kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
721e8b79a9
boringssl/include/openssl
History
David Benjamin 33dad1b7a1 Stop pretending to ssl_clear_bad_session. 
We broke this to varying degrees ages ago.

This is the logic to implement the variations of rules in TLS to discard
sessions after a failed connection, where a failed connection could be
one of:

- A connection that was not cleanly shut down.

- A connection that received a fatal alert.

The first one is nonsense since close_notify does not actually work in
the real world. The second is a vaguely more plausible but...

- A stateless ticket-based server can't drop sessions anyway.

- In TLS 1.3, a client may receive many tickets over the lifetime of a
  single connection. With an external session cache like ours which may,
  in theory, but multithreaded, this will be a huge hassle to track.

- A client may well attempt to establish a connection and reuse the
  session before we receive the fatal alert, so any application state we
  hope to manage won't really work.

- An attacker can always close the connection before the fatal alert, so
  whatever security policy clearing the session gave is easily
  bypassable.

Implementation-wise, this has basically never worked. The
ssl_clear_bad_session logic called into SSL_CTX_remove_session which
relied on the internal session cache. (Sessions not in the internal
session cache don't get removed.) The internal session cache was only
useful for a server, where tickets prevent this mechanism from doing
anything. For a client, we since removed the internal session cache, so
nothing got removed. The API for a client also did not work as it gave
the SSL_SESSION, not the SSL, so a consumer would not know the key to
invalidate anyway.

The recent session state splitting change further broke this.

Moreover, calling into SSL_CTX_remove_session logic like that is
extremely dubious because it mutates the not_resumable flag on the
SSL_SESSION which isn't thread-safe.

Spec-wise, TLS 1.3 has downgraded the MUST to a SHOULD.

Given all that mess, just remove this code. It is no longer necessary to
call SSL_shutdown just to make session caching work.

Change-Id: Ib601937bfc5f6b40436941e1c86566906bb3165d
Reviewed-on: https://boringssl-review.googlesource.com/9091
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2016-08-03 21:07:36 +00:00
..
aead.h Revert scoped_types.h change. 2016-07-12 08:05:38 -07:00
aes.h Fix documentation typo. 2015-07-01 21:33:29 +00:00
arm_arch.h Remove CRYPTO_set_NEON_functional. 2016-02-23 23:19:46 +00:00
asn1_mac.h Ditch remaining filename comments from public headers and ssl/ 2015-10-20 18:40:05 +00:00
asn1.h Revert scoped_types.h change. 2016-07-12 08:05:38 -07:00
asn1t.h Remove ASN.1 print hooks. 2016-06-14 17:38:31 +00:00
base64.h Replace base64 decoding. 2016-05-26 17:59:10 +00:00
base.h Move some typedefs to base.h. 2016-07-22 21:12:18 +00:00
bio.h Revert scoped_types.h change. 2016-07-12 08:05:38 -07:00
blowfish.h Add decrepit, initially containing CAST and Blowfish. 2015-04-06 16:58:45 -07:00
bn.h Document a conservative input range for Montgomery math functions. 2016-08-02 19:19:35 +00:00
buf.h Add BUF_MEM_reserve. 2016-05-18 19:09:06 +00:00
buffer.h Add buffer.h for compatibility. 2015-05-12 00:09:57 +00:00
bytestring.h CBBs are in an undefined state after an operation failed. 2016-07-19 20:51:51 +00:00
cast.h Add decrepit, initially containing CAST and Blowfish. 2015-04-06 16:58:45 -07:00
chacha.h Require in == out for in-place encryption. 2016-06-09 19:49:03 +00:00
cipher.h Revert scoped_types.h change. 2016-07-12 08:05:38 -07:00
cmac.h Revert scoped_types.h change. 2016-07-12 08:05:38 -07:00
conf.h Fix the shared library build. 2016-03-09 20:13:41 +00:00
cpu.h Make CRYPTO_is_NEON_capable aware of the buggy CPU. 2016-04-28 16:42:21 +00:00
crypto.h Add no-op function ENGINE_register_all_complete. 2016-07-12 17:54:41 +00:00
curve25519.h Revert scoped_types.h change. 2016-07-12 08:05:38 -07:00
des.h Fix shared library build on OS X. 2015-10-26 23:39:47 +00:00
dh.h Revert scoped_types.h change. 2016-07-12 08:05:38 -07:00
digest.h Promise more accurate bounds than EVP_MD_MAX_SIZE. 2016-08-01 23:24:04 +00:00
dsa.h Move some typedefs to base.h. 2016-07-22 21:12:18 +00:00
dtls1.h Opaquify DTLS structs. 2015-05-08 18:02:02 +00:00
ec_key.h Revert scoped_types.h change. 2016-07-12 08:05:38 -07:00
ec.h Move some typedefs to base.h. 2016-07-22 21:12:18 +00:00
ecdh.h Clean up |ECDH_compute_key|. 2015-10-27 17:00:25 +00:00
ecdsa.h Revert scoped_types.h change. 2016-07-12 08:05:38 -07:00
engine.h Unwind DH_METHOD and DSA_METHOD. 2015-11-03 22:54:36 +00:00
err.h Have doc.go parse struct comments. 2016-01-26 23:23:23 +00:00
evp.h Change |EVP_PKEY_up_ref| to return int. 2016-07-12 17:55:41 +00:00
ex_data.h Skip free callbacks on empty CRYPTO_EX_DATAs. 2015-12-15 21:32:14 +00:00
hkdf.h Const-correct HKDF_expand. 2016-07-16 07:55:19 +00:00
hmac.h Update comments for HMAC to give a more accurate bound than EVP_MD_MAX_SIZE 2016-08-02 18:20:42 +00:00
lhash_macros.h Remove hash table lookups from ex_data. 2015-04-15 23:59:35 +00:00
lhash.h Style: fix some header guards 2015-10-26 18:47:51 +00:00
md4.h Add one-shot |MD4| function. 2016-03-09 01:13:55 +00:00
md5.h Store the partial block as uint8_t, not uint32_t. 2015-12-16 19:59:29 +00:00
mem.h Revert "Move C++ helpers into |bssl| namespace." 2016-07-12 08:09:33 -07:00
newhope.h Revert scoped_types.h change. 2016-07-12 08:05:38 -07:00
nid.h Elliptic curve + post-quantum key exchange 2016-05-19 22:19:14 +00:00
obj_mac.h Rename obj_mac.h to nid.h and make it a multiply-includable header. 2016-03-31 20:45:35 +00:00
obj.h Make OBJ_NAME_do_all more OpenSSL-compatible. 2016-06-27 21:42:27 +00:00
objects.h Move public headers to include/openssl/ 2014-07-14 22:42:18 +00:00
opensslconf.h Rename opensslfeatures.h to opensslconf.h. 2016-02-26 01:32:50 +00:00
opensslv.h Get version-related functions from crypto.h rather than ssl.h. 2015-05-20 22:58:14 +00:00
ossl_typ.h Move public headers to include/openssl/ 2014-07-14 22:42:18 +00:00
pem.h Include crypto.h from pem.h. 2016-05-20 15:31:26 +00:00
pkcs7.h Move public headers to include/openssl/ 2014-07-14 22:42:18 +00:00
pkcs8.h Revert scoped_types.h change. 2016-07-12 08:05:38 -07:00
pkcs12.h Move public headers to include/openssl/ 2014-07-14 22:42:18 +00:00
poly1305.h Revert "Enable upstream's Poly1305 code." 2016-03-29 22:47:11 +00:00
rand.h Add a deterministic PRNG for fuzzing. 2016-03-03 01:36:19 +00:00
rc4.h Add |RC4_options| to decrepit. 2016-03-09 01:14:30 +00:00
ripemd.h Add RIPEMD160 support in decrepit. 2016-03-09 19:37:14 +00:00
rsa.h Revert scoped_types.h change. 2016-07-12 08:05:38 -07:00
safestack.h Rename safe_stack.h to safestack.h. 2015-02-20 23:33:48 +00:00
sha.h Fix the comments for |SHA[256|384|512]_Transform|. 2016-07-28 21:49:48 +00:00
srtp.h Fold srtp.h into ssl.h. 2015-09-14 23:59:37 +00:00
ssl3.h Factor out the client_cert_cb code. 2016-07-20 09:25:52 +00:00
ssl.h Stop pretending to ssl_clear_bad_session. 2016-08-03 21:07:36 +00:00
stack_macros.h Fix stack macro const-ness. 2016-05-13 18:24:57 +00:00
stack.h Revert "Move C++ helpers into |bssl| namespace." 2016-07-12 08:09:33 -07:00
thread.h Add missing 'does nothing' comments for consistency. 2016-06-28 20:40:45 +00:00
time_support.h Include time.h in time_support.h. 2016-03-17 17:27:27 +00:00
tls1.h Add TLS 1.3 1-RTT. 2016-07-18 09:54:46 +00:00
type_check.h Try to fix MSVC and __STDC_VERSION__ again. 2015-05-20 13:42:12 -07:00
x509_vfy.h Move some typedefs to base.h. 2016-07-22 21:12:18 +00:00
x509.h Drop cached certificate signature validity flag 2016-07-21 17:46:15 +00:00
x509v3.h Move some typedefs to base.h. 2016-07-22 21:12:18 +00:00