| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
input + ok beck@, jsing@
|
| |
|
|
|
| |
ok bcook@ beck@
input + ok jsing@
|
| |
|
|
|
|
|
|
|
|
| |
RFC 4492 only defines elliptic_curves for ClientHello. However, F5 is
sending it in ServerHello. We need to skip over it since our TLS extension
parsing code is now more strict.
Thanks to Armin Wolfermann and WJ Liu for reporting the issue.
input + ok jsing@
|
| |
|
|
| |
ok jsing@
|
| |
|
|
| |
ok beck@ doug@
|
| |
|
|
|
|
| |
extension framework.
ok jsing@ beck@
|
| |
|
|
|
|
| |
extension framework.
input + ok jsing@
|
| | |
|
| |
|
|
|
|
| |
new extension framework.
input + ok jsing@
|
| |
|
|
|
|
|
|
| |
tlsext_sni_serverhello_parse(). This also adds a check to ensure that
if we have an existing session, the name matches what we specified via
SNI.
ok doug@
|
| |
|
|
|
|
|
|
| |
and the new extension framework.
Feedback from doug@
ok inoguchi@
|
|
|
Introduce a TLS extension handling framework that has per-extension type
functions to determine if an extension is needed, to build the extension
data and parse the extension data. This is somewhat analogous to BoringSSL,
however these build and parse functions are intentionally symetrical. The
framework is hooked into the existing TLS handling code in such a way that
we can gradual convert the extension handling code.
Convert the TLS Server Name Indication extension to the new framework,
while rewriting it to use CBB/CBS and be more strict in the process.
Discussed with beck@
ok inoguchi@
|
