kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
75f9914e17
boringssl/ssl
History
David Benjamin 75f9914e17 Align TLS 1.2 and 1.3 server session validity checks. 
Having that logic in two different places is a nuisance when we go to
add new checks like resumption stuff. Along the way, this adds missing
tests for the ClientHello cipher/session consistency check. (We'll
eventually get it for free once the cipher/resumption change is
unblocked, but get this working in the meantime.)

This also fixes a bug where the session validity checks happened in the
wrong order relative to whether tickets_supported or renew_ticket was
looked at. Fix that by lifting that logic closer to the handshake.

Change-Id: I3f4b59cfe01064f9125277dc5834e62a36e64aae
Reviewed-on: https://boringssl-review.googlesource.com/12230
Reviewed-by: Adam Langley <agl@google.com>
2016-11-15 18:18:39 +00:00
..
test Align TLS 1.2 and 1.3 server session validity checks. 2016-11-15 18:18:39 +00:00
CMakeLists.txt Add TLS 1.3 1-RTT. 2016-07-18 09:54:46 +00:00
custom_extensions.c Move extensions bitmasks into SSL_HANDSHAKE. 2016-10-09 16:48:52 +00:00
d1_both.c Replace hash_current_message with get_current_message. 2016-11-15 06:52:10 +00:00
d1_lib.c Remove RC4 from TLS for real. 2016-09-16 03:06:36 +00:00
d1_pkt.c Expose SSL_max_seal_overhead. 2016-11-09 16:51:46 +00:00
d1_srtp.c Fix ssl_ctx_make_profiles error handling. 2016-09-27 13:27:06 +00:00
dtls_method.c Replace hash_current_message with get_current_message. 2016-11-15 06:52:10 +00:00
dtls_record.c Take the version parameter out of ssl_do_msg_callback. 2016-09-21 18:55:27 +00:00
handshake_client.c Add tests for failing cert_cb. 2016-11-15 07:15:54 +00:00
handshake_server.c Align TLS 1.2 and 1.3 server session validity checks. 2016-11-15 18:18:39 +00:00
internal.h Align TLS 1.2 and 1.3 server session validity checks. 2016-11-15 18:18:39 +00:00
s3_both.c Add a helper function for parsing extensions blocks. 2016-11-15 06:58:52 +00:00
s3_enc.c Move key_block into SSL_HANDSHAKE. 2016-11-09 17:02:33 +00:00
s3_lib.c Move key_block into SSL_HANDSHAKE. 2016-11-09 17:02:33 +00:00
s3_pkt.c Expose SSL_max_seal_overhead. 2016-11-09 16:51:46 +00:00
ssl_aead_ctx.c Validate input iv/mac sizes in SSL_AEAD_CTX_new. 2016-10-28 21:25:35 +00:00
ssl_asn1.c Update to TLS 1.3 draft 18. 2016-11-15 06:57:21 +00:00
ssl_buffer.c Add SSL_is_dtls. 2016-08-02 20:43:58 +00:00
ssl_cert.c Update to TLS 1.3 draft 18. 2016-11-15 06:57:21 +00:00
ssl_cipher.c Trim ssl_create_cipher_list slightly. 2016-11-03 22:19:53 +00:00
ssl_ecdh.c Implement SSL_CTX_set1_curves_list() 2016-09-30 00:45:19 +00:00
ssl_file.c Check for sk_X509_NAME_push failures. 2016-09-27 13:18:37 +00:00
ssl_lib.c Move tlsext_ticket_expected to SSL_HANDSHAKE. 2016-11-12 07:32:42 +00:00
ssl_rsa.c Rename X.509 members in |SSL_SESSION| and |CERT|. 2016-11-09 20:07:57 +00:00
ssl_session.c Align TLS 1.2 and 1.3 server session validity checks. 2016-11-15 18:18:39 +00:00
ssl_stat.c Add the certificate_required alert. 2016-10-10 15:48:06 +00:00
ssl_test.cc Fix run_tests on fuzzer-mode builds. 2016-11-15 07:01:24 +00:00
t1_enc.c Move key_block into SSL_HANDSHAKE. 2016-11-09 17:02:33 +00:00
t1_lib.c Align TLS 1.2 and 1.3 server session validity checks. 2016-11-15 18:18:39 +00:00
tls13_both.c Add a helper function for parsing extensions blocks. 2016-11-15 06:58:52 +00:00
tls13_client.c Add a helper function for parsing extensions blocks. 2016-11-15 06:58:52 +00:00
tls13_enc.c Allow PSK binder mismatches in fuzzer mode. 2016-11-15 06:57:54 +00:00
tls13_server.c Align TLS 1.2 and 1.3 server session validity checks. 2016-11-15 18:18:39 +00:00
tls_method.c Replace hash_current_message with get_current_message. 2016-11-15 06:52:10 +00:00
tls_record.c Enforce record-layer version numbers. 2016-11-13 05:28:35 +00:00