kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
ef1b009344
boringssl/ssl
History
David Benjamin ef1b009344 Consider session if the client supports tickets but offered a session ID. 
This is a minor regression from
https://boringssl-review.googlesource.com/5235.

If the client, for whatever reason, had an ID-based session but also
supports tickets, it will send non-empty ID + empty ticket extension.
If the ticket extension is non-empty, then the ID is not an ID but a
dummy signaling value, so 5235 avoided looking it up. But if it is
present and empty, the ID is still an ID and should be looked up.

This shouldn't have any practical consequences, except if a server
switched from not supporting tickets and then started supporting it,
while keeping the session cache fixed.

Add a test for this case, and tighten up existing ID vs ticket tests so
they fail if we resume with the wrong type.

Change-Id: Id4d08cd809af00af30a2b67fe3a971078e404c75
Reviewed-on: https://boringssl-review.googlesource.com/6554
Reviewed-by: Adam Langley <alangley@gmail.com>
2016-01-15 20:08:52 +00:00
..
pqueue
test Consider session if the client supports tickets but offered a session ID. 2016-01-15 20:08:52 +00:00
CMakeLists.txt Implement draft-ietf-tls-curve25519-01 in C. 2015-12-22 21:51:30 +00:00
custom_extensions.c
d1_both.c Switch s to ssl everywhere. 2015-12-22 23:28:22 +00:00
d1_clnt.c Switch s to ssl everywhere. 2015-12-22 23:28:22 +00:00
d1_lib.c Switch s to ssl everywhere. 2015-12-22 23:28:22 +00:00
d1_meth.c Pull ChangeCipherSpec into the handshake state machine. 2015-12-16 18:36:57 +00:00
d1_pkt.c Switch s to ssl everywhere. 2015-12-22 23:28:22 +00:00
d1_srtp.c
d1_srvr.c Switch s to ssl everywhere. 2015-12-22 23:28:22 +00:00
dtls_record.c
internal.h Consider session if the client supports tickets but offered a session ID. 2016-01-15 20:08:52 +00:00
s3_both.c Switch s to ssl everywhere. 2015-12-22 23:28:22 +00:00
s3_clnt.c Switch s to ssl everywhere. 2015-12-22 23:28:22 +00:00
s3_enc.c Switch s to ssl everywhere. 2015-12-22 23:28:22 +00:00
s3_lib.c Switch s to ssl everywhere. 2015-12-22 23:28:22 +00:00
s3_meth.c Pull ChangeCipherSpec into the handshake state machine. 2015-12-16 18:36:57 +00:00
s3_pkt.c Switch s to ssl everywhere. 2015-12-22 23:28:22 +00:00
s3_srvr.c Switch s to ssl everywhere. 2015-12-22 23:28:22 +00:00
ssl_aead_ctx.c Implement draft-ietf-tls-chacha20-poly1305-04. 2015-12-16 23:34:56 +00:00
ssl_asn1.c
ssl_buffer.c
ssl_cert.c Remove unreachable code to duplicate DH keys. 2015-12-16 21:20:12 +00:00
ssl_cipher.c Make it possible to tell what curve was used on the server. 2015-12-22 23:12:25 +00:00
ssl_ecdh.c Route DHE through the SSL_ECDH abstraction as well. 2015-12-22 23:17:32 +00:00
ssl_file.c
ssl_lib.c Switch s to ssl everywhere. 2015-12-22 23:28:22 +00:00
ssl_rsa.c
ssl_session.c Consider session if the client supports tickets but offered a session ID. 2016-01-15 20:08:52 +00:00
ssl_stat.c
ssl_test.cc Implement draft-ietf-tls-chacha20-poly1305-04. 2015-12-16 23:34:56 +00:00
t1_enc.c Switch s to ssl everywhere. 2015-12-22 23:28:22 +00:00
t1_lib.c Consider session if the client supports tickets but offered a session ID. 2016-01-15 20:08:52 +00:00
tls_record.c Remove |need_record_splitting| from |SSL3_STATE|. 2015-12-16 18:45:48 +00:00