boringssl/ssl
David Benjamin 35ac5b7500 Export server-side ticket_age skew.
We'll measure this value to guide what tolerance to use in the 0-RTT
anti-replay mechanism. This also fixes a bug where we were previously
minting ticket_age_add-less tickets on the server. Add a check to reject
all those tickets.

BUG=113

Change-Id: I68e690c0794234234e0d0500b4b9a7f79aea641e
Reviewed-on: https://boringssl-review.googlesource.com/14068
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-03-08 14:59:01 +00:00
..
test Export server-side ticket_age skew. 2017-03-08 14:59:01 +00:00
bio_ssl.c Move the SSL BIO into ssl/ from decrepit/. 2017-02-03 21:08:10 +00:00
CMakeLists.txt Moving transcript and PRF functions to SSL_TRANSCRIPT. 2017-02-10 16:33:42 +00:00
custom_extensions.c
d1_both.c Trim x509.h includes. 2017-03-07 23:13:49 +00:00
d1_lib.c Don't use long for timestamps. 2017-03-01 21:58:38 +00:00
d1_pkt.c Remove support for blocking DTLS timeout handling. 2017-03-01 19:59:28 +00:00
d1_srtp.c
dtls_method.c Add |X509_METHOD| and, using it, move many functions to ssl_x509.c. 2017-02-09 18:30:35 +00:00
dtls_record.c Don't use the buffer BIO in DTLS. 2017-01-25 23:35:32 +00:00
handshake_client.c Trim x509.h includes. 2017-03-07 23:13:49 +00:00
handshake_server.c Don't use long for timestamps. 2017-03-01 21:58:38 +00:00
internal.h Export server-side ticket_age skew. 2017-03-08 14:59:01 +00:00
s3_both.c Move ssl_verify_alarm_type into ssl_x509.c. 2017-03-07 23:14:16 +00:00
s3_lib.c Move new_cipher and new_session to SSL_HANDSHAKE. 2017-02-17 20:48:31 +00:00
s3_pkt.c Establish that the default value of an out-arg for alerts is SSL_AD_DECODE_ERROR. 2017-02-09 18:07:30 +00:00
ssl_aead_ctx.c Allow dtls_seal_record to work in-place. 2017-01-25 16:27:32 +00:00
ssl_asn1.c Don't use long for timestamps. 2017-03-01 21:58:38 +00:00
ssl_buffer.c Work around language and compiler bug in memcpy, etc. 2016-12-21 20:34:47 +00:00
ssl_cert.c Trim x509.h includes. 2017-03-07 23:13:49 +00:00
ssl_cipher.c Remove SSL_CIPHER_has_MD5_HMAC. 2017-02-22 22:20:56 +00:00
ssl_ecdh.c
ssl_file.c Remove |X509| things from SSL_SESSION. 2017-02-10 19:12:04 +00:00
ssl_lib.c Export server-side ticket_age skew. 2017-03-08 14:59:01 +00:00
ssl_privkey_cc.cc Rename ssl_rsa.c to ssl_privkey.c. 2017-02-09 18:45:11 +00:00
ssl_privkey.c Trim x509.h includes. 2017-03-07 23:13:49 +00:00
ssl_session.c Don't use long for timestamps. 2017-03-01 21:58:38 +00:00
ssl_stat.c Unexport the handshake's internal state. 2017-02-13 19:44:30 +00:00
ssl_test.cc Hold CA names as |CRYPTO_BUFFER|s. 2017-02-28 22:24:31 +00:00
ssl_transcript.c Moving transcript and PRF functions to SSL_TRANSCRIPT. 2017-02-10 16:33:42 +00:00
ssl_x509.c Move ssl_verify_alarm_type into ssl_x509.c. 2017-03-07 23:14:16 +00:00
t1_enc.c Move tmp.extended_master_secret to SSL_HANDSHAKE. 2017-02-17 21:36:37 +00:00
t1_lib.c Export server-side ticket_age skew. 2017-03-08 14:59:01 +00:00
tls13_both.c Trim x509.h includes. 2017-03-07 23:13:49 +00:00
tls13_client.c Trim x509.h includes. 2017-03-07 23:13:49 +00:00
tls13_enc.c Move new_cipher and new_session to SSL_HANDSHAKE. 2017-02-17 20:48:31 +00:00
tls13_server.c Export server-side ticket_age skew. 2017-03-08 14:59:01 +00:00
tls_method.c Allow users of the |CRYPTO_BUFFER|-based methods to verify certs after the handshake. 2017-03-08 01:09:42 +00:00
tls_record.c Remove experimental TLS 1.3 short record header extension. 2017-03-02 22:39:17 +00:00