kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
8c6fe45c2f
boringssl/ssl
History
David Benjamin 8c6fe45c2f Replace s->first_packet with a s->s3->have_version bit. 
first_packet is a temporary connection-global flag set for the duration of some
call and then queried from other code. This kind of logic is too difficult to
reason through. It also incorrectly treats renegotiate ClientHellos as
pre-version-negotiation records. This eliminates the need to query
enc_write_ctx (which wasn't EVP_AEAD-aware anyway).

Instead, take a leaf from Go TLS's book and add a have_version bit. This is
placed on s->s3 as it is connection state; s->s3 automatically gets reset on
SSL_clear while s doesn't.

This new flag will also be used to determine whether to do the V2ClientHello
sniff when the version-locked methods merge into SSLv23_method. It will also
replace needing to condition s->method against a dummy DTLS_ANY_VERSION value
to determine whether DTLS version negotiation has happened yet.

Change-Id: I5c8bc6258b182ba4ab175a48a84eab6d3a001333
Reviewed-on: https://boringssl-review.googlesource.com/2442
Reviewed-by: Adam Langley <agl@google.com>
2014-12-02 19:35:27 +00:00
..
pqueue Test insertion of duplicates in pqueue_test. 2014-11-06 01:46:57 +00:00
test Merge client/server SSL_METHODs into the generic one. 2014-12-02 19:35:15 +00:00
CMakeLists.txt Merge the get_ssl_method hooks between TLS and SSLv3. 2014-09-30 22:58:59 +00:00
d1_both.c Remove DTLSv1_listen. 2014-11-10 22:39:24 +00:00
d1_clnt.c Replace s->first_packet with a s->s3->have_version bit. 2014-12-02 19:35:27 +00:00
d1_enc.c Remove KSSL_DEBUG. 2014-11-04 19:35:38 +00:00
d1_lib.c Remove a place where SSL_clear cleans up after client/server confusion. 2014-12-02 19:31:57 +00:00
d1_meth.c Merge client/server SSL_METHODs into the generic one. 2014-12-02 19:35:15 +00:00
d1_pkt.c Replace s->first_packet with a s->s3->have_version bit. 2014-12-02 19:35:27 +00:00
d1_srtp.c Add less dangerous versions of SRTP functions. 2014-10-27 21:58:09 +00:00
d1_srvr.c Merge client/server SSL_METHODs into the generic one. 2014-12-02 19:35:15 +00:00
s3_both.c Remove s->type from SSL. 2014-12-02 19:34:28 +00:00
s3_cbc.c Add malloc failure tests. 2014-11-19 01:24:46 +00:00
s3_clnt.c Replace s->first_packet with a s->s3->have_version bit. 2014-12-02 19:35:27 +00:00
s3_enc.c Fix a couple more malloc test crashes. 2014-11-19 22:17:50 +00:00
s3_lib.c Merge client/server SSL_METHODs into the generic one. 2014-12-02 19:35:15 +00:00
s3_meth.c Merge client/server SSL_METHODs into the generic one. 2014-12-02 19:35:15 +00:00
s3_pkt.c Replace s->first_packet with a s->s3->have_version bit. 2014-12-02 19:35:27 +00:00
s3_srvr.c Replace s->first_packet with a s->s3->have_version bit. 2014-12-02 19:35:27 +00:00
s23_clnt.c Merge client/server SSL_METHODs into the generic one. 2014-12-02 19:35:15 +00:00
s23_lib.c Remove default_timeout hook. 2014-08-18 17:25:20 +00:00
s23_meth.c Remove method swap in SSL_set_session. 2014-12-02 19:26:30 +00:00
s23_pkt.c Inital import. 2014-06-20 13:17:32 -07:00
s23_srvr.c Merge client/server SSL_METHODs into the generic one. 2014-12-02 19:35:15 +00:00
ssl_algs.c Remove indirection in loading ciphers. 2014-09-15 21:06:10 +00:00
ssl_asn1.c Remove psk_identity_hint from SSL_SESSION. 2014-11-10 23:59:47 +00:00
ssl_cert.c Remove s->type from SSL. 2014-12-02 19:34:28 +00:00
ssl_ciph.c Remove client-side support for ServerKeyExchange in the RSA key exchange. 2014-11-10 23:00:09 +00:00
ssl_error.c Don't assign handshake_func in the handshake functions. 2014-12-02 19:30:49 +00:00
ssl_lib.c Replace s->first_packet with a s->s3->have_version bit. 2014-12-02 19:35:27 +00:00
ssl_locl.h Remove SSL_(CTX_)get_ssl_method. 2014-12-02 19:30:25 +00:00
ssl_rsa.c Clean up ssl_set_cert_masks. 2014-11-18 22:21:52 +00:00
ssl_sess.c Remove method swap in SSL_set_session. 2014-12-02 19:26:30 +00:00
ssl_stat.c Trim impossible state combinations. 2014-12-02 19:31:00 +00:00
ssl_test.c Remove psk_identity_hint from SSL_SESSION. 2014-11-10 23:59:47 +00:00
ssl_txt.c Remove some remnants of SSLv2. 2014-11-17 20:27:13 +00:00
t1_enc.c Add malloc failure tests. 2014-11-19 01:24:46 +00:00
t1_lib.c Remove SSL_set_session_secret_cb (EAP-FAST) 2014-11-21 21:51:10 +00:00
t1_reneg.c Port ssl3_get_client_hello to CBS. 2014-07-15 18:30:09 +00:00