kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
5301c10c53
boringssl/crypto
History
David Benjamin 0ab3f0ca25 Notice earlier if a server echoes the TLS 1.3 compatibility session ID. 
Mono's legacy TLS 1.0 stack, as a server, does not implement any form of
resumption, but blindly echos the ClientHello session ID in the
ServerHello for no particularly good reason.

This is invalid, but due to quirks of how our client checked session ID
equality, we only noticed on the second connection, rather than the
first. Flaky failures do no one any good, so break deterministically on
the first connection, when we realize something strange is going on.

Bug: chromium:796910
Change-Id: I1f255e915fcdffeafb80be481f6c0acb3c628846
Reviewed-on: https://boringssl-review.googlesource.com/25424
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: Steven Valdez <svaldez@google.com>
2018-01-26 21:53:27 +00:00
..
asn1 Fix |ASN1_INTEGER_set| when setting zero. 2018-01-02 16:11:31 +00:00
base64
bio Add missing errno.h include to bio_test.cc 2017-12-04 01:32:37 +00:00
bn_extra
buf
bytestring Add some more utility functions to bytestring. 2018-01-25 23:51:36 +00:00
chacha Silence ARMv8 deprecated IT instruction warnings. 2017-12-14 01:56:22 +00:00
cipher_extra Fix early_mac_len computation. 2017-12-21 21:41:39 +00:00
cmac
conf Add more compatibility symbols for Node. 2017-11-03 01:31:50 +00:00
curve25519 Move curve25519 code to third_party/fiat. 2017-11-03 22:23:59 +00:00
dh
digest_extra
dsa Remove DSA_sign_setup too. 2017-11-22 21:01:11 +00:00
ec_extra Support high tag numbers in CBS/CBB. 2017-11-22 22:34:05 +00:00
ecdh Check EC_POINT/EC_GROUP compatibility more accurately. 2017-10-28 08:02:50 +00:00
ecdsa_extra Remove ECDSA_sign_setup and friends. 2017-11-22 20:23:40 +00:00
engine
err Notice earlier if a server echoes the TLS 1.3 compatibility session ID. 2018-01-26 21:53:27 +00:00
evp Perform the RSA CRT reductions with Montgomery reduction. 2017-12-18 18:59:18 +00:00
fipsmodule Require only that the nonce be strictly monotonic in TLS's AES-GCM 2018-01-26 20:09:44 +00:00
hkdf
hmac_extra
lhash Unexport more of lhash. 2017-10-25 04:17:18 +00:00
obj Also add a decoupled OBJ_obj2txt. 2017-11-30 18:21:48 +00:00
pem
perlasm Revert assembly changes in "Hide CPU capability symbols in C." 2017-10-30 20:39:57 +00:00
pkcs7
pkcs8
poly1305 Remove custom memcpy and memset from poly1305_vec. 2017-11-10 20:53:30 +00:00
pool Run the comment converter on libcrypto. 2017-08-18 21:49:04 +00:00
rand_extra
rc4
rsa_extra Make BN_generate_dsa_nonce internally constant-time. 2017-11-20 16:18:30 +00:00
stack
test Support KAS tests for NIAP. 2018-01-16 22:57:01 +00:00
x509 Support high tag numbers in CBS/CBB. 2018-01-03 22:28:32 +00:00
x509v3 Pretty-print large INTEGERs and ENUMERATEDs in hex. 2017-11-27 18:38:50 +00:00
CMakeLists.txt Extract FIPS KAT tests into a function. 2018-01-22 20:16:38 +00:00
compiler_test.cc
constant_time_test.cc
cpu-aarch64-linux.c
cpu-arm-linux.c
cpu-arm.c
cpu-intel.c Use unsigned integers for masks. 2017-10-30 18:39:58 +00:00
cpu-ppc64le.c
crypto.c Hide CPU capability symbols in C. 2017-10-23 18:36:49 +00:00
ex_data.c Unexport more of lhash. 2017-10-25 04:17:18 +00:00
internal.h Support |alignof|/|alignas| in GCC 4.7. 2018-01-20 02:04:57 +00:00
mem.c
refcount_c11.c
refcount_lock.c
refcount_test.cc
self_test.cc Extract FIPS KAT tests into a function. 2018-01-22 20:16:38 +00:00
thread_none.c
thread_pthread.c
thread_test.cc
thread_win.c
thread.c