kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
a933c38f1a
boringssl/include/openssl
History
David Benjamin 4eb95ccfd6 Parse ClientHello extensions before deciding on resumption. 
This simplifies a little code around EMS and PSK KE modes, but requires
tweaking the SNI code.

The extensions that are more tightly integrated with the handshake are
still processed inline for now. It does, however, require an extra state
in 1.2 so the asynchronous session callback does not cause extensions to
be processed twice. Tweak a test enforce this.

This and a follow-up to move cert_cb before resumption are done in
preparation for resolving the cipher suite before resumption and only
resuming on match.

Note this has caller-visible effects:

- The legacy SNI callback happens before resumption.

- The ALPN callback happens before resumption.

- Custom extension ClientHello parsing callbacks also cannot depend on
  resumption state.

- The DoS protection callback now runs after all the extension callbacks
  as it is documented to be called after the resumption decision.

BUG=116

Change-Id: I1281a3b61789b95c370314aaed4f04c1babbc65f
Reviewed-on: https://boringssl-review.googlesource.com/11845
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2016-11-16 23:58:02 +00:00
..
aead.h Replace keywrap AEADs with upstream's APIs. 2016-10-04 01:37:31 +00:00
aes.h Replace keywrap AEADs with upstream's APIs. 2016-10-04 01:37:31 +00:00
arm_arch.h Remove CRYPTO_set_NEON_functional. 2016-02-23 23:19:46 +00:00
asn1_mac.h Purge the remainder of asn1_mac.h. 2016-08-03 21:37:31 +00:00
asn1.h Add d2i_X509_from_buffer. 2016-11-01 23:06:43 +00:00
asn1t.h Remove ASN.1 print hooks. 2016-06-14 17:38:31 +00:00
base64.h Replace base64 decoding. 2016-05-26 17:59:10 +00:00
base.h BORINGSSL_UNSAFE_FUZZER_MODE implies BORINGSSL_UNSAFE_DETERMINISTIC_MODE. 2016-11-09 23:01:39 +00:00
bio.h Remove the last of BIO_print_errors. 2016-11-03 16:44:32 +00:00
blowfish.h
bn.h Add low-level p256-x86_64 tests. 2016-11-15 17:05:01 +00:00
buf.h Fold stack-allocated types into headers. 2016-09-07 21:50:05 +00:00
buffer.h
bytestring.h Add CBS_get_any_asn1. 2016-10-03 18:36:14 +00:00
cast.h
chacha.h Require in == out for in-place encryption. 2016-06-09 19:49:03 +00:00
cipher.h Fold stack-allocated types into headers. 2016-09-07 21:50:05 +00:00
cmac.h Fold stack-allocated types into headers. 2016-09-07 21:50:05 +00:00
conf.h Add a no-op |OPENSSL_no_config|. 2016-10-19 19:43:35 +00:00
cpu.h Add PPC64LE assembly for AES-GCM. 2016-09-27 18:43:20 +00:00
crypto.h Add no-op function ENGINE_register_all_complete. 2016-07-12 17:54:41 +00:00
curve25519.h Add ED25519_keypair_from_seed. 2016-11-03 17:30:30 +00:00
des.h
dh.h Fold stack-allocated types into headers. 2016-09-07 21:50:05 +00:00
digest.h Fold stack-allocated types into headers. 2016-09-07 21:50:05 +00:00
dsa.h Fold stack-allocated types into headers. 2016-09-07 21:50:05 +00:00
dtls1.h
ec_key.h Fold stack-allocated types into headers. 2016-09-07 21:50:05 +00:00
ec.h Fix documentation for POINT_CONVERSION_UNCOMPRESSED in ec.h 2016-09-23 18:02:48 +00:00
ecdh.h Const-correct ECDH_compute_key. 2016-10-09 17:53:19 +00:00
ecdsa.h Fold stack-allocated types into headers. 2016-09-07 21:50:05 +00:00
engine.h Fold stack-allocated types into headers. 2016-09-07 21:50:05 +00:00
err.h Fix up macros. 2016-10-18 18:28:23 +00:00
evp.h Fold stack-allocated types into headers. 2016-09-07 21:50:05 +00:00
ex_data.h
hkdf.h Const-correct HKDF_expand. 2016-07-16 07:55:19 +00:00
hmac.h Fold stack-allocated types into headers. 2016-09-07 21:50:05 +00:00
lhash_macros.h Add CRYPTO_BUFFER and CRYPTO_BUFFER_POOL. 2016-10-27 22:55:55 +00:00
lhash.h Add CRYPTO_BUFFER and CRYPTO_BUFFER_POOL. 2016-10-27 22:55:55 +00:00
md4.h Add one-shot |MD4| function. 2016-03-09 01:13:55 +00:00
md5.h
mem.h Fold stack-allocated types into headers. 2016-09-07 21:50:05 +00:00
newhope.h Fold stack-allocated types into headers. 2016-09-07 21:50:05 +00:00
nid.h Elliptic curve + post-quantum key exchange 2016-05-19 22:19:14 +00:00
obj_mac.h Rename obj_mac.h to nid.h and make it a multiply-includable header. 2016-03-31 20:45:35 +00:00
obj.h Rename the |dont_return_name| flag of |OBJ_obj2txt| to |always_return_oid|. 2016-08-10 17:18:25 +00:00
objects.h
opensslconf.h Rename opensslfeatures.h to opensslconf.h. 2016-02-26 01:32:50 +00:00
opensslv.h
ossl_typ.h
pem.h Include crypto.h from pem.h. 2016-05-20 15:31:26 +00:00
pkcs7.h
pkcs8.h Fold stack-allocated types into headers. 2016-09-07 21:50:05 +00:00
pkcs12.h
poly1305.h Revert "Enable upstream's Poly1305 code." 2016-03-29 22:47:11 +00:00
pool.h Remove superfluous const from CRYPTO_BUFFER_len. 2016-10-28 19:11:31 +00:00
rand.h Add corpora for fuzzers with fuzzer mode disabled. 2016-11-09 16:53:37 +00:00
rc4.h Add |RC4_options| to decrepit. 2016-03-09 01:14:30 +00:00
ripemd.h Add RIPEMD160 support in decrepit. 2016-03-09 19:37:14 +00:00
rsa.h Fold stack-allocated types into headers. 2016-09-07 21:50:05 +00:00
safestack.h
sha.h Fix the comments for |SHA[256|384|512]_Transform|. 2016-07-28 21:49:48 +00:00
srtp.h
ssl3.h Parse ClientHello extensions before deciding on resumption. 2016-11-16 23:58:02 +00:00
ssl.h Tolerate cipher changes on TLS 1.3 resumption as a client. 2016-11-16 13:27:07 +00:00
stack_macros.h Add STACK_OF(CRYPTO_BUFFER). 2016-11-09 01:00:09 +00:00
stack.h Add STACK_OF(CRYPTO_BUFFER). 2016-11-09 01:00:09 +00:00
thread.h Add missing 'does nothing' comments for consistency. 2016-06-28 20:40:45 +00:00
time_support.h Include time.h in time_support.h. 2016-03-17 17:27:27 +00:00
tls1.h Update to TLS 1.3 draft 18. 2016-11-15 06:57:21 +00:00
type_check.h
x509_vfy.h Fix up macros. 2016-10-18 18:28:23 +00:00
x509.h Address review comments from https://boringssl-review.googlesource.com/#/c/11920/2 2016-11-09 00:52:25 +00:00
x509v3.h Fix up macros. 2016-10-18 18:28:23 +00:00