Filippo Valsorda
4191962f25
crypto/tls: use correct alerts
...
BoGo: Resume-Server-PSKBinderFirstExtension
BoGo: Resume-Server-ExtraPSKBinder
BoGo: Resume-Server-ExtraIdentityNoBinder
BoGo: Renegotiate-Server-Forbidden
BoGo: NoNullCompression
BoGo: TrailingMessageData-*
2017-09-05 21:06:35 +01:00
Filippo Valsorda
1bc19494f8
tris: tolerate NSS sending obfuscated_ticket_age as seconds
2017-09-05 21:06:34 +01:00
Filippo Valsorda
faefac5f1a
crypto/tls: stop ConfirmHandshake from locking on any Read
...
ConfirmHandshake should block on a Read until the handshakeConfirmed
state is reached, but past that it shouldn't.
2017-09-05 21:06:34 +01:00
Filippo Valsorda
341de96a61
crypto/tls: fix Conn.phase data races
...
Phase should only be accessed under in.Mutex. Handshake and all Read
operations obtain that lock. However, many functions checking for
handshakeRunning only obtain handshakeMutex: reintroduce
handshakeCompleted for them. ConnectionState and Close check for
handshakeConfirmed, introduce an atomic flag for them.
2017-09-05 21:06:34 +01:00
Filippo Valsorda
3e31621f57
crypto/tls: pick the first group the client sent a key share for
...
Fixes NCC-2016-002
2017-09-05 21:06:34 +01:00
Filippo Valsorda
5c4af70647
tris: drop QuietError
2017-09-05 21:06:34 +01:00
Filippo Valsorda
180bfdbd68
crypto/tls: finish the session ticket state checks
2017-09-05 21:06:34 +01:00
Filippo Valsorda
f8c15889af
crypto/tls: implement TLS 1.3 server 0-RTT
2017-09-05 21:06:34 +01:00
Filippo Valsorda
1117f76fcc
crypto/tls: return from Handshake before the Client Finished in 1.3
2017-09-05 21:06:34 +01:00
Filippo Valsorda
ee3048cfd2
crypto/tls: implement TLS 1.3 server PSK
2017-09-05 21:06:34 +01:00
Filippo Valsorda
6c3765bb15
tris: add error tracing with CH dumping
2017-09-05 21:06:34 +01:00
Filippo Valsorda
8052dc002f
tris: extend ConnectionInfo
2017-09-05 21:06:34 +01:00
Filippo Valsorda
4b0d17eca3
crypto/tls: implement TLS 1.3 minimal server
2017-09-05 21:06:29 +01:00
