kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
553 Commits 12 Branches 0 Tags 38 MiB
C 43.1%
C++ 23.5%
Go 13.6%
Raku 10.8%
Perl 4%
Other 4.9%
7001a7fce6
Go to file
David Benjamin 7001a7fce6 Don't bother accepting key_arg when parsing SSL_SESSION. 
Doing some archeaology, since the initial OpenSSL commit, key_arg has been
omitted from the serialization if key_arg_length was 0. Since this is an
SSLv2-only field and resuming an SSLv2 session with SSLv3+ is not possible,
there is no need to support parsing those sessions.

Interestingly, it is actually not the case that key_arg_length was only ever
set in SSLv2, historically. In the initial commit of OpenSSL, SSLeay 0.8.1b,
key_arg was used to store what appears to be the IV. That was then removed in
the next commit, an import of SSLeay 0.9.0b, at which point key_arg was only
ever set in SSLv3. That is old enough that there is certainly no need to
parse pre-SSLeay-0.9.0b sessions...

Change-Id: Ia768a2d97ddbe60309be20e2efe488640c4776d9
Reviewed-on: https://boringssl-review.googlesource.com/2050
Reviewed-by: Adam Langley <agl@google.com>
2014-10-27 21:55:26 +00:00
crypto Fix "integer constant is too large for 'long' type" errors. 2014-10-24 22:12:49 +00:00
doc Inital import. 2014-06-20 13:17:32 -07:00
include/openssl Extended master secret support. 2014-10-24 21:19:44 +00:00
ssl Don't bother accepting key_arg when parsing SSL_SESSION. 2014-10-27 21:55:26 +00:00
tool Missing includes for FreeBSD. 2014-09-30 19:15:15 +00:00
util Not everyone keeps bash in /bin. 2014-09-30 20:03:07 +00:00
.clang-format Inital import. 2014-06-20 13:17:32 -07:00
.gitignore Inital import. 2014-06-20 13:17:32 -07:00
BUILDING Increase minimum required cmake version 2014-08-18 17:23:37 +00:00
CMakeLists.txt Increase minimum required cmake version 2014-08-18 17:23:37 +00:00