commit | 6965d25602754bc419c5f757d008ba1f4da49ae4 | [log] [tgz] |
---|---|---|
author | David Benjamin <davidben@google.com> | Mon Nov 19 15:49:56 2018 -0600 |
committer | CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> | Wed Nov 21 18:22:57 2018 +0000 |
tree | 5c9f42531382832c859d4c7101f03131b5257443 | |
parent | 4f746a9073333d35db49173a8dbdc076004fa7d1 [diff] |
Work around a JDK 11 TLS 1.3 bug. JDK 11 shipped with a TLS 1.3 implementation enabled by default. Unfortunately, that implementation does not work and fails to send the SNI extension on resumption. See https://bugs.openjdk.java.net/browse/JDK-8211806. This means servers which enable TLS 1.3 will see JDK 11 clients work on the first connection and then fail on all subsequent connections. Add SSL_set_jdk11_workaround which configures a workaround to fingerprint JDK 11 and disable TLS 1.3 with the faulty clients. JDK 11 also implemented the downgrade signal, which means that connections that trigger the workaround also must not send the downgrade signal. Unfortunately, the downgrade signal's security properties are sensitive to the existence of any unmarked TLS 1.2 ServerHello paths. To salvage this, pick a new random downgrade marker for this scenario and modify the client to treat it as an alias of the standard one. Per the link above, JDK 11.0.2 will fix this bug. Hopefully the workaround can be retired sometime after it is released. Change-Id: I0627609a8cadf7cc214073eb7f1e880acdf613ef Reviewed-on: https://boringssl-review.googlesource.com/c/33284 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>
BoringSSL is a fork of OpenSSL that is designed to meet Google's needs.
Although BoringSSL is an open source project, it is not intended for general use, as OpenSSL is. We don't recommend that third parties depend upon it. Doing so is likely to be frustrating because there are no guarantees of API or ABI stability.
Programs ship their own copies of BoringSSL when they use it and we update everything as needed when deciding to make API changes. This allows us to mostly avoid compromises in the name of compatibility. It works for us, but it may not work for you.
BoringSSL arose because Google used OpenSSL for many years in various ways and, over time, built up a large number of patches that were maintained while tracking upstream OpenSSL. As Google's product portfolio became more complex, more copies of OpenSSL sprung up and the effort involved in maintaining all these patches in multiple places was growing steadily.
Currently BoringSSL is the SSL library in Chrome/Chromium, Android (but it's not part of the NDK) and a number of other apps/programs.
There are other files in this directory which might be helpful: