kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
707720ca22
boringssl/ssl
History
David Benjamin 25fe85b38c Insert a state before cert_cb. 
If cert_cb runs asynchronously, we end up repeating a large part of very
stateful ClientHello processing. This seems to be mostly fine and there
are few users of server-side cert_cb (it's a new API in 1.0.2), but it's
a little scary.

This is also visible to external consumers because some callbacks get
called multiple times. We especially should try to avoid that as there
is no guarantee that these callbacks are idempotent and give the same
answer each time.

Change-Id: I212b2325eae2cfca0fb423dace101e466c5e5d4e
Reviewed-on: https://boringssl-review.googlesource.com/10224
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2016-08-11 15:45:00 +00:00
..
test Insert a state before cert_cb. 2016-08-11 15:45:00 +00:00
CMakeLists.txt Add TLS 1.3 1-RTT. 2016-07-18 09:54:46 +00:00
custom_extensions.c Send unsupported_extension on unexpected ServerHello extensions. 2016-08-01 18:56:31 +00:00
d1_both.c Switch finish_handshake to release_current_message. 2016-07-28 22:59:18 +00:00
d1_lib.c Test that servers enforce session timeouts. 2016-08-03 21:27:07 +00:00
d1_pkt.c Move post-handshake message handling out of read_app_data. 2016-07-29 21:05:49 +00:00
d1_srtp.c Make kSRTPProfiles static. 2016-05-13 14:12:22 +00:00
dtls_method.c Switch finish_handshake to release_current_message. 2016-07-28 22:59:18 +00:00
dtls_record.c Fix the alias checks in dtls_record.c. 2016-06-09 21:11:22 +00:00
handshake_client.c Move SCSV handling out of cipher list parsing. 2016-08-11 04:57:52 +00:00
handshake_server.c Insert a state before cert_cb. 2016-08-11 15:45:00 +00:00
internal.h Pass a ClientHello into ssl3_choose_cipher. 2016-08-11 05:11:39 +00:00
s3_both.c Splitting SSL session state. 2016-07-29 21:22:46 +00:00
s3_enc.c Splitting SSL session state. 2016-07-29 21:22:46 +00:00
s3_lib.c Pass a ClientHello into ssl3_choose_cipher. 2016-08-11 05:11:39 +00:00
s3_pkt.c Stop pretending to ssl_clear_bad_session. 2016-08-03 21:07:36 +00:00
ssl_aead_ctx.c Fixing iv_length for TLS 1.3. 2016-06-16 17:04:14 +00:00
ssl_asn1.c Undo rename of tlsext_tick_lifetime_hint. 2016-08-09 17:50:28 +00:00
ssl_buffer.c Add SSL_is_dtls. 2016-08-02 20:43:58 +00:00
ssl_cert.c Push some duplicated code into ssl_verify_cert_chain. 2016-08-04 16:41:03 +00:00
ssl_cipher.c Forbid PSK ciphers in TLS 1.3 for now. 2016-07-13 16:49:46 +00:00
ssl_ecdh.c Add BN_rand_range_ex and use internally. 2016-07-29 16:09:26 +00:00
ssl_file.c Banish SSL_add_dir_cert_subjects_to_stack and OPENSSL_DIR_CTX to decrepit. 2016-04-27 18:40:25 +00:00
ssl_lib.c Move SCSV handling out of cipher list parsing. 2016-08-11 04:57:52 +00:00
ssl_rsa.c Give SSL_PRIVATE_KEY_METHOD a message-based API. 2016-07-15 18:26:45 +00:00
ssl_session.c Undo rename of tlsext_tick_lifetime_hint. 2016-08-09 17:50:28 +00:00
ssl_stat.c Factor out the client_cert_cb code. 2016-07-20 09:25:52 +00:00
ssl_test.cc Test that servers enforce session timeouts. 2016-08-03 21:27:07 +00:00
t1_enc.c Splitting SSL session state. 2016-07-29 21:22:46 +00:00
t1_lib.c Move SCSV handling out of cipher list parsing. 2016-08-11 04:57:52 +00:00
tls13_both.c Move more side-specific code out of tls13_process_certificate. 2016-08-04 16:58:46 +00:00
tls13_client.c Undo rename of tlsext_tick_lifetime_hint. 2016-08-09 17:50:28 +00:00
tls13_enc.c Adding handling for KeyUpdate post-handshake message. 2016-07-29 23:06:09 +00:00
tls13_server.c Insert a state before cert_cb. 2016-08-11 15:45:00 +00:00
tls_method.c Add TLS_{client,server}_method. 2016-08-05 18:59:32 +00:00
tls_record.c Stop pretending to ssl_clear_bad_session. 2016-08-03 21:07:36 +00:00