| commit | 0d0a68701ad42d38dcc13104dcc942d2ad31a56f | |
| author | davidben@chromium.org <davidben@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | |
| Sat, 26 Jul 2014 18:05:11 +0000 (26 18:05 +0000) | ||
| committer | davidben@chromium.org <davidben@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | |
| Sat, 26 Jul 2014 18:05:11 +0000 (26 18:05 +0000) | ||
| tree | d21b83517a347cae8b8a5fa461185b67e55f1274 | treesnapshot (tar.gz zip) |
| parent | dd6f8fa7270bc6f836af354eb3c109a083a82b06 | commitdiff |
Implement TLS_FALLBACK_SCSV for SSLClientSocketOpenSSL.
In doing so, fix a bug in tlslite's TLS_FALLBACK_SCSV support; the fallback
alert should be sent with the client's version. Otherwise OpenSSL reports
SSL_R_UNSUPPORTED_PROTOCOL and doesn't report the alert. This behavior is
probably not wrong as, if the server responds with a TLS version higher than
what is supported, we can't really be sure of the parse.
BUG=388425
Review URL: https://codereview.chromium.org/418553003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@285764 0039d316-1c4b-4281-b951-d872f2087c98
In doing so, fix a bug in tlslite's TLS_FALLBACK_SCSV support; the fallback
alert should be sent with the client's version. Otherwise OpenSSL reports
SSL_R_UNSUPPORTED_PROTOCOL and doesn't report the alert. This behavior is
probably not wrong as, if the server responds with a TLS version higher than
what is supported, we can't really be sure of the parse.
BUG=388425
Review URL: https://codereview.chromium.org/418553003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@285764 0039d316-1c4b-4281-b951-d872f2087c98