external/boringssl: Sync to c1e156ae16fa8b61af9b5d2b74e59d3f86e141be.

This includes the following changes: https://boringssl.googlesource.com/boringssl/+log/3989c99706bf30054798ff82f1cb010e50e385f5..c1e156ae16fa8b61af9b5d2b74e59d3f86e141be * Add DH_compute_key_padded. Update-Note: No compatibility impact, but callers that use DH_compute_key and then fix up the removed leading zeros can switch to this function. Then they should migrate to something else. * Fix client 0-RTT handling with ALPS. * acvp: add XTS support. * doc: fix SSL_set0_rbio * Add support for the new QUIC TLS extension codepoint * delocate: preprocess perlasm output on Aarch64 * Replace MockQUICTransport tags with record types. * Run extension tests at all protocols. * Make QUIC tests work with early data. * Make QUIC work with -async tests. * Fix ALPS state machine in QUIC servers. * runner: Allow tokbind without RI/EMS in TLS 1.3. * Test that ALPS can be deferred to the ALPN callback. * Send ECH acceptance signal from backend server. * delocate: handle Aarch64 assembly in parser. * Add ASM optimizations for Windows on Arm * Use gai_strerrorA on Windows. * Optimize suffix building in FileTest::ReadNext(). * A handful more compatibility functions. * Update HPKE to draft-irtf-cfrg-hpke-07. * acvp: drop subprocess_test.go * Add some OpenSSL-compatibility aliases * delocate: eliminate expression from vpaes assembly. * delocate: support alternative comment indicators * Update third_party/googletest. * acvp: add tests * Fix chacha20_poly1305_x86_64.pl comments. * Fix awkward wording in comment. * Update ECH GREASE to draft-ietf-tls-esni-09 * Gerrit ignores <sup>; use Unicode superscript instead. * acvp: better document the subprocess protocol. * Add .text.unlikely.* pattern to fips_shared.lds. * acvp: fix silly errors. * acvp: load config later. * Allow some non-minimal lengths in BER. * Export tool_sources to GN. * Use more efficient std::string::find overload. * Revert "Add support for the new QUIC TLS extension codepoint" * Move DH parameter generation out of the FIPS module. * Add support for the new QUIC TLS extension codepoint * Use stdlib.h instead of cstdlib in span.h. * Check for trailing data in X509Test.GeneralName. * Fix ChaCha20-Poly1305 x86-64 asm on Windows * Include bn.h from bn/internal.h * acvp: add support for finite-field Diffie–Hellman. * Move DH code into the FIPS module. * Remove unused Netware codepaths in x86 perlasm. * Finish switching to NASM. Update-Note: If a x86 Windows asm build breaks, switch from Yasm to NASM. We're also no longer testing NASM on x86_64 Windows, but there wasn't any patch to revert. * Switch to passive entropy collection for Android FIPS. * Skip ASN.1 template tests in Windows shared library builds. * Add TLS_KDF to documented break tests. * acvp: add support for KAS * Align armv8.pl references to OPENSSL_armcap_P. Update-Note: If aarch64 builds get some weird error about relocations, it's this CL's fault. * Reject bad ASN.1 templates with implicitly-tagged CHOICEs. * Implement GREASE for ECH (draft-ietf-tls-esni-08). * acvp: add TLS KDF support * acvp: tweak config * acvp: fix subprocess_test.go * Const-correct GENERAL_NAME_cmp. * Fix EDIPartyName parsing and GENERAL_NAME_cmp. * PWCT failures should clear the generated key. * Get closer to Ed25519 boundary conditions. * draft-ietf-tls-certificate-compression is now RFC 8879. * Update FIPS.md to include latest FIPS certificate. * Only accept little-endian ARM and MIPS variants in base.h. Update-Note: CPU processor defines are a mess. If a little-endian ARM or MIPS build breaks, some of the assumptions above may be wrong. In that case, the output $CC -dM -E - < /dev/null on the offending toolchain will be useful to fix it. If a big-endian ARM or MIPS build breaks, this is working as intended. Any resulting binaries weren't producing the right outputs. * aesv8-armx.pl: avoid 32-bit lane assignment in CTR mode * Improve sk_dup. * Poly1305: Use |size_t|; assert |poly1305_state| is large enough. * util/fipstools/acvp/acvptool: buffer signal channel to avoid losing signal * Add digest.h to self_check.c * Document ASN1_STRING. * acvp: add SHA-512/256 support. * Add FIPS self test for the TLS KDF. * Rename the master_key field in SSL_SESSION to secret. * Always check the TLS 1.3 downgrade signal. Update-Note: SSL_CTX_set_ignore_tls13_downgrade, SSL_set_ignore_tls13_downgrade, and SSL_is_tls13_downgrade now do nothing. Calls sites should be removed. (There are some copies of older Chromium lying around, so I haven't removed the functions yet.) The enforcement was already on by default, so this CL does not affect callers that don't use those functions. * Fix NETSCAPE_SPKI_get_pubkey documentation. * Const-correct and document more X509 functions. * Add APIs for checking ASN.1 INTEGERs. Update-Note: This CL does not change behavior, but I'm leaving a note to myself to make net/der/parse_values.cc call the new functions. * Remove some unnecessary pointer casts. * Document the basic ASN1_STRING functions. * Document some defaults for the EVP RSA interface. * Rearrange ASN1_STRING_copy slightly. * Remove the legacy MSTRING M_ASN1 macros. Update-Note: Some M_ASN1 macros were removed. Code search says there were no uses, and OpenSSL upstream removed all of them. * Switch M_ASN1_TIME macros within the library. * Unwind M_ASN1_* macros for primitive types. Update-Note: Some external code uses the M_ASN1_* macros. This should remain compatible, but some type errors may have gotten through unnoticed. This CL restores type-checking. * Reformat and convert comments in asn1.h. * aarch64: Fix name of gnu property note section * Re-reformat x509.h. * Document X509V3_add1_i2d and friends. * Remove ASN1_STRING_FLAG_NDEF. * Unexport internal crypto/asn1 functions. Update-Note: Code search says these are unused. If someone's using them, we can reexport them. * Unwind some old ASN.1 ifdefs. * Unwind ASN1_PRIMITIVE_FUNCS. * Remove some unused types from asn1t.h. * Unwind ASN1_TFLG_NDEF. Update-Note: Types that use one of the NDEF macros in asn1t.h will fail to compile. This CL should not affect certificate parsing. * Unwind ASN1_ITYPE_COMPAT. Update-Note: Types using IMPLEMENT_COMPAT_ASN1 from openssl/asn1t.h will fail to compile. This CL should not affect certificate parsing. * Unwind ASN1_AFLG_BROKEN. Update-Note: Types using ASN1_BROKEN_SEQUENCE from openssl/asn1t.h will fail to compile. This CL should not affect certificate parsing. * Const-correct various X509 string parameters. * Document the next few functions in x509.h * Remove sk_new_null call. * acvp: move inner MCT loops into subprocess. * Fix x509_rsa_ctx_to_pss when saltlen is md_size. * Document the X509V3_get_d2i family of functions. * runner: explicitly signal error from handshaker. * runner: add -skip * Add functions for manipulating X.509 TBS structures. * Remove ASN1_STRING_length_set prototype. * Update Go on the bots. * Rework vs_toolchain.py and vs_env.py. * Add ECDSA verify KAT to FIPS self-tests. * Add AES-GCM AEADs with internal nonce generation. * Define a constant for the standard GCM nonce length. * Add test for X25519-containing certificate. * Add SSL_early_data_reason_string. * Add raw redeem API. * aarch64: Remove some flavour conditionals * Have fewer opaque booleans in aead_test.cc * acvp: RSA signature verification tests. * acvp: RSA signature generation tests. * acvp: support RSA key generation tests. * Support 4096-bit keys in FIPS mode. * Reland "Check AlgorithmIdentifier parameters for RSA and ECDSA signatures."" Update-Note: Some invalid certificates will now be rejected at verification time. Parsing of certificates is unchanged. * acvp: add 3DES-CBC support * acvp: add 3DES-ECB support * Clear some reported gcc -Wshadow warnings. * Const-correct X509V3_extensions_print. * clang-format and convert comments in x509v3.h. * aarch64: Improve conditional compilation * Silence some linter checks. * acvp: update subprocess_test.go * Update clang. * Implement draft-vvv-tls-alps-01. * Simplify 0-RTT tests. Bug: 160351436 Test: atest CtsLibcoreTestCases CtsLibcoreOkHttpTestCases Change-Id: I1fb4105341a73be9d5f978301f7318e16027f37d
author: Pete Bentley <prb@google.com> 2021-01-20 11:51:47 +0000
committer: Pete Bentley <prb@google.com> 2021-01-20 13:25:50 +0000
commit: 17486117acfddecea663c62f1aed75589a632ce5 (patch)
tree: 8c43bbf180d8572f2f8cbfceab93237c5d5a60ee /src/ssl/s3_lib.cc
parent: 16f7c57a20446b2f2ae0e31600e86b14f3f58dd1 (diff)
download: boringssl-17486117acfddecea663c62f1aed75589a632ce5.tar.gz
1 files changed, 0 insertions, 1 deletions
diff --git a/src/ssl/s3_lib.cc b/src/ssl/s3_lib.cc
index ee356040..3e124922 100644
--- a/src/ssl/s3_lib.cc
+++ b/src/ssl/s3_lib.cc
@@ -177,7 +177,6 @@ SSL3_STATE::SSL3_STATE()
       key_update_pending(false),
       wpend_pending(false),
       early_data_accepted(false),
-      tls13_downgrade(false),
       token_binding_negotiated(false),
       alert_dispatch(false),
       renegotiate_pending(false),
author	Pete Bentley <prb@google.com>	2021-01-20 11:51:47 +0000
committer	Pete Bentley <prb@google.com>	2021-01-20 13:25:50 +0000
commit	17486117acfddecea663c62f1aed75589a632ce5 (patch)
tree	8c43bbf180d8572f2f8cbfceab93237c5d5a60ee /src/ssl/s3_lib.cc
parent	16f7c57a20446b2f2ae0e31600e86b14f3f58dd1 (diff)
download	boringssl-17486117acfddecea663c62f1aed75589a632ce5.tar.gz