kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
931ab3484f
boringssl/ssl
History
David Benjamin 931ab3484f Fix handshake check when False Start is used with implicit read. 
It may take up to two iterations of s->handshake_func before it is safe to
continue. Fortunately, even if anything was using False Start this way
(Chromium doesn't), we don't inherit NSS's security bug. The "redundant" check
in the type match case later on in this function saves us.

Amusingly, the success case still worked before this fix. Even though we fall
through to the post-handshake codepath and get a handshake record while
"expecting" app data, the handshake state machine is still pumped thanks to a
codepath meant for renego!

Change-Id: Ie129d83ac1451ad4947c4f86380879db8a3fd924
Reviewed-on: https://boringssl-review.googlesource.com/3335
Reviewed-by: Adam Langley <agl@google.com>
2015-02-09 19:52:08 +00:00
..
pqueue Remove string.h from base.h. 2015-02-02 19:14:15 +00:00
test Fix handshake check when False Start is used with implicit read. 2015-02-09 19:52:08 +00:00
CMakeLists.txt Change CMakeLists.txt to two-space indent. 2015-01-28 16:37:10 -08:00
d1_both.c Simplify DTLS epoch rewind. 2015-02-03 20:34:06 +00:00
d1_clnt.c Reformatting of several DTLS source files. 2014-12-13 16:28:18 -08:00
d1_lib.c Remove dtls1_timeout_st. 2015-02-03 00:41:07 +00:00
d1_meth.c Implement SSL_clear with ssl_new and ssl_free. 2015-01-12 22:35:58 +00:00
d1_pkt.c Initialize the record buffers after the handshake check. 2015-02-09 19:49:45 +00:00
d1_srtp.c Store SRTP_PROTECTION_PROFILES as const. 2015-01-14 22:10:08 +00:00
d1_srvr.c Remove NETSCAPE_HANG_BUG. 2015-02-03 00:41:15 +00:00
s3_both.c Touch up ssl3_get_message. 2014-12-17 00:16:23 +00:00
s3_clnt.c Check for EVP_Digest failure. 2015-02-09 19:40:46 +00:00
s3_enc.c Implement SSLv3 ciphers with stateful AEADs. 2015-01-14 20:55:58 +00:00
s3_lib.c Forbid interleaving between application data and handshake protocols. 2015-02-09 19:42:44 +00:00
s3_meth.c Implement SSL_clear with ssl_new and ssl_free. 2015-01-12 22:35:58 +00:00
s3_pkt.c Fix handshake check when False Start is used with implicit read. 2015-02-09 19:52:08 +00:00
s3_srvr.c Remove NETSCAPE_HANG_BUG. 2015-02-03 00:41:15 +00:00
ssl_algs.c Make SSL_load_error_strings a no-op. 2015-01-14 22:09:58 +00:00
ssl_asn1.c Remove SSL_SESSION::cipher_id. 2015-01-14 21:10:55 +00:00
ssl_cert.c Add (void) to some macros to satisfy compiler. 2015-01-12 23:46:03 +00:00
ssl_ciph.c Fix some unchecked mallocs. 2015-02-09 19:39:41 +00:00
ssl_error.c Remove alert_fragment and handshake_fragment. 2015-02-03 19:10:08 +00:00
ssl_lib.c Forbid initiating renegotiate in DTLS. 2015-02-03 19:06:19 +00:00
ssl_locl.h aarch64 support. 2015-01-14 23:38:11 +00:00
ssl_rsa.c Reformat the rest of ssl/. 2014-12-18 17:43:03 -08:00
ssl_sess.c Enable more warnings & treat warnings as errors on Windows. 2015-01-31 00:18:55 +00:00
ssl_stat.c Reformat the rest of ssl/. 2014-12-18 17:43:03 -08:00
ssl_test.c Merge SSLv23_method and DTLS_ANY_VERSION. 2014-12-13 15:22:21 -08:00
ssl_txt.c Remove SSL_SESSION::cipher_id. 2015-01-14 21:10:55 +00:00
t1_enc.c Simplify DTLS epoch rewind. 2015-02-03 20:34:06 +00:00
t1_lib.c Only send sigalgs extension in 1.2-capable ClientHellos. 2015-01-26 18:45:04 +00:00
t1_reneg.c Reformat the rest of ssl/. 2014-12-18 17:43:03 -08:00