882b6c0b2f90afb318f4d0ea6a463dcfecf85abf |
|
29-Aug-2017 |
David Benjamin <davidben@google.com> |
Don't reauthenticate on renegotiation. We currently forbid the server certificate from changing on renegotiation. This means re-verifying the certificate is pointless and indeed the callback being called again seems to surprise consumers more than anything else. Carry over the initial handshake's SCT lists and OCSP responses (don't enforce they don't change since the server may have, say, picked up new OCSP responses in the meantime), ignore new ones received on renegotiation, and don't bother redoing verification. For our purposes, TLS 1.2 renegotiation is an overcomplicated TLS 1.3 KeyUpdate + post-handshake auth. The server is not allowed to change identity. This is a cherry-pick of https://boringssl-review.googlesource.com/19665 and https://boringssl-review.googlesource.com/19684 to resolve a Conscrypt bug. The new certificate verify logic in Conscrypt did not account for renegotiation needing to verify the new certificate, long-standing behavior of OpenSSL and BoringSSL. However, since BoringSSL does not allow the server certificate to change on renegotiation due to 3-SHAKE, this behavior is unnecessary and it was cleanest to stop calling the callback. Exempt-From-Owner-Approval: flooey is on vacation Merged-In: I615af59fe8af4c56e6cf83a364c0fd69be70c415 Merged-In: I41df37881b9c2228b9a7b3569f1532f3b0dcbaea Bug: 64827202 Change-Id: Ie97fc68ad992db2dbde7ba4af519757200a199f3
/external/boringssl/src/ssl/handshake_client.cc
|
96123c01b8c872945004ea9a2c7a1e7c7bf13823 |
|
29-Aug-2017 |
David Benjamin <davidben@google.com> |
Mark renego-established sessions not resumable. We do not call the new_session callback on renego, but a consumer using SSL_get_session may still attempt to resume such a session. Leave the not_resumable flag unset. Also document this renegotiation restriction. This is a cherry-pick of https://boringssl-review.googlesource.com/19664 from BoringSSL, in preparation for cherry-picking https://boringssl-review.googlesource.com/19665. Exempt-From-Owner-Approval: flooey is on vacation Merged-In: I615af59fe8af4c56e6cf83a364c0fd69be70c415 Merged-In: I41df37881b9c2228b9a7b3569f1532f3b0dcbaea Bug: 64827202 Change-Id: Ic81acb033d8166a6bd00edcbfa06157af12f98aa
/external/boringssl/src/ssl/handshake_client.cc
|
a12bf4695c4916207f946efafd9728eb941e3f0a |
|
17-Jul-2017 |
Robert Sloan <varomodt@google.com> |
external/boringssl: Sync to 14308731e5446a73ac2258688a9688b524483cb6. This includes the following changes: https://boringssl.googlesource.com/boringssl/+log/ee7aa02744a78bf4630913b1c83d0fe36aa45efc..14308731e5446a73ac2258688a9688b524483cb6 Test: BoringSSL CTS Presubmits. Change-Id: I73bf80fa018c2a65ca9842f1c2f95d64586bdffc
/external/boringssl/src/ssl/handshake_client.cc
|