Google Git
Sign in
boringssl / boringssl / ba4594aee60e83b0f26a10ec2e0a9de2be81e8cf
commitba4594aee60e83b0f26a10ec2e0a9de2be81e8cf[log] [tgz]
authorDavid Benjamin <davidben@chromium.org>Thu Jun 18 18:36:15 2015 -0400
committerAdam Langley <agl@google.com>Thu Jun 18 23:40:51 2015 +0000
tree8d75d74761f2645efd1f2991a3c746bf0cfeb381
parent91eab5c9df6d21a395fceb542cbfac147f9ee038 [diff]
Don't put sessions from renegotiations in the cache.

Rather than rely on Chromium to query SSL_initial_handshake_complete in the
callback (which didn't work anyway because the callback is called afterwards),
move the logic into BoringSSL. BoringSSL already enforces that clients never
offer resumptions on renegotiation (it wouldn't work well anyway as client
session cache lookup is external), so it's reasonable to also implement
in-library that sessions established on a renegotiation are not cached.

Add a bunch of tests that new_session_cb is called when expected.

BUG=501418

Change-Id: I42d44c82b043af72b60a0f8fdb57799e20f13ed5
Reviewed-on: https://boringssl-review.googlesource.com/5171
Reviewed-by: Adam Langley <agl@google.com>
7 files changed
tree: 8d75d74761f2645efd1f2991a3c746bf0cfeb381
  1. crypto/
  2. decrepit/
  3. doc/
  4. include/
  5. ssl/
  6. tool/
  7. util/
  8. .clang-format
  9. .gitignore
  10. BUILDING
  11. CMakeLists.txt
  12. codereview.settings
  13. LICENSE
  14. STYLE