boringssl

History

Matthew Braithwaite d2ed382e64 Serialize SSL configuration in handoff and check it on application. A split SSL handshake may involve 2 binaries, potentially built at different versions: call them the "handoff/handback" binary and the "handshake" binary. We would like to guarantee that the handoff/handback binary does not make any promises that the handshake binary cannot keep. As a start, this commit serializes \|kCiphers\| to the handoff message. When the handoff message is applied to an \|SSL\|, any configured ciphers not listed in the handoff message will be removed, in order to prevent them from being negotiated. Subsequent commits will apply the same approach to other lists of features. Change-Id: Idf6dbeadb750c076ab0509c09b9d3f22eb162b9c Reviewed-on: https://boringssl-review.googlesource.com/c/29264 Reviewed-by: Matt Braithwaite <mab@google.com>		2018-11-02 19:45:42 +00:00
..
test	Add a per-SSL TLS 1.3 downgrade enforcement option and improve tests.	2018-10-10 19:50:19 +00:00
bio_ssl.cc	Switch a number of files to C++.	2017-07-12 20:54:02 +00:00
CMakeLists.txt	Support symbol prefixes	2018-09-06 20:07:52 +00:00
d1_both.cc	Remove the add_alert hook.	2018-09-15 00:55:02 +00:00
d1_lib.cc	Support symbol prefixes	2018-09-06 20:07:52 +00:00
d1_pkt.cc	Support symbol prefixes	2018-09-06 20:07:52 +00:00
d1_srtp.cc	A bunch more scopers.	2018-07-06 19:43:08 +00:00
dtls_method.cc	Remove the add_alert hook.	2018-09-15 00:55:02 +00:00
dtls_record.cc	Another batch of bools.	2018-09-07 15:06:55 +00:00
handoff.cc	Serialize SSL configuration in handoff and check it on application.	2018-11-02 19:45:42 +00:00
handshake_client.cc	Add an interface for QUIC integration.	2018-10-31 20:38:10 +00:00
handshake_server.cc	Support symbol prefixes	2018-09-06 20:07:52 +00:00
handshake.cc	Add an interface for QUIC integration.	2018-10-31 20:38:10 +00:00
internal.h	Serialize SSL configuration in handoff and check it on application.	2018-11-02 19:45:42 +00:00
s3_both.cc	Buffer up QUIC data within a level internally.	2018-11-01 13:52:43 +00:00
s3_lib.cc	Support symbol prefixes	2018-09-06 20:07:52 +00:00
s3_pkt.cc	Add an interface for QUIC integration.	2018-10-31 20:38:10 +00:00
span_test.cc	Support symbol prefixes	2018-09-06 20:07:52 +00:00
ssl_aead_ctx.cc	Add an interface for QUIC integration.	2018-10-31 20:38:10 +00:00
ssl_asn1.cc	Support symbol prefixes	2018-09-06 20:07:52 +00:00
ssl_buffer.cc	Support symbol prefixes	2018-09-06 20:07:52 +00:00
ssl_cert.cc	Another batch of bools.	2018-09-07 15:06:55 +00:00
ssl_cipher.cc	Serialize SSL configuration in handoff and check it on application.	2018-11-02 19:45:42 +00:00
ssl_file.cc	Avoid modifying stack in sk_find.	2018-04-12 21:02:12 +00:00
ssl_key_share.cc	Another batch of bools.	2018-09-07 15:06:55 +00:00
ssl_lib.cc	Add an interface for QUIC integration.	2018-10-31 20:38:10 +00:00
ssl_privkey.cc	Another batch of bools.	2018-09-07 15:06:55 +00:00
ssl_session.cc	Support symbol prefixes	2018-09-06 20:07:52 +00:00
ssl_stat.cc	Remove trailing whitespace from ssl/.	2018-02-26 22:05:13 +00:00
ssl_test.cc	Serialize SSL configuration in handoff and check it on application.	2018-11-02 19:45:42 +00:00
ssl_transcript.cc	Support symbol prefixes	2018-09-06 20:07:52 +00:00
ssl_versions.cc	Add an interface for QUIC integration.	2018-10-31 20:38:10 +00:00
ssl_x509.cc	Fix undefined function pointer casts in {d2i,i2d}_Foo_{bio,fp}	2018-10-01 17:34:53 +00:00
t1_enc.cc	Support symbol prefixes	2018-09-06 20:07:52 +00:00
t1_lib.cc	Reorder some extensions to better match Firefox.	2018-09-07 17:59:18 +00:00
tls13_both.cc	Add an interface for QUIC integration.	2018-10-31 20:38:10 +00:00
tls13_client.cc	Add an interface for QUIC integration.	2018-10-31 20:38:10 +00:00
tls13_enc.cc	Add an interface for QUIC integration.	2018-10-31 20:38:10 +00:00
tls13_server.cc	Add an interface for QUIC integration.	2018-10-31 20:38:10 +00:00
tls_method.cc	Remove the add_alert hook.	2018-09-15 00:55:02 +00:00
tls_record.cc	Another batch of bools.	2018-09-07 15:06:55 +00:00