[dev.boringcrypto] all: merge master into dev.boringcrypto

Change-Id: I948e086e11e1da571e2be23bb08a7bbd6618dc2f
2025-04-04 12:37:35 +03:00 · 2020-07-08 23:29:54 -04:00 · 2020-07-08 23:29:54 -04:00 · afeb57a673
commit afeb57a673
parent 74da4e75b6 e548024677
21 changed files with 1322 additions and 641 deletions
--- a/handshake_client_tls13.go
+++ b/handshake_client_tls13.go
@ -338,6 +338,8 @@ func (hs *clientHandshakeStateTLS13) processServerHello() error {
 	c.didResume = true
 	c.peerCertificates = hs.session.serverCertificates
 	c.verifiedChains = hs.session.verifiedChains
+	c.ocspResponse = hs.session.ocspResponse
+	c.scts = hs.session.scts
 	return nil
 }

@ -411,6 +413,15 @@ func (hs *clientHandshakeStateTLS13) readServerCertificate() error {
 	// Either a PSK or a certificate is always used, but not both.
 	// See RFC 8446, Section 4.1.1.
 	if hs.usingPSK {
+		// Make sure the connection is still being verified whether or not this
+		// is a resumption. Resumptions currently don't reverify certificates so
+		// they don't call verifyServerCertificate. See Issue 31641.
+		if c.config.VerifyConnection != nil {
+			if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
+				c.sendAlert(alertBadCertificate)
+				return err
+			}
+		}
 		return nil
 	}

@ -661,6 +672,8 @@ func (c *Conn) handleNewSessionTicket(msg *newSessionTicketMsgTLS13) error {
 		nonce:              msg.nonce,
 		useBy:              c.config.time().Add(lifetime),
 		ageAdd:             msg.ageAdd,
+		ocspResponse:       c.ocspResponse,
+		scts:               c.scts,
 	}

 	cacheKey := clientSessionCacheKey(c.conn.RemoteAddr(), c.config)