Skip to content
  1. Sep 19, 2018
    • Benjamin Kaduk's avatar
      Reset TLS 1.3 ciphers in SSL_CTX_set_ssl_version() · 1766493b
      Benjamin Kaduk authored
      
      
      Historically SSL_CTX_set_ssl_version() has reset the cipher list
      to the default.  Splitting TLS 1.3 ciphers to be tracked separately
      caused a behavior change, in that TLS 1.3 cipher configuration was
      preserved across calls to SSL_CTX_set_ssl_version().  To restore commensurate
      behavior with the historical behavior, set the ciphersuites to the default as
      well as setting the cipher list to the default.
      
      Closes: #7226
      
      Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
      (Merged from https://github.com/openssl/openssl/pull/7270)
      
      (cherry picked from commit 2340ed277b7c5365e83a32eb7d5fa32c4071fb21)
      1766493b
  2. Sep 18, 2018
  3. Sep 17, 2018
  4. Sep 16, 2018
  5. Sep 15, 2018
  6. Sep 13, 2018
  7. Sep 12, 2018
  8. Sep 11, 2018
  9. Sep 10, 2018
  10. Sep 09, 2018
  11. Sep 08, 2018
  12. Sep 07, 2018
    • Matt Caswell's avatar
      Do not reset SNI data in SSL_do_handshake() · f01344cb
      Matt Caswell authored
      
      
      PR #3783 introduce coded to reset the server side SNI state in
      SSL_do_handshake() to ensure any erroneous config time SNI changes are
      cleared. Unfortunately SSL_do_handshake() can be called mid-handshake
      multiple times so this is the wrong place to do this and can mean that
      any SNI data is cleared later on in the handshake too.
      
      Therefore move the code to a more appropriate place.
      
      Fixes #7014
      
      Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
      Reviewed-by: default avatarViktor Dukhovni <viktor@openssl.org>
      Reviewed-by: default avatarBen Kaduk <kaduk@mit.edu>
      (Merged from https://github.com/openssl/openssl/pull/7149)
      f01344cb
    • Ben Kaduk's avatar
      Simplify SSL_get_servername() to avoid session references · 328a0547
      Ben Kaduk authored
      
      
      Ideally, SSL_get_servername() would do exactly as it is documented
      and return exactly what the client sent (i.e., what we currently
      are stashing in the SSL's ext.hostname), without needing to refer
      to an SSL_SESSION object.  For historical reasons, including the
      parsed SNI value from the ClientHello originally being stored in the
      SSL_SESSION's ext.hostname field, we have had references to the
      SSL_SESSION in this function.  We cannot fully excise them due to
      the interaction between user-supplied callbacks and TLS 1.2 resumption
      flows, where we call all callbacks but the client did not supply an
      SNI value.  Existing callbacks expect to receive a valid SNI value
      in this case, so we must fake one up from the resumed session in
      order to avoid breakage.
      
      Otherwise, greatly simplify the implementation and just return the
      value in the SSL, as sent by the client.
      
      Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
      (Merged from https://github.com/openssl/openssl/pull/7115)
      328a0547