Google Git
Sign in
boringssl / boringssl.git / c88440cb71fa8bd7d758f6bd4fe14541acc81bdd
commitc88440cb71fa8bd7d758f6bd4fe14541acc81bdd[log] [tgz]
authorDavid Benjamin <davidben@google.com>Mon Jan 12 13:29:48 2026 -0500
committerBoringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>Mon Jan 12 15:39:09 2026 -0800
tree245c6be36dea6ade8c8f7c426003b8687a94e2e7
parent3a2b37f55664cf65f484fc55d90a994908a72e1a [diff]
Deflake DTLS12-SendExtraFinished-Reordered

The aim of MaxHandshakeRecordLength + ReorderHandshakeFragments was to
make it likely that we received at least one fragment of the extra
Finished before the actual Finished, thus exercising the case where we
detect it before the handshake instead of after.

There was some probability that this didn't happen and we actually
receive the entire correct Finished before learning of the extra
Finished's existence. Now that we have the DTLSController machinery, we
can program in the order we actually want.

Separately, it happened that our DTLS 1.2 implementation returned a
different error depending on whether we detected it before or
afterwards. This is due to a combination of DTLS 1.2's renegotiation
ambiguity, and the very hacky place where we hook in the retransmit
check. If we resolve crbug.com/383016430, we might end up changing that.

Change-Id: Idfe4c8c1247e25aa70ce3ec3560833109cef195a
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/86989
Reviewed-by: Lily Chen <chlily@google.com>
Auto-Submit: David Benjamin <davidben@google.com>
Commit-Queue: Lily Chen <chlily@google.com>
1 file changed
tree: 245c6be36dea6ade8c8f7c426003b8687a94e2e7
  1. .bcr/
  2. .github/
  3. bench/
  4. cmake/
  5. crypto/
  6. decrepit/
  7. docs/
  8. fuzz/
  9. gen/
  10. include/
  11. infra/
  12. pki/
  13. rust/
  14. ssl/
  15. third_party/
  16. tool/
  17. util/
  18. .bazelignore
  19. .bazelrc
  20. .bazelversion
  21. .clang-format
  22. .clang-format-ignore
  23. .gitignore
  24. API-CONVENTIONS.md
  25. AUTHORS
  26. BREAKING-CHANGES.md
  27. BUILD.bazel
  28. build.json
  29. BUILDING.md
  30. CMakeLists.txt
  31. codereview.settings
  32. CONTRIBUTING.md
  33. FUZZING.md
  34. go.mod
  35. go.sum
  36. INCORPORATING.md
  37. LICENSE
  38. MODULE.bazel
  39. MODULE.bazel.lock
  40. PORTING.md
  41. PRESUBMIT.py
  42. PrivacyInfo.xcprivacy
  43. README.md
  44. SANDBOXING.md
  45. STYLE.md
README.md

BoringSSL

BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.

Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.

Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.

BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.

Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.

Project links:

To file a security issue, use the Chromium process and mention in the report this is for BoringSSL. You can ignore the parts of the process that are specific to Chromium/Chrome.

There are other files in this directory which might be helpful: