boringssl/tool
David Benjamin 6965d25602 Work around a JDK 11 TLS 1.3 bug.
JDK 11 shipped with a TLS 1.3 implementation enabled by default.
Unfortunately, that implementation does not work and fails to send the
SNI extension on resumption. See
https://bugs.openjdk.java.net/browse/JDK-8211806.

This means servers which enable TLS 1.3 will see JDK 11 clients work on
the first connection and then fail on all subsequent connections. Add
SSL_set_jdk11_workaround which configures a workaround to fingerprint
JDK 11 and disable TLS 1.3 with the faulty clients.

JDK 11 also implemented the downgrade signal, which means that
connections that trigger the workaround also must not send the downgrade
signal. Unfortunately, the downgrade signal's security properties are
sensitive to the existence of any unmarked TLS 1.2 ServerHello paths. To
salvage this, pick a new random downgrade marker for this scenario and
modify the client to treat it as an alias of the standard one.

Per the link above, JDK 11.0.2 will fix this bug. Hopefully the
workaround can be retired sometime after it is released.

Change-Id: I0627609a8cadf7cc214073eb7f1e880acdf613ef
Reviewed-on: https://boringssl-review.googlesource.com/c/33284
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
2018-11-21 18:22:57 +00:00
..
args.cc
ciphers.cc Use getters in tools/ciphers.cc and add -openssl-name flag. 2017-08-18 00:10:31 +00:00
client.cc Switch the default TLS 1.3 variant to tls13_rfc. 2018-08-28 13:58:28 +00:00
CMakeLists.txt Support symbol prefixes 2018-09-06 20:07:52 +00:00
const.cc Unwind multiprime RSA support. 2017-04-12 23:14:57 +00:00
digest.cc
file.cc Add a basic signing tool. 2017-04-05 23:32:13 +00:00
generate_ed25519.cc Add early data input from file. 2017-11-30 17:29:45 +00:00
genrsa.cc Unwind RSA_generate_multi_prime_key. 2017-04-11 18:15:20 +00:00
internal.h Add early data input from file. 2017-11-30 17:29:45 +00:00
pkcs12.cc
rand.cc Fix miscellaneous clang-tidy warnings. 2017-08-01 20:39:46 +00:00
server.cc Work around a JDK 11 TLS 1.3 bug. 2018-11-21 18:22:57 +00:00
sign.cc Align EVP_PKEY Ed25519 API with upstream. 2017-06-12 12:04:11 +00:00
speed.cc Benchmark TLS AES-CBC ciphers in both directions. 2018-05-21 23:08:46 +00:00
tool.cc First part of the FIPS module. 2017-04-07 00:05:34 +00:00
transport_common.cc Remove SSL 3.0 implementation. 2018-06-28 16:54:58 +00:00
transport_common.h Reland "Fix bssl client/server's error-handling." 2018-05-07 17:19:59 +00:00