Skip to content
  1. Jul 26, 2018
  2. Jul 25, 2018
  3. Jul 24, 2018
  4. Jul 23, 2018
  5. Jul 22, 2018
  6. Jul 20, 2018
    • Benjamin Kaduk's avatar
      Add TODO comment for a nonsensical public API · c5d1fb78
      Benjamin Kaduk authored
      
      
      The API used to set what SNI value to send in the ClientHello
      can also be used on server SSL objects, with undocumented and
      un-useful behavior.  Unfortunately, when generic SSL_METHODs
      are used, s->server is still set, prior to the start of the
      handshake, so we cannot prevent this nonsensical usage at the
      present time.  Leave a note to revisit this when ABI-breaking
      changes are permitted.
      
      Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
      (Merged from https://github.com/openssl/openssl/pull/6378)
      c5d1fb78
    • Benjamin Kaduk's avatar
      Normalize SNI hostname handling for SSL and SSL_SESSION · 1c4aa31d
      Benjamin Kaduk authored
      In particular, adhere to the rule that we must not modify any
      property of an SSL_SESSION object once it is (or might be) in
      a session cache.  Such modifications are thread-unsafe and have
      been observed to cause crashes at runtime.
      
      To effect this change, standardize on the property that
      SSL_SESSION->ext.hostname is set only when that SNI value
      has been negotiated by both parties for use with that session.
      For session resumption this is trivially the case, so only new
      handshakes are affected.
      
      On the client, the new semantics are that the SSL->ext.hostname is
      for storing the value configured by the caller, and this value is
      used when constructing the ClientHello.  On the server, SSL->ext.hostname
      is used to hold the value received from the client.  Only if the
      SNI negotiation is successful will the hostname be stored into the
      session object; the server can do this after it sends the ServerHello,
      and the client after it has received and processed the ServerHello.
      
      This obviates the need to remove the hostname from the session object
      in case of failed negotiation (a change that was introduced in commit
      9fb6cb81
      
       in order to allow TLS 1.3
      early data when SNI was present in the ClientHello but not the session
      being resumed), which was modifying cached sessions in certain cases.
      (In TLS 1.3 we always produce a new SSL_SESSION object for new
      connections, even in the case of resumption, so no TLS 1.3 handshakes
      were affected.)
      
      Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
      (Merged from https://github.com/openssl/openssl/pull/6378)
      1c4aa31d
    • Benjamin Kaduk's avatar
      const-ify some input SSL * arguments · 4cc968df
      Benjamin Kaduk authored
      
      
      These tiny functions only read from the input SSL, and we are
      about to use them from functions that only have a const SSL* available,
      so propagate const a bit further.
      
      Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
      (Merged from https://github.com/openssl/openssl/pull/6378)
      4cc968df
    • Andy Polyakov's avatar