kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
9b611e28e4
boringssl/ssl
History
David Benjamin 9b611e28e4 Simplify server_name extension parsing. 
Although the server_name extension was intended to be extensible to new name
types, OpenSSL 1.0.x had a bug which meant different name types will cause an
error. Further, RFC 4366 originally defined syntax inextensibly. RFC 6066
corrected this mistake, but adding new name types is no longer feasible.

Act as if the extensibility does not exist to simplify parsing. This also
aligns with OpenSSL 1.1.x's behavior. See upstream's
062178678f5374b09f00d70796f6e692e8775aca and
https://www.ietf.org/mail-archive/web/tls/current/msg19425.html

Change-Id: I5af26516e8f777ddc1dab5581ff552daf2ea59b5
Reviewed-on: https://boringssl-review.googlesource.com/7294
Reviewed-by: David Benjamin <davidben@google.com>
2016-04-18 20:33:35 +00:00
..
pqueue Don't cast |OPENSSL_malloc|/|OPENSSL_realloc| result. 2016-02-11 22:07:56 +00:00
test Don't allow alert records with multiple alerts. 2016-04-18 20:29:02 +00:00
CMakeLists.txt Implement draft-ietf-tls-curve25519-01 in C. 2015-12-22 21:51:30 +00:00
custom_extensions.c
d1_both.c Set rwstate consistently. 2016-04-18 20:30:32 +00:00
d1_clnt.c Set rwstate consistently. 2016-04-18 20:30:32 +00:00
d1_lib.c Set rwstate consistently. 2016-04-18 20:30:32 +00:00
d1_meth.c Pull ChangeCipherSpec into the handshake state machine. 2015-12-16 18:36:57 +00:00
d1_pkt.c Set rwstate consistently. 2016-04-18 20:30:32 +00:00
d1_srtp.c Remove some easy obj.h dependencies. 2016-03-31 20:50:33 +00:00
d1_srvr.c Set rwstate consistently. 2016-04-18 20:30:32 +00:00
dtls_record.c Move aead_{read,write}_ctx and next_proto_negotiated into ssl->s3. 2016-01-15 21:40:25 +00:00
internal.h Bring back |verify_store|. 2016-03-02 15:57:27 +00:00
s3_both.c Set rwstate consistently. 2016-04-18 20:30:32 +00:00
s3_clnt.c Set rwstate consistently. 2016-04-18 20:30:32 +00:00
s3_enc.c Remove some easy obj.h dependencies. 2016-03-31 20:50:33 +00:00
s3_lib.c Remove some easy obj.h dependencies. 2016-03-31 20:50:33 +00:00
s3_meth.c Pull ChangeCipherSpec into the handshake state machine. 2015-12-16 18:36:57 +00:00
s3_pkt.c Set rwstate consistently. 2016-04-18 20:30:32 +00:00
s3_srvr.c Set rwstate consistently. 2016-04-18 20:30:32 +00:00
ssl_aead_ctx.c Disable all TLS crypto in fuzzer mode. 2016-03-02 23:39:36 +00:00
ssl_asn1.c Check for overflow when parsing a CBS with d2i_*. 2015-11-16 23:17:42 +00:00
ssl_buffer.c Set rwstate consistently. 2016-04-18 20:30:32 +00:00
ssl_cert.c Add |SSL_CTX_set_private_key_method| to parallel |SSL_set_private_key_method| 2016-03-07 18:16:58 +00:00
ssl_cipher.c Remove a number of unnecessary stdio.h includes. 2016-03-17 18:22:28 +00:00
ssl_ecdh.c Remove some easy obj.h dependencies. 2016-03-31 20:50:33 +00:00
ssl_file.c Revert "Banish SSL_add_dir_cert_subjects_to_stack and OPENSSL_DIR_CTX to decrepit." 2016-04-11 18:04:18 -04:00
ssl_lib.c Set rwstate consistently. 2016-04-18 20:30:32 +00:00
ssl_rsa.c Add |SSL_CTX_set_private_key_method| to parallel |SSL_set_private_key_method| 2016-03-07 18:16:58 +00:00
ssl_session.c Remove a number of unnecessary stdio.h includes. 2016-03-17 18:22:28 +00:00
ssl_stat.c
ssl_test.cc BIO_new_mem_buf should take const void * 2016-02-24 19:14:19 +00:00
t1_enc.c Remove some easy obj.h dependencies. 2016-03-31 20:50:33 +00:00
t1_lib.c Simplify server_name extension parsing. 2016-04-18 20:33:35 +00:00
tls_record.c Disable all TLS crypto in fuzzer mode. 2016-03-02 23:39:36 +00:00