Skip to content

GitLab

Switch branch/tag
  1. 23 May, 2016 8 commits
  3. 13 May, 2016 2 commits
    • Kenny Root's avatar
      Use SSL_session_reused to check when a session was reused · efd7f14d
      Kenny Root authored 
      The returned session_id could be exactly the same in the case of TLS
session tickets, so use the SSL_session_reused API to determine exactly
when a session was reused.

(cherry picked from commit 1115fa0f)

Bug: 28751153
Change-Id: Ie82e4d1bb326d7e7deb7981a1e57df393f6c0e1f
      efd7f14d
    • Kenny Root's avatar
      Use SSL_session_reused to check when a session was reused · 0b905f8e
      Kenny Root authored 
      The returned session_id could be exactly the same in the case of TLS
session tickets, so use the SSL_session_reused API to determine exactly
when a session was reused.

(cherry picked from commit 1115fa0f)

Bug: 28751153
Change-Id: Ie82e4d1bb326d7e7deb7981a1e57df393f6c0e1f
      0b905f8e
  5. 18 Mar, 2016 2 commits
  7. 17 Mar, 2016 1 commit
    • Kenny Root's avatar
      Fix updateAAD when offset is not 0 · ac9bd77b
      Kenny Root authored 
      Due to AAD data not being reset when a Cipher instance was re-used, this
bug was never uncovered by tests that actually exercise this case.

(cherry picked from commit 95cf7b9b)

Bug: 27696681
Bug: 27324690
Change-Id: Iae9b5794f212a8fc4eeff2a651332e7490f5cada
      ac9bd77b
  9. 08 Mar, 2016 2 commits
  11. 20 Jan, 2016 8 commits
  13. 19 Jan, 2016 2 commits
    • Chad Brubaker's avatar
      Prevent duplicate certificates in TrustedCertificateIndex · 4c9f9c22
      Chad Brubaker authored 
      With the separate caching of intermediate certificates in
TrustManagerImpl a given intermediate may be passed into .index multiple
times. Avoid adding the certificate to the list each time.

(cherry-picked from commit d080e064)
Bug: 26232830
Change-Id: I6bed2c65d9e42e052b9b1b129200a997e7dca745
      4c9f9c22
    • Chad Brubaker's avatar
      Cache intermediate CA separately · c4ab1b95
      Chad Brubaker authored 
      Intermediate CAs are cached in order to support servers that fail to
sent a complete chain to a root. These certificates should be cached to
support these servers but these certificates must not be trusted as
trust anchors. Store them separately to prevent confusion between
trusted roots and cached intermediates.

(cherry-picked from commit 198aca1f)
Bug: 26232830
Change-Id: I520f50729b55fc7412c7d133335bc9e3c190bbf6
      c4ab1b95
  15. 20 Aug, 2015 1 commit
    • Adam Langley's avatar
      external/conscrypt: allow server-initiated renegotiations. · 295b30e7
      Adam Langley authored 
      BoringSSL disables server-initiated renegotiations by default. However,
it's unclear what the impact of this will be. On the other hand,
rejecting renegotiations certainly makes things simplier.

(cherry picked from commit ed628f94)

Bug: 23189319
Change-Id: I0cd3f04838c0afea665a88d4f0cd0a16c1e811de
      295b30e7
  17. 22 Jun, 2015 5 commits
  19. 17 Jun, 2015 1 commit
  21. 11 Jun, 2015 8 commits