c Test that servers enforce session timeouts. 2016-08-03 21:27:07 +00:00
d1_pkt.c Move post-handshake message handling out of read_app_data. 2016-07-29 21:05:49 +00:00
d1_srtp.c Make kSRTPProfiles static. 2016-05-13 14:12:22 +00:00
dtls_method.c Switch finish_handshake to release_current_message. 2016-07-28 22:59:18 +00:00
dtls_record.c Fix the alias checks in dtls_record.c. 2016-06-09 21:11:22 +00:00
handshake_client.c Finish aligning up_ref functions with OpenSSL 1.1.0. 2016-08-11 16:51:52 +00:00
handshake_server.c Remove optimisation for known DH groups. 2016-08-11 16:41:50 +00:00
internal.h Pass a ClientHello into ssl3_choose_cipher. 2016-08-11 05:11:39 +00:00
s3_both.c Splitting SSL session state. 2016-07-29 21:22:46 +00:00
s3_enc.c Splitting SSL session state. 2016-07-29 21:22:46 +00:00
s3_lib.c Pass a ClientHello into ssl3_choose_cipher. 2016-08-11 05:11:39 +00:00
s3_pkt.c Stop pretending to ssl_clear_bad_session. 2016-08-03 21:07:36 +00:00
ssl_aead_ctx.c Fixing iv_length for TLS 1.3. 2016-06-16 17:04:14 +00:00
ssl_asn1.c Undo rename of tlsext_tick_lifetime_hint. 2016-08-09 17:50:28 +00:00
ssl_buffer.c Add SSL_is_dtls. 2016-08-02 20:43:58 +00:00
ssl_cert.c Finish aligning up_ref functions with OpenSSL 1.1.0. 2016-08-11 16:51:52 +00:00
ssl_cipher.c Make ECDHE_PSK + AES_GCM unmatchable. 2016-08-11 16:00:42 +00:00
ssl_ecdh.c Add BN_rand_range_ex and use internally. 2016-07-29 16:09:26 +00:00
ssl_file.c Banish SSL_add_dir_cert_subjects_to_stack and OPENSSL_DIR_CTX to decrepit. 2016-04-27 18:40:25 +00:00
ssl_lib.c Finish aligning up_ref functions with OpenSSL 1.1.0. 2016-08-11 16:51:52 +00:00
ssl_rsa.c Finish aligning up_ref functions with OpenSSL 1.1.0. 2016-08-11 16:51:52 +00:00
ssl_session.c Finish aligning up_ref functions with OpenSSL 1.1.0. 2016-08-11 16:51:52 +00:00
ssl_stat.c Factor out the client_cert_cb code. 2016-07-20 09:25:52 +00:00
ssl_test.cc Finish aligning up_ref functions with OpenSSL 1.1.0. 2016-08-11 16:51:52 +00:00
t1_enc.c Splitting SSL session state. 2016-07-29 21:22:46 +00:00
t1_lib.c Add a comment about ServerHello.supported_groups. 2016-08-12 20:21:39 +00:00
tls13_both.c Finish aligning up_ref functions with OpenSSL 1.1.0. 2016-08-11 16:51:52 +00:00
tls13_client.c Undo rename of tlsext_tick_lifetime_hint. 2016-08-09 17:50:28 +00:00
tls13_enc.c Adding handling for KeyUpdate post-handshake message. 2016-07-29 23:06:09 +00:00
tls13_server.c Insert a state before cert_cb. 2016-08-11 15:45:00 +00:00
tls_method.c Add TLS_{client,server}_method. 2016-08-05 18:59:32 +00:00
tls_record.c Stop pretending to ssl_clear_bad_session. 2016-08-03 21:07:36 +00:00