boringssl

Verlauf

David Benjamin 7c7d8313ab Trim a few extensions when min_version is TLS 1.3. None of these extensions may be negotiated in TLS 1.3 and are otherwise on by default. Make the future QUIC/TLS1.3 ClientHello a hair smaller. Change-Id: I613c339d95470676c78f21fd29e888b7701692c6 Reviewed-on: https://boringssl-review.googlesource.com/10504 Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>		vor 8 Jahren
..
test	Fill in the curve ID for TLS 1.3.	vor 8 Jahren
CMakeLists.txt	Add TLS 1.3 1-RTT.	vor 8 Jahren
custom_extensions.c	Send unsupported_extension on unexpected ServerHello extensions.	vor 8 Jahren
d1_both.c	Switch finish_handshake to release_current_message.	vor 8 Jahren
d1_lib.c	Test that servers enforce session timeouts.	vor 8 Jahren
d1_pkt.c	Move post-handshake message handling out of read_app_data.	vor 8 Jahren
d1_srtp.c	Make kSRTPProfiles static.	vor 8 Jahren
dtls_method.c	Switch finish_handshake to release_current_message.	vor 8 Jahren
dtls_record.c	Fix the alias checks in dtls_record.c.	vor 8 Jahren
handshake_client.c	Remove ssl->verify_result.	vor 8 Jahren
handshake_server.c	Remove ssl->verify_result.	vor 8 Jahren
internal.h	Adding ARRAY_SIZE macro for getting the size of constant arrays.	vor 8 Jahren
s3_both.c	Move ssl_handshake_new, etc., into s3_both.c.	vor 8 Jahren
s3_enc.c	Splitting SSL session state.	vor 8 Jahren
s3_lib.c	Pass a ClientHello into ssl3_choose_cipher.	vor 8 Jahren
s3_pkt.c	Stop pretending to ssl_clear_bad_session.	vor 8 Jahren
ssl_aead_ctx.c	Fixing iv_length for TLS 1.3.	vor 8 Jahren
ssl_asn1.c	Undo rename of tlsext_tick_lifetime_hint.	vor 8 Jahren
ssl_buffer.c	Add SSL_is_dtls.	vor 8 Jahren
ssl_cert.c	Remove ssl->verify_result.	vor 8 Jahren
ssl_cipher.c	Adding ARRAY_SIZE macro for getting the size of constant arrays.	vor 8 Jahren
ssl_ecdh.c	Adding ARRAY_SIZE macro for getting the size of constant arrays.	vor 8 Jahren
ssl_file.c	Banish SSL_add_dir_cert_subjects_to_stack and OPENSSL_DIR_CTX to decrepit.	vor 8 Jahren
ssl_lib.c	Adding ARRAY_SIZE macro for getting the size of constant arrays.	vor 8 Jahren
ssl_rsa.c	RSA-PSS should work in TLS 1.2.	vor 8 Jahren
ssl_session.c	Remove SSL_SESSION_get_key_exchange_info.	vor 8 Jahren
ssl_stat.c	Factor out the client_cert_cb code.	vor 8 Jahren
ssl_test.cc	Adding ARRAY_SIZE macro for getting the size of constant arrays.	vor 8 Jahren
t1_enc.c	Splitting SSL session state.	vor 8 Jahren
t1_lib.c	Trim a few extensions when min_version is TLS 1.3.	vor 8 Jahren
tls13_both.c	Implement BORINGSSL_UNSAFE_FUZZER_MODE for TLS 1.3.	vor 8 Jahren
tls13_client.c	Request contexts are now illegal during the handshake.	vor 8 Jahren
tls13_enc.c	Adding code to send session as PSK Identity.	vor 8 Jahren
tls13_server.c	Remove ssl->verify_result.	vor 8 Jahren
tls_method.c	Add TLS_{client,server}_method.	vor 8 Jahren
tls_record.c	Stop pretending to ssl_clear_bad_session.	vor 8 Jahren