kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
d1681e614f
boringssl/ssl
History
David Benjamin d1681e614f Remove SSL_set_session_secret_cb (EAP-FAST) 
This is only used for EAP-FAST which we apparently don't need to support.
Remove it outright. We broke it in 9eaeef81fa by
failing to account for session misses.

If this changes and we need it later, we can resurrect it. Preferably
implemented differently: the current implementation is bolted badly onto the
handshake. Ideally use the supplied callbacks to fabricate an appropriate
SSL_SESSION and resume that with as much of the normal session ticket flow as
possible.

The one difference is that EAP-FAST seems to require the probing mechanism for
session tickets rather than the sane session ID echoing version.  We can
reimplement that by asking the record layer to probe ahead for one byte.

Change-Id: I38304953cc36b2020611556a91e8ac091691edac
Reviewed-on: https://boringssl-review.googlesource.com/2360
Reviewed-by: Adam Langley <agl@google.com>
2014-11-21 21:51:10 +00:00
..
pqueue Test insertion of duplicates in pqueue_test. 2014-11-06 01:46:57 +00:00
test Add tests for session-ID-based resumption. 2014-11-21 21:35:39 +00:00
CMakeLists.txt Merge the get_ssl_method hooks between TLS and SSLv3. 2014-09-30 22:58:59 +00:00
d1_both.c Remove DTLSv1_listen. 2014-11-10 22:39:24 +00:00
d1_clnt.c Add malloc failure tests. 2014-11-19 01:24:46 +00:00
d1_enc.c Remove KSSL_DEBUG. 2014-11-04 19:35:38 +00:00
d1_lib.c Remove DTLSv1_listen. 2014-11-10 22:39:24 +00:00
d1_meth.c Inital import. 2014-06-20 13:17:32 -07:00
d1_pkt.c Remove #if 0'd code documenting an old bug. 2014-11-10 22:45:17 +00:00
d1_srtp.c Add less dangerous versions of SRTP functions. 2014-10-27 21:58:09 +00:00
d1_srvr.c Add malloc failure tests. 2014-11-19 01:24:46 +00:00
s3_both.c Remove remnant of MS SGC second ClientHello. 2014-11-04 00:25:13 +00:00
s3_cbc.c Add malloc failure tests. 2014-11-19 01:24:46 +00:00
s3_clnt.c Remove SSL_set_session_secret_cb (EAP-FAST) 2014-11-21 21:51:10 +00:00
s3_enc.c Fix a couple more malloc test crashes. 2014-11-19 22:17:50 +00:00
s3_lib.c Remove CERT_PKEY::valid_flags. 2014-11-18 22:22:23 +00:00
s3_meth.c Merge the get_ssl_method hooks between TLS and SSLv3. 2014-09-30 22:58:59 +00:00
s3_pkt.c Remove support for processing fragmented alerts 2014-11-13 22:58:30 +00:00
s3_srvr.c Remove SSL_set_session_secret_cb (EAP-FAST) 2014-11-21 21:51:10 +00:00
s23_clnt.c Remove SSL_set_session_secret_cb (EAP-FAST) 2014-11-21 21:51:10 +00:00
s23_lib.c Remove default_timeout hook. 2014-08-18 17:25:20 +00:00
s23_meth.c unifdef a bunch of OPENSSL_NO_* ifdefs. 2014-08-28 00:41:34 +00:00
s23_pkt.c Inital import. 2014-06-20 13:17:32 -07:00
s23_srvr.c Add malloc failure tests. 2014-11-19 01:24:46 +00:00
ssl_algs.c Remove indirection in loading ciphers. 2014-09-15 21:06:10 +00:00
ssl_asn1.c Remove psk_identity_hint from SSL_SESSION. 2014-11-10 23:59:47 +00:00
ssl_cert.c Account for EVP_PKEY capabilities in selecting hash functions. 2014-11-18 22:22:33 +00:00
ssl_ciph.c Remove client-side support for ServerKeyExchange in the RSA key exchange. 2014-11-10 23:00:09 +00:00
ssl_error.c Remove support for processing fragmented alerts 2014-11-13 22:58:30 +00:00
ssl_lib.c Remove SSL_set_session_secret_cb (EAP-FAST) 2014-11-21 21:51:10 +00:00
ssl_locl.h Add malloc failure tests. 2014-11-19 01:24:46 +00:00
ssl_rsa.c Clean up ssl_set_cert_masks. 2014-11-18 22:21:52 +00:00
ssl_sess.c Remove SSL_set_session_secret_cb (EAP-FAST) 2014-11-21 21:51:10 +00:00
ssl_stat.c unifdef a bunch of OPENSSL_NO_* ifdefs. 2014-08-28 00:41:34 +00:00
ssl_test.c Remove psk_identity_hint from SSL_SESSION. 2014-11-10 23:59:47 +00:00
ssl_txt.c Remove some remnants of SSLv2. 2014-11-17 20:27:13 +00:00
t1_enc.c Add malloc failure tests. 2014-11-19 01:24:46 +00:00
t1_lib.c Remove SSL_set_session_secret_cb (EAP-FAST) 2014-11-21 21:51:10 +00:00
t1_reneg.c Port ssl3_get_client_hello to CBS. 2014-07-15 18:30:09 +00:00