kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
95d3182576
boringssl/ssl
History
David Benjamin 95d3182576 Duplicate SSL_SESSIONs when renewing them. 
See also upstream's 27c76b9b8010b536687318739c6f631ce4194688, CVE-2015-1791.
Rather than write a dup function, serializing and deserializing the object is
simpler. It also fixes a bug in the original fix where it never calls
new_session_cb to store the new session (for clients which use that callback;
how clients should handle the session cache is much less clear).

The old session isn't pruned as we haven't processed the Finished message yet.
RFC 5077 says:

   The server MUST NOT assume that the client actually received the updated
   ticket until it successfully verifies the client's Finished message.

Moreover, because network messages are asynchronous, a new SSL connection may
have began just before the client received the new ticket, so any such servers
are broken regardless.

Change-Id: I13b3dc986dc58ea2ce66659dbb29e14cd02a641b
Reviewed-on: https://boringssl-review.googlesource.com/5122
Reviewed-by: Adam Langley <agl@google.com>
2015-06-16 18:15:12 +00:00
..
pqueue Fix some malloc test crashs. 2015-05-21 18:00:10 +00:00
test Add ECDHE-PSK-AES{128,256}-SHA cipher suites. 2015-06-09 18:10:42 +00:00
CMakeLists.txt Add malloc test support to unit tests. 2015-05-21 17:59:48 +00:00
d1_both.c Fold away SSL_PROTOCOL_METHOD hooks shared between TLS and DTLS. 2015-06-01 22:29:46 +00:00
d1_clnt.c Prune ssl3_check_cert_and_algorithm. 2015-06-08 22:27:12 +00:00
d1_lib.c Further tidy up cipher logic. 2015-06-01 22:48:30 +00:00
d1_meth.c Further tidy up cipher logic. 2015-06-01 22:48:30 +00:00
d1_pkt.c Split ssl_read_bytes hook into app_data and close_notify hooks. 2015-06-01 22:27:55 +00:00
d1_srtp.c Fix STACK_OF pointer style. 2015-05-06 22:55:16 +00:00
d1_srvr.c Decide whether or not to request client certificates early. 2015-05-27 21:53:16 +00:00
internal.h Prune ssl3_check_cert_and_algorithm. 2015-06-08 22:27:12 +00:00
s3_both.c Minor typo fix in comment. 2015-06-04 21:59:45 +00:00
s3_clnt.c Duplicate SSL_SESSIONs when renewing them. 2015-06-16 18:15:12 +00:00
s3_enc.c Remove unnecessary NULL checks, part 5. 2015-05-04 23:16:19 +00:00
s3_lib.c Further tidy up cipher logic. 2015-06-01 22:48:30 +00:00
s3_meth.c Further tidy up cipher logic. 2015-06-01 22:48:30 +00:00
s3_pkt.c Limit the number of warning alerts silently consumed. 2015-06-08 22:16:14 +00:00
s3_srvr.c Tighten up EMS resumption behaviour. 2015-06-03 22:05:50 +00:00
ssl_aead_ctx.c Factor SSL_AEAD_CTX into a dedicated type. 2015-05-21 17:59:15 +00:00
ssl_algs.c Rename ssl_locl.h to internal.h 2015-04-10 22:14:09 +00:00
ssl_asn1.c Duplicate SSL_SESSIONs when renewing them. 2015-06-16 18:15:12 +00:00
ssl_cert.c Get rid of CERT_PKEY slots in SESS_CERT. 2015-06-08 22:13:45 +00:00
ssl_cipher.c Add ECDHE-PSK-AES{128,256}-SHA cipher suites. 2015-06-09 18:10:42 +00:00
ssl_lib.c Duplicate SSL_SESSIONs when renewing them. 2015-06-16 18:15:12 +00:00
ssl_rsa.c Switch EVP_PKEY_dup calls to EVP_PKEY_up_ref. 2015-05-06 22:57:09 +00:00
ssl_sess.c Remove remaining calls to the old lock functions. 2015-05-20 19:18:13 +00:00
ssl_stat.c Remove SSL_in_before and SSL_ST_BEFORE. 2015-05-21 20:51:06 +00:00
ssl_test.cc Add SSL_SESSION_from_bytes. 2015-06-16 18:12:39 +00:00
ssl_txt.c Rename ssl_locl.h to internal.h 2015-04-10 22:14:09 +00:00
t1_enc.c Fold TLS1_PRF_* into SSL_HANDSHAKE_MAC_* 2015-06-01 22:43:06 +00:00
t1_lib.c Add SSL_SESSION_from_bytes. 2015-06-16 18:12:39 +00:00
t1_reneg.c Include-what-you-use ssl/internal.h. 2015-04-10 22:15:02 +00:00